Products BIG-IP Services

BIG-IP Carrier-Grade Network Address Translation (CGNAT)

Ease IPv4 to IPv6 migration with a secure IP address strategy as part of a suite of consolidated functions.

Read the datasheet

Improve Network Scalability with BIG-IP CGNAT

big-ip-cgnat-as-part-of-a-security-policy

BIG-IP CGNAT as part of a security policy

BIG-IP CGNAT can be combined with BIG-IP Advanced Firewall Manager (AFM) to provide a comprehensive security platform. A consolidated approach results in simpler management and operation, reduced operational costs, and more opportunities to monetize functions and services.

  • High Performance Firewall - Combined with BIG-IP AFM, BIG-IP CGNAT provides the benefits of a high-performance firewall. These include a subscriber aware network firewall with integrated ACLs, IPS, and DDoS protections.
  • Subscriber Awareness - Subscriber awareness enables log enrichment with subscriber ID for CGNAT NAPT and PBA logs, subscriber discovery, and dynamic policy provisioning.

 

Product Overview

diagram-sp-big-ip-cgna

Scale and secure your network with carrier-grade NAT performance

BIG-IP CGNAT has proven to be an indispensable tool for supporting transitions to IPv6 and continues to prove its worth in today’s network by helping to scale and secure networks. For service providers that want to optimize their network scalability for IPv6, IoT and 5G, BIG-IP CGNAT provides a seamless and secure IP address strategy as part of a suite of consolidated network functions.

Software

Deployed as a VNF (F5 BIG-IP Virtual Edition), or as part of the NFV Gi-LAN, Gi Firewall, or CGNAT pre-packaged solution. BIG-IP Virtual Edition can also be augmented with an Intel SmartNIC to boost performance and reduce CPU usage.

See software options ›

Public cloud

Enable IPv4/IPv6 address management capabilities in a public cloud environment for flexible business operation. Also available as a CNF.

See cloud options ›

Hardware

F5 BIG-IP CGNAT can be deployed on the scalable, bladed VELOS or VIPRION platforms, as well as iSeries and rSeries appliances.

See hardware options ›

Core Capabilities

When performing CGNAT, there are two primary functions that require significant compute power: executing the actual translation from one IP address to another and logging that translation—as often required by regional authorities.

Wide-ranging NAT functionality

Manage IPv4 address exhaustion with NAT44, NAT64/DNS64, PBA, and more.

Reclaim publicly routable IPv4 address space

NAPT and PBA let service providers exponentially scale available source addresses.

Performance at scale

Handles close to 1.5 billion concurrent sessions and more than 1 Tbps of throughput.

Subscriber-aware high speed, scalable logging

Support the generation of millions of logging records to comply with regional authorities’ requests.

Software with hardware acceleration

Offloading to an Intel SmartNIC, can improve throughput by 30%.

Next Steps

Find out how F5 products and solutions can enable you to achieve your goals.

Contact F5