Transcript bob
Evolution & Requirements for DPI
in Network Security Infrastructure
Bob Wiest
Director of Technical Services
Bivio Networks
© 2008 Bivio Networks, Inc. All rights reserved.
Specifications subject to change without notice.
Uncompromising Performance, Unmatched Flexibility
What is Deep Packet Inspection (DPI)?
Deep Packet Inspection (DPI) is a form of
filtering that examines (inspects) both the
payload and the header of a packet as it passes
an inspection point.
Packet Header Layers
L2
Ethernet
L3
Internet
Protocol
(IP)
Packet Payload / Application Layers
L4
L5 – L7
Transport
Layer
(TCP/UDP)
Email (SMTP, POP3, IMAP)
Web (HTTP/S)
File Transfer (FTP, Gopher)
Instant Messaging (IM)
Peer-to-Peer (P2P) Applications
Directory Services
Deep Packet
Inspection
©2008 Bivio Networks, Inc. Specifications subject to change without notice.
Page 2
Uncompromising Performance, Unmatched Flexibility
INFRASTRUCTURE
USAGE
Key Network Transformation
The 70s/80s
The 90s
Explosion of the Internet
Specific/Limited use within
the fixed enterprise
Broader expansion within and
beyond the enterprise and to
customers and business partners
21st Century
Network is mission critical to
business success &
survivability
POLICY
CONNECTIVITY
PERFORMANCE
“Dumb Pipes”
“Fast Pipes”
Software-defined
Pipes”
“Smart
• Enterprise: Security, traffic
management, VoIP, acceleration
• Federal: Security, Information
Awareness, Information Assurance
• Carriers: Enhanced services
We Have Evolved to a “Policy-Centric Network”
©2008 Bivio Networks, Inc. Specifications subject to change without notice.
Page 3
Uncompromising Performance, Unmatched Flexibility
A Changing Environment
IT Network:
Past
Current & Future
Security
Perimeter
End-to-end, Perimeter, Internal
Threats
Static
Dynamic, Changing, Adaptive
Performance
Requirements
Low
High
Past
Current & Future
Example
FW, Routing,
Switching, QoS
IDP/IDS, A/V,
Anti-Spam, LI
Configuration
Static
Adaptive & Flexible
Packet Overhead
Fixed
Variable
Performance
Linear
Non-linear
Applications:
©2008 Bivio Networks, Inc. Specifications subject to change without notice.
Page 4
Uncompromising Performance, Unmatched Flexibility
New Class of Network Applications
Dynamic &
Adaptive
Operations
Dynamic
Load
Balancers
Adaptive L4
Traffic
Management
Dynamic Routers
Fixed
Operations
Load
Balancers
• IDS/IPS
• Anti-spam
• Anti-virus
• DDoS protection
• Content/XML Load Balancers
• VoIP security, monitoring, analysis
• WAN/Application optimization
Routers
ACLs, QoS
Firewalls
1st gen. L7
Load
Balancers
Switches
Packet Header
Packet Data
©2008 Bivio Networks, Inc. Specifications subject to change without notice.
Page 5
Uncompromising Performance, Unmatched Flexibility
The Problem Restated
Software now a key component of next generation networks
Fast hardware-defined connectivity layer conflicts with increasingly
complex software-defined policy layer
Addressing collision of computing and networking is essential to
future network infrastructure
Policy-Centric
Infrastructure Products
High Speed LAN/WANs
Routers/Switches
Low Speed LAN/WANs
Software
Software
Bridges
Software
Hardware
Hardware
Hardware
Increased complexity, time to market, costs and risks of policy-centric
product delivery are now directly impacting the ability of companies to
deliver and deploy effective networking products!
©2008 Bivio Networks, Inc. Specifications subject to change without notice.
Page 6
Uncompromising Performance, Unmatched Flexibility
Huge Product / Market Opportunity
DPI is foundation for
generation networking
infrastructure
Market spans multiple
multi-billion dollar
markets
Bivio actively selling into
several of them
–
–
–
–
–
Security
Carrier DPI
Federal
Enterprise vertical markets
Security, Traffic
Management
DPI
Devices
L7
L6
L5
L4
Routers
L3
Switches
L2
L1
©2008 Bivio Networks, Inc. Specifications subject to change without notice.
Page 7
Uncompromising Performance, Unmatched Flexibility
A New Solution is Needed
New threats drive new requirements
– Flexibility and Adaptability: signatures, policies, algorithms,
and configurations
– Performance: no longer optional
• Enforcement requires inline operation
• Scalability of solution inherent to networking
• Low latency essential
– Rapid Time-To-Implement: keep pace with constantly changing
and evolving threats, protocols & services
Deliver scalable performance with standard architecture
Application Integration: Easily integrate L7 applications
©2008 Bivio Networks, Inc. Specifications subject to change without notice.
Page 8
Uncompromising Performance, Unmatched Flexibility
A New Approach:
The Network Appliance Platform
Bring benefits of general purpose computing to high
speed networking without sacrificing performance
Utilize a “systems approach”: provide a complete
software and hardware appliance environment
Linux OS environment leverages wealth of popular L7
open source applications
Operational commonality
©2008 Bivio Networks, Inc. Specifications subject to change without notice.
Page 9
Uncompromising Performance, Unmatched Flexibility
Anatomy of a Network Appliance
Control Plane
Application
Processing
Optimized for flexibility
Non-deterministic performance
Highly variable
Complex operations
Compute/Memory-intensive
“Slow path”
Optimized for throughput, latency
Deterministic performance
Well-defined operations
I/O intensive
“Fast path”
Packet
Processing
Data Plane
©2008 Bivio Networks, Inc. Specifications subject to change without notice.
Page 10
Uncompromising Performance, Unmatched Flexibility
Logical Packet Flow & Architecture
Application Processing Subsystem
Application Processing Subsystem
Hardware Acceleration
– High-performance Linux processors
– Provides fully parallelized &
redundant execution environment
Application
Processor
Fabric Interconnect
High Performance Fabric
Network IF
Programmable
Packet Processor
– High speed communication highway
– Accommodates sustained full wire-speed
data rates
Network IF
Network Processing Subsystem
Network Processing Subsystem
– High performance packet processor
– Provides comprehensive load
balancing & traffic management
– APIs and custom data path applications
©2008 Bivio Networks, Inc. Specifications subject to change without notice.
Page 11
Uncompromising Performance, Unmatched Flexibility
Summary
Emerging network applications, with security as primary
driver, are making software a core component of next
generation networking
This collision of computing and networking requires
re-examination of network infrastructure
A systems based approach, fusing Linux, general
purpose computing and high-speed networking offers
promise to propel networking into new era
Purpose-built architecture enables true wire-rate
packet inspection & processing
©2008 Bivio Networks, Inc. Specifications subject to change without notice.
Page 12
Uncompromising Performance, Unmatched Flexibility
Bivio Networks Company Snapshot
Company
Facts
Founded in 2000
Headquartered in San Francisco Bay area
Growing customer list, revenue & momentum
Our
Products
Network appliance platforms: Bivio 7000 Series and Bivio 2000 Series
Markets
Served
Enterprises, federal government, carriers & network service providers
Our
Customers
Network equipment manufacturers, application developers, and strategic
direct enterprises including federal government requiring deep packet
processing-intensive solutions
Business
Model
OEM, strategic direct, channel
Our
Investors
©2008 Bivio Networks, Inc. Specifications subject to change without notice.
Page 13