One fear with migrating to software-defined networking (SDN) is that its reliance upon software could potentially invite malicious security threats and hobble the network. But AT&T, which has said it plans to virtualize 75 percent of its network by 2020, says that by using virtualization as a security tool it can isolate potential threats much more quickly than with a hardwired network.
“One of the first things we virtualized was our security,” says Jason Porter, AT&T’s vice president of security solutions. “That goes against what most people think.”
For example, Porter said that AT&T augmented its existing security protocol by building communities of applications and wrapping them in containers. “When you wrap an application in a container, you reduce the number of attack types that application is exposed to,” Porter says. It also limits the traffic and increases the ability to inspect the traffic that goes in and out of that application.
Porter also noted that if a hacker is able to somehow get access to a certain container, the danger is limited because every container has a different “lock” so that a hacker won’t be able to use that same technique to get into other containers. “This gives us the ability to limit the danger,” Porter says.
The other advantage of operating a virtualized security platform is that it’s much easier to update. “When we do identify a threat, no matter where it sits in the network — the mobile end point, the data center or the cloud — we can get it updated in a few minutes through APIs so you have a very rapid response,” Porter says. “That’s a tremendous benefit.”
Planning for Attacks
Of course, with the recent slew of worrisome security breaches such as Yahoo’s report of 1 billion customer accounts being impacted by a breach that occurred in 2013, the pressure is mounting for companies to do a better job of protecting their networks.
Porter says surprisingly about 90 percent of the security attacks that occur every day are known. In other words, they are from malware or attack types that have been identified. “It’s very rare that this is a completely new attack that we have not seen before,” he says.
Although security experts know how to defend these types of attacks, the biggest problem is that most companies have limited resources. “People that know how to stop these attacks are in small numbers,” he says.
He recommends that colleges have more cyber security programs and that cyber security education starts younger through hackathons for kids.
He also recommends that companies come up with response plans for attacks before they occur. And those plans should include company leadership and the public relations team.