Information Security Products and Services
Cyber Security Activities
Türk Telekom brought its Corporate Security Services together under the umbrella of Turkey’s largest Cyber Security Centre, which it established in Ankara in 2018.
The Cyber Security Centre provides end-to-end solutions to meet all the cyber security needs of Türk Telekom customers at global standards, ensuring the continuity of uninterrupted and secure access for customers.
In addition to the existing corporate security services, the Centre has the largest portfolio of cyber security services in Turkey, offering Cyber Security Management Services and Cyber Threat Intelligence Services, which can be provided separately in the form of security incident monitoring, as well as analysis and intervention services and consultancy services.
Türk Telekom Cyber Security Services
With the rapid spread of information technologies, cyber security risks are increasing for all customer groups. Potential cyber-attacks on the infrastructures of corporate and public customers and access to personal data belonging to the general public and customers can have serious consequences such as misuse of the information obtained, and the deterioration and deletion of the integrity of the information.
The cyber security services, which reflect the experience and quality of Türk Telekom, Turkey’s first telecom operator owning a position as the cyber security service provider, are set out as below.
Network Security Services
DDoS (Distributed Denial of Service) Attack Prevention Service: The DDoS attack prevention service protects data traffic by ensuring that attacks on internet traffic are scrubbed before they reach the organisation’s line. This service prevents both line disruption and depletion of network infrastructure resources.
Cloud DDoS: Cloud DDoS, which is an extra layer of security for the large volume of DDoS attacks originating from abroad, provides protection by directing traffic to international scrubbing points.
Cloud Signalling Service: The Cloud Signalling Service provides protection with the Türk Telekom infrastructure against the attacks detected through the device at the customer’s location by offering the opportunity for communication with the Türk Telekom DDoS infrastructure to customers who have A10 or Arbor branded devices at their locations.
Layer 7 (L7) DDoS Service: This service provides backbone level protection against application layer DDoS attacks. With L7 inline protection, all traffic coming over the internet continuously passes through the L7 DDoS device, which is on the Türk Telekom backbone, and contaminated traffic is treated and delivered to the customer.
Intrusion Prevention System (IPS): The Intrusion Prevention services examines internet traffic according to the digital signature base and traffic anomalies. When an attack is detected, attack traffic is cut, preventing its transfer to the network. Since threats are blocked before they reach the network, there is no bandwidth throttling.
Content Filtering Service: The content filtering service allows website content to be scanned and it also helps to determine the scanning rules. Any harmful content detected according to the specified rules is prevented from reaching the network.
Firewall Service: With the firewall service, traffic going from the network to the internet and coming from the internet to the network is managed according to the specified rules. A shared service is offered at the backbone level.
IPSEC VPN Service: This service is provided to customers who have servers in the Türk Telekom data centre, so the resources at their locations communicate with resources at the data centre on a secure connection over the firewall service.
Advanced Threat Prevention Service (Anti-APT): The Anti-APT service provides protection against unknown types of cyber-attacks, which are described as advanced cyber-attacks. It prevents files which are detected as being potentially harmful from infecting the network by performing file-based traffic analysis. This way, it offers effective protection against phishing attacks and zero-day attacks. With the service offered from the backbone, fast commissioning and ease of installation are provided without requiring additional investment.
Antivirus: With the antivirus service, traffic coming to the servers is scanned for viruses and worms. If any virus is detected, the passage of harmful traffic is prevented and the virus is cleaned at the backbone level before it reaches the network.
WAF (Web Application Firewall) Service: The WAF Service offers protection against harmful content and vulnerabilities which may present security threats in web applications and which may affect the accessibility of the application. It provides global intelligence specific to the OWASP Top 10 and web applications. With the managed WAF solutions, customer web applications are monitored on a 24/7 basis and a rule definition service is provided on a proactive basis. With add-on services, customers can benefit from an array of services such as file security and daily license usage. With the customer management interface, users are able to perform operations such as traffic analysis and viewing and creating rules.
Shared Security Services Standard SLA (Service Level Agreement): Within the scope of Corporate Security Services, these agreements are standard SLA packages which include support and solution durations determined to be valid for the services provided with management service.
Dedicated Security Services
Dedicated Security Services: With the Türk Telekom Dedicated Security Services, Firewall, Active Defence System, Content Filtering, Antivirus and data storage services in accordance with the law 5651 can be used simultaneously through the security devices to be located at the desired location.
SiberKale: Through the integrated security SiberKale, logging can be performed in accordance with the 5651 standards, in addition to simultaneously benefiting from Firewall, Intrusion Prevention services, Content Filtering and Antivirus services.
SiberLog: With the SiberLog device, users connecting to the corporate internet can be logged in accordance with the provisions of law 5651.
Cyber Security Centre Management Service
Cyber Security Centre Management Service: The service is offered with versatile and specialised technology consultants to facilitate the daily operations of organisations in tackling cyber threats.
Management Services: The following services are provided for all cyber security needs; 24/7 security event monitoring, security tightening, use case consultancy, SIEM (Security Information and Event Management) consultancy and event response services for SIEM infrastructures:
24/7 Security Event Monitoring: This service provides monitoring and anomaly analysis in line with the service. The service covers 24/7 monitoring of any alarms which occur within the scope of correlation rules for customers with the SIEM infrastructure, as well as false / positive analysis of the alarms that occur from there, determination of the type of attack together with advanced analysis of the events and root cause analysis.
SIEM Consulting: The service includes all process consultancy including examining the customer’s network topology, determining the sources to be logged and writing the correlation rules.
Intervention Service: A solution document is prepared setting out the solution to the problem by determining the root cause of any event. As a result of the analysis, the event is responded to on-site by Türk Telekom and the problem is resolved.
Automatic Intervention Service with SOAR: Automatic intervention service with SOAR (Security Orchestration, Automation and Event Intervention) allows the collection of organisations’ security threat data and events coming from different sources before performing security arrangements with advanced intelligence and automates the threat data. It manages the event response processes through the collected and prioritised events.
Test Consultancy Services: Türk Telekom’s specialist teams work on many security testing services such as pentest, vulnerability test, gap analysis and red team, and their output is reported.
Professional Security Services
Vulnerability Analysis and Penetration Tests: With this service, the security vulnerabilities of organisations are detected and reported. Information is provided on the necessary security solutions to protect against potential cyber-attacks that could be carried out by taking advantage of the found security vulnerabilities.
Consultancy Services: Information Security Management System Consultancy, the ISO 27001 Audit, Compliance and Consultancy, SOME (CIRT - Cyber Incident Response Team) Installation Consultancy and Training services are provided in order to help organisations to ensure the data and infrastructure security.