Valtix Unveils First FPGA-Powered Cloud Native Firewall on AWS – Delivering High-Performance Cloud Network Protection
Offers 10X more throughput compared to x86 compute instance, and predictable application tail latencies as number of apps and volume of traffic increases
SANTA CLARA, CA, October 1, 2019 -- Valtix, developer of the first cloud-native network security platform, today has announced a forthcoming beta launch of support for Field Programmable Gate Arrays (FPGA) for Valtix Cloud Firewall utilizing AWS F1 instances, with general availability slated for November 2019. By offering accelerated performance via FPGA technology within AWS F1, the Valtix Security Platform will empower AWS customers to provide superior speed, throughputs and massive parallel performance for network security protection within the Public Cloud that was previously not available in Public Cloud and was only available on on-prem hardware appliances.
“As organizations need to protect critical, perf-sensitive, high-growth cloud apps, we recognized a need to protect them with higher performance netsec solution using cloud-native FPGA compute by AWS.” — Vishal Jain, Co-Founder and CEO, Valtix
“As organizations need to protect more critical, perf-sensitive, high-growth cloud apps, we recognized a need to protect them with higher performance netsec solution using cloud-native FPGA compute offered by AWS.” said Valtix CEO Vishal Jain. “Fortunately, this coincided with the advent of FPGA-as-a-Service (FaaS), and we have been able to take advantage by developing an FPGA-powered network security capability natively in the cloud.”
In order to ensure easy integration and adaptability, Valtix has built the dataplane with a pipelined architecture, Valtix Firewall Pipeline, using an x86 dataplane for x86-based instances, and an x86/FPGA dataplane for FPGA-based instances. The Valtix Cloud Controller, which has real-time view of the load on each firewall instance and is decoupled from the dataplane, then decides which corresponding dataplane to deploy, for what tasks, and how — decisions which are based upon traffic behavior and/or volume, latency requirements, and the availability of FPGA instances in a particular region and/or cloud. This architecture allows Valtix Cloud Firewall to be deployed in a customer account with both scale-up (from x86 instances to FPGA instances) and scale-out (from 1 instance to multiple instances of the same kind) all managed via Valtix Controller.
Key use cases for Valtix Cloud Firewall with AWS F1 FPGA instances include:
- High-performance acceleration and throughput for AWS Transit Gateway based firewall deployments with Valtix security services Virtual Private Cloud (VPC)
- Seasonal traffic bursting for business-critical applications like web front ends and backend database tiers
- Predictable latency where good flows are protected from malicious flows to limit the variance in latency with the example of a range of 13ms to 40ms with x86 vs a predictable 10ms with F1
“Applications like data analytics, machine learning, genomics and now network security are extremely computationally intensive and require a large amount of processing power,” said John Abbott, Co-Founder and Distinguished Analyst at 451 Research.”The FPGA-powered compute instance help close the hardware-security gaps and reduce vulnerabilities and side channel attacks.”
By leveraging FPGA with AWS F1 instances, network security performance and latency will not only be substantially improved and scaled, but also become much more predictable — regardless of attack intensity and scope. This ensures that throughput can properly scale with apps, and the volume of traffic through them, along with an elastic growth of the firewall clusters in bigger steps during peak seasons.
For more information on the launch:
- Attend Xilinx Developer Forum Americas (XDF) 2019 in San Jose California for AWS and Valtix joint breakout session on Develop & Deploy accelerated applications at global scale on Amazon EC2 F1 Instances
- Test Drive production-ready Valtix Security Platform for 14 Days
- Read the blog on FPGA-powered Cloud Native Firewall by Valtix CEO Vishal Jain
Valtix is the industry’s first cloud-native network security platform. Comprised of Valtix Cloud Controller and Valtix Cloud Firewall, the solution revolutionizes cloud network security with innovations that make visibility and enforcement automatic at the pace of the applications they protect. The firewall is architected with built-in auto scale, app-aware security policy, and a single-pass pipeline for TLS, advanced FW, IPS, advanced WAF and more, which operates on a variety of cloud instance types that range from basic to the most advanced. Valtix Cloud Controller deployment support for AWS, Azure, and GCP is expected later this year. Learn more at Valtix.