Lumen delivers the fastest, most secure platform for next-gen business applications and data. Its platform integrates extensive network infrastructure, cloud connectivity, edge computing, connected security, voice, collaboration and enterprise-class services into an advanced application architecture.
The 4th Industrial Revolution (4IR) is here, and it’s changing the way companies use technology. Lumen is one of the leading lights driving that change.
With a move away from private data centres and the push towards the cloud, Lumen is supporting its customers with their latency-sensitive day-to-day applications for everything from automation and robotics, to AI and self-driving cars.
“Our customers told us they needed connectivity closer to where their applications are consumed,” explains Lumen’s Vice President for Global Security Services, Christopher Smith. “To do this, we repurposed many of the central offices we previously established for legacy voice systems (made largely redundant by the rise of smartphones) and turned them into mini cloud data centres. The industry is calling that the cloud edge, and it’s the next natural trend for the application experience.”
Network Integrated Security
“Security plays a huge part in the move from private, on-premises to public cloud,” explains Smith. “Security is a crowded space,” he says. “Everyone’s got their unique approach on how to make things more secure; and, in some cases, how to scare people into feeling insecure.
Lumen’s goal is simply to create threat-free traffic for its customers. “The way most security works, you either put a perimeter at the edge of your data centre or cloud, or you're doing something on the server to watch for bad behaviour,” says Smith. “With Lumen being the largest public peered IP network on the planet, we have visibility to threats on the network before they even breach a customer's infrastructure.”
Black Lotus Labs
Lumen also has an in-house threat intelligence team branded Black Lotus Labs®. Tasked with watching the network for anomalies, they’re on the lookout for malware, C2s and anything that leaves a footprint on the network.
“I think of our team as weather forecasters,” explains Smith. “If you were living in Florida and were worried about a hurricane, you could turn on the news and get updates days before it hit. That’s what our threat intel team does. They see those threats before they impact our customers, and we can act on that. The most egregious threats we can take right off the network; we are able to blackhole them so they can never touch our customers. We also work with law enforcement to help them prosecute the worst offenders of malware and C2s. Allied to this, we build capabilities into our portfolios that leverage this intel to help protect our customers proactively.”
Rapid Threat Defense
To offer proactive protection, Lumen has developed a capability called Rapid Threat Defense. “It’s a capability not a product,” states Smith. “My mantra for the security practice is that it’s not something separate from the things we sell, but built in. So, if you're buying network connectivity, SD-WAN or UC, security is built in.
Smith explains Rapid Threat Defense is one of those built-in ingredients. “Security engineers take the threat intel they see on the network and build it into the data lake supplemented by third party intelligence we either pay or partner for,” Smith adds. “When threats become active, we've got a software-based policy engine that can push blocks to any of the devices we manage – such as Fortinet and Palo Alto firewalls – to prevent you from ever talking to that threat.”
Rapid Threat Defense is also built into Lumen’s DDoS practice. “If we see a DDoS attack forming out of the network, we will put a policy block into all of our global scrubbers, so the attack can never hit a scrubber and never hit a customer. It gets black-holed off the network.”
Smith sees this approach as a policy remediation engine that means customers don’t have to take action themselves.
“If you're a CISO and you're managing the edge of your network, you've got SD-WAN devices and firewalls, and you have to pay a bunch of expensive, hard-to-hire people to manage the policies on all those devices. It's not hard, but it's complex, tedious work that you're paying really expensive people to do. We have automated that, and we don't charge separately for it. It's built into our products.”
Partnering to Protect
Smith believes it’s impossible to have a relevant security practice without partnerships. With so many threats and options to counter them, collaboration is key to deliver protection with equipment, software and services. “We leverage partners such as Fortinet and Palo Alto for the firewalls, WEF equipment and DDoS scrubbers that you can put in a data centre to protect your edge or SD-WAN devices,” he says.
Lumen is a platform services company, so it procures, stages and sets up equipment like firewalls for its customers. “We manage them on their behalf, along with any endpoint software or SIEMs they already have,” says Smith. “Firewalls are turning into software – they’re virtual and not physical – but the premise is still the same. And then we leverage software companies like RiskSense and CyberSaint to supplement our professional security services practice. We package up the right partners as ingredients that we use to provide a tailored security service to our customers.”
Professional Security Services Support
Part of Smith’s job is to run Lumen’s Professional Security Services team, which helps customers anywhere on their security journey. “We can help customers no matter where they are technically, from ‘Hey, I really don't know what I'm doing and I need to build a security practice from scratch,’ to ‘I've spent $500,000 standing up a noisy SIEM, the board is expecting me to share results, and I can't find the talent to manage it.’”
Smith says his team can go deep or wide – whether consulting to help create a practice, or coming in to operate any part of a customer’s infrastructure on their behalf. “We can be on-premise or remote – wherever our customers are located, we can help them protect themselves,” Smith says.
The Lumen Security team has also built a Digital Experience portal that customers can access 24/7, and choose the security services they need (with help to achieve the right configuration) to take the best advantage of Lumen’s scrubbing technology.
Lighting the Pathway to Success
Smith’s goal for the Lumen security portfolio is to achieve profitable growth while further establishing Lumen as the platform for amazing things. “If you consider all the legacy companies that have come together to form Lumen, there was a time where some of the additions to our current portfolio weren't making any money. I came from some of those companies. But we're never going to go back to a place that looks like that,” he pledges.
Lumen is also putting tremendous efforts into an edge compute strategy. “We believe it's about application performance and building the platform that helps these applications of the future perform the way that they need to, by being closer to where they're consumed,” says Smith. “That involves the network, the facilities and the platform orchestration we're going to deliver. Delivering security for our customers will be a big part of that.”