Security Solutions portal support

View reporting for Adaptive Network Security, Managed Premises Firewalls (Fortinet), and Managed Security Services, including near real-time dashboard, reports of log events, analysis of threat-visualization*, and rapid threat defense* enabled on the Lumen Security Solutions portal. The firewall policies files for Adaptive Network Security and Managed Premises Firewalls are available on the Security Solutions Analytics landing page in Control Center. You access the Security Solutions portal by signing in to Control Center.

* Available only for Adaptive Network Security.

Access guides for historical reporting:
 

• Download the Adaptive Network Security reports user guide (1st generation portal)
  
• Download the Managed Security Services (powered by Splunk) user guide
  

The sophistication of cyber threats, and the complexity of maintaining traditional point network security solutions, is driving the adoption of managed security service solutions utilizing threat intelligence. As your organization upgrades your security posture to be more proactive, you want threat intelligence that is actionable and can be integrated with protection actions. Lumen Adaptive Threat Intelligence (ATI) service helps address these business challenges by providing monitoring and alerting of internet‑based threats to help protect your users, website or critical applications on the internet.
 

ATI is an always‑on, network‑based, near real‑time monitoring, threat correlation and alerting service that provides alerts about the traffic to and from your IP addresses monitored by Lumen, and other IPs on the internet. ATI monitors data samples flowing across the Lumen global network infrastructure obtaining information about traffic flows between your network and the other end of the IP communication. The sampled information is subsequently correlated by ATI against the Lumen database of known malicious IPs. If the sampled information matches a malicious IP, a record is created (an “event”) that is forwarded in near real‑time to the ATI portal. Information about Events is also aggregated and sent to you via email periodically. The service is available in two cloud‑based options called Enhanced and Premium Adaptive Threat Intelligence service. If you subscribe to Premium ATI, events may also be forwarded in near real‑time to your security information and event management (SIEM) platform.
 

Lumen has made a major investment in developing a threat research and engineering group called Black Lotus Labs. The Black Lotus Labs team has developed threat sensing capabilities using one of the world’s largest IP backbones. Malicious behaviors are detected off the backbone and classified using sophisticated machine learning algorithms and automated validation infrastructure. Additionally, Black Lotus Labs validates indications of compromise (IOCs) that are conveyed using third‑party resources. The extra effort pays off in the cultivation of a very high‑fidelity threat set:
 

• real‑time visualization of their interactions with malicious entities
  
• botnet research and take‑down efforts keeps the backbone safer
  
• automated deployment of countermeasures when new threats are discovered via Black Lotus Labs
  
• leading botnet research and publication