Maximum protection, minimal hardware

There’s an old saying that simplicity is genius. It goes hand in hand with KISS (keep it simple, stupid). When it comes to placing hardware on your network for an effective network security solution, Whalebone has taken these maximums to heart. In today’s increasingly complex world and threat filled world, keeping your customers safe and satisfied is mission critical. Too many vendors today offer complex solutions that include extensive hardware costs, staff training, upkeep and maintenance, not to mention downtimes and troubleshooting. That’s where Whalebone’s telco hardware simplicity places them a head above the rest.What hardware is needed to deploy Whalebone? It’s as easy as one-two-three!

1. Servers – at least two Linux servers.

2. Resolvers – install Whalebone to turn these Linux servers into two Whalebone resolvers. While the actual number will always depend on the number of data centers the telco is running, two resolvers are the minimum required to ensure continuous operation in the event one goes down.

3. Customers – bring in the customers.

What’s a resolver and how does it work?A resolver is a Linux based machine directly on the telco network.

• It can be a virtual machine or the telco’s own hardware.
• The resolver’s job is to process all traffic on the network, either fixed line traffic, mobile traffic, or convergent fixed and mobile traffic.
• The resolver’s job involves processing from tens of thousands to 100s of thousands or more requests per second.
• Besides processing these DNS requests, the volume of which will depend on the size of the telco, the resolver needs to understand which specific line or SIM is sending the request and the individual policies for each line or SIM.

Sample case studyFor example, John has requested to either block certain sites, like adult content, or to have access to some sites otherwise considered suspect. The resolver needs to understand that these are John’s specific requests and either block or allow these sites through. Say John makes a request to Google on his mobile device. The Whalebone resolver goes to the internet to get the answer, remembers John’s preferences for that mobile device and John is able to access the page or have the page blocked as his preferences have been cached, i.e. Whalebone remembers his preferences, so John gets his answer with increased speed. At the same time, John is being effectively protected from malicious and suspect sites while being able to get the information he needs, all without John noticing any difference at all in his fast internet end user experience.Requirements

• DNS cache - Whalebone requires 4 or 8 Gigs of DNS cache on the telco hardware, i.e. the Linux based server that is a Whalebone resolver. This is necessary for Whalebone to store both threat info and a subscriber’s or the standard service’s preferences, if any. The rest of the information needed to effectively detect incoming threats remains on the cloud in the continuously updated Whalebone backend.

• The CPU – this is critical to process all the queries. More CPUs mean more processing power and more queries processed, with the CPU cores assigned to a resolver growing linearly, e.g. if 1 CPU can process 10 thousand queries per second, then 2 CPU’s can process 20 thousand queries per second, and so on, adding easy scalability as your network and subscriber base grows.

• Minimal maintenance up and running in no time - to handle the entire volume of traffic on its own, the telco has to only has to maintain the resolvers and scale with the CPUs. This means that with a plain Linux server and properly scaled CPUs Whalebone can be installed and running on the telco network in nothing flat.

In summary

• A telco would need several resolvers with sufficient CPU capacity, whereas for Whalebone to run for example on an ISP, a mere 4G of available memory would be sufficient for the cached information needed.

How is it possible so little capacity is needed?The backend - The reason for the beautiful simplicity is that the computationally intensive part of Whalebone is on the Whalebone backend, which proceeds to process all of the data from the resolvers to detect and block malicious domain data. Via the Whalebone API, if the telco wants to know more about specific threats, it simply asks the Whalebone backend. Adding customers - To add a new customer, say John’s mobile or fixed line, Whalebone stores this information and sends it to the resolver already on the telco network with John’s preferences, if any. Adding preferences - John can also change his own configuration on the portal running on the Whalebone backend in the cloud. Telcos have the choice of either deploying a user aware version, i.e. giving John a choice of his preferences, or an anonymized version, with all users receiving the same protection. In a nutshell, what this means is that outside of maintaining the Linux based resolvers, the telco doesn’t have to provide or manage any infrastructure at all. But what about latency? With all this information flying about and only a few Linux resolvers to bear the load, how can Whalebone ensure that its threat protection can make the right call? Wouldn’t reading every data packet coming across the network slow down the response time unbearably?The Magic Key

• Whalebone only processes the DNS traffic metadata about the whole internet.

For example, John wants to watch a YouTube video. The Whalebone resolver asks YouTube to get the info, YouTube then finds the data and streams a huge amount of video data to John’s mobile device. Whalebone only gets the response that YouTube is here, a small packet, and can ascertain that the data is safe as it’s really coming from YouTube. This means the resolver doesn’t have to process the enormous amount of data YouTube is sending back packet by packet.

• Scalability - This is why Whalebone scales so well and can be used for almost any amount of traffic without limit.
• Next to no latency - In terms of latency, Whalebone is no slower than a regular resolver without added protection features. In fact, customers have noted that Whalebone can actually improve resolution speed.

If it’s that easy, why isn’t everyone doing it? Now obviously Whalebone is not the only vendor out there offering telco network protection.

• What makes Whalebone so different from their competitors is that the resolvers, the most crucial hardware, are running directly on the telcos’ infrastructure, available 100% of the time.
• The resolver doesn’t have to query Whalebone’s backend, so it’s directly able to respond with near zero latency, while at the same time the resolver on the telco’s network is placed as close to the customer as possible.
• Cloud filtering, DNS in the cloud, with DNS requests going to the cloud and back, adds a few milliseconds of latency to each and every page, resulting in a different user experience with far higher latency than Whalebone.
• Whalebone’s unique position on the network, as close to the user as possible, with minimal hardware, provides a faster and more satisfying user experience.

Better yet, Whalebone offers zero downtime upgrades, which means that upgrading the Whalebone resolver software is done without service interruption. ConclusionThe Whalebone backend is non-critical for the resolvers, meaning that, unlike other solutions, no complicated design for how to run, maintain and upgrade is necessary. Whalebone can be running on the telco network in hours with nearly no labor and no complicated staff training needed to monitor and trouble shoot. This means far fewer labor costs, and negligible training, maintenance and trouble shooting. It’s the brilliance of simplicity in a complex world translated into customer and employee satisfaction equaling both dramatically enhanced security and increased revenue . While some vendors need special hardware for their service, Whalebone can run on virtually anything as long as there are Linux servers. Other vendors’ special hardware means increased costs, a long learning curve, and downtimes for breakage if new parts need to be ordered, not to mention complex monitoring and maintenance. Whalebone simply takes these unpleasant factors out of the effective security equation. Because at Whalebone, connected means protected, not hardware costs and headaches.For more details on the simplicity and ease of Whalebone’s minimal hardware requirements for telcos, contact us today!