Unified Threat Management
The security of a country is of the highest importance; security for a business’s computing resources and networks is similarly important. Both have borders and assets that need protection, and clear ways to identify citizens or authorized users. As networking products and technologies have grown and advanced, so too, unfortunately, have efforts to breach the networks they create. A multitude of point solutions have been developed and implemented, over the years, to protect against a multitude of threats. A market opportunity emerged (2004) to combine multiple security products into a single platform, and the term Unified Threat Management or UTM was coined. In 2009 UTM revenues were close to $2 billion and recent estimates indicate that by 2016 the market will reach $7 billion (Frost & Sullivan).
UTM brings together previously disparate security platforms and technologies. A typical UTM solution will have a broad base of functionality including firewall, Virtual Private Network (VPN), network-based anti-virus and anti-spam intrusion prevention, content filtering, user authentication and even load balancing. UTM must now protect against a wide variety of threats from both external and internal sources. While not necessarily complicit in any attack, employees (and their computers/laptops) are being targeted as “softer” entry points into a network. Internal user control and identity-based policies are now increasingly important so as to limit who can do what—e.g., social media—within the confines of an enterprise network. Besides the detailed, lower-level functionality of each of the individual protection components, a UTM platform has the following attributes and benefits:
•Flexible and scalable elements allowing for customized configurations to suit small businesses and major enterprise networks
•Consolidated solutions limit compatibility or integration issues due to multiple vendor and product overlaps
•Multiple Gigabit interfaces facilitate high throughput and redundancy
•Real-time reporting of threats and potential intrusions
•Software and support simplicity through a single management interface to consolidated remote platform management
Coping with the task of running and managing multiple threat protection scenarios requires that the underlying platform architecture has a solid foundation capable of supporting multiple levels of performance and networking. Advantech’s portfolio provides the ideal starting point for a range of UTM solutions with 1U rack mount platforms such as the FWA-3210 and 2U FWA-6510 supporting a variety of Intel® Xeon® processing options. At the higher end, scaling to throughputs of over one Terabit per second of switching capacity, ATCA platforms based on Advantech’s MIC-5332 AdvancedTCA blades supporting up to 16 processor cores round out a variety of flexible options that deliver right at the sweet spots needed to match requirements for any Unified Threat Management platform.
Advantech OEM-Ready Network Appliances for Unified Threat Management
MIC-5332 DUAL INTEL® XEON® E5-2600 SERIES PROCESSOR BLADE
Advantech’s MIC-5332 is a dual processor ATCA blade based on the Intel® Xeon® E5-2600 series. It enables the highest performance available in ATCA form factor with up to 16 cores and 32 threads of processing power, fast PCI Express gen 3 lanes running at up to 8Gbps, and best in class virtualization support. Two QPI interfaces between the CPUs improve memory and I/O access throughput and latencies when one processor needs to access resources hosted by the other socket. With four DDR3 DIMMs per socket in a quad channel design running up to 1600MT/s, the MIC-5332 not only offers superior memory bandwidth over 3-channel designs, but can also support memory densities up 256GB using latest LR DIMM technology. It outperforms previous generation dual socket designs while keeping similar thermal characteristics with balanced airflow resistance.
•Two Intel® Xeon® E5-2600 Processors
•Intel® C600 Series PCH server class chipset with integrated SAS controller
•8 DDR3 VLP DIMMs up to 256 GB with ECC support
•Up to four XAUI ports on Fabric interface
•Two 1000BASE-T ports on Base interface / Three 1000BASE-T front panel ports
•One Fabric Mezzanine Module support with front I/O support (type II)
•Two CFast / one 2.5” SSD storage Device
•Fully managed, hot swappable RTM
FWA-3210 1U INTEL®XEON® E3-1200 SERIES NETWORK APPLICATION PLATFORM
The FWA-3210 1U appliance can be configured with a range of Intel® processors, Ethernet ports, PCIe I/O options and Advantech’s Network Mezzanine Cards (NMCs) to create costeffective platforms for specific enterprise networking applications. The Appliance is powered by processors utilizing the LGA-1155 socket, including the Intel® Xeon® E3-1225/1275, 2nd generation Intel® Core™ i7-2600/ i5-2400 /i3-2120, the Pentium®-G850 and the Celeron®-G540 Processor. Memory configurations can include 4 x DDR3 1333/1066 DIMMs for up to 32GB in total. In the base configuration, the system comes with a single internal 2.5” SATA HDD bay, 6Intel® 82574L GbE controllers, and one PCIex8 expansion slot.
•Supports Intel® Xeon® E3-1225/E3-1275 (FWA-3210A) and 2nd generation Core™ Series Processors
•Supports 4 x DDR3 Un-buffered 1066/1333 DIMMs, up to 32 GB (FWA-3210A); 2x DDR3 Un-buffered 1066/1333 DIMMs, up to16 GB (FWA-3210B)
•6 x 10/100/1000 Mbps LAN on Board with up to 3 bypass segments
•1 x 3.5" or 1 x 2.5" SATA HDD / SSD
•2 x Advantech Network Mezzanine Cards (NMCs)
FWA-6510 2U INTEL®XEON® E5-2600 SERIES NETWORK APPLICATION PLATFORM
Based on Intel®s latest Xeon® processor platform, the FWA-6510 system is designed for maximum performance, scalability and functionality in a 2U rack mount footprint. This multi-core processor-based, high-end network communications appliance is optimized forcomputing power and high speed, high density I/O with best-in-class energy efficiency. Two E5-2600 series Intel® Xeon® processors (Socket R) with up to 8 cores provide the latest architectural enhancements as well as unprecedented I/O integration: Two Intel® QuickPath Interconnects running at up to 8GT/s each support reduced cross-socket memory I/O latencies and increased throughput. Each socket supports 4 DDR3 channels up to 1600 MHz for up to 384 GB of ECC memory when using the latest LR DIMM technology.
•2 x Intel® Xeon® E5-2600 processors
•DDR3 1333/1600 ECC registered memory, up to 384GB
•PCIe gen3 support
•4 x Network Mezzanine Cards (NMC) slots for a wide range of GbE and 10GbE NMCs with or without bypass
•1 x PCIe x8 full-height/ half-length add-on card
•4 x 2.5" removable SAS/SATA HDD and SSDs
•IPMI2.0-compliant Remote Management