FAQ for Telcos

Product Marketing

Even before we start, Whalebone offers Telcos free consulting on everything from how to setup the product, details of the business case and which adoption rates are to be expected, to what channel to select and how to do the technical setup most comfortably. Throughout the product’s lifespan, Whalebone does its maximum to support your commercial results – including onboarding features, digital touchpoints and/or delivering business intelligence.

What consulting does Whalebone offer?

Whalebone provides consulting services based on our experience in different markets and with different product approaches that can help you with overall product design and to properly set the product goals and expectations (comparison of various opt-in/opt-out approaches, advising on marketing & sales scripts, etc.)

How much revenue can you generate with Whalebone?

Depending on your sales and onboarding strategy, you can expect 50-80%+ user adoption. Based on your current ARPU, the end user price can vary between 0.5-3 USD/EUR per user per month.

How to achieve high adoption rates?

The vast majority of consumer surveys and analyses show that users want security. On the other hand, users don’t want to be forced to do too much or sacrifice any comfort to get it. When thinking about security, the key is to first start thinking about the ease of the user experience. Everything from making the sale, to onboarding, to service initialisation and execution needs to be zero touch. Most users don’t want to have to think about security at all, they just want to know they’re protected. It’s essential to avoid any need for settings, installation, license code input, additional confirmations, etc. Everything needs to be agreed and set up with ONE


Whalebone is the market leader in implementation time as our product is designed for Telcos. In a fast-changing Telco environment, each month of not having the product launched is an important chunk of missed revenue. Our product can be implemented in just 2 weeks, so you can start generating revenue as early as possible.

How complicated is it to deploy the product?

The lead times for implementation vary from a couple of hours to a maximum of three months, depending on the complexity of the product setup. Whalebone helps you to select the right implementation plan to make the most out of your product choices.

What is the secret of Whalebone’s short lead times?

From the very beginning Whalebone’s design and architecture has been made for Telcos. The combination of on-premises and cloud components opens plenty of possibilities for how to match your specific Telco infrastructure and therefore fit Whalebone into your existing environments.

Does Whalebone deliver hardware or software?

Whalebone taps into existing processes and maximizes the existing infrastructure. The Whalebone DNS resolver is supposed to be placed next to the current DNS resolvers. Whalebone delivers software to be installed on the recommended hardware (physical or virtual) equipped with clean Linux.

Which departments need to be involved?

The implementation differs from the Product setup. However, the Network department is to be aligned as soon as possible, together with billing.

Product level options and addons

Whether you want to start only with basic product features or with the full set, Whalebone is there for you. We do Security for B2C and B2B, off-net protection, parental & content control, MSSP, enterprise security or infrastructure DNS & security. With Whalebone technology, you can build up your VAS security portfolio road map.

Which segment is the best to start?

In general, the best results can be achieved in the consumer and in the SMB/SOHO segments.

Which product option is the best to start?

The best results can be achieved with Security that runs on the network level. Immediately thereafter you can offer your users the option of individual settings and reporting, as this increases value and strengthens your customer relationships. As a next step there are niche cases like off-net protection, content and parental control.

Does Whalebone protect both mobile and broadband customers?

Whalebone is a fully convergent solution that covers both mobile and home/broadband users. It is bandwidth independent and works on the DNS level.

How is it possible that nothing gets installed on users’ devices?

The product runs on the network level. It works with the fact that almost all malicious software and attacks need an internet connection and therefore securing the internet connection is a very effective way to address potential threats before it’s too late. Over 90% of the attacks use domain requests, therefore we tap into the DNS resolution process and put our security there.

What do the user interface and touchpoints look like?

All user touchpoints are branded according to the Telco’s design templates in order to stay aligned with the Telco’s brand and app design. There are the following touchpoints for the product and the user (which can be reduced upon the Telco’s request):

  • – Redirection (blocking) page
  • – Continue anyway button on the redirection page
  • – One click purchase button on the redirection page
  • – Pop-up page
  • – Individual user portal incl. personal threat profile and security settings – Individual reporting incl. frequency settings
  • – Email alerts
  • – API for messenger or sms alerts
  • – Data sources for display marketing on dangerous sites
  • – Group of users management portal (i.e. one account managing family members or company employees)
  • – User statistics and all data available via API for MyTelecom App

Threat Detection and Blocking

Telcos simply can’t afford any detractions from the core internet service experience. End-users won’t tolerate false alarms, which disturb the user experience and cause mistrust in any solution. Therefore we invest a lot into our threat and data intelligence to minimize false positives. Whalebone excels in detection accuracy.

Where does Whalebone get the information about threats and attacks?

Whalebone combines its own extensive research and methodology with a vast number of open and commercial sources from around the globe. An important part of our threat intelligence excellence is reputation analysis, which is done using a set of logical principals, auto-corrective measures, comparisons and learning procedures from live traffic. For specific types of zero-day attacks there is a neural network in use. On top of that, Whalebone runs research projects with university research labs and multiple first-class security vendors.

What are the typical attacks Whalebone protects against?

The typical activities for which Whalebone provides protection are messaging, email or sms, malicious apps download or hijack, internet browsing, malicious advertising, background system communication, background app communication and standard PC use.

The examples of typical threats eliminated by Whalebone are phishing, ransomware, payment frauds, spam, coinminers, botnets, compromised websites, DNS tunnelling, spyware, adware, keyloggers, fake proxies, browser hijackers in the form of worms, trojans, backdoor viruses, rootkits, exploit kits, zero day threats and others.

Does Whalebone protect in the internet browser only?

Whalebone protects against malicious apps, hacked or hijacked apps, messaging, threats present while internet browsing, system downloaded malicious software and many more. Whalebone protects mobile phones, laptops, desktops, TVs and all other internet connected devices like cameras and IoT devices.

How can the detection rate be evaluated?

We support Telcos to test out the detection mechanisms of Whalebone and compare the testing results with available comparison services, i.e. VirusTotal. Product managers shall keep in mind that unlike in the enterprise environment in the consumer space, false positives are a great threat to the user experience. Therefore Whalebone has a strong focus on precision and each Telco can set its own level of blocking adherence. Our general experience says that users value comfort and user experience over protection, so we recommend staying less aggressive in setting up the blocking policy.

Can Telcos include their own threat intelligence or regulator enforced blocking lists?

Yes, Whalebone supports the option and additional sources can be added based on the Telco’s requirements.

Is there an option for users to set their own policy?

Depending on the product level, there is the possibility for each individual user to set their own policy (i.e. block specific threats, set their own blacklists, whitelists, parental control, ad block, etc.)

Does the user have the option to proceed to the malicious content?

There is an option to include a “proceed anyway” button to the blocking page so the user can decide to continue even if a threat is detected.