Microsoft bolsters Azure with AT&T 5G deal and security collaboration


Keumars Afifi-Sabet

1 Jul, 2021

Microsoft has struck agreements with US networking giant AT&T and the cyber security organisation MITRE to bring additional 5G support as well as threat monitoring capabilities to Azure.

As part of its deal with MITRE, Microsoft will integrate the organisation’s adversarial tactics, techniques and common knowledge (ATT&CK) framework into its public cloud platform in order to build a foundation for developing threat models.

Separately, the firm has acquired the Network Cloud division of AT&T, which plays host to its core 5G network. Microsoft will indirectly own but won’t operate this network, and instead plans to integrate IP and expertise into its Azure for Operators platform.

These twin deals are part of Microsoft’s strategic efforts to bolster its public cloud platform on the cyber security and networking fronts.

The AT&T acquisition, for example, is part of a strategic alliance that will see network traffic managed by Microsoft Azure. This is set to begin with the 5G core, the software at the heart of AT&T’s 5G network.

Microsoft says AT&T will benefit from greater productivity and cost-efficiency as more network workloads migrate to Azure for Operators. The firm will also use the company’s hybrid and hyperscale infrastructure to reduce costs.

The Network Cloud platform, which Microsoft is acquiring, has been running AT&T’s 5G core network since 2018. Microsoft will integrate this into its Azure for Operators platform to allow operators to run telecoms networks in the cloud.

Microsoft will benefit from access to IP and technical expertise to grow its product, building on the 2020 acquisitions of Affirmed Networks and Metaswitch Networks. It’s also acquiring AT&T’s engineering and lifecycle management software that’s used to develop carrier-grade cloud that can run containerised or virtualised network services.

“With Azure, operators can provide a more flexible and scalable service model, save infrastructure cost, and use AI to automate operations and differentiate customer offerings,” said executive vice president of Azure, Jason Zander.

“Through our collaboration with AT&T, Microsoft will expand its telecom portfolio to support operators with a carrier-grade cloud that provides seamless experiences across Microsoft’s cloud and the operator’s network.”

Microsoft’s partnership with MITRE, meanwhile, has seen the firm integrate the ATT&CK framework into Azure to launch the Security Stack Mappings for Azure research project. This has introduced a library of mappings that connect built-in Azure security controls to the techniques, identified by ATT&CK, that they’re designed to protect against.

The project aims to plug an information gap for businesses seeking to proactively secure their public cloud deployment. This project creates data that shows how built-in security controls might secure their assets against the specific attack methods most likely to target them.

“Microsoft has worked to expand the suite of built-in security controls in Azure which, while highly effective for protecting customer environments, can feel overwhelming to understand across an organisation’s entire Azure estate,” said senior threat intel librarian with Microsoft’s threat intelligence centre, Madeline Carmichael.

“MITRE has developed the ATT&CK framework into a highly respected, community-supported tool for clarifying adversary TTPs. Pairing the two together provides a helpful view for organisations to understand their readiness against today’s threats in a familiar vocabulary that enables easy communication to their stakeholders.”