Threat Monitoring and Defense A fully managed and monitored security and compliance solution for cloud, hybrid, & on-premises infrastructure

Security Risks are Escalating Rapidly AT A GLANCE: CYBERCRIME TODAY $6.5 million Average total cost of breach over 10 years1 185 major security incidents companies deal with each year1 $158 million direct losses from breach for Target 205 days on average before detection of compromise2 No matter what industry you are in, thieves are targeting your data. Whether you an online company like ebay and stubhub or a brick and mortar company like target and home depot, losing your sensitive data is expensive. IDC estimated an organization will spend just under 1 ½ million dollars yearly on activities associated with data breaches. While companies are working to improve their security posture, both the IT and threat landscape are changing quickly making it challenging to stay ahead of the attackers Sources: Poneman 2015 Cost of a Data Breach Study mTrends Threat Report 2015.

Sensitive Data is the Heart of Your Business “Most organizations (almost 80%) will suffer at least one successful attack that will cause some serious harm...” Innovation Increasing Sales As the threat landscape becomes more complex, maintaining the security of your sensitive data is more important than ever. Protecting your brand, evolving your products and services, growing your customer base, and maintaining your competitive advantage all depend on the protection of your data. And today’s hackers are more organized and sophisticated, using multi-vector targeted attacks to penetrate your environments, conceal their presence, and steal as much of your data as possible. In fact, according to IDC Worldwide Security and Vulnerability Management 2014–2018 Forecast, most organizations will suffer at least one successful attack that will cause harm. IDC Worldwide Security and Vulnerability Management 2014–2018 Forecast Shareholder Value Competitive Advantage

Today’s Attacks are Becoming More Complex The Impact Financial loss Damage to brand and reputation Scrutiny from regulators Identify & Recon Initial Attack Command & Control Discover & Spread Extract & Exfiltrate Attacks are multi-stage using multiple threat vectors Takes organizations months to identify they have been compromised Over two-thirds of organizations find out from a third party they have been compromised Attacks occur at different layers of the OSI model and they often penetrate multiple layers of either the stack or the actual system infrastructure. Attacks are also evolving—what once was only a network layer attack has shifted into a multi-layer network and application attack. For example, malicious intruders may start with a network-based attack, like denial of service (DoS), and once that takes hold, quickly launch another wave of attacks targeted at layer 7 (the application). Ultimately, this should not be an either/or discussion. A sound security plan not only provides the best security at one layer, but at all layers.  1 – IDC Worldwide Security and Vulnerability Management 2014–2018 Forecast 2 – M-Trends 2015: A View from the Front Lines

Your Business Opportunity Protect your brand and keep business critical information safe Your business challenges Skilled security resources are in high demand and difficult to retain Moving to cloud and hybrid IT environments brings different threats and complexities Maintaining continuous security and compliance is expensive Your staff is too burdened with day to day maintenance to focus on strategic initiatives You have a challenging job – provide the right level of security and compliance for your organization. Keeping your business critical data safe is becoming more and more difficult as the threat landscape becomes more sophisticated. In todays world, keeping your data safe requires 24 x 7 monitoring and protection by a dedicated team of knowledgeable experts. To complicate this further, you are trying to find a solution that aligns with your budget, which is always at a risk of being cut further. We consistently hear the following top 3 challenges from our customers: Recruiting, hiring, and retaining highly skilled security personnel is harder than ever – these talented people are in high demand and are earning premium wages As you move your workloads to the Cloud, new threats and deployment challenges come into play, including the question of whether your legacy security products can really work in cloud environments. Finally, delivering the right level of protection is expensive – budget is competing for strategic growth initiatives, and too many IT executives view security as a cost center, not a value added activity.

Effective Security and Compliance Requires… Relevant Products Effective security and compliance requires relevant products, dynamic security content, sophisticated analytics and correlation and expert people and processes. Dynamic Security Content Sophisticated Analytics and Correlation Expert People and Processes

Threat Monitoring and Defense Description EarthLink’s Threat Monitoring and Defense (TMD) offers 24x7 Security monitoring of: Routers, Firewalls and Switches Servers, Domain Controllers POS Devices and Endpoints Other security devices Alerts you of suspicious security events according to your customized escalation procedures Leverages state of the art advanced software analytics and support powered by Alert Logic: Log Manager (with Log Review or ActiveWatch) – Detect security and compliance issues from log data Threat Manager with ActiveWatch – Identify and mitigate network threats and vulnerabilities with a network Intrusion Detection System and vulnerability scanner EarthLink’s Threat Monitoring and Defense is a cloud-based suite of security and compliance solutions for cloud, hybrid and on-premises infrastructure that makes it easy for you to achieve your security goals. Powered by propriety technology from leading Security-as-a-Service provider, Alert Logic, our robust solutions proactively identify issues that could compromise your organization’s security posture. Flexible, pay-as-you-go solutions include: Log Manager - designed to collect, aggregate and normalize log data from any environment to meet compliance mandates and identify security issues Threat Manager - a network-based Intrusion Detection System and vulnerability scanning solution ActiveWatch - 24x7 real time security monitoring by state-of-the-art Security Operations Center

Threat Monitoring and Defense Services Log Manager Threat Manager Active Watch Log Management & Analysis Protects your networks, systems, and applications through log analysis Collects, aggregates, and normalizes logs for easy searching and long term storage Provides “inside out” view of activity that could be impacting your environment Provides deep security insight into your environment with an intuitive interface Optional daily Log Reviews or ActiveWatch 24x7 monitoring Intrusion Detection Identifies suspicious network traffic with no business disruptions Capable of monitoring both internal and external traffic Detects movement of threats and data exfiltration Vulnerability Scanning Identifies weaknesses and vulnerabilities in your IT environment Uncovers vulnerabilities in your networks, systems, and applications Unlimited internal and external scans Security Analysts providing real time 24x7 security monitoring and escalation Eliminates the burden of running a 24x7 SOC Provides you with specialties and expertise difficult to obtain in-house Human expertise required for deep insight into your security and compliance posture Included with Threat Manager, optional with Log Manager Alert Logic Log Manager provides an inside-out view of your networks, systems, and applications. While Threat Manager is looking for movement, Log Manager can identify if a specific system, application, or network device has been compromised by collecting and analyzing log data.

Customer IT Environment How it Works Customer IT Environment Cloud, Hybrid On-Premises Network Events Log Data Data Collection Big Data Analytics Platform Threat Intelligence & Security Content 24 x 7 Monitoring & Escalation Continuous protection from threats and exposures Threat Manager Log Manager ActiveWatch Alert Logic ActiveAnalytics Alert Logic ActiveWatch

Threat Monitoring and Defense Value Proposition EarthLink Threat Monitoring and Defense helps you: Reduce the burden of management: Shift resources from day to day maintenance to strategic initiatives Protect your Brand:  Proactively identify and remediate threats before they result in costly security breaches Stay Compliant:  Ensure compliance with regulatory requirements with PCI, HIPAA, GLBA, SOX. By partnering with EarthLink, you can be confident your IT assets and network are being monitored—and your brand protected—at every point.