DALLAS — AT&T has been striving to build security capabilities including those that secure access service edge (SASE) architecture can offer into its massive programmable, software-defined network to cover all flows ubiquitously, its Chief Security Officer Bill O’Hern and CTO Jeremy Legg last week told a group of trade media journalists at its headquarters in Dallas, Texas.  

Legg likened the strategy to the secured fence all around the parking lot outside of a football field to “keep the bad guy out.” And O’Hern added that the software-defined network makes “delivering customers clean pipes possible.”

“When we think about the next generation of security services, you look at AT&T and the global advantage point we have running these massive global backbones and networks, as well as the customer, sets that hang off our networks, very rich, broad customer sets from SMB all the way up to critical infrastructure and federal partners, and we've instrumented the network in a way to have this unique advantage in threat, visibility, and detection,” O’Hern touted. 

He explained that the overlay component of the software-enabled features allows AT&T to bundle security technologies for active threat prevention and detection into the connectivity services, executed at its multi-service edge.

The traditional security approach is to build a perimeter around the enterprise, and security vendors constantly sell a new box or capability based on the most recent threats, O’Hern noted. However, “security has now hit a level of maturity that we can take that capability, the technology, and just build it into the connectivity service and make it very simple for customers to control that policy and the compliance to their policy.”

The tier-one operator also takes the approach of automated and digital-first control over security implementations to “take a lot of pressure off of the customer endpoint.”

This network and security convergence simplified secure internet connection implementations for organizations from small and middle-sized businesses that might not have a security team to large global enterprises that manage numerous remote locations, employees, and data in hybrid cloud environments, he added. 

Additionally, the recent security push from the federal government offers AT&T “one of the biggest opportunities” around national infrastructure protection, O’Hern said.

AT&T is not the only one that saw this network and security convergence trend. Networking giants like Cisco also integrated security and networking services across hybrid multi-cloud environments through its new Security Cloud unified platform. And security powerhouses such as Fortinet expect to benefit from this trend for multiple years going forward. 

AT&T offers single-vendor, managed SASE services partnering with Fortinet, Palo Alto Networks, and Cisco.

O’Hern argues that as an overlay solution, SASE brings a lot of traction, as it’s “another third party over the top of the application where your data is being routed out to a third party and hairpin it back into the network.”

With the embedded network security, “you basically get SASE functionality within your connectivity solution, but then you get a whole bunch of capability on top of that.” He called it “SASE plus plus plus.” 

Legg boasted the differentiation that AT&T has is its massive network. That gives the operator full visibility and enables it to funnel intelligence to its security capabilities, O’Hern echoed.

“That's a home run for us. It's an easy win. It's very disruptive in the managed security marketplace. So we're full steam ahead deploying that capability right now,” O’Hern concluded.