Under the Hood: AMD G-Series SOC Delivers the Horsepower for Next Generation Firewalls

Guest Post By Jos Schellevis, Chief Technical Officer, Deciso

 

The ever-expanding connectivity of applications brings new security threats that require a different defense than traditional firewalling.

 

The focus of hackers and cybercriminals has shifted from network intrusion attempts to exploiting weaknesses in applications.

 

These application-layer attacks also increasingly make use of encryption to dodge network security defenses.

 

A recent Gartner report titled “Security Leaders Must Address Threats From Rising SSL Traffic” by Jeremy D’Hoinne and Adam Hils, states: “Gartner believes that, in 2017, more than half of the network attacks targeting enterprises will use encrypted traffic to bypass controls, up from less than 5% today.[i]

 

These threats demand more powerful hardware to decrypt and detect intrusion attempts at wire speed. Next generation firewalls not only have the capabilities to detect application-layer attacks but also have sufficient power to accomplish this task at gigabit connection speeds.

 

Any hardware design to accomplish this task thus requires a multicore CPU and fast Ethernet connections without any bottlenecks. Many existing designs have a separate CPU and chipset connected through a marginal interface, not capable of leveraging its full performance over the external – mostly PCIe® – interfacing.

 

To make things worse, some of the network designs we have come across in the past have integrated PCI bridges creating even more bottlenecks. While this may not have been an issue in 10/100Mb solutions, today’s networks increasingly operate at gigabit or even higher wire speeds.

 

The highly integrated AMD G-Series SOC at the heart of Deciso’s Netboard A10 design delivers the required performance, doesn’t suffer from bottlenecks and has low power requirements. The embedded low power design also eliminates high cooling requirements that current high performing server-like designs demand. And, the integrated AESNI engine makes encryption and decryption of VPN traffic much less CPU intensive. While new features of the next generation firewall may consume quite a bit of the available CPU cycles to inspect application-layer traffic, other demanding features such as VPN won’t suffer.

 

Deciso believes that the combination of a great design and AMD G-Series SOC makes the Netboard A10 a solid bases for next generation firewalls.

 

Jos Schellevis is Chief Technology Officer at Deciso B.V, a Dutch security equipment manufacturer. He graduated in workflow management at Rotterdam University of Applied Technology and has over 15 years experience in networking and telecommunications. His postings are his own opinions and may not represent AMD’s positions, strategies or opinions. Links to third-party sites and references to third-party trademarks are provided for convenience and illustrative purposes only. Unless explicitly stated, AMD is not responsible for the contents of such links and no third party endorsement of AMD or any of its products is implied.

 


[i] http://ift.tt/1Ci9Ugu

via AMD Blogs http://ift.tt/1MdNyET

Anuncios

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s