B1 Top of Rack Security Switch and NFV Platform
The ZNYX B1, the latest virtualization platform innovation for network services, provides a top-of-rack switch platform for security and NFV (network function virtualization) with an integrated Intel Xeon class server environment. Networking applications, virtualized security appliances, or load balancers can run either in a VM or as bare-metal on the B1 compute environment which provides services for the computer in the rack. With unmatched functional density for top-of-rack switches, the B1 delivers unprecedented consolidation and cost savings for enterprises, data centers, and telecom.
The B1 competes against a combined solution of a standard top-of-rack switch and rack-mount server providing twice the density in half the rack space at about 2/3 the cost.
Network services and security functions can now be integrated into the top-of-rack switch by utilizing virtualized applications that are easy to acquire and deploy – which frees space within the rack. The B1 tightly couples the network services of an Ethernet switch with an x86 compute resource. This combination delivers the high performance required for line-rate packet delivery and service chaining to applications in the data path.
# of CPU Cores
Reasons not to Use
The patent-pending B1 provides both a complete networking environment and a compute environment with a 1U form factor. The network environment is a powerful 480G switch fabric with 24 10G ports and 4 40G ports on the front panel. The switch also provides 8 10G links to the computer environment. The compute environment provides dual Intel® Xeon® processor E5-2600 v2 resource. Options range from 4 core to 12 core processors with the high-end configuration being a 24 core environment. The compute environment also supports up to 512 Gig of memory, up to 2 terabytes dual SATA or SSD storage, and a PCI expansion card.
The B1 was designed specifically to enable high-performance connection between the network environment and the compute environment running VMs. The key B1 technologies are:
- 8 10G Intel® NICs with SR-IOV
- Trunking technology to aggregate links – 20G to 80G capacity
- Ability to pin virtual interrupt handlers to specific cores
- PacketFiltering™ to redirect specific flows (provided at no extra charge)
- PacketVectoring™ for stateless load balancing at line rate
- VMDq – Virtual Machine Data Queues improves data processing by offloading the sorting and queueing functionality from the VMM
- VMDc – Virtual Machine Direct Connect provides near-native performance and scalability by bypassing the virtual switch in the VMM (Based on SR-IOV)
- Low-latency Switch Silicon – Onboard switch silicon eliminates the need to use a vSwitch in the hypervisor, allowing for line-rate networking between VMs
The two major hypervisor technologies – KVM and VMWare – are available on the B1 compute environment.
OpenArchitect 4, a Linux distribution tuned and supported by ZNYX, is a high-performance hypervisor shipped with the B1 at no extra charge. OpenArchitect 4 is tuned at the driver level to work with the Intel NICs to deliver high-performance Ethernet between the networking and compute environments. OpenArchitect 4 supports applications running on bare-metal. It also includes the Linux KVM hypervisor technology and can host VMs with guest Operating Systems such as RedHat, Windows, and OpenArchitect 4.
VMWare as the hypervisor is supported through the VMWare certification program. VMWare is purchased separately and installed on the B1.
Rich Ecosystem of VM Ready Security and NFV Applications
The day of virtualization for key security and networking functions has arrived. In every major category leading application providers are offering vApp versions ready to download and install on the B1.
The following market categories have multiple virtual application options:
- Intrusion Detection and Intrusion Prevention Systems (IDS/IPS)
- Web Application Firewall (WAF)
- IP Recognition
- Load Balancing
The trend in security is to move closer to the servers being protected. The B1 and the ecosystem of VM ready security and NFV applications enable moving these services to the top of every rack.
- Good – Appliances 25%
- Better – Virtual Appliances 50%
- Best – B1 ToR Security Switch 100%
Good, Better, Best!
The B1 is at the center of two major trends:
1) moving security services close to the servers being protected
2) the virtualization and consolidation of security services.
Learn how these two major trends generated the three phases of top-of-rack security – Multiple Physical Appliances, Virtualization Appliances, and B1 Security Switch
This video show the B1 in action as a OpenFlow switch. Get an inside look into the B1 and see how easy it is to add value and create new products by leveraging the virtualization ecosystem. Watch the video.