-
TMFreescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
FTF-NET-F0788
Freescale’s UTM Security Appliance Solutions
June, 2010
Karthik EthirajanNMG Software Products Division
-
TM
2Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
Agenda
► UTM Market
► UTM Security Appliance Solutions
► Summary
-
TM
3Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
System Integration (Customer and/or SI partner)
UTMAppliance
COTS or Custom H/W (QorIQ Processors)
What is an UTM Appliance?
3rd PartyLinux OS
SMP
Power Architecture™Core
D-Cache I-Cache
L2 Cache
Network Protocols
Firewall
IPSec VPN
IPS
Functions from FSL Functions from Ecosystem
Partner/CustomerDiagram Key:
Power Architecture™Core
D-Cache I-Cache
L2 Cache
Anti-x
-
TM
4Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
MALICIOUSHACKERS
ENTERPRISE NETWORK
Email Server
App Server
Web Server
Confidential Data
EDI Server
Other Internal Users
MARKETING SUBNETMarketing Users
Logging Console
Admin Console
FINANCE SUBNET
Finance Users
VortiQa™Software
Trojan Attack
DoS AttacksAccess
Control Lists
HOMEOFFICE
TELECOMMUTER
Confidential Data
BRANCH OFFICE
Policies for individual security domainsPolicies for Individual
usersPolicies for user groups
•Allow remote access•Allow access to web server•Deny access to
finance server•Deny access to confidential data
Security Domain 1
Security Domain 2
Security Domain 3
Security Domain 4
Internet
UTM-1020
4
MPC8315
UTM
-408
0
UTM-2020
Where is UTM Appliance Deployed?
-
TM
5Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
Security Appliances MarketCY10 $6B TAM, 2.5Mu
Security Appliances
0
500
1,000
1,500
2,000
2,500
3,000
CY05 CY06 CY07 CY08 CY09 CY10 CY11 CY12 CY13 CY14
Units
('00
0s)
$0
$1,000
$2,000
$3,000
$4,000
$5,000
$6,000
$7,000
Reve
nue
($ M
il)
Units Revenue
Region: Worldwide (All), North America, EMEA, Asia Pacific,
CALA
Product Type: Integrated Security Appliances and Software,
Network-Based IDS/IPSProducts
Source: Infonetics
-
TM
6Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc. 6
Freescale QorIQ and VortiQa solutions for: High Growth Security
Appliance Market
Small Enterprise/SME► FW Throughput: 1-2 Gbps► VPN tunnels: 2K►
FW/IPS sessions: 100K► FW policies: 1k; sessions/s:5K► VPN:
500Mbps; Tunnels/sec: 10► Firewall/IPS: 500Mbps – 1Gbps► Anti
Virus: 100 HTTP obj./sec
Datacenter/Carrier► FW throughput: 6 – 10 Gbps► VPN tunnels:
100K► FW/IPS sessions: 1 Million► FW policies: 10k;
sessions/s:100K► VPN: 5-10Gbps; Tunnels/sec: 500► Firewall/IPS: 4-8
Gbps► Anti Virus: 2500 HTTP obj./sec
Mid-/High-end Enterprise► FW throughput: 2-5 Gbps► VPN tunnels:
10K► FW/IPS sessions: 250K► FW policies: 5k; sessions/s:15K► VPN:
1-2 Gbps; Tunnels/sec: 50► Firewall/IPS: 1-2 Gbps► Anti Virus: 500
HTTP obj./sec
Small BusinessSmall Enterprise
Mid-endEnterprise
Datacenter/CarrierInfrastructure
High-endEnterprise
SoC w/Crypto
SoC or Multicore w/Crypto
Multicore w/Crypto and RegEx
Multicore w/ Crypto and RegEx
Notes on Performance / Cost Estimates:• Subject to hardware
configuration; may vary substantially• All performance numbers are
target numbers as estimated to be required for
individual deployments and are estimated with VortiQa software
product; subject to interpretation and detailed analysis
PowerQUICC MPC83xxE processor family PowerQUICC MPC85xxE
processor family
QorIQ P1 and P2 processor family QorIQ P4, P5 processor
family
VortiQa software for enterprise equipment VortiQa software for
service provider equipment
OS and BSP – Linux® OS and BSP – Linux and/or LWE
-
TM
7Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
QorIQ P4PRODUCTS:P4080
QorIQ P3PRODUCTSP3041
QorIQ P2PRODUCTS:P2020P2010
QorIQ P1PRODUCTS:P1020P1010P1011
QorIQ P5PRODUCTSP5020P5010
How QorIQ Platforms and VortiQa Products Align
Radio Network Control
Serving Node Router (GSN)
Metro Carrier Edge Router
IMS Controller
Access GatewaySSL, IPSec, Firewall
Converged Media Gateway
Unified ThreatManagement
BasestationWireless MediaGateway
VoIP Carrier-Class Media Gateway
Home MediaHub
NetworkAttached Storage
Integrated Services Router
Service ProviderRouters
NetworkAdmission Control
StorageNetworks
VortiQaSoftware ProductsQorIQ Platforms/Products
-
TM
8Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
UTM Security Appliance Solutions - Focus Markets
► Security appliances► UTM appliances► IPS/IDS appliances►
Content security appliances► Routers (secure and VPN)► Secured
switches► Business gateways
IMS Controller
NetworkAdmission
Control
Service ProviderRouters
Integrated ServicesRouters
Storage Networks
Unified ThreatManagement
SSL, IPsec, Firewall
-
TM
9Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
Agenda
► UTM Market
► UTM Security Appliance Solutions
► Summary
-
TM
10Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
► QorIQ silicon: P4080, P2020, P2010, P1020
► (+) VortiQa software for enterprise equipment
► (+) EcosystempPartners
► SOLUTION OUTCOME:• Cost optimized: UTM appliance portfolio,
from low-
end to high-end, from major ODMs (2-4 Gbps to 20 Gbps)
• Ready to ship: FCC, UL and CE certified• Performance:
performance optimized software
END USER PRODUCT
(OEM Branding + Channel + Support)NETWORKING OEM
HARDWARE ODM/CMQorIQ or MPC silicon based H/W Platform
(PCBA + OS and Board support package)
PRODUCTION READY SECURITY SOFTWARE APPLICATION
(Software Platform + Integration with Freescale Silicon +
Integration testing + Regression testing
+ Certifications, where applicable)VortiQa Software
Security Appliance Program: Value PropositionProduction-ready
BOM and performance optimized fully integrated solutions
-
TM
11Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
UTM Security Appliance Solutions - Portfolio
UTM Appliance
ODM Freescale Processor
Cores Core Frequency
Schedule Features
CAK-1000 Portwell QorIQ™ P2010 1 1 GHz August 2010 Small
enterprise value systems; highest performance with lower power in
its class
CAK-2000 Portwell QorIQ P2020 2 1 GHz/1.2 GHz
August 2010 Mid enterprise, low power systems
NCP Series3120/5260/7560
Advantech & O2 Security
QorIQ P4080 8 1.5 GHz TBD High-end enterprise or service
provider systems
VPX6-187 Curtis Wright
QorIQ P4080 8 1.5 GHz TBD High-end enterprise in Military &
Aerospace
GP3SSA 8555
Silicon Turnkey
MPC8555 PowerQUICC III
1 533 MHz Now Small enterprise
GP3SSA8541
Silicon Turnkey
MPC8541 PowerQUICC® III
2 533 MHz Now Small enterprise
SifoWorksG400/G600
O2 Security MPC8540 PowerQUICC III
1 667 MHz/1 GHz
Now Small to mid enterprise
SifoWorksDU100P
O2 Security MPC8572E PowerQUICC® III
2 1.2 GHz Now Mid-enterprise IPS based deployments
► ODM sample boxes are available now► Schematics and Gerber
files are available for Freescale prototype of UTM-2020
-
TM
12Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
Freescale UTM Appliance PerformanceWinning performance and
system cost
UTM Appliance Firewall IPsec VPN AES32-SHA1IPsec VPN
3DES-SHA1IPS
SW DFA
UTM-8315 (MPC8315, 400 MHz, 1 core)VortiQa software for
SOHO/residential gateway
675 Mbps 175 Mbps 174 Mbps N/A
UTM-8377 (MPC8377, 800 MHz, 1 core)VortiQa software for
SOHO/residential gateway
1.5 Gbps 658 Mbps 616 Mbps N/A
UTM-1011 (P1011, 533 MHz, 1 core)VortiQa software for enterprise
equipment 1.8 Gbps** N/A
++ 493 Mbps** 219 Mbps**
UTM-1020 (P1020, 800 MHz, 2 cores)VortiQa software for
enterprise equipment 2 Gbps** N/A
++ 886 Mbps** 441 Mbps**
UTM-2020 (P2020, 1.2 GHz, 2 cores)VortiQa software for
enterprise equipment 4 Gbps 1.3 Gbps 1.3 Gbps 593 Mbps
UTM-4080 (P4080, 1.5 GHz, 8 cores)VortiQa software service
provider equipment 20 Gbps* 10 Gbps 10 Gbps N/A
Performance numbers are measured or estimated for big packet
size traffic Firewall performance is saturated at line
rate*performance estimates based on cycle-accurate model**estimates
based on P2020 test data++ data not clooected, similar to
3DES-SHA1
Detailed Freescale VortiQa performance papers and live demos
available for customers under NDA
-
TM
13Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
►Freescale prototype design has 5 Gbe ports►Portwell 1U design
has 6 GbE ports►2 pair bypass segments►Up to 4 GB DDR3, 64-bit 32
MB flash►1 mini PCIe slot►2 USB 2.0 ports►
-
TM
14Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
UTM-8377 Appliance~$100 BOM
BOM MPC8377E $28.00 LV Power Supply $5.00 16MB Flash $2.25 DDR2
Socket $1.50 GE Ports $2.65 GE Switch $7.00 Debug (RS232) $0.85
SATA Connector $1.00 Mini PCI $1.43 Misc ICs, LED, R,C,L $8.00 PCB
$6.00 Assembly $7.00
Total PCBA $70.68 2G DDR2 Memory SO-DIMM $20.00 Power Supply
$4.50 Enclosure $4.50
Total $99.68
► BOM Cost is for 25K volume ► BOM does not include SATA Hard
disk
36% CostAdvantage over
x86 basedAppliance x86
Power
-
TM
15Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
Agenda
► UTM Market
► UTM Security Appliance Solutions
► Summary
-
TM
16Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
XyzXyzXyz
Customer Engagement ModelFlexible approach to engage partners
and customers
FREESCALE PARTNER CUSTOMER
1. Joint marketing and sales calls with partners
2. Deliver security appliances for evaluation and initial
product development; customer to use partner for volume
manufacture
3. Deliver silicon and silicon roadmap
4. License of hardware schematics and other details
5. License BSP, OS and other enablement software
6. License VortiQa software as a complete suite or applicable
modules
1. Joint marketing and sales calls with Freescale
2. Deliver security appliances for evaluation and initial
product development
3. Option: COTS hardware delivery and negotiate appropriate
terms with the customer
4. Option: Custom hardware delivery and negotiate appropriate
terms with the customer
5. Modify BSP, OS according to customer requirements, where
applicable
1. Evaluate Freescale silicon
2. Evaluate Freescale VortiQa software
3. Evaluate COTS hardware from partners
4. HW product development: a) COTS hardware from the partner;b)
Custom hardware from the partner; c) Own manufactured hardware
from
other manufacturer
5. SW product development: a) Port existing software porting
to
Freescale silicon;b) License VortiQa software; c) Port other 3rd
party software; d) Port open-source software
-
TM
17Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
► Unlock the potential of multicore processors and built-in
acceleration engines
► Speed time to market with an integrated networking and
security software product line
► Deliver innovative and differentiated services using our
solutions-centric approach
Summary
Customer Solutions = QorIQ and PowerQUICC Processors +
VortiQa Software + Ecosystem products and services
-
TM
18Freescale, the Freescale logo, AltiVec, C-5, CodeTEST,
CodeWarrior, ColdFire, C-Ware, mobileGT, PowerQUICC, StarCore, and
Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S.
Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient
Solutions logo, Flexis, MXC, Platform in a Package, Processor
Expert, QorIQ, QUICC Engine, SMARTMOS, TurboLinkand VortiQa are
trademarks of Freescale Semiconductor, Inc. All other product or
service names are the property of their respective owners. © 2010
Freescale Semiconductor, Inc.
For More Information
http://www.freescale.com/VortiQahttp://www.freescale.com/UTM
-
TM
Freescale’s UTM Security Appliance SolutionsAgendaWhat is an UTM
Appliance?Security Appliances Market� CY10 $6B TAM, 2.5MuFreescale
QorIQ and VortiQa solutions for: �High Growth Security Appliance
Market�How QorIQ Platforms and VortiQa Products AlignUTM Security
Appliance Solutions - Focus MarketsAgendaUTM Security Appliance
Solutions - Portfolio ��Freescale UTM Appliance Performance
�Winning performance and system costUTM-8377 Appliance�~$100
BOMAgendaCustomer Engagement Model�Flexible approach to engage
partners and customersSummary �For More Information�