Contact Info

Headquarters:

706 Brewster Avenue Montreal, Qc, H4C 2K1
contact@noviflow.com
+1(438)807-4360

USA Office:

440 N Wolfe Road Sunnyvale,CA 94085
contact@noviflow.com
+1(408)217-6219
Follow Us

Threat Intelligence Gateway

Accelerating and scaling cybersecurity applications and appliances

OVERVIEW

The old paradigm for Cybersecurity is a dedicated system, or a cluster of security systems, placed at key points in the network. These systems provide both the analytic functionality to detect threats and the mitigation actions to address threats. All traffic that needs to be secured must flow through these security point. This solution is expensive and is difficult to scale for today’s throughput requirements.

Another limitation arises from Cybersecurity solutions being implemented on Intel x86 processors running software-based packet processing. This is an excellent environment for the security analytics engines, but the X86 architecture is a  very inefficient platform for handling packet-processing tasks. Consequently, software based mitigation filtering provides limited throughput, does not scale economically, and is often limited by hard upper limits for solution throughput.

How NoviFlow Does Things Differently

NoviFlow switches implement the next generation SDN networking technology – a flexible forwarding plane optimized for processing match-action rules within a fully programmable pipeline. This enables the off-loading of packet-processing intensive tasks from X86 based VMs and appliances to the NoviFlow’s NoviSwitches, which can execute these tasks far faster and more cost-effectively because of their use of optimized networking processors – such as the 6.4 Tbps Barefoot Tofino. Also, NoviFlow switches, with programmable capabilities, enable mitigation actions to implemented in one or more tables in the packet processing pipeline.

CyberMapper enables NoviWare™ compatible switches (such as NoviFlow’s NoviSwitches and select white-box switches) to deliver packet filtering, threat mitigation and load balancing directly in the network fabric in a simple, scalable, compact form factor, and at a fraction of the price of conventional networking solutions.

Moving the mitigation action to the programmable pipeline in NoviFlow switches increases the speeds of packet data handling and the execution of the mitigation rules by as much as 2 to 3 orders of magnitude over  x86 processors, effectively changing the economics of implementing network packet data processing.

Another advantage of the CyberMapper solution is that the analytics engines finds threats and the programmable network fabric implements the mitigation actions instantly, for the fastest possible protection from breaches, denial of service attacks, and loss or destruction of data and network assets.

CyberMapper’s new networking paradigm has huge implications in the Cybersecurity context. CyberMapper enables security mitigation actions to be injected right into the network fabric, turning NoviSwitches into Threat Intelligence Gateways.

  • Programmable pipeline enables security mitigation, ACLs, and Blacklists actions to be executed in the NoviFlow SDN switches
  • Supports millions of security action rules at the detailed flow level
  • Supports up to 50,000 mitigation action updates per second
  • Packet processing done on Network Processor silicon not x86 software
  • Cybersecurity API to inject, manage and monitor security actions
  • Security filtering runs at line-rate as part of network fabric
  • Cybersecurity becomes an integral part of the network fabric
  • Mitigation actions can be injected at any, or every, point in the network enabling the securing of East-West traffic
  • Multi-layer security filtering and mitigation execute at line-rate as part of the network fabric
  • Detailed responses – security actions on millions of individual flows – cande taken to address large scale cyber attacks

Use Case 1: Dynamically Scalable Firewall with Fortinet

Use Case 2: DDoS SYN Challenge with Radware

Want to know more?

Top