AT&T Threat Detection and Response for Government (AT&T TDR for Gov) is built on the Federal Risk and Authorization Management Program (FedRAMP)-authorized, industry-leading Unified Security Management (USM) platform, which combines multiple essential security capabilities and enables fast deployment and broad visibility across your whole network.
AT&T TDR for Gov has achieved FedRAMP Moderate Authority to Operate (ATO) on Amazon Web Services (AWS) GovCloud. The following table lists the feature parity and divergence between USM Anywhere Premium and AT&T TDR for Gov. Unless specified, AT&T TDR for Gov adheres to USM Anywhere's documentation.
| Product Capabilities | USM Anywhere Premium | AT&T TDR for Gov |
|---|---|---|
| Asset discovery and inventory |
|
|
| Vulnerability assessment (supports CVSS v2 and v3) |
|
|
| Intrusion detection, Host IDS |
|
|
| Intrusion detection, Network IDS |
|
|
| Intrusion detection, Cloud IDS |
|
|
| SIEM event correlation |
|
|
| Incident response |
|
|
| Endpoint detection and response |
|
|
| Log management |
|
|
| Compliance reports |
|
|
| Email alerts |
|
|
| Integrated ticketing and alerting |
|
|
| Orchestration with security tools |
|
|
| Automated incident response and forensics |
|
|
| Dark web monitoring |
|
|
| Advanced AlienApps |
|
|
| Advanced Security Notifications (through 3rd party software services) |
|
|
| Support for higher data volumes |
|
|
| Support PCI log storage requirements |
|
|
| Threat Intelligence powered by Alien Labs |
|
|
| Sensor Deployment |
|
|
| On Premises, Hyper-V |
|
|
| On Premises, VMWare |
|
|
| Commercial Cloud Environments, Amazon Web Services (AWS) |
|
|
| Commercial Cloud Environments, Microsoft Azure |
|
|
| Commercial Cloud Environments, Google Cloud Platform (GCP) |
|
|
| Government Cloud Environments, AWS GovCloud |
|
|
| Government Cloud Environments, Microsoft Azure Government |
|
|
| Government Cloud Environments, GCP |
|
|
| AWS Cloud Connector |
|
|
| Reporting | Scheduled reports | Standard reports |
| Access URL | <subdomain>.alienvault.cloud | <subdomain>.gov.alienvault.us |
| Storage, Hot (Searchable) Storage | 15, 30, 90, or 180 days | 90 or 180 days |
| Storage, Cold Storage | Unlimited | Unlimited |
| Storage, Data Retention | Service term | Service term |
| Customer Support Hours | Monday - Friday 7AM - 5PM Pacific |
Monday - Friday 8AM - 6PM Eastern (Support personnel are US citizens based in contiguous United States.) |
| Platform Monitoring | 24x7 | 24x7 (US citizens / US soil) |
FAQ
What licensing tiers are available for AT&T TDR for Gov?
The license is only available on the USM Anywhere Premium tier due to federal guidance on 90-day data retention.
Is AT&T TDR for Gov available in both Amazon GovCloud US-East and US-West regions?
No. At this time, AT&T TDR for Gov runs in Amazon GovCloud US-West only.
What are the various levels of FedRAMP certifications?
FedRAMP is mandatory for Federal Agency cloud deployments and service models at the low-, moderate-, and high-risk impact levels. AT&T TDR for Gov is authorized as FedRAMP Moderate.
Is there a managed version of AT&T TDR for Gov?
AT&T TDR for Gov is the FedRAMP Moderate authorized version of USM Anywhere operating in AWS GovCloud. AT&T Cybersecurity does not have a managed AT&T TDR for Gov offering at this time.
Can we use a current USM Central to monitor an AT&T TDR for Gov instance?
There are no technical limitations, but if any of the data monitored in AT&T TDR for Gov requires Federal Information Security Management Act (FISMA) protection (almost all of it does), the data will need to be kept in AWS GovCloud and will require a AWS GovCloud hosted USM Central (not available today).
Are there plans to develop an AWS GovCloud-hosted USM Central?
AT&T Cybersecurity is currently planning to develop an AWS GovCloud-hosted USM Central.
Is there an account lockout threshold policy?
Yes. Three failed sign-in attempts are allowed before the user account is locked.. The lockout time is 30 minutes.
Feedback