AT&T TDR for Gov Documentation
AT&T Threat Detection and Response for Government (AT&T TDR for Gov) is built on the Federal Risk and Authorization Management Program (FedRAMP)-authorized, industry-leading Unified Security Management (USM) platform, which combines multiple essential security capabilities and enables fast deployment and broad visibility across your whole network.
AT&T TDR for Gov has achieved FedRAMP Moderate Authority to Operate (ATO) on Amazon Web Services (AWS) GovCloud. The following table lists the feature parity and divergence between USM Anywhere Premium and AT&T TDR for Gov. Unless specified, AT&T TDR for Gov adheres to USM Anywhere's documentation.
|Product Capabilities||USM Anywhere Premium||AT&T TDR for Gov|
|Asset discovery and inventory|
|Vulnerability assessment (supports CVSS v2 and v3)|
|Intrusion detection, Host IDS|
|Intrusion detection, Network IDS|
|Intrusion detection, Cloud IDS|
|SIEM event correlation|
|Endpoint detection and response|
|Integrated ticketing and alerting|
|Orchestration with security tools|
|Automated incident response and forensics|
|Dark web monitoring|
|Advanced Security Notifications (through 3rd party software services)|
|Support for higher data volumes|
|Support PCI log storage requirements|
|Threat Intelligence powered by Alien Labs|
|On Premises, Hyper-V|
|On Premises, VMWare|
|Commercial Cloud Environments, Amazon Web Services (AWS)|
|Commercial Cloud Environments, Microsoft Azure|
|Commercial Cloud Environments, Google Cloud Platform (GCP)|
|Government Cloud Environments, AWS GovCloud|
|Government Cloud Environments, Microsoft Azure Government|
|Government Cloud Environments, GCP|
|AWS Cloud Connector|
|Reporting||Scheduled reports||Standard reports|
|Storage, Hot (Searchable) Storage||15, 30, 90, or 180 days||90 or 180 days|
|Storage, Cold Storage||Unlimited||Unlimited|
|Storage, Data Retention||Service term||Service term|
|Customer Support Hours||Monday - Friday 7AM - 5PM Pacific||
Monday - Friday 8AM - 6PM Eastern
(Support personnel are US citizens based in contiguous United States.)
|Platform Monitoring||24x7||24x7 (US citizens / US soil)|
The license is only available on the USM Anywhere Premium tier due to federal guidance on 90-day data retention.
No. At this time, AT&T TDR for Gov runs in Amazon GovCloud US-West only.
FedRAMP is mandatory for Federal Agency cloud deployments and service models at the low-, moderate-, and high-risk impact levels. AT&T TDR for Gov is authorized as FedRAMP Moderate.
AT&T TDR for Gov is the FedRAMP Moderate authorized version of USM Anywhere operating in AWS GovCloud. AT&T Cybersecurity does not have a managed AT&T TDR for Gov offering at this time.
There are no technical limitations, but if any of the data monitored in AT&T TDR for Gov requires Federal Information Security Management Act (FISMA) protection (almost all of it does), the data will need to be kept in AWS GovCloud and will require a AWS GovCloud hosted USM Central (not available today).
AT&T Cybersecurity is currently planning to develop an AWS GovCloud-hosted USM Central.
Yes. Three failed sign-in attempts are allowed before the user account is locked.. The lockout time is 30 minutes.