Building the Best Network Security Platforms

Internet usage continues to rapidly expand and evolve, and with it network infrastructure is changing and evolving. The use of general-purpose processors to provide network functionality has changed the face of the networking market and dramatically reduced costs for enterprises and telecom service providers. For the most part, these general-purpose servers have kept pace with Internet application usage. Network traffic, however, has increased dramatically with new applications that have extensive data plane requirements. Traffic has multiplied to a point where specialized technology is needed to keep up.

High-volume networking functions such as firewalls, unified threat management (UTM) servers, anti-virus, and load balancers are essential in the protection and performance optimization of the Internet. These networking and security devices have specific high-capacity requirements, including encryption/decryption and compression, which are not easily satisfied by commodity processors.

Lanner provides system integrators, service providers, and application developers with a range of computer systems and acceleration cards designed to satisfy networking and security needs. Their high-performing FW-8896 uses the latest in Intel processors, memory, interfaces, and software optimization techniques.

Challenge

The traffic from high bandwidth connections received by cloud and other data centers must be monitored for security threats, and modified for bandwidth optimization in real time at up gigabit line rates. Security devices include firewalls, UTMs, intrusion detection/protection systems (IDS/IPS), and virtual private network endpoints (VPN). Bandwidth optimization devices include WAN optimizers, load balancers, and application delivery platforms. The market is moving to hosting multiple applications on a single, virtualized server. In order to accomplish that hardware shift with these high performance applications, network equipment providers need the most modern, highest performance platforms in order to keep pace with Internet growth and to compete effectively. These platforms require optimized networking paths and specialized accelerators for encryption/decryption, compression, deep packet inspection (DPI), and other security and optimization processes.

The use of x86 network appliances helps reduce the cost of hardware design, development, manufacture, and support. To succeed in this market, vendors have to spend a significant percent of their engineering budget on hardware development, which slows their innovation on software “secret sauce” that makes their systems competitive. It also blocks innovative start-up companies from entering the market unless they can raise significant amounts of capital for these developments.

Further, deployed networking systems must be highly reliable, since all traffic flows through them in most cases. They must have five nines or better reliability, be field maintainable, and remotely managed. Significant effort and experience is needed to accomplish these goals.

Solution

For over three decades, Lanner has supplied high-tech companies worldwide with high-performance computing and networking platforms. Major network equipment manufacturers (NEM), system integrators, application developers, and service providers use Lanner’s network appliances to solve the most difficult networking and security problems. Lanner customizes a range of platforms for each customer’s needs – down to the shape and color of the chassis. Customers can choose and customize platforms with multiple levels of performance to meet the needs of their SMB, enterprise, carrier, and cloud customers.

To provide a hardware foundation for next-generation Internet security applications, Lanner teamed with Intel to develop the FW-8896. This flexible network security platform offers the latest Intel CPU, memory, storage, acceleration modules, and network interfaces. Up to 64 network interfaces can be included, with 10 Gbps and 40 Gbps copper and fiber connections.

Acceleration modules from Intel and other suppliers deal with specialized processing associated with networking and security. Network processing units (NPUs), for example, are included that developers can use to rapidly perform such functions as DPI, IDS/IPS, and cryptography, offloading the main CPU for other functions. IPsec/ SSL, the key protocols used in VPNs and secure web access, use multiple cryptographic techniques and are supported by accelerators from Intel.

The FW-8896 utilizes Intel® Xeon® E5-2600 v3 processors with 16 cores. A number of technologies contribute to the FW-8896’s performance:

Key Features

Optimized for network performance

Lanner platforms are specifically optimized for high network performance, allowing them to handle up to 64 network interfaces operating at up to 40Gbps each.

Customized

Through the use of Intel QuickAssist technology, Lanner can offer a selection of accelerators that further speed up processing associated with security and bandwidth optimization.

Flexible selection of accelerators

Through the use of Intel QuickAssist technology, Lanner can offer a selection of acceleration cards that further speed up processing associated with security and bandwidth optimization.

High reliability and maintainability

Lanner platforms offer redundant power supplies, hot-swappable fans, and watchdog and power-off LAN bypass to deliver a highly reliable and maintainable platform.

Benefits

Software developers or equipment companies who offer products built around the Lanner FW-8896 platform achieve significant benefits over those who design, develop, manufacture, and maintain their own systems:

Reduced/targeted engineering

Engineering talent can now be dedicated to development of software that distinguishes a provider’s product from their competitors. Large teams of engineers are no longer necessary for the continuous development of computing platforms.

Better, more reliable products

Security OEM equipment providers benefit from Lanner’s large client base, which allows Lanner to amortize advanced system designs across multiple customers. New platforms perform better out of the box, and are more maintainable.

More competitive products

Lanner offers the most powerful computing and acceleration platforms. In addition, providers may offer a range of products that match the price/ performance needs of their customers.

Flexibility

The multiple accelerators available from Lanner allow providers to offer further options for their product’s configuration.

Conclusion

Security and optimization are key requirements in the rapidly expanding Internet. The very high volume of network traffic mandates the use of specialized computing platforms to handle firewalling, IDS/IPS, anti-virus, and other security functions. Bandwidth optimization likewise requires computing systems that are able to compress/decompress data at high rates.

Lanner has built the FW-8896 using Intel’s latest technologies to meet these needs. The FW-8896 handles extreme bandwidth requirements with a combination of accelerators, interfaces, and Intel innovations. NEMs, system integrators, application developers, and service providers base their products and solutions on Lanner platforms with confidence that they are building the best solution possible.

Building the Best Network Security Platforms was last modified: January 14th, 2020 by LEI Technology