Redge Guardian Cloud

A BGP anycast global scrubbing service.

Gain the ultimate protection for servers, infrastructure, and digital content.

How does it work?

Redge Guardian Cloud is an IP infrastructure protection service, consisting of multiple scrubbing centers located in major internet exchange points (IXPs) all over the world. Each scrubbing center has at least 100G connectivity and runs proprietary dataplane software capable of inspecting and filtering hundreds of millions of packets per second.

How does it work?

Redge Guardian Cloud uses Border Gateway Protocol (BGP) anycasting and legitimate, RPKI-compatible hijacking methods. After detecting the attack with NetFlow/IPFIX/sFlow, the protected IP address space is advertised from all scrubbing centers. Incoming traffic is redirected to the closest scrubbing center, filtered, and passed to the destination with a GRE, IPIP or FoU tunnel. It is possible to use IPv6 as an underlay network.

How does it work?

Comprehensive protection

The Redge Guardian Cloud traffic inspection pipeline comprises of signature-based stateless filters, half-state TCP inspection, and a high-performance L7 regex engine. Signatures are updated periodically based on analyses of ongoing attacks and emerging threats. In addition, users can apply a different filtering policy in the Redge Guardian Cloud management panel.

Easy setup

Deploying Redge Guardian Cloud does not require any changes in network architecture. The only necessary actions are GRE tunnel configuration and authorising Redge Guardian (RIR whoisdb and RPKI objects) to anycast parts of your IP address space (typically /24s). In the case of multihoming, all uplinks are protected by a single service.

Principles of operation

Redge Guardian platform does not interfere with outgoing traffic from the client network.

Service activation triggers BGP advertisement of the prefix (typically more specific, like /24) under attack and redirects all inbound traffic to Redge Guardian scrubbing centers.

The attack is filtered in the scrubbing center using static and dynamic rules configured for the customer.

Clean traffic is delivered via direct peering at the IXP or via the GRE tunnel over public internet. The Redge Guardian platform does not interfere with outbound traffic coming from the customer’s network.

Download brochure

Download brochure

For more details on the Redge Guardian Cloud, please see our datasheet.

Download brochure

Platform Solution

Platform Solution

Or perhaps check our on-premises? Learn more about the Redge Guardian Platform.

See more