Last year, Microsoft and AT&T announced a strategic partnership to deliver innovative solutions based on 5G and IoT. As a part of the partnership, AT&T has announced a new IoT solution based on Azure Sphere powered by their network, security and support services.

The new approach is based on the guardian device capability of Azure Sphere, which brings secure connectivity to legacy devices not designed for modern IoT solutions. With this, customers can connect legacy, brownfield devices to the cloud securely through AT&T’s cellular network.

What is Azure Sphere?

Azure Sphere is designed to replace the general-purpose microcontroller (MCU) used in most of the connected devices. Since the current microcontrollers predate IoT, they cannot guarantee the security demanded by connected systems.

At its core, Azure Sphere is a hardware device with an embedded crossover microcontroller unit. The hardware design ensures that each subsystem of the chip is securely isolated from each other. Microsoft Pluton security subsystem, the hardware-based (in silicon) secured root of trust for Azure Sphere, ensures that the device is secure and tamper-proof.

The Azure Sphere MCU integrates real-time processing capabilities with the ability to run a high-level operating system. It boots to a hardened, purpose-built Linux OS that’s highly secure. With the cloud-based Azure Sphere Security Service, the device safely and securely connects to the cloud and web. The service ensures that the device boots only with an authorized version of genuine, approved software. Besides, it provides a secured channel through which Microsoft can automatically download and install OS updates to deployed devices in the field to mitigate security issues.

Microsoft announced the general availability of Azure Sphere in February 2020.

What is a Guardian Device?

According to Microsoft, A guardian module is add-on hardware that incorporates an Azure Sphere chip and physically attaches to a port on a brownfield device, an existing device already in use.

Using a guardian module, customers can add secure IoT capabilities to equipment that either doesn’t support internet connectivity or doesn’t support it securely. In short, a guardian module provides a way to implement secure connectivity in existing devices without exposing those devices on the Internet.

Guardian devices are meant to connect brownfield devices such as coffee machines to the cloud through ethernet or WiFi. They act as an intermediary between the legacy devices and modern cloud-based platform such as Azure IoT.

Because the guardian module is based on the Azure Sphere device, all the Azure Sphere security and connectivity features such as data encryption, secure updates, and authentication are available out of the box.

How is AT&T Taking Advantage of the Azure Sphere Guardian Module?

AT&T has worked with Microsoft to add cellular network support to the Azure Sphere guardian module.

According to Microsoft, the new cellular-enabled guardian device powered by AT&T combines the fully supported multi-layered security of AT&T’s core network with Azure Sphere’s integrated silicon, software, and cloud services. The Azure Sphere components work seamlessly together to deliver ongoing device security updates for more than ten years. The guardian device physically attaches to brownfield equipment with little to no equipment redesign, providing edge-to-cloud communication via the AT&T secured cellular network.

With the new guardian device, brownfield devices can gain connectivity to the cloud bypassing the WiFi. Devices that are mobile without the need for disconnection and re-pairing to multiple Wi-Fi networks can take advantage of the guardian module.

What’s in it for Customers?

The AT&T Global SIM allows customers to utilize the same AT&T subscription across more than 200 countries and territories without the need to re-credential. The global cellular network of AT&T makes it possible for customers’ data to travel via cellular with fast activation out of the box.

By adding cellular support to Azure Sphere, AT&T and Microsoft have enabled customers to quickly and securely connect their IoT devices to the cloud.