Security Operations Centre

The Security Operations Centre (SOC) is an ASIO T4 certified centre and provides 24 hour, seven days a week monitoring across all Telstra’s infrastructure using state of the art correlation tools. The Canberra building is the primary centre and will be supported by a secondary site in Sydney.

The Canberra SOC also houses Telstra staff supporting Government security accredited products, including Managed Security and Secure Managed Network Services (MNS). It will start with a team of 40 initially, but has the capacity to scale to around 100 staff.

Enterprises and Governments are doing business today within an ever evolving threat landscape that makes it essential to maintain a single transparent, whole of enterprise view of the security environment.
A security event that disrupts an organisation’s continuity of operations can damage reputations and brands, erode stakeholder confidence, revenues and customer bases, and leave organisations vulnerable to regulatory non compliance and legal action; they can even have devastating consequences for public safety and national security.

As the carrier of 85% of the internet traffic entering Australia, and to maximize operational continuity for our customers, Telstra has invested substantially in our Telstra Next IP™ network and Next G™ network – forming Australia’s largest fully integrated national IP network – which offers unique security solutions, embedded in every layer, right across our portfolio of products and services enabling pro-active not reactive response to security incidents.

Telstra’s unique network backbone is further strengthened through the interlocked and integrated security capabilities of the recently launched Telstra Security Operations Centre (T-SOC), which compliments the Global Operations Centre (GOC) and the Managed Network Operations Centre (MNOC). Together these deliver maximum security, visibility and operational efficiency across our customer’s own ICT environment and into Telstra’s networks.

Why Telstra?
Telstra proactively gathers detailed telemetry from all layers and devices in our networks so we can understand emerging threats and challenges. Often a customer won’t know of an attack until Telstra has neutralized the threat and generated a detailed report. The  SOC uses its Web Portal as the primary interface with customers to provide security, issue and change management reporting as well as providing security bulletins and threat landscape assessment.

• We actively engage in a worldwide security community, incorporating the experiences and opinions of our peers to mitigate security events.

The Telstra Network Security Operations Centre (TSOC) provides 24/7 monitoring across Telstra infrastructure in a Government Grade Facility (T4).

• Any issues are escalated to the Telstra Computer Emergency Response Team (T-CERT).
• T-CERT engages any required resources from all operational and SME teams.
• T-CERT engages Telstra’s Network Hardening Teams to review and mitigate incidents using Vector tools and formats.
  
• Effectively deal with Security Incidents – Maintaining Operational Continuity
• The SOC gives customers the ability to move from a reactionary posture to one of preparedness. Rather than scrambling to respond to a security breach, the SOC has well-established processes to follow, to move fast and effectively, to isolate, contain, and diffuse the threat.
• The SOC systematically analyses potential reasons for traffic abnormalities and appropriately elevates the events. By moving quickly, the SOC can deal with security incidents in minutes – not hours or days – greatly lessening potential disruption to customer’s critical services and business processes.
  
• Rapidly respond with the right solutions to prevent and recover –Mitigating risk
• The SOC enable’s customers to minimize security-related network downtime. By keeping pace with evolving threats, the T-SOC will better protect customers’ data traffic from loss or manipulation.
• Integrated monitoring, across the SOC, GOC and MNOC enable rapid response and recovery processes that maximise customer business continuity & minimise cost of failure.
• Single point of accountability enables rapid execution of response and recovery measures anywhere in the network
  
• Enhances Operational Efficiency
• By defining security rules and policies, the T-SOC specialists will be able to quickly identify threats and apply remedies to customer sites at risk before network attacks hit them. 
  
• Ensure the investment customers make in security is scalable and tailored  to their specific risk profile – Realising ROI on security
• Expert Security Solution consultants and certified staff can build a customer profile that balance the likelihood and impact of risks against the required capital investment – Telstra deploys the  appropriate scalable security solution where each customer needs it most. 
  
• Appropriate compliance with Regulations
• Customers often need to comply with regulations and policies governing the use, protection, or privacy of information. Customers can use reports that the T-SOC can generate, to help adhere to these regulations and policies, and the data-security storage requirements associated with the payment card industry.

Security Operations Centre
The Canberra situated T-SOC is an ASIO T4 certified facility that supports 24/7 monitoring across Telstra’s infrastructure.  Using state-of-the-art correlation tools and supporting an extensive range of Government security accredited products; this centre is an essential part of the highly secure environment in which large organisations need to operate. Maximum operational redundancy is maintained through a second T4 disaster recovery facility in Sydney.

Telstra’s unique Security capability
Telstra is uniquely placed to deliver the levels of security that are essential to large and diverse organisations. Compared to our competitors we can deliver outstanding security value founded on 4 pillars that are unique to Telstra:

1. Network Integrity and Capacity - reducing risk
2. Network Visibility – proactively responding to threats
3. Network Security Operations Centre and Dedicated Security Professionals 
4. Independent Assessment, Certification and Recognition