When it comes to providing cybersecurity for 5G services and applications, AT&T's ace in the hole is its machine learning capabilities, according to Rita Marty, the company's vice president of security architecture.
Marty wrote in a company blog on Thursday that AT&T's years of experience deploying software-defined networking (SDN) and its use of Open Network Automation Platform (ONAP) would also play key roles in 5G cybersecurity.
Marty said that AT&T has been working on 5G cybersecurity for some time now, and that the telco's cybersecurity portfolio will be live during each of the telco's 5G deployments this year and going forward. AT&T plans to have 5G launched in parts of 21 U.S. cities this year.
Marty said that the proprietary security innovations within AT&T's security measures were enabled by its use of SDN.
"We can do this (5G security) because we are able to study multitudes of data streams to help detect threats to our network," Marty said. "Our work in machine learning is our secret sauce. With it we can analyze approximately 670 billion flows of network data for anomalies—and see 110 billion potential probes for vulnerabilities—across our global IP network every day."
"The evidence is in the foundation we’ve already laid for 5G on our SDN and unique cloud security capabilities. It is powered by the Open Network Automation Platform (ONAP), which puts us in a unique position to address cyber threats at the 5G Radio Access Network (RAN), core, and edge of the network," she added.
AT&T wrote about 8 million lines of code for its internally developed ECOMP platform, and later donated roughly 6 million lines to the Linux Foundation to help form ONAP. AT&T and other telcos are using ONAP as part of their automation and orchestration efforts. While AT&T, Orange, Verizon and other service providers are leveraging ONAP, others have complained that it's too complex.
AT&T first outlined its SDN and NFV efforts back in 2013 as part of its Domain 2.0 initiative. AT&T has said it is on track to have 75% of its network virtualized by next year. With AT&T's entrenched use of SDN and ONAP, Marty said AT&T could do the following in regards to 5G security:
- Virtualize its security controls so that AT&T can dynamically orchestrate security across the network at a global scale.
- Automate security policy throughout the network using machine-learning technology to feed its threat analytics platform.
- Improve agility by creating technology that automates the process of instituting firewalls and micro-perimeters to protect applications and deploying technologies that help prevent lateral movement from attackers.
- Filter and scrub Distributed Denial of Service (DDoS) attack traffic within the network in a highly-automated fashion without customers having to deploy or manage any infrastructure.
"But, nothing is hacker-proof forever: Cybersecurity will continue to be a challenge that requires everyone on the chain to assess and create new processes, tools and technology to address it," Marty said. "As new threats emerge, we will continue to apply more resources and technologies than ever before to help protect our network and its users from both known and unknown cyber threats—for 5G and beyond."