CenturyLink Managed Security Services: Overview and Analysis

See our complete list of top managed security service providers

Company Description

With customers in more than 60 countries, CenturyLink (NYSE: CTL) is the second-largest U.S. communications provider to global enterprise customers. Bolstered by the acquisition of Level 3 Communications in late 2017, CenturyLink offers an array of managed security services to suit a broad customer base, from mid-sized to multinational enterprises and government customers. Based in Monroe, Louisiana, CenturyLink has regional offices in Singapore and London.

Service Description

The company’s managed security services include its professionally managed, next-generation network-based firewall solution, Adaptive Network Security, which is backed by CenturyLink’s threat intelligence. Adaptive Network Security is a next-generation firewall built on the proven foundation of networked-based security. By routing all internet traffic through a secure gateway, it delivers controlled connections that can help minimize exposure to new, unexpected and unnecessary risks. Its Managed Firewall Service delivers 24/7 firewall administration and response to attacks when they occur, whether CenturyLink supplies the hardware or manages what customers already own.

CenturyLink has deployed security operations centers (SOCs) to respond to physical and logical alarms, attacks and suspicious or abnormal network activity, as well as to assist with customer security inquiries. In addition to anti-virus, anti-spam and 24/7 SOC support, Adaptive Network Security customers can add functions such as intrusion protection service, anti-malware sandboxing, data loss protection, web content filtering, application awareness and control, logging and reporting, and centralized policy management via the customer portal.

“CenturyLink’s Security Log Monitoring service leverages a data analysis engine to continuously monitor all elements of a customer’s infrastructure, correlating events for meaning, and analyzing the outcomes,” said Chris Richter, vice president of global security services, CenturyLink. “Our Adaptive Threat Intelligence service is a network-based, real-time monitoring, threat correlation and alerting service that enables customers to use their security more efficiently and combat threats more effectively.”

Markets and Use Cases

CenturyLink serves mid-sized to multinational enterprises and government customers. Its security portfolio is backed by five SOCs on four continents and serves 60 countries around the globe.


  • Provides 43 Tbps of first-layer defense capability
  • Monitors 1.3 billion security events per day
  • Monitors over 99 billion NetFlow sessions per day
  • Mitigates 120 DDoS attacks per day
  • Identifies and removes roughly 35 command and control (C2) networks per month
  • Identifies roughly 270 new C2s per month and is monitoring 5,000 C2s on an ongoing basis


Delivered through a central portal or directly to the organization’s SIEM, without requiring the management of on-site equipment.


CenturyLink’s Adaptive Threat Intelligence service is a network-based, real-time monitoring, threat correlation and alerting service that enables customers to use their security more efficiently and combat threats more effectively. Adaptive Threat Intelligence utilizes CenturyLink’s global internet visibility, correlated with custom intelligence, to create real-time alerts based on the correlation between the 99 billion NetFlow sessions CenturyLink monitors each day and reputational analysis and machine learning algorithms.


Pricing for CenturyLink security solutions depends on the services procured. Pricing can include set monthly recurring, usage-based fees or throughput requirements, depending on the service. For example, threat monitoring is based on GB-per-day data.

Analyst View

Gartner named the company as a Niche Player, though it is knocking on the door of the Challenger quadrant. Frank Dickson, security analyst, Frost & Sullivan, said, “Adaptive Network Security leverages Level 3’s extensive telecom infrastructure to address the key network security pain points of enterprises today: escalating security costs, complex security ecosystems and a scarcity of trained security professionals. By redefining the security perimeter, customers have the ability to apply and leverage an integrated collection of security tools and professionals within the Level 3 network, removing the need for constant on-premise hardware updates while controlling IT budgets. The future is in the cloud; Adaptive Network Security provides a solution for enterprises to strategically leverage the cloud to simplify their security architecture while improving efficacy in the process.”

Drew Robb
Drew Robb
Drew Robb has been a full-time professional writer and editor for more than twenty years. He currently works freelance for a number of IT publications, including ServerWatch and CIO Insight. He is also the editor-in-chief of an international engineering magazine.

Top Products

Related articles