AUSTIN, Texas – Speaking at this week’s IEEE GlobeCom expo in Austin, AT&T Chief Security Officer Edward Amoroso proposed that enterprise cloud security could potentially be based on the same network architecture used by an infamous piece of malware.
Amoroso gave a keynote speech envisioning a traditional enterprise network perimeter encircling Web servers, gateways and legacy assets like mainframes and other components.
From there, he described individual security perimeters including firewalls, antivirus, antispam and other capabilities that are virtually attached to each individual network component; the former perimeter is moved to cover legacy assets.
“We’ve convinced ourselves we can build dynamic run-time objects that have this kind of protection using commercial security capabilities folded right into OpenStack,” Amoroso said.
He was describing AT&T’s Astra, a cloud-based platform that transitions security from a hardware-based to a software-based function.
“You spin-off security,” he said. “You virtualize the security at runtime to live right next, potentially right next, to your hypervisor,” a virtual machine monitor. “Maybe there’s our new architecture. It looks like a botnet.”
A botnet is essentially multiple software programs communicating and executing tasks over the Internet.
Amoroso referenced the ZeroAccess botnet, which attacks Microsoft operating systems by downloading malware.
Last year Microsoft, numerous law enforcement agencies and other IT firms worked to disable ZeroAccess. Amoroso called it a “massive takedown effort.”
“We couldn’t rip that thing down,” he said. “That structure, as you know as engineers, is the most resilient structure we know in computer science. It’s (geographically) distributed, it’s redundant, it’s resilient, it’s secure.”
Check out the RCR Wireless News YouTube channel for more multimedia content from IEEE GlobeCom.
