RSA: Intel reference design to accelerate SASE, other security tasks

Intel says its reference design will enable accelerator cards that can offload security processing from server CPUs without requiring more rack space.

Cybersecurity

Intel has introduced a reference design it says can enable accelerator cards for security workloads including secure access service edge (SASE), IPsec, and SSL/TLS.

The upside of the server cards would be offloading some application processing from CPUs, effectively increasing server performance without requiring additional server rack space, according to Intel.

The announcement was made at RSA Conference 2022, and details were published in a blog post by Bob Ghaffardi, Intel vice president and general manager of the Enterprise and Cloud Division.

With the Intel NetSec Accelerator Reference Design, third-party manufacturers can build PCI Express (PCIe)-based cards featuring Intel QuickAssist Technology acceleration and Intel-based server functionality, including orchestration and management.

Intel says it has multiple partners currently developing products based on the reference design, and two displayed them at RSA: Silicom showed its AONIC Card, and F5 showed a security application running on hardware based on the design.

“We created the design to help edge network and security solution providers quickly build, deploy, and scale networking and security functions within SASE stacks without adding rack space,” Ghaffardi wrote. “This reference design enables a PCIe add-in card to deliver the capabilities of a server within a small, power-efficient package. Vendors can integrate SASE functions in this card to maximize the capabilities of their server infrastructure at the edge.”

At heart of the card is an Intel Atom processor along with an Intel Ethernet Network Adapter E810. Together, the two chips provide low-latency networking and security while offloading the processing from the CPU. The card can accelerate processor-intensive uses such as IPsec, SSL/TLS, firewall, SASE and analytics workloads, according to Ghaffardi's blog.

Because the design is based on Intel Architecture, developers can port x86 applications to the card, running them with little to no change required. Its support for SASE allows software-defined wide-area network (SD-WAN) and security functionalities to be converged into virtualized or containerized services.

Intel said it expects cards built on the design to be delivered in a standard format that fits existing PCIe slots within host servers, and they won’t require additional space to realize more functionality and performance.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2022 IDG Communications, Inc.