the evolution of network security to software-defined networks · network slicing provides service...
TRANSCRIPT
Meredith
Attwell BakerPresident & CEOCTIA
Bill O’HernSVP & Chief Information Security OfficerAT&T
The Evolution of Network Security to
Software-Defined Networks
AT&T Mobility
Security Evolution
© 2017 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners.
3
Traditional Mobility Security
Mobility Ops
• Perimeter-Based Security
• Mobility perimeter security• Security monitoring via threat
analytics• Authentication of Mobility Ops
using 1 or 2 factors
Devices
Risk/Behavioral Data: dynamic security
Authentication/Access Data: risk profile
Threat Analytics Data: edge analytics
Security Data and Controls
Mobility VNFs – 4G LTE
D1 Mobility Network(3G, 4G LTE)Perimeter
Security
Mobility VNFs – 5G
© 2017 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo and all other AT&T marks contained herein are trademarks of AT&TIntellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners.
4
Software-Enabled Mobility Security
Software Defined Network-Enabled Security ImplementationvFirewall micro perimeters, threat analytics, and user authentication to ECOMP
Security platforms fully integrated with ECOMP/network
Single authentication platform, security ubiquitous throughout network and services
3GPP Authenticationand Encryption
Mobility Ops
Devices
IoT
Risk/Behavioral Data: dynamic security
Authentication/Access Data: risk profile
Threat Analytics Data: edge analytics
Security Data and Controls
Microperimeters & analytics
Mobility Virtual Network Functions (VNF) – 4G LTE
Mobility VNFs – 5G
D1 Mobility Network(3G, 4G LTE)Perimeter
Security
© 2017 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo and all other AT&T marks contained herein are trademarks of AT&TIntellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners.
5
Data-Driven Mobility Security
Risk/Behavioral Data: dynamic security
Authentication/Access Data: risk profile
Threat Analytics Data: edge analytics
Security Data and Controls
Indigo Security for 5GExpansion of analytics to 5G edge
Authentication and access controls based on risk/ behavioral 5G data
Data drives closed loop security countermeasures for 5G
Data Driven Security Platform
Tenant microperimeters & analytics
Mobility VNFs – 4G LTE
Devices
3GPP Authenticationand Encryption
IoT
Mobility Ops
Mobility VNFs – 5G
D1 Mobility Network(3G, 4G LTE)
© 2017 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo and all other AT&T marks contained herein are trademarks of AT&TIntellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners.
6
5G Enhanced Mobility Security
Risk/Behavioral Data: dynamic security
Authentication/Access Data: risk profile
Threat Analytics Data: edge analytics
Security Data and Controls
5G Enhanced Security Cloud/SD-RAN offers closed-loop
Mobile Edge Compute enables Security Context
Network Slicing provides service resiliency
Data Driven Security Platform
Tenant microperimeters & analytics
Mobility VNFs – 4G LTE
Devices
3GPP AuthNand Encryption
IoT
Mobility Ops Mobility VNFs – 5G
D1 Mobility Network(3G, 4G LTE)
Cloud RAN
Mobile EdgeCompute
Leveraging “Closed Loop Automation”
and Flexible RAN for DDoS Resiliency
Securing Sensitive “Security Context” at the Mobile Edge
Leveraging Network Slicing for Service
Resiliency
© 2017 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo and all other AT&T marks contained herein are trademarks of AT&TIntellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners.