Bivio 7000 Series Network Appliance Platforms



Similar documents
Deliver More Applications for More Users

Virtualized Security: The Next Generation of Consolidation

Advanced Core Operating System (ACOS): Experience the Performance

Check Point taps the power of virtualization to simplify security for private clouds

Intel Network Builders: Lanner and Intel Building the Best Network Security Platforms

COMPUTING. Centellis Virtualization Platform An open hardware and software platform for implementing virtualized applications

AppDirector Load balancing IBM Websphere and AppXcel

Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic

APPLICATION NOTE. Alcatel-Lucent Virtualized Service Router - Route Reflector. Creating a new benchmark for performance and scalability

The On-Demand Application Delivery Controller

Simplify Data Management and Reduce Storage Costs with File Virtualization

Increase Simplicity and Improve Reliability with VPLS on the MX Series Routers

REMOVING THE BARRIERS FOR DATA CENTRE AUTOMATION

- Introduction to PIX/ASA Firewalls -

Radware s Attack Mitigation Solution On-line Business Protection

Cisco ACE 4710 Application Control Engine

Radware s AppDirector and Microsoft Windows Terminal Services 2008 Integration Guide

Accelerating UTM with Specialized Hardware WHITE PAPER

Cisco Integrated Services Routers Performance Overview

Sun CoolThreads Servers and Zeus Technology Next-generation load balancing and application traffic management

I/O Virtualization Using Mellanox InfiniBand And Channel I/O Virtualization (CIOV) Technology

NetScaler VPX FAQ. Table of Contents

Pentaho High-Performance Big Data Reference Configurations using Cisco Unified Computing System

Achieving Low-Latency Security

The Cisco ASA 5500 as a Superior Firewall Solution

Getting More Performance and Efficiency in the Application Delivery Network

Sophos SG Series Appliances

WAN Optimization Integrated with Cisco Branch Office Routers Improves Application Performance and Lowers TCO

PCI Express Overview. And, by the way, they need to do it in less time.

Definition of a White Box. Benefits of White Boxes

A Platform Built for Server Virtualization: Cisco Unified Computing System

Open Source in Government: Delivering Network Security, Flexibility and Interoperability

Open Source Software for Cyber Operations:

Accelerating High-Speed Networking with Intel I/O Acceleration Technology

Fail-Safe IPS Integration with Bypass Technology

WAN Optimization. Riverbed Steelhead Appliances

VM-Series for VMware. PALO ALTO NETWORKS: VM-Series for VMware

White Paper A10 Thunder and AX Series Application Delivery Controllers and the A10 Advantage

Unified Computing Systems

Solution Brief Network Design Considerations to Enable the Benefits of Flash Storage

Auspex Support for Cisco Fast EtherChannel TM

Stateful Inspection Technology

Consolidating Multiple Network Appliances

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

IBM Storwize Rapid Application Storage solutions

Juniper ERX Equipment For SALE

Cut Network Security Cost in Half Using the Intel EP80579 Integrated Processor for entry-to mid-level VPN

The Benefit of Migrating from 4Gb to 8Gb Fibre Channel

Intel DPDK Boosts Server Appliance Performance White Paper

TCP Offload Engines. As network interconnect speeds advance to Gigabit. Introduction to

QRadar Security Intelligence Platform Appliances

How To Use The Cisco Wide Area Application Services (Waas) Network Module

How to Build a Massively Scalable Next-Generation Firewall

Brocade Solution for EMC VSPEX Server Virtualization

VMWARE WHITE PAPER 1

High Availability Solutions & Technology for NetScreen s Security Systems

Boosting Data Transfer with TCP Offload Engine Technology

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

SSL ACCELERATION DEPLOYMENT STRATEGIES FOR ENTERPRISE SECURITY

FWSM introduction Intro 5/1

A10 Networks IPv6 Overview. November 2011

Network Virtualization and Data Center Networks Data Center Virtualization - Basics. Qin Yin Fall Semester 2013

Boost Database Performance with the Cisco UCS Storage Accelerator

The Advantages of Multi-Port Network Adapters in an SWsoft Virtual Environment

The Application Front End Understanding Next-Generation Load Balancing Appliances

ADVANCED NETWORK CONFIGURATION GUIDE

5 Key Reasons to Migrate from Cisco ACE to F5 BIG-IP

Cisco WAAS Express. Product Overview. Cisco WAAS Express Benefits. The Cisco WAAS Express Advantage

Windows TCP Chimney: Network Protocol Offload for Optimal Application Scalability and Manageability

WANic 800 & or 2 HSSI ports Up to 52 Mbps/port. WANic 850 & or 2 T3 or E3 ports Full-speed CSU/DSU. WANic 880.

Intelligent Data Access Networking TM

Hardware RAID vs. Software RAID: Which Implementation is Best for my Application?

Vyatta Network OS for Network Virtualization

QLogic 16Gb Gen 5 Fibre Channel in IBM System x Deployments

Embedded Virtualization & Cyber Security for Industrial Automation HyperSecured PC-based Control and Operation

VCStack - Powerful Simplicity. Network Virtualization for Today's Business

Frequently Asked Questions

Cisco, Citrix, Microsoft, and NetApp Deliver Simplified High-Performance Infrastructure for Virtual Desktops

Bricata Next Generation Intrusion Prevention System A New, Evolved Breed of Threat Mitigation

TÓPICOS AVANÇADOS EM REDES ADVANCED TOPICS IN NETWORKS

SOLUTION GUIDE. Radware & CyberGuard Complete Security Solutions offering Load Balancing, High Availability and Bandwidth Management.

APV9650. Application Delivery Controller

Allied Telesis provide virtual customer networks

Avaya P333R-LB. Load Balancing Stackable Switch. Load Balancing Application Guide

Intrusion Prevention System

Cisco IPS 4200 Series Sensors

Whitepaper. Implementing High-Throughput and Low-Latency 10 Gb Ethernet for Virtualized Data Centers

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

Integration Guide. EMC Data Domain and Silver Peak VXOA Integration Guide

Server Consolidation and Remote Disaster Recovery: The Path to Lower TCO and Higher Reliability

Application Delivery Testing at 100Gbps and Beyond

Accelerating the Data Plane With the TILE-Mx Manycore Processor

The virtualization of SAP environments to accommodate standardization and easier management is gaining momentum in data centers.

APV x600 Series. Application Delivery Controller APV1600, APV2600, APV4600, APV5600, APV6600, APV8600, APV9600

OKTOBER 2010 CONSOLIDATING MULTIPLE NETWORK APPLIANCES

SILVER PEAK ACCELERATION WITH EMC VSPEX PRIVATE CLOUD WITH RECOVERPOINT FOR VMWARE VSPHERE

Transcription:

W H I T E P A P E R Bivio 7000 Series Network Appliance Platforms Uncompromising performance. Unmatched flexibility. Uncompromising performance. Unmatched flexibility.

The Bivio 7000 Series Programmable Network Appliance Today s networking applications require specialized network appliances to keep pace with mutligigabit and 10 Gigabit line rates while allowing real-time deep packet processing by the application layer and consolidation of multiple applications on the same system. Neither general-purpose server platforms nor specialized ASIC-based systems provide the performance and flexibility to be the foundation of a scalable, adaptable, and modular hardware platform that provides customers superior cost-performance, investment protection, and flexible upgrade paths. The Bivio 7000 Series of programmable network appliance platforms master these challenges through their unique hardware architecture, Linux-based operating system, open APIs, and system integration support which will quickly catapult the performance of a networking application to the top of the competition without spending the costly development cycles associated with custom ASIC or network processor development. Figure 1: Bivio Network Appliance Platforms fuse flexible computing with highspeed networking. Fast but not flexible Hardware Based (ASICs) Bivio Control CPU Bivio API Flexible but not fast Software Based (Server Appliance) Packet Processing Control Packet Processing Control NPU Packet Processing CPU Uncompromising flexibility and performance By porting their networking applications to the Bivio platform, network equipment manufacturers, independent software vendors, service providers and system integrators can deliver Market-leading Performance Unmatched Scalability Platform Continuity Broad and Flexible Product Portfolio all in a compact network appliance form factor. Architecture Overview The Bivio 7000 Series of Network Appliance Platforms is a family of compact, extremely high-performance, and fully programmable network appliances that combine a unique packet processing hardware architecture with a software platform that includes a standard Linux-based execution environment and a comprehensive set of networking features. Designed specifically to provide wire speed deep packet processing, the Bivio 7000 Series architecture fuses Network Processing components with Application Processing CPUs to deliver uncompromising performance and unmatched flexibility. The platform family includes two main product groups that provide performance optimized features to deliver true line rate packet processing from 3 Gbps through 10 Gbps throughput. The major hardware features of the platform include a multi-threaded network packet processor, multiple dual-core application processors, high-capacity Network Interface Modules (NIMs), and a high-performance communication fabric that accommodates full wire-speed data rates between processors. The fabric interconnect also implements a unique stacking technology, which enables linear scaling of application processing power, throughput, and I/O ports via additional processing 1

blades and modules that are housed in the appropriate number of 2 RU chassis. This innovative scaling technology also allows internal failover communication for redundant configurations. The result is a power-packed network appliance in a compact 2 RU base unit with the ability to tailor the computational and network resources to the application profile. System developers can configure their product with 1 to 30 multi-core Application CPUs depending on the application needs. The flexibility of the platform to scale in multiple dimensions allows for optimum matching of various system resources for the desired performance. Furthermore, should application performance requirements grow in the future, the platform enables cost-efficient incremental addition of system resources to relieve any developing bottlenecks without replacing the entire device. Hardware Acceleration Figure 2. Bivio Network Appliance Architecture. Application Processor Application Processing Subsystem High Performance Fabric (40 Gb/s) Network IF Programmable Packet Processor Network IF Network Processing Subsystem In side-by-side performance tests with industry-leading firewall and IDP/IDS applications, the Bivio platform outperformed rack-optimized server appliances by a factor of 10X at 64-byte packets and 3X for large packets. The Bivio 7000 Series of network appliance platforms achieves its breakthrough performance and flexibility by combining a Linux-based environment with three key architectural design elements: 1. High computational power with extensive scalability 2. Strict architectural separation of network and application processing 3. Hardware acceleration Each of these architectural principles will be explored in further detail in the following sections. Computational Power and Scalability The Bivio 7000 Series of programmable network appliances is a family of multi-processor platforms offering the highest processing power in the industry, delivering up to 45,000 MIPS in a standard 2U rack-mount chassis. This high computational power enables an appliance solution for 10 Gigabit processing at wire-speed of any IP network service such as IDS/IDP, firewall, VPN, network surveillance and lawful intercept, application traffic management, as well as many other real-time applications in the network. In other words, the platform can execute off-the-shelf Linux applications at 10 Gbps line rates, eliminating the historic performance advantage that ASIC-based networking products had over computing platforms. Each Application Processing or CPU Subsystem is a completely independent system, allowing adaptable internal load sharing of application processing and optimized redundancy and fail-over mechanisms. The Bivio 7000 processors consist of two cores each with 1 GB standard memory per core (expandable to 2 GB per core) for applications and packet buffering. 2

Cores can be run independently in asymmetric multi-processing (ASMP) or symmetric multi-processing (SMP) mode. For IPSec VPNs, SSL Acceleration, RegEx content processing and other well-defined computational tasks, a hardware acceleration module can be added to any core through the use of a PCI Express-based expansion module. In a unique approach to scalability, Bivio s stacking technology enables application processing to scale linearly with the number of application processors in a stacked system, providing network application developers with the flexibility of tailoring their product to the desired price/performance targets and allowing end-customers to grow incrementally with increasing traffic demands while preserving their initial investment in the system. In contrast to a cluster of independent appliances, the stacked Bivio system configuration is accessed as a single addressable system with one IP address. Separate Network and Application Processing The second architectural principle the Bivio 7000 Series platforms follow is to separate applicationlevel processing from network layer processing. At the heart of the Network Processor Card (NPC) is a high-speed, programmable multi-threaded packet processor that combines the performance of an ASIC with the programmability of a general-purpose server. Bivio s patent-pending technology incorporates Application Programming Interfaces (APIs) that transform Linux software commands into hardware packet manipulation instructions at 10 Gigabit speeds. Applications can leverage performance-enhancing functions of the packet processor such as fast path acceleration or blocking of packets at the network layer through an API that is easy to incorporate. The de-coupling of the network layer processing and application processing also improves the resiliency of the system by adding an extra layer of protection against DoS/DDoS attacks. The network processing subsystem on the NPC provides important features in the platform including dynamic traffic load balancing to the application processing subsystems, real-time programmability of per-flow behavior through the API, dynamic programming based on service type, different traffic modes, scaling of network processing resources, and flexible physical network connections. In addition, the NPC hosts up to two application processing sub-systems, implements system management functionality through a separate management CPU, and also accommodates dual hot swap SAS or SATA hard drives with RAID-1 redundancy for additional application storage, network statistics, and system logging. Hardware Acceleration Bivio provides a selection of accelerator module designs to offload a number of computeintensive and repetitive tasks from the application processors in the network appliance platform. These tasks include: IPSec SSL XML Regular Expressions (RegEx) Compression / Decompression Character Conversion Each CPU subsystem in the network appliance operates independently of the others, allowing the network services developer to assign different applications to different CPU subsystems and only populate accelerator cards with the CPU subsystems that require offload functionality. 3

In addition to standard hardware encryption and content acceleration modules that offload encryption tasks and content acceleration functions from the application CPUs, Bivio s hardware acceleration options also extend to the programmable packet processor, which provides programmable acceleration of payload traffic that can be controlled by the host application through the Bivio API. For example, an application might identify the service and session of a flow based on the first packet. Next, the application rules are cached and instructions dynamically programmed into the forwarding layer so that all remaining packets in the stream are forwarded in the network layer without consuming further application processing resources or incurring additional latencies. BiviOS and Application Integration At the foundation of the Bivio platform is a standard Linux execution environment that allows any Linux-based networking application to run on the appliance with little porting effort. The Bivio software environment is called BiviOS and includes a comprehensive set of networking and management features in addition to the Linux kernel and common APIs. By basing the Bivio network appliance on a standard, pre-ported Linux distribution with full API compatibility, the software developer can quickly and easily run their application within hours of unpacking the device. BiviOS is transparent to the programmer but immediately allows applications to take full advantage of the performance, flexibility, and scalability inherent in the Bivio platform. BiviOS also supports a rich set of software infrastructure components that allow developers to quickly realize advanced capabilities of the Bivio network appliance. These components provide a variety of critical services including robust traffic management, load distribution across multiple Application Processing Subsystems, support for hosting multiple applications, high availability and value-added functionality. Bivio Application Programming Interfaces (APIs) enable further customization and optimization of the Bivio architecture to the specific application requirements The installed BiviOS consists of a collection of individual RPMs. RPMs may be added or removed from the system at any time during the operational life of the BiviOS. Customer- and applicationspecific RPMs would be added to the Bivio RPMs to generate the complete software image of a specific product. All software must be compiled for the Linux PowerPC architecture. Software applications can either be compiled directly on any Bivio 7000 Series or Bivio 2000 Series platform or on a separate PowerPC based computing platform. Bivio also makes development builds of its OEM Software Bundle available to OEM partners. Traffic Management and Bivio APIs All Bivio 7000 Series platforms can be configured to support either of two traffic modes: transparent mode or mixed mode. Transparent mode supports traditional inline or sniff behavior, as all network interfaces are configured with no IP address and the platform appears invisible, or like a wire, to the network devices on either side. Mixed mode allows configurations to be used where some interfaces are in transparent mode, and some (or even all) interfaces are in gateway or routed mode. In gateway mode packets must be routed through the platform as if it was a router, and each interface is on a different subnet, has a unique IP address, and is independently addressable from outside the appliance. 4

Policy-Based Load Distribution Traffic distribution in the Bivio network appliance is based on innovative load balancing algorithms that are managed by Configurable Inspection Groups (CIG). CIG is the foundation for expanding the platform into multiple virtual systems and consolidating complimentary applications on a single network appliance. The basic function of CIG is to bind specific interfaces to classification policies and distribute incoming traffic to the assigned computational resources according to the classification. In the example diagram, IP traffic is classified into two groups which are then load balanced among a dedicated Inspection Group, or group of Application Processors. Different applications or configurations can be run on different Inspection Groups, allowing complete flexibility in applying the platform s resources to different tasks. Figure 3. Implementation Example for Bivio Configurable Inspection Groups Traffic Sets Inspection Group 1 CPU-1 Input Action: Load GigE #1 Balance CPU-3 Classification: IP Inspection Group 2 GigE #n Action: Load Balance CPU-4 CPU-10 The default operation of the Bivio network appliance is to load balance all traffic from the network interfaces across all Application Processors. Although this configuration is sufficient for many inline and transparent network applications, the Bivio platform can be easily configured to support advanced network operations in multiple traffic modes. Inline Tap Mode: In this mode, the platform operates as a transparent inline device while packets are being copied from the wire to the application. Therefore, packets can be sniffed at wire speed and without the need for mirror-ports on a switch. Parallel-Processing with Packet Copy: Sometimes, different applications need to inspect the same packet, but would normally experience resource contention when running on the same processor or shared memory. The Bivio platform avoids these resource contentions by copying packets in hardware to parallel applications without sacrificing throughput or latency. The scalable processing architecture ensures sufficient resources for each application even at full line rate processing. Network-Layer CPU-Offload: In this mode the Application decides which flows to process at the Application Layer and which ones to offload to the programmable Network Layer. This functionality significantly increases the effective capacity of the device. For latency sensitive traffic like VoIP and multimedia, applications can tap into control flows while data flows get forwarded on an accelerated inline path through the network layer, thereby keeping data path latencies at an absolute minimum. Bivio APIs Bivio APIs enable system developers to utilize several advanced capabilities of the Bivio architecture as well as offer unique value-added capabilities for custom product differentiation. Bivio APIs include advanced capabilities for traffic modes, system scaling, management and high availability functions on the Bivio network appliance. 5

Device Management The Bivio platform supports a command line interface (CLI) as well as a web-based graphical user interface (GUI). The Bivio CLI provides auto-completion, tab completion and context-sensitive help. The Bivio GUI is an easy-to-navigate web-based interface that includes various system monitor and inventory monitor views. Configuration and management of the network appliance platform is typically a combination of calling Bivio-specific CLI commands and application-specific configuration such as policies, users, etc. The Bivio Configuration API can be used to call CLI commands from within a third-party application. High Availability The Bivio 7000 Series Network Appliance Platforms provide numerous HA system features that eliminate any single points of failure to deliver non-stop mission-critical services. Standard system HA features include dual redundant hot-swap power supplies, dual redundant hot-swap hard drives with RAID-1, internal redundancy of Application Processors with failure-adaptive load balancing, software- and hardware-based failopen (bypass) network interfaces, and Denial of Service (DoS) attack protection. Additional HA capabilities are also supported including external system redundancy configurations, and an independent management processor with an isolated control network and management port. The Bivio architecture ensures sufficient resources for each application even at full line rate processing. Bivio 7000 Series Overview The Bivio 7000 Series platform family includes two main product groups, the Bivio 7100 and Bivio 7500. All platforms employ a common system architecture that is optimized by model for a range of performance tiers. The major hardware features include a multi-threaded network processor, multiple dual-core application processors, high-capacity Network Interface Modules (NIMs), and a high-performance communication fabric that accommodates full wire-speed data rates between processors. The table below provides a feature comparison of the Bivio 7000 Series Network Appliance Platforms. Platform Features Bivio 7120 Bivio 7130 Bivio 7510 Bivio 7560 System Performance 3 Gbps 5 Gbps 5 Gbps 10 Gbps Scalable Processing Capability No No Yes Yes Network Interface Modules (Any 2 per system) 12x GE Copper 6x GE Fiber 12x GE Copper 6x GE Fiber 12x GE Copper 6x GE Fiber 2x 10GE Fiber 4x 10GE Fiber 12x GE Copper 6x GE Fiber 2x 10GE Fiber 4x 10GE Fiber Storage Technology Hot Swap, SATA Hot Swap, SATA Hot Swap, SAS Hot Swap, SAS Redundant Power Supplies Yes, AC Yes, AC Yes, AC, DC Yes, AC, DC Summary The Bivio 7000 Series of 10 Gigabit Programmable Network Appliance Platforms enable customers to achieve disruptive improvements in deep packet processing performance, scaling, reliability and deterministic traffic management capabilities that network equipment manufacturers, inde-pendent software developers, service providers, enterprises, and federal agencies demand in their emerging networking infrastructure. Network Equipment Manufacturers, Integrated System Vendors and Federal GOTS/COTS Systems Integrators are now enabled to rapidly develop innovative, market-leading networking solutions, speeding time-to-market and time-to-solution with minimal integration effort. 6

About Bivio Networks Bivio Networks has developed a family of industry leading, deep packet inspection and processing platforms that combine unparalleled scaling of network performance, processing power, and application agility. Bivio s network appliance platforms feature a groundbreaking architecture specifically optimized for wirespeed execution of emerging network services that increasingly demand deep packet processing combined with high network throughput. Based on open industry standards, Bivio Networks fuses unmatched flexibility with uncompromising performance to enable its customers to overcome existing bottlenecks and deliver the foundation of the next-generation network infrastructure. Bivio Networks, Inc. 4457 Willow Road, Suite 200 Pleasanton, California 94588 Phone: 925-924-8600 Fax: 925-924-8650 www.bivio.net 2007 Bivio Networks, Inc. All rights reserved. The Bivio logo, BiviOS, Bivio 7000 Series, Bivio 7100, and Bivio 7500 are trademarks or registered trademarks of Bivio Networks, Inc. All other company and product names may be trademarks of their respective owners. Bivio Networks may make changes to specifications and product descriptions at any time, without notice. Uncompromising performance. Unmatched flexibility.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information