• Skip to primary navigation
  • Skip to main content
  • Skip to footer

+1-613-287-0393

info@corsa.com

Support

  • LinkedIn
  • Twitter
  • YouTube
Corsa Security

Corsa Security

Scaling network security

  • Solutions
    • Automate Your Managed Virtual Firewall Service
    • Modernize Enterprise Network Firewalls
    • Scaling Virtual Firewall Clusters
    • Complete Communications Monitoring
    • Increase Threat Protection
  • Products
    • Corsa Security Orchestrator
    • Corsa Security Platform for Automating Firewall Virtualization
    • Corsa Security Platform for Scaling Threat Protection
  • Verticals
    • Large Enterprise
    • Service Providers
    • Government
    • State, Local and Education (SLED)
  • Partners
    • Fortinet
    • Palo Alto Networks
    • Find a Reseller or Distributor
    • IT Consultants and Professional Services
    • Industry Collaboration
    • Become a Partner
  • Resources
    • Videos, Whitepapers and Other Content
    • Explainers
  • Company
    • About Corsa Security
      • Corsa Security Recycling Solutions
    • Management Team
    • Board of Directors and Steering Committee
    • News and Blog
    • Careers
    • Support
Contact Us

The Journey to Turnkey Network Security Virtualization

October 22, 2019 by Eduardo Cervantes

Historically, we’ve inspected traffic using single-purpose, specialized hardware – namely firewalls. While performing a crucial role in preventing successful cyberattacks, firewalls have evolved over several generations to become much more than packet-filtering mechanisms.

Now, with exponential increases in bandwidth and SSL/TLS encrypted traffic, firewalls are unable to keep up and perform all the functions asked of them. Single-purpose, specialized firewalls simply can’t inspect the growing amount of encrypted traffic coming into an enterprise, while at the same time performing other functions and maintaining network performance for high capacity links.

It’s clear to large enterprises and even the firewall vendors themselves that something must be done to plug this SSL inspection gap. And so, began our journey…

Horizontal scaling in the data center

With our roots in software-defined networking (SDN), Corsa started to look for a solution to the SSL inspection gap by turning to the data center for inspiration.

Data centers faced even larger exponential growth in traffic and needed to transform from deploying ever larger hardware appliances, one at a time, to keep up. The innovation came when they decided to distribute the load between multiple systems rather than trying to build an ever bigger, single system. They moved from vertical scaling (adding a new piece of equipment for every new challenge) to horizontal scaling (service chaining using a software-defined approach).

Today, scaling out so the application is load balanced between as many servers as needed is the norm. It would be impossible to build a web scale application, like Facebook or Twitter for example, on a single server.

The industry’s solution to web applications demonstrated the possibilities of horizontal scaling. The same needs to be done for network security. There are a few factors which made this approach possible for web apps and are now ripe for the picking for network security:

  • Innovation in load balancing technologies which allows for distributing the load between multiple systems.
  • The commoditization of general-purpose servers. Over the last decade server technology has become very cost effective and it’s now economical to buy more general purpose x86 CPUs for your applications as needed.
  • Improvements in virtualization and cloud technologies. These allow you to use your server resources a lot more efficiently when multiple applications are able to run on the same physical infrastructure.

The need for turnkey virtualization

While service chaining is a powerful solution to address the SSL inspection gap, there is always complexity when you virtualize. Hyper converged infrastructure (HCI) came into play to remedy that for storage so we looked at something similar for network security.

The challenge for virtualization comes with the integration of the various platform components, then into the network security ecosystem, and then into the network. This is the final puzzle piece: turnkey virtualization.

The platform needs to be pre-configured, with the ability to add capacity and services quickly and easily. If it’s not turnkey it’s just moving the complication and expense into another area of the organization. It would be like offering a consumer a ‘build-your-own’ phone kit. You supply the parts and software, and the consumer has to build their own cell phone from scratch. With turnkey virtualization, it’s like giving the consumer a fully enabled phone where they can customize their experience by adding the apps they want, when they want.

This is what we’ve done with the Corsa Red Armor platform. The firewall functions are overlays, in the same way that a mobile application becomes an overlay to a handset’s operating system. When new inspection capacity or security posture is required, a virtual NGFW or any other virtual security service can be added, just as one would add applications to any mobile OS. It’s simply a matter of ordering more inspection capacity as needed, rather than having to build and deploy more physical appliances, and as a result you get far better TCO.

Freeing up network security teams to focus on policy

When this is done right, network security teams can focus on security policy instead of spending their time struggling to predict network traffic needs or scope required hardware. Instead, just like managing cloud storage, users can spin virtual network security machines up and down at the click of a mouse. Moving away from single-purpose, dedicated hardware is key to building a network security solution which can process all the necessary encrypted traffic in a cost-effective way.

That’s been our journey to turnkey network security virtualization at Corsa Security so far… but, it’s only just the beginning. Today, we offer a service that scales virtual firewalls from Fortinet and Palo Alto Networks for complete SSL/TLS visibility but it doesn’t need to stop there. We have plans to evolve our service to certify other security vendors and other security functions, such as IDS, IPS, and web proxy. Let us help you on your journey to scale network security.

Category iconBlog Tag iconEduardo Cervantes,  SSL Inspection,  Turnkey Network Security Virtualization

Subscribe to our newsletter

Get the latest posts delivered right to your inbox

Automate network security virtualization

Talk to us about how to deploy, scale and optimize virtual on-premise firewalls with speed, simplicity and savings.

Footer

Corsa Security

We are the leader in automating network security virtualization, which helps large enterprises and service providers deploy, scale and optimize virtual on-premise firewalls with speed (24x faster deployment), simplicity (zero-touch operations) and savings (9x lower TCO). By tightly integrating firewall virtualization with intelligent orchestration, the Corsa Security Orchestrator provides an aggregated view of all your virtual firewalls while managing their infrastructure health, capacity and performance. Customers subscribe to the Corsa Security services based on their current needs and then pay as they grow by integrating credit-based licensing from our firewall partners.

info@corsa.com

Sitemap

  • Home
  • Solutions
  • Products
  • Verticals
  • Partners
  • Resources
  • Company

Quick links

  • Support
  • News and Blog
  • About Corsa Security
  • Corsa Security Platform for Automating Firewall Virtualization
  • Corsa Security Platform for Scaling Threat Protection
  • Corsa Security Orchestrator

Headquarters

300 March Road, Suite 400
Ottawa, ON K2K 2E2
Canada

+1-613-287-0393

San Francisco

201 Spear Street, Suite 1100
San Francisco, CA 94105 
U.S.A.

+1-415-887-2131

Boston

177 Huntington Ave., 17th Floor
Boston, MA 02115 
U.S.A.

+1-617-430-7017

  • LinkedIn
  • Twitter
  • YouTube

Copyright © 2023 Corsa Technology Inc. All rights reserved. Privacy. Return to top