DPI and Security Solutions

Newest generation of network security platforms offers scalability and best-in-class density

Newest generation of network security platforms offers scalability and best-in-class density

Artesyn offers scalability and high density for Deep Packet Inspection and Security applications.  With a combination of hardware blades (with both Intel and packet processing resources) and platforms, along with ISV partner application-enabling software, Artesyn delivers efficient and versatile platforms for applications including LTE security gateways, firewalling, policy enforcement, lawful interception, targeted advertising, traffic shaping/monitoring and QoE. Solutions include ATCA and MaxCore-based architectures, each aligned with the different needs of the applications and the scalability each unique combination can deliver.

Security Gateway System

The Artesyn LTE Security Gateway (LTE/SEG) provides the high throughput firewall and IPSec termination functionality required to protect subscriber data ‘in motion’ through the radio access network. Implemented in a carrier grade bladed server architecture, the LTE/SEG offers a scalable solution to add secure connectivity to the enhanced packet core. The LTE/SEG utilizes a sophisticated load balancer to ensure that traffic is distributed evenly across all available compute functions.

Malicious traffic is filtered out by the enhanced firewall function

User data is encrypted in IPSec tunnels for transport over radio access network

The switch I/O and x86 server blades are connected over a high bandwidth dual star fabric backplane, with 4 x 40Gb/s connections to each server blade

De-tunneled and decrypted data is passed to the EPC functions for further processing, with user data being routed into the mobile core ‘cloud’

Firewall, packet routing and IPSec termination are performed in each x86 server blade. High availability is achieved through both hardware and application level redundancy. If a blade fails, traffic and processing is switched over to a standby bade within the system

Packets arrive at the LTE/SEG I/O interface and are load-balanced amongst a number of x86 server blades running the security functions

The load balancer ensures that traffic is distributed evenly amongst the x86 blades, as well as ensuring that packets from the same flow are always directed at the same processing blade

  • Data traffic from a mobile device enters the SEG via a switch card
  • Equal cost multi-path load balancing within the switch examines packet contents and load balances amongst a number of x86 server blades running the security gateway (SEG) function
  • The SEG provides the following services
    • All traffic for a single session will be serviced by the same SEG instance
    • A firewall function detects and blocks unauthorized traffic, based on network rules and policies
    • IPSec termination is performed by the SEG, forming a secure, encrypted tunnel for the user device
  • User and control data (extracted from the IPSec tunnel) is passed into the mobile core ‘cloud’

Products

Centellis® ATCA System Platforms

Integrated, application-ready platforms with best-in-class power and thermal performance, a rich ecosystem of blades and software and a strong history of deployment in both communications and defense applications.

Packet Processing Blades

A broad portfolio of packet processing blades, based on Cavium OCTEON or Intel Xeon processors, ideal for accelerating applications such as packet gateways, 4G wireless gateways, deep packet inspection, and network security.

MaxCore™ Platform
Versatile and Dense Compute & Media Platform

The MaxCore Platform enables you to build an economical and application focused appliance within a short time. Flexibility is achieved through its capability to perfectly balance I/O, compute and compute-associated accelerators within the same box.