AT&T, Palo Alto Networks and Broadcom have announced a framework for a virtual firewall, or Disaggregated Scalable Firewall (DSFW). The DFSW architecture used to design the firewall should secure network traffic in the 5G era.

The DSFW allows the firewalls to be deployed as software-based platforms instead of hardware devices. The framework is an extension to the Distributed Disaggregated Chassis (DDC) white box architecture, which AT&T previously submitted to the Open Compute Project. White Box means that knowledge about the technology is paramount during implementation (unlike Black Box, where only the implementation has to work). The expansion of DDC provides greater programmability, with built-in security at the edge of the network, according to AT&T.

Security as a priority

According to AT&T, security has always been the priority of the company’s network initiatives. That’s what Michael Satterlee, VP of network infrastructure and services for AT&T, says. “Traditionally, we have had to rely on centralised security platforms or co-located appliances that are either not directly in the path of the network, or are not cost-effective to meet a carrier’s scale-up requirements. This new design includes the security of our network edge, which enables control, visibility, and advanced threat protection.

In addition to AT&T’s contributions, Palo Alto’s network technology and Broadcom’s Jericho 2 chip were essential to the design of the DSFW framework. The framework uses an open hardware and software design, providing more support for flexible uses.