BT Managed DDOS Security

To protect BT provided circuits from DDoS attack


  • Proactive DDoS Monitoring, Detection and Mitigation in one service
  • Real-time and historical attack forensics and reporting
  • Full suite of attack countermeasures
  • Automated threat updates
  • Unlimited number of auto mitigations performed in a year
  • Fast mitigation of DDoS attacks
  • Single vendor threat solution


  • Automatically detects and blocks DDoS attacks before performance is impacted
  • Gain real-time visibility into availability threats and attacks
  • Includes advanced DDoS countermeasures
  • Unmatched insight enables BT to develop timely, automatic updates
  • Customers are not penalised for multiple attacks in a year
  • When thresholds have been breached, mitigation takes place in milliseconds
  • Only available with BT Internet Connect and BTNet circuits


£6600 to £24000 per unit per year

Service documents

G-Cloud 9



Neil Harmes

0800 3288077

Service scope

Service scope
Service constraints Must be a BTNet or BT Internet Connect circuit
System requirements Nil

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Within 24 hrs
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support No
Support levels This BT DDoS service is a set up and leave service. There is help to complete the mitigation templates. IE What is "normal" traffic
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We have a data capture document, our trained engineers will take the customer through the capture process, and build a mitigation strategy that's right for each customer. Our skilled engineers have years of experience and will guide you through your options.
Service documentation Yes
Documentation formats
  • PDF
  • Other
Other documentation formats Word
End-of-contract data extraction N/A
End-of-contract process Customers will simply be removed from the service at the end of their contract.

Using the service

Using the service
Web browser interface Yes
Using the web interface The web portal is available for customers to view their traffic usage and anomalies.

It is not used for set up, service requests or anything else.
Web interface accessibility standard None or don’t know
How the web interface is accessible The Portal is available to customers with any internet access. Access is via a HTTPS site. Userids and passwords are used to authenticate.
Web interface accessibility testing Nil
Command line interface No


Scaling available No
Independence of resources Customers Managed Objects are separated and there is a limit on the number of MO available before additional infrastructure is required.
Usage notifications Yes
Usage reporting Email


Infrastructure or application metrics Yes
Metrics types Other
Other metrics Traffic usage, anomalies, DDoS Mitigations. Via the Portal
Reporting types Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency Less than once a year
Penetration testing approach In-house
Protecting data at rest Other
Other data at rest protection approach Data is not at rest with this service.
Data sanitisation process No
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery No

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Availability = 99.95%
Approach to resilience BT has a number of DDoS "Scrubbing Stations" within it's network.
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication Username or password
Access restrictions in management interfaces and support channels Userid and password is required.
Access restriction testing frequency At least once a year
Management access authentication Username or password
Devices users manage the service through Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations BSI 7799 / ISO 17799

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes BT have our own full policy and process implementation along with regular reviews

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Configuration and change management are built into everything we do in BT. High and low level processes and procedures are produced, followed and audited.
Vulnerability management type Undisclosed
Vulnerability management approach Vulnerability management is built into everything we do in BT. High and low level processes and procedures are produced, followed and audited.
Protective monitoring type Undisclosed
Protective monitoring approach Proactive monitoring is built into everything we do in BT. High and low level processes and procedures are produced, followed and audited.
Incident management type Undisclosed
Incident management approach Incident management is built into everything we do in BT. High and low level processes and procedures are produced, followed and audited.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £6600 to £24000 per unit per year
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑