Enterprise companies will soon begin offloading many of their network security responsibilities to telecommunications and Internet service providers and save vast amounts of time and money doing so, if AT&T has its way.
Speaking to the assembled crowd at the IDC Security Forum in New York on Wednesday, Edward Amoroso, chief security officer for AT&T's services division, predicted that enterprises will begin adopting more "virtual" security capabilities from their ISPs and bandwidth providers in the coming years as those companies are better positioned to do battle with botnets, spam, and denial-of-service )DoS) threats.
Based on the bandwidth-providers' existing abilities to see spikes in traffic that are tell-tale signs of botnet, spam, or other malware activity -- long before enterprises can see evidence of the attacks on their own -- Amoroso contends that companies will soon concede the process of fighting the threats and turn to companies such as AT&T for help.
"We think that security at the perimeter should be virtual, which is a somewhat controversial concept, because a lot of time, effort, and career capital has already been spent securing the perimeter," Amoroso said. "But we think a lot of existing technologies there are running out of legs, and simply running firewalls at the gateway is no longer a valuable proposition."
The United States government's Telecommunications act of 1996 prevents carriers from approaching customers and marketing services to them based on any trends they observe on the end users' network connections. However, the companies can already identify much of the spam and malware activity being carried out in the pipe, based on their massive infrastructure, and should be enlisted to help solve security issues, he said.
For threats such as distributed DoS that can easily be thwarted upstream, the CIO said, it makes little sense for companies to continue to invest in new technologies and staff when the carriers could easily detect and snuff out the campaigns ahead of time.
"How do you stop DDoS at the edge? The physics just don't make sense. When these attacks happen, the customers' routers will already be dead," said Amoroso. "We think the idea that the pipe should be dumb is strange; with spam accounting for 90 percent of all traffic on the e-mail pipe, we're delivering nothing but more attacks, malware, and junk. If people want us to keep doing that we can, but why would they want us to keep doing that when we can see it, scoop it, study it, and stop it?"