With the ever-increasing flow of data across the Internet and through our wireless carriers, there’s a growing need to be more aware of what type of data is being sent so it can be expedited, eliminated, or otherwise addressed. This requires deep packet inspection (DPI), which is the job of a content processor, usually a separate co-processor designed for the job.
Looking at each and every packet is a huge task. If it is to be done properly, it needs to be done very quickly so transmissions aren’t delayed. Most regular processors don’t have the power to handle the regular duties, deal with CPU overhead, minimize latency, and perform DPI. A content processor comes to the rescue to offload the main CPU and take on the task of DPI.
Content processors have been around for a while, such as LSI’s T1000 and T9000. Now LSI offers a successor that is even faster and better. Designated the Tarari T2000, this chip not only has the desired speed, up to 10 Gbits/s, it also breaks the power consumption barrier that has made DPI unattractive.
Content processing is mainly used for security, compliance, and network management and control. DPI is essential for value-added services such as bandwidth management, quality of service (QoS), and network control. Security has become a central issue in all Internet and network transmissions to get rid of viruses, spyware, spam, and other threats. Firewalls, virtual private networks (VPNs), and intrusion/protection systems are becoming more common.
The enterprise, the service providers, and the wireless infrastructure can all benefit by adding content processing. The Tarari T2000 is made to drop right into products like security appliances, servers, gateways, and routers to make sure these benefits are achieved. This single-chip content processor is designed to significantly offload any X86, MIPS, or Power PC processor in a network product.
The T2000 is compatible with the application programming interface (API) and rules used with the T1000, an earlier content processor model. Its cross packet inspection detects threats spanning more than one packet and implements deterministic inspection performance with low CPU overhead and low latency. And, it greatly reduces cost as well as power consumption by a factor of 100 over previous products.
The chip’s regular-expression processor supports more than 1 million rules, an XML content processor, a compression/decompression processor, and a cryptography content processor (see the figure). It also uses lower-cost DDR2 DRAM instead of expensive and exotic SRAM, content addressable memory, or other types. The DRAM controller is built in. The performance is scalable from 100 Mbits/s to 10 Gbits/s.
As for I/O, the T2000 can handle PCI, PCI-X, and PCI Express (eight lanes) as well as custom I/O like HTX. Its expansion bus lets designers connect to a second T2000 to provide up to 16-Gbit/s throughput that required up to 11 separate chips in previous designs.
The T2000 comes in three models with different levels of performance: the T2010 (2.5 Gbits/s), T2020 (5 Gbits/s), and T2030 (10 Gbits/s). Samples will be available in the first quarter of 2009 with production parts available in the second quarter of 2009. Volume prices will range from $150 to $300.
LOUIS FRENZEL
LSI Corp.www.lsi.com