To fulfill the needs of on-demand network security solutions in NFV environment, Lanner and Trend Micro work together to offer flexible, reliable, and high-performance network security solutions for carrier-class NFV designed for CSPs from premise, edge, to core network. This solution includes Lanner’s HybridTCA platform HTCA-6200 and Trend Micro’s Virtual Network Function Suite (VNFS). Trend Micro Virtual Network Function Suite is characterized by innovative deep packet inspection (DPI) technology, aiming to provide various network security functions, including intrusion prevention, URL filtering, and application control, and has been widely adopted in a variety of network security products, from home routers to enterprise-facing next-generation firewalls and intrusion prevention systems .
Carrier-grade NFV Infrastructure
To ensure carrier-grade up-time and the high levels of reliability mandated by telecom networks, Lanner’s NFV-ready platforms have undergone a comprehensive testing and validation process with the Wind River Titanium Server NFV infrastructure (NFVI) software solution. The validation process was conducted as part of the Wind River Titanium Cloud ecosystem program dedicated to accelerate the time-to-deployment of carrier-grade NFV solutions. Available as a NFV-ready platform, Lanner’s NEBS compliant, and modular-design HTCA-6000 series feature multiple CPU blades, swappable network I/O blades, high-speed switching capability and full redundant design.
Trend Micro Virtual Network Function Suite
Trend Micro Virtual Network Function Suite comprises two types of components: Virtual Network Function (VNF) and Element Management System (EMS). The VNF scans network traffic and performs desired inspection functions, such as intrusion detection and prevention, URL filtering, and application and device identifications. The EMS manages logs, updates, and policy configurations of multiple VNFs and integrates with the management and orchestration (MANO) systems to manage VNF life cycle.
Virtual Intrusion Prevention System (vIPS)
The vIPS is a VNF that scans incoming and outgoing packets in order to discover malicious exploit attacks in real time. The scanning checks only necessary parts of a network connection according to the signature rules to maximize packet-processing throughput, allowing for the examination of a large set of known exploits and malicious attacks in the shortest possible time.
Virtual Deep Packet Inspector (vDPI)
The vDPI is a VNF that identifies over 2,100 network applications, including instant messaging, peer-to-peer, games, media streaming, and VPN software, and more than 3,800 device types, such as PCs, smart phones, tablets, and smart home devices, by examining packet signatures.
Virtual URL Filter (vURLF)
The vURLF is a VNF that identifies and blocks malicious or unwanted content from the Internet by using global threat intelligence from the Smart Protection Network. Every day it analyzes more than 15 terabytes of web data to discover potential threat content and classify web sites into more than 80 categories.
Element Management System (EMS)
The EMS serves as the central manager in the Trend Micro Virtual Network Function Suite and manages logs, updates, configurations, and life cycle of one or more VNF instances. The EMS collaborates with MANO to exchange system information, such as VNF health status or workload, and scale out or scale in the system if necessary.
Advantages
High Throughputs
Lanner and Trend Micro’s NFV network security solution offers unified DPI engine that checks network packets and performs select functions, such as intrusion prevention, application controls, or URL filtering, in one single scan, eliminating the performance impact introduced by checking the same network packets in repetitive cycles with multiple engines. In addition, it leverages Intel® Data Plane Development Kit (DPDK), a program library designed specifically for packet processing, to achieve maximum throughput.
(For UDP test, the test rig generates up to 40 Gbps UDP traffic.) Source: Trend Micro
Scalability and Availability
The ability to scale on demand is one of the most important capabilities that NFV offers. When traffic volume becomes larger and causes high resource utilization, such as high CPU usage or large number of network sessions, Lanner and Trend Micro’s NFV network security solution collaborates with MANO and provides new VNF instances to provide larger processing capability. When the workload becomes smaller, some working VNF instances can be terminated to release infrastructure resources to other functions. When any VNF instance become abnormal, the solution’s scalable capability can also be applied and create new VNF instances to substitute the abnormal ones, and keep service availability and continuity.
Source: Trend Micro
HTCA-6200
High Availability Chassis 2U Telecom Network Appliance with 2 x86 CPU Blades and 2 I/O Blades
| CPU | Intel® Xeon® processor E5-2600 v3/v4 Series |
| Chipset | Intel C612 Chipset |
Read more
