Sub-Second Detection
Identifies attack signatures and behavioral anomalies at wire speed with millisecond response.
DDoS Protection
Sub-Second DDoS Response Without Cloud Scrubbing Latency
Corero Networks SmartWall provides always-on, inline DDoS mitigation that detects and responds to attacks in milliseconds — before traffic reaches protected resources.
Unlike cloud scrubbing centers that introduce detection delays and routing latency, SmartWall operates continuously in your traffic path, blocking attack traffic while forwarding legitimate traffic without delay.
Inline protection architecture designed for sub-second response and zero latency impact on clean traffic.
-1-1-1.png)
Always-On Protection
Inline DDoS mitigation that responds in milliseconds, not minutes
Traditional cloud scrubbing introduces detection delays and routing latency that can allow attacks to succeed before protection activates. SmartWall operates differently.
The Challenge with Traditional DDoS Protection
Cloud scrubbing centers have fundamental limitations that leave organizations vulnerable to targeted, sub-volumetric attacks.
Detection takes minutes before mitigation begins
BGP diversion introduces 50-100ms latency to all traffic
Low-volume attacks fall below scrubbing provider thresholds
Manual or semi-automated processes delay response
Corero SmartWall Inline Architecture
SmartWall deploys inline in your traffic path, inspecting every packet at line rate and mitigating attacks in the forwarding pipeline.
Zero Clean Traffic Impact
Legitimate traffic forwarded without latency while attack traffic is blocked inline.
Continuous Protection
Always-on mitigation with no detection window or manual intervention required.
Implementation Process
Complete deployment from architecture design through steady-state operations.
1
Architecture & Deployment
Traffic assessment, SmartWall sizing, inline integration, and initial policy configuration.
2
Commissioning & Tuning
Detection policy calibration based on production traffic patterns and attack simulation testing.
3
Integration & Operations
BGP integration for volumetric handling, SecureWatch analytics, and Aegis co-managed operations.
What You Get
Complete DDoS protection architecture with ongoing operational support.
Deployed SmartWall Appliances
Inline protection with tuned detection policies calibrated to your traffic environment.
BGP Integration
Automatic upstream diversion for volumetric attacks exceeding inline capacity.
SecureWatch Analytics
Attack visibility, mitigation effectiveness reporting, and SIEM integration.
Operational Outcomes
- Sub-second attack detection and mitigation
- Zero latency impact on legitimate traffic
- Continuous automatic protection without human intervention
- Complete attack visibility through SecureWatch analytics
Ideal Fit
- Organizations with internet-facing services and SLA commitments
- ISPs, hosting providers, and data center operators
- Environments where cloud scrubbing latency is unacceptable
- Organizations upgrading internet peering infrastructure
Protection Models
Choosing the right DDoS protection architecture for your environment
Different protection models address different attack scenarios and operational requirements.
Cloud Scrubbing
Traditional Model
Routes attack traffic to remote scrubbing centers for cleaning before returning clean traffic.
Best Fit
Volumetric attacks, organizations without latency-sensitive applications.
Tradeoffs
Detection delays, routing latency, dependency on BGP diversion processes.
Recommended
Inline Protection
SmartWall Model
Always-on mitigation in the traffic path with sub-second response and zero clean traffic impact.
Best Fit
Targeted attacks, latency-sensitive applications, high-frequency attack scenarios.
Tradeoffs
Finite appliance capacity requires upstream handling for massive volumetric floods.
Hybrid Architecture
Best Practice
SmartWall for rapid response to targeted attacks, cloud scrubbing for terabit-scale floods.
Best Fit
Organizations with serious DDoS exposure requiring comprehensive protection.
Tradeoffs
Higher complexity and cost, but addresses all attack scenarios effectively.
Why IVI
Complete DDoS protection architecture and ongoing operations
Architecture Expertise
We design complete protection architectures, not just appliance deployments.
Traffic Path Integration
Proper SmartWall placement and BGP integration for your specific environment.
Policy Calibration
Detection thresholds tuned to your traffic patterns, not generic defaults.
Aegis Co-Managed Operations
SmartWall operated as production security infrastructure through our managed services model.
Continuous Monitoring
Appliance health, attack event analysis, and policy maintenance.
Lifecycle Management
Software updates, capacity planning, and architecture evolution.
Related Resources
Related Resources
Review related solution pages, supporting materials, and additional resources that help explain where this solution fits and how it can be applied.
FAQs
Frequently Asked Questions
Common questions about Corero SmartWall DDoS protection.
We already have cloud scrubbing with our ISP. Why do we need inline protection?
Cloud scrubbing handles volumetric floods well but misses high-frequency, sub-volumetric attacks that target specific protocol weaknesses like TCP state exhaustion or DNS amplification at moderate volume. These attacks often complete before scrubbing diversion activates and before cloud providers' volume thresholds are met. SmartWall catches exactly these attack patterns in real time while your cloud scrubbing serves as backstop for terabit-scale floods.
How does SmartWall perform at 100GbE or higher interface speeds?
Corero SmartWall appliances are purpose-built for high-speed environments including 100GbE with hardware-accelerated processing pipelines. Specific appliance selection and deployment topology depend on your interface count and traffic volume. We size the SmartWall deployment for your environment during the architecture design phase.
Will SmartWall affect normal traffic latency?
In normal conditions, SmartWall introduces negligible latency — typically sub-microsecond. The inline processing pipeline operates at line rate with hardware acceleration. You should not observe measurable latency increase for legitimate traffic in production.
Is Corero appropriate for smaller organizations?
SmartWall is typically deployed by organizations with direct internet presence at meaningful bandwidth — ISPs, data center operators, financial services firms, and enterprises with high-availability requirements for customer-facing applications. For smaller organizations without direct internet peering, cloud scrubbing services are usually adequate and more cost-effective.
How does SmartWall integrate with existing security infrastructure?
SmartWall integrates with SecureWatch analytics for attack visibility and can feed attack event data to your SIEM platform like Splunk for unified security event correlation. It also integrates with upstream BGP routing for automatic traffic diversion when attacks exceed inline capacity.
What happens during attacks that exceed SmartWall's capacity?
For volumetric attacks exceeding inline appliance capacity, SmartWall can trigger automatic BGP announcements to divert traffic to upstream cloud scrubbing providers. This hybrid approach uses SmartWall for rapid response to targeted attacks and cloud scrubbing for massive volumetric floods that require upstream bandwidth absorption.