At SDN World Congress in October, Corsa, a startup offering a programmable data-plane appliance, was showing off a possible use case for its hardware: mitigation of distributed denial-of-service (DDoS) attacks.
Today the company made its use case a reality and announced its first security product — the Red Armor NSE7000 Network Security Enforcement engine, delivering 100-Gb/s DDoS protection.
Corsa’s expertise lies in software-defined networking (SDN), and the company is using a similar approach to combat DDoS. Both involve moving and processing bits of information at high speed, says Carolyn Raab VP of product marketing at Corsa.
Red Armor needs to be complimented by detection software directed by the BGP Flowspec standard. Red Armor enforces the rules, allowing or denying passage to the traffic depending on what that software finds. Because Red Armor can analyze data at 100 Gb/s, it is able to enforce rules even while it is being bombarded by attacks, Raab claims.
Specialized hardware (Corsa’s appliance is built on FPGAs) is required at these speeds, says Bruce Gregory, Corsa’s CEO.
“When you get to the 100-Gb/s layer, you’re not running [traffic] on the server — you’re running it on hardware,” he says. “We’re at the point where you can’t deal with 100-Gb/s connections using a software-only approach.”
Founded in 2013, Corsa currently has two service provider customers. The Ottawa, Canada-based startup has about 50 employees.