Rapid proliferation of mobile devices and unprecedented mobile data growth, coupled with demand for new digital content and applications, are driving operators to massively invest in LTE — an all-IP-based network. While this solves many challenges operators face in mobile broadband, it also opens great opportunities to introduce new types of applications and services (e.g., video calling, high-definition content streaming, low-latency gaming, VoLTE, etc.) that weren’t possible before. Continuously evolving into 5G to enhance mobile broadband services, next-generation networks and standards are designed for the Internet of Things (IoT), enabling a wide range of use cases for the scalable, hyper-connected IoT world.


Mobile and fixed operators face increasing difficulty maintaining service availability for their subscribers while attempting to defend against malicious DDoS attacks, particularly with exponential growth in the number of potential intrusion points. Year over year, these attacks increase in sophistication, complexity, bandwidth consumption, and duration, outpacing the operator’s ability to react and maintain network stability.

Evolving Security Landscape:

Traditionally, mobile and service provider networks are protected against attacks that come in through the internet. However, with the changing threat landscape, attacks can now originate from inside the network, such as the recently discovered WireX, changing the defense paradigm.

Internet of Things and 5G:

IoT and 5G service offerings tout greater revenue opportunities with emerging use cases driving the need for higher speeds and lower latency, but also brings with it, the associated security implications. Confidentiality protection and integrity of subscriber traffic for mobile backhaul protection is key for IoT security.

Assuring Sustainable Subscriber Growth:

Proliferation of devices, users & traffic has triggered the need for solutions supporting massive scale and performance. Legacy solutions offer limited platform extensibility options, and can’t provide the reliability, subscriber scalability and substantial session rates these networks demand.


A10 converged security solutions include Thunder CFW, with integrated Gi/SGi firewall capabilities, providing highly scalable, flexible and high-performance security at strategic locations in the mobile network. A10 Thunder CFW is built on the market-proven Advanced Core Operating System (ACOS®) platform that delivers unprecedented performance and scalability with the industry’s best data center footprint. A single platform approach to protect mobile core infrastructure and subscribers from multi-vector attacks and ensure applications are highly available, accelerated and secure.

Gi/ SGi LAN Convergence

Consolidate CGNAT, stateful firewall and application visibility to simplify the Gi/SGi LAN for greater efficiency. Fewer devices implies less operational overhead and low latency.

Integrated DDoS Protection

A10 security solutions are augmented with Integrated, high performance DDoS security to provide comprehensive protection from attacks on the mobile core, including protection for CGNAT IP pools.

High-performance stateful firewall

Thunder CFW offers unprecedented performance and delivers up to 220 Gbps of throughput and supports up to 256 million concurrent sessions in a one rack-unit (RU) appliance.


When Androids Attack: Protecting Against WireX Botnet DDoS Attacks

featured products

Industry’s first convergent security solution for service providers and cloud providers that includes integrated application delivery and security solutions in a single, standalone product.


Thunder Converged Firewall (CFW)

Carrier Grade Networking

Thunder CGN


White Papers
CGNAT Isn’t a Capability, It’s a Lifecycle Strategy
Solution Briefs
Intelligent Traffic Steering in Mobile Networks
Solution Briefs
Protect Networks and Improve Subscriber Experience with Security Solutions for Service Providers