DPI 和安全解决方案

可实现可扩展性和一流密度的最新一代网络安全平台

可实现可扩展性和一流密度的最新一代网络安全平台

雅特生科技实现了深度数据包检测和安全应用程序的可扩展性和高密度。通过将硬件刀片(兼具英特尔和数据包处理资源)与平台相结合,同时搭载 ISV 合作伙伴应用程序启动型软件,雅特生科技推出了众多高效且灵活的平台,适用于 LTE 安全网关、防火墙、策略执行、合法侦听、针对性广告、流量整形/监测以及 QoE 等各类应用程序。雅特生科技的解决方案包括 ATCA 和基于 MaxCore 的架构,均进行了调整,能够满足各类应用程序的不同需求,并符合各种独特组合所能实现的可扩展性。

安全网关系统

雅特生科技 LTE 安全网关 (LTE/SEG) 可提供高吞吐量防火墙和 IPSec 终止功能,从而通过无线电接入网络保护数据。在运营商级的刀片服务器架构中,LTE/SEG 为增强版数据包内核的安全连接提供了可拓展的解决方案。LTE/SEG 采用复杂的负载均衡器,以确保流量能够均衡地配送给一切可用的计算功能。

Malicious traffic is filtered out by the enhanced firewall function

User data is encrypted in IPSec tunnels for transport over radio access network

The switch I/O and x86 server blades are connected over a high bandwidth dual star fabric backplane, with 4 x 40Gb/s connections to each server blade

De-tunneled and decrypted data is passed to the EPC functions for further processing, with user data being routed into the mobile core ‘cloud’

Firewall, packet routing and IPSec termination are performed in each x86 server blade. High availability is achieved through both hardware and application level redundancy. If a blade fails, traffic and processing is switched over to a standby bade within the system

Packets arrive at the LTE/SEG I/O interface and are load-balanced amongst a number of x86 server blades running the security functions

The load balancer ensures that traffic is distributed evenly amongst the x86 blades, as well as ensuring that packets from the same flow are always directed at the same processing blade

  • Data traffic from a mobile device enters the SEG via a switch card
  • Equal cost multi-path load balancing within the switch examines packet contents and load balances amongst a number of x86 server blades running the security gateway (SEG) function
  • The SEG provides the following services
    • All traffic for a single session will be serviced by the same SEG instance
    • A firewall function detects and blocks unauthorized traffic, based on network rules and policies
    • IPSec termination is performed by the SEG, forming a secure, encrypted tunnel for the user device
  • User and control data (extracted from the IPSec tunnel) is passed into the mobile core ‘cloud’

Products

Centellis ATCA 系统平台

集成应用就绪平台,不仅拥有最佳功率和散热性能、丰富的刀片生态系统和软件,还拥有预认证的 NEBS 配置,能够节省成本和缩短上市周期。

数据包处理刀片

范围广泛的数据包处理刀片产品组合,基于 Cavium OCTEON 或英特尔 Xeon 处理器,是数据包网关、4G 无线网关、深度数据包检测和网络安全等加速应用的理想选择。

MaxCore™ 平台
功能齐备且高密度的计算和媒体平台

MaxCore 平台助您在短时间内打造一个注重经济效益和应用的设备。它能够在同一机箱内实现 I/O、计算和计算相关加速器的完美均衡,因而极具灵活性。

Corporate website design by Freshleaf Media