Speaker
Description
In this presentation we will look at how Service Providers can leverage existing and widely available network equipment including (virtual) routers and (virtual) firewalls to build scale out security services, for example CGNAT, clusters. As Service Providers are pushing more and more traffic from their (residential) customers towards the internet there is a need for higher bandwidth CGNAT. Physical, scale up, boxes cannot coop with this increased demand. Also current available x86 processors have become so powerful that in many cases it makes sense to offload security services to it instead of using hardware ASICS for this task.
We will look at some of the shortcomings of current available solutions and will propose a few options for scale-out architectures.
CGNAT is just one of the use cases, other use cases include IPsec services, packet inspection, etc.
