Home
Transparent Security is a solution to identify the source devices of a DDoS attack and mitigate the attack on the customer premises or the access network. This solution leverages a P4 based programmable data plane to add in-band network telemetry (INT) for device identification and in-band mitigation at line rate without control plane intervention.
- Three customer premises, each containing two or more devices, are connected to an operator-supplied P4-capable gateway.
- The gateways, in turn, connect to the access network through a P4-enabled aggregate switch.
- The aggregate switch then connects to a P4-enabled core switch.
- The core switch sends traffic to the Internet and to the analytics engine for pattern recognition.
- The controller initializes each P4-enabled device and updates them when needed to block malicious traffic.
- The analytics engine receives INT data from the core in-band as packets flow through the network.
- When malicious patterns are detected, the SDN controller is notified and updates the P4-enabled devices to handle the packets based on the pattern signature.
- The management interface between the controller and the P4-enabled devices can use a variety of protocols, including GRPC, Thrift, HTTP, or RPC.
- The protocol between the SDN controller and switches can vary, depending on the protocols supported by the switches and gateways.
- Telemetry data and alert notifications can optionally be sent to a dashboard or NOC server for integration with other analytics.
