A10 Networks Extends Carrier-class Firewall Product line
January 2020 by Marc Jacob
A10 Networks announced it is extending the capabilities of the Thunder® Convergent Firewall (CFW), part of the A10 Orion 5G Security Suite, to support the coming cloud-native 5G requirements. The new container-based carrier-class firewall delivers up to 180 Gbps throughput, one of the fastest in the industry. A10 is also releasing a new version of its Advanced Core Operating System® (ACOS) 5.1, which includes multiple 5G-ready updates. Thunder CFW running ACOS 5.1 brings all of the functionality, performance and scale of the existing physical and virtual appliances to the container firewall, helping to prepare service provider customers in their transition to cloud-native 5G infrastructures.
The Thunder containerized firewall was recently demonstrated as part of the Linux Foundation’s end-to-end cloud-native 5G network proof of concept at KubeCon + CloudNativeCon. This first of its kind proof-of-concept (PoC) was a fully containerized, end-to-end 5G non-stand-alone (NSA) distributed cloud network, which paves the way for commercial deployments in mobile operator networks globally.
The Thunder CFW includes functionality that helps ensure the security, reliability and availability of 5G networks as they transition from physical network functions to be completely cloud native. It can be broadly deployed in mobile networks at the SGi, roaming and radio access network (RAN) interfaces. The A10 Thunder software has been integrated and validated with leading NFV-MANO solutions, including Ericsson Cloud Manager, NEC Netcracker HOM, Red Hat OpenStack, and tested in recent ETSI NFV Plugtests for end-to-end VNF lifecycle operation capabilities. New and enhanced capabilities include:
• Security gateway (IPsec) to secure the RAN-core backhaul and authenticated RAN nodes
• GTP firewall enhancements that comply with recent GSMA guidelines for roaming security
• DNS over HTTPS
• DNS application firewall
• GTP Director, providing intelligent traffic steering for efficient balancing of the traffic load within core network
• Carrier-class firewall enhancements, including URL/SNI/domain-name filtering
• One-DDoS distributed detection to protect against large-scale DDoS threats
• MEC ready to deploy in a mobile edge compute environment that requires high-density, low-footprint network function virtualization and ties into orchestration systems
• Unique scale-out architecture to provide a 3 Tbps in a virtual chassis or 1.5 Tbps in the cloud-native solution
• A10 Harmony® Controller for centralized management and visibility for consistent operations and security across environments
In addition to the release of the high-performance containerized firewall CNF, A10 Networks also released new PNFs with its 7600 series models, delivering up to 385 Gbps throughput in a compact RU physical appliance.