datasheets.com EBN.com EDN.com EETimes.com Embedded.com PlanetAnalog.com TechOnline.com  
Events
UBM Tech
UBM Tech
Welcome Guest Log In | Register

Corrent Security Appliances Sustain Maximum Throughput—Even Under Attack

Authored on: Apr 11, 2005

Technical Paper / Case Study

0 0
More InfoLess Info
Security IT managers today fear Distributed Denial of Service (DDoS) attacks more than anything else. Without warning, hundreds or thousands of "zombie" computers can flood a "victim" Web site with requests for connections, quickly saturating a network firewall and choking off legitimate traffic. These threats are designed to consume as much processing power as possible—quick saturation of the CPU is the goal. Under such pressure the firewall can easily fail, leaving a network fully exposed. Or the organization can lose Internet connectivity—and thousands of hours of productivity—until the firewall can be restored.

In response to this threat, security appliance vendors utilize powerful processors that run sophisticated software. Many of these firewalls and VPN servers are strong enough to stave off some of the most vigorous attacks. But not all. That's because the typical architecture of a firewall/VPN server is synchronous—performing one function at a time. According to Corrent, synchronous architecture will fail when confronted with a flooding DDoS attack due to the fact that each connection must be processed in order.

Corrent came up with a distributed architecture that enables asynchronous processing at the firewall. Suspicious traffic is quickly diverted while the good communication flows freely. With multiple processors working on different tasks simultaneously, even the most malicious DDoS attacks cannot choke the firewall.



Please disable any pop-up blockers for proper viewing of this paper.

0 comments
write a comment

Please Login

You will be redirected to the login page

×

Please Login

You will be redirected to the login page

×

Please Login

You will be redirected to the login page