RtBrick First to Add Internet Peering Security For Disaggregated ISP Networks

Img

New features protect critical ISP infrastructure while advancing the adoption of open, disaggregated networks

RtBrick First to Add Internet Peering Security For Disaggregated ISP Networks

Media Contact
Red Lorry Yellow Lorry on behalf of RtBrick
rtbrick@rlyl.com

RtBrick today announced that it has added support for several new Internet peering security features, including BGP RPKI, TCP-AO for BGP and LDP, BGP Flowspec, SFLow and GTSM. These tools enhance the security of peering and edge routers, enabling operators to protect their networks from malicious actors while benefiting from the cost-efficiency of disaggregated systems.

  • BGP Flowspec: Protects networks from DDoS (Distributed Denial of Service) attacks.
  • Resource Public Key Infrastructure (RPKI): Allows network owners to validate and secure the critical route updates, or Border Gateway Protocol (BGP) announcements, and prevent route hijacking or misconfiguration.
  • TCP Authentication Option (TCP-AO): Enhances the security and authenticity of TCP segments exchanged during BGP and LDP sessions. It adds support for the latest security mechanisms and is stronger than legacy mechanisms such as TCP MD5.
  • sFlow, or "sampled flow": Samples packets from routers and sends them to a central collector for analysis, to identify abnormal traffic patterns and potential attacks.
  • Generalized TTL Security Mechanism (GTSM): Prevents a remote intruder from hijacking a route using a mechanism that also protects it from CPU-utilization based attacks.

Network disaggregation separates the hardware and software that is traditionally provided as a closed monolithic routing system, enabling operators to pick and mix different vendors and use low-cost hardware based on ‘off-the-shelf' networking silicon. Now, using RtBrick’s disaggregated routing software, an operator can enhance the security of their disaggregated routers that connect to other ISPs, known as Peering Routers, as well as edge service PE Routers.

“As ISPs battle consumer and regulatory pressure to secure their networks against sophisticated attacks, they need robust security tools,” said Hannes Gredler, CTO and founder at RtBrick. “Adding this latest feature-set will allow ISPs to take advantage of the cost-points and flexibility of network disaggregation to provide Internet peering while effectively securing their key infrastructure.”

RtBrick’s software has been deployed across a wide range of operators, from Deutsche Telekom, Europe’s largest telco, to regional ISPs such as WOBCOM. RtBrick enabled WOBCOM to create a disaggregated multiservice edge, in which it implemented the new BGP Flowspec security feature.

Watch RtBrick’s BGP Flowspec in action and see how it strengthens ISP networks against threats - here.

To learn more about RtBrick’s pioneering approach to disaggregated routing, visit rtbrick.com.

Note*: The information was submitted for publication at 10:00 GMT on 6 January, 2025

About RtBrick
RtBrick Inc. has pioneered carrier routing software that runs on off-the-shelf hardware. It has applied the same approach to networks that the huge ‘cloud-natives’ have used to build and operate their web-scale IT services. RtBrick is a privately held company, incorporated in the USA, with staff located in Europe, India and Taiwan.