18
Jun

Service providers to patrol internet ?

   Posted by: Mayuresh   in Security

AT&T is planning to offer security services to inspect and stop malicious traffic before entering the corporate network.
Ref: http://www.mercurynews.com/business/ci_9593411

In all these years service providers are always looked upon as just thick pipes that do their best to get every piece of data to customers. Fundamental question that arises here is should they be allowed to look into the traffic passing through their network? One of the intended use is to stop spams before reaching the corporate networks. According to AT&T, 80% of emails that it delivers is spam. Argument looks very attractive and seems logical to stop all digital debris, malicious content at backbone itself.

But what if ISPs misuse this power. There are endless possibilities. With so many sophisticated solutions available today, it’s not hard to dig more to characterize behavior of subscribers which then can be used for targeted content OR to keep particular traffic away. Remember Comcast delaying BitTorrent traffic generated enough flames!! This needs to be studied deeply from legal aspects.

Nevertheless, I feel this would open lot of opportunities for security vendors who are struggling to sell in crowded enterprise market.

Comments welcome!!

Tags:

This entry was posted on Wednesday, June 18th, 2008 at 9:14 am and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Please note the views expressed in the comments below are that of the author and the owners of this website may not agree with the views expressed.

One comment

Mouse
 1 

There are indeed end user privacy issues (e.g. people don’t seem to like if police would search every visitor of their home). In addition, there are questions of (a) competency - do you really trust your half-clued ISP to do better job than you can in DETECTING and filtering out your inbound malicious traffic AND leaving alone what you need to see, and (b) ability - even if ISP’s weren’t half-clued, how likely is it for them to understand traffic peculiarities of every individual customer (private and corporate) to the point of being able to cull only the “bad” packets? Also, how is this filtering going to deal with SSL-protected traffic (and IPsec, etc)? Considering ever-increasing sophistication of the attacks and increasing tendency for attackers to try “flying under the radar” - I personally see little chance for an ISP to do something useful here.

I understand the desire of ISP’s to play a role bigger than “dumb pipe” and get a bigger cut of the Internet money pie - but this lead ball doesn’t seem to fly well.

Now snooping on “normal” legitimate customers and their traffic - that’s totally possible, but it’s a different topic altogether.

July 13th, 2008 at 10:48 pm

Leave a reply

Name (*)
Mail (will not be published) (*)
URI
Comment