Chip vendor spins multi-core networking security stack
Jun 15, 2009 — by Eric Brown — from the LinuxDevices Archive — 1 viewsFreescale Semiconductor announced the availability of Linux-ready embedded software that provides security and networking functionality tailored for its multi-core, PowerPC-based QorIQ and PowerQUICC system-on-chips (SoCs). The “production-ready, application-level” Vortiqa software provides a base platform for developing firewall, IPSec-VPN, IPS, anti-virus, and anti-spam software, says the… company.
Initially offered in four versions, for service provider, enterprise, small business, and SOHO/residential environments, respectively, Vortiqa has received support from vendors of security and networking software that will customize and build upon the platform. Vortiqa is also supported by some development software vendors, including MontaVista and Green Hills Software. Third-party software and services can be delivered either independently of, or integrated with, Vortiqa, says Freescale.
MontaVista, which is supporting Vortiqa with its MontaVista Linux, noted that the combined platform should help ease the challenge of transitioning Linux-based security applications to multi-core. Freescale puts it more dramatically, saying that the challenge faced by security application developers grappling with complex multi-core architectures is “threatening to slow industry adoption of embedded multi-core technology.”
Vortiqa is specifically optimized for multi-core versions of Freescale's PowerPC-based networking processors, leveraging the performance, energy-efficiency, and security-specific benefits of the SoCs, says the company. In particular it reduces time spent on testing and optimizing application software for multi-core by providing “fully integrated, architecturally compatible application software,” tailored for the SoCs, says the company. Vortiqa is said to be based on technology and talent obtained in Freescale's October 2008 acquisition of networking and security software vendor Intoto, which sells “SecureEveryPort” UTM (Unified Threat Management) and gateway software.
QorIQ support
Vortiqa supports multi-core versions of Freescale's PowerQUICC II Pro and PowerQUICC III SoCs, as well as its newer QorIQ platform. (MontaVista supports both of these PowerPC-based platforms with Market Specific Distributions (MSDs) in its latest MontaVista Linux 6.) Announced last June with support from both MontaVista and rival Wind River — soon to be acquired by Intel — the 45nm-fabricated QorIQ SoCs are equipped with one to eight e500 cores clocked from 400MHz to 1.5GHz, with claimed power draw of between four and 30 Watts.
Vortiqa leverages the QorIQ's pattern matching engine, security accelerator, datapath acceleration, and other features, says Freescale. Vortiqa is also touted for eliminating time spent on application-optimal mapping of functionality and core assignments for asymmetric multi-processing (AMP), symmetric multi-processing (SMP), and hybrid AMP+SMP configurations.
Vortiqa enterprise networking version architecture
(Click to enlarge)
All four of the initial Vortiqa versions offer varying levels of stateful packet inspection (SPI) firewall and Network Address Translation (NAT) functionality, and offer varying degrees of support for IPSec virtual private networks (VPNs), says Freescale. They also offer different levels of Quality of service (QoS) and traffic management features, as well as networking configuration and management interfaces. In addition, the higher end versions are said to provide virus and spam protection, intrusion prevention, and other advanced features.
Four product lines
Freescale's first four Vortiqa product lines include:
- Vortiqa for service provider equipment — This high-end version is said to target routers and switches, metro carrier edge routers, UTM devices, and IMS controllers. The service provider release “leverages hybrid software architecture and delivers high performance in both throughput and session processing for data plane applications,” says Freescale. While adding features not available in other versions, including a virtual security gateway, it lacks the enterprise version's High Availability (HA) support and anti-virus/anti-spam protection.
- Vortiqa for enterprise network equipment — Offering spam and virus protection, as well as HA support, the enterprise version is based on an SMP architecture (see architecture diagram above). Like the service provider version, but unlike the SMB/SOHO versions, it offers an intrusion prevention system (IPS) and deep packet inspection. Example applications are said to include SSL and IPSec firewalls, UTM devices, and converged media gateways and access gateways. The enterprise version can provide up to 10x VPN performance in security-enabled network equipment compared to non-optimized solutions, claims the company.
- Vortiqa for small business gateways — This release supports either AMP or SMP, and is performance-tuned for specific PowerQUICC silicon, says Freescale. Applications are said to include branch office routers and multi-service business gateways.
- Vortiqa for SOHO/residential gateways — Like the small business version, the SOHO release lacks spam and virus protection or HA capability. However, it adds capabilities specifically designed for provisioning by service providers. Example applications include broadband routers and digital home gateways (see diagram below).
Vortiqa SOHO version architecture
(Click to enlarge)
Freescale ecosystem partners that are said to support Vortiqa include:
- Hardware and JDM/ODM partners for turnkey manufacturing, fulfillment, and pre-build hardware manufacturing, including Advantech and Flextronics
- OS, tools, and development solutions partners, offering development tools, OS platforms, and board support packages (BSPs), including Green Hills Software (Integrity separation kernel and real-time OS), MontaVista, and Virtutech (Linux-compatible Simics simulation models)
- Independent software vendors (ISVs) providing software, stacks, and related services in specific vertical segments, including offerings from 6WIND, Dimark Technologies, D2 Technologies, Mocana, and Synology America.
- Systems integrators, offering product development, integration, and professional services, including Aricent, GDA Technologies, and Patni Computer Systems
Lisa Su |
Stated Lisa Su (right), SVP and GM, Freescale's Networking & Multimedia Group, “VortiQa products offer our customers distinct competitive advantages by unlocking the vast potential of today's highly advanced embedded multicore processors.”
Stated Joerg Bertholdt, VP of Marketing at MontaVista, “VortiQa software is an impressive addition to Freescale's lineup of software for QorIQ and PowerQUICC processors. With VortiQa software running on MontaVista Linux, along with our new software development tools, developers can now deliver high-performance security applications in shorter time, leveraging the full power of the hardware and Linux.”
Availability
Vortiqa is available now on QorIQ, PowerQUICC II Pro, and PowerQUICC III communications platforms, under commercial license, says Freescale. More information may be found here.
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.