AT&T today is announcing a virtualized approach to security, which will build security intelligence into software that can be distributed throughout the network and provide a multi-layer approach that can be delivered on-demand for specific applications or services.
Building on the same design principles as it used in creating NetBond, its scalable secure cloud connection service, AT&T Inc. (NYSE: T) will test the new services with customers this year in anticipation of general availability in 2016. As with other virtualized functions, security hardware and software will be decoupled, with the former moving into the cloud and the latter being specialized and distributed by AT&T, in conjunction with its partners, says Jon Summers, senior VP of growth platforms, in an interview Monday. (See Yo, CEO – Is Your Company Secure?)
The new virtualized security is being announced at AT&T's CyberSecurity Conference being held in New York City this week.
According to a blog by Jason Porter, VP of Security Solutions for AT&T, the primary benefits to virtualizing security include the ability to dynamically update software in response to changing threat vectors, quickly deploy the software wherever it's needed, use it in any kind of cloud environment including public, private and hybrid clouds and layer on security protections.
Learn more about network security strategies at our upcoming Carrier Network Security Strategies Event in New York on December 2.
All of that adds up to better protection for networks and data, both when it's stored and when it's in transit, Summers said. The multi-layered approach is something AT&T has been working on for some time -- in fact, its chief security officer Ed Amoroso explained the value of this approach almost a year ago at Light Reading's Mobile Network Security Strategies event. (See AT&T Adds Virtual Layer of Security and Surprise! The Cloud Has Security Advantages.)
"We are a strong proponent of a layered security model. A company should be focused on protections at all layers -- applications, endpoints, the network itself, the transactions through the network," Summers says. "Our virtual security portfolio will support security functions being deployed wherever those apps reside or wherever the customer requires that security functionality to reside."
That will include within clouds, such as Amazon Web Services and IBM SoftLayer, that are partnered with AT&T and integrated into NetBond, he adds. "We intend to provide security functions in partnership with those companies, we intend to provide security as a managed service that would run on AT&T's cloud in AT&T's network and then we also intend to provide virtual security functions as part of software components on CPE that could be running at the customers' location," he says.
Virtualized firewalls and other security measures have become one of the first commonly used VNFs as service providers such as CenturyLink and Masergy Communications have moved to virtual CPE.
Like NetBond, the virtualized security services build on a set of application programming interfaces that enable them to be provisioned and managed in real time. AT&T has designed a set of management and administration tools that enable the virtualized security wherever it resides, Summers adds. "That's the beauty of this," he says. "That is the model we are headed toward."
AT&T also announced this week a security partnership with IBM, its original partner in developing its network-enabled cloud. Summers says customers who have IBM's Mobile First Protect deployed on their mobile endpoints can access applications running on the NetBond cloud ecosystem via second end-to-end connectivity.
— Carol Wilson, Editor-at-Large, Light Reading