A BGP anycast global scrubbing service.
Redge Guardian cloud is an infrastructure protection service, consisting of multiple scrubbing centers located in major internet exchange points (IXPs) all over the world. Each scrubbing center has at least 100G connectivity and runs an proprietary dataplane software, capable to inspect and filter hundreds of millions packets per second.
Redge Guardian Cloud leverages Border Gateway Protocol (BGP) anycasting to redirect traffic. After detecting the attack with NetFlow/sFlow, protected IP address space is announced from all scrubbing centers. Incoming traffic is redirected to the nearest scrubbing center, filtered and passed to the destination with a GRE or VXLAN tunnel.
Redge Guardian Cloud traffic inspection pipeline comprises of signature-based stateless filters, half-state TCP inspection and high-performance L7 regexp engine. Signatures are updated daily, based on analysis on ongoing attacks and emerging threats. In addition, custom rulesets can be designed and applied with Redge Guardian Cloud management panel.
Deploying Redge Guardian Cloud does not require any changes in networking architecture. The only necessary actions are GRE tunnel configuration and allowing your IP address space to be anycasted by Redge Guardian. In case of multihoming, all uplinks are protected by a single service.
Service activation announes your routes in BGP and redirects all inbound traffic to Redge Guardian scrubbing centers.
In the scrubbing center the attack is filtered according to static and dynamic rules configured for the client.
Clean traffic is delivered with direct peering in IX or GRE tunnel.
Redge Guardian platform does not interfere with out going traffic from client network.