A carrier-grade DDoS mitigation platform.
Redge Guardian is a carrier-grade, software-defined DDoS mitigation platform, ready to handle fast moving, terabit scale attacks, including IoT-based threats. Redge Guardian provides a first layer of network security and allows to inspect and filter 100M+ pps on a single, commodity x86 server.
Redge Guardian leverages unique dataplane architecture, which moves packet processing pipeline outside of OS kernel. To date, comparable performance level was achievable on FPGA and ASIC based platforms only.
Redge Guardian Platform traffic inspection pipeline comprises of signature-based stateless filters, half-state TCP inspection and high- performance L7 regexp engine. Signature updates are provided periodically, basing on analysis on ongoing attacks and emerging threats. Flexible rule grammar allows to design custom rulesets within minutes.
Redge Guardian Platform is ready for multi-tenancy and can be deployed either inline or out-of-path, as a physical or virtual appliance, enabling carriers to offer value added services for the customers. Complicated deployment scenarios can include integration with existing self-service portals.
In this scenario, Redge Guardian Platform acts as a filtering bridge between pair of ports.
Upon attack detection, /32 more specific routes are injected into transit/peering VRF, causing traffic redirection to Redge Guardian Platform. Clean trafic is reinjected into IP core.