Multi-functional security gateway has been strongly demanded by the market.
For the past two years, we have developed a 7-in-1 (including routing, NAT,
firewall, VPN, IDS, bandwidth management, and content filtering) security
gateway, whose internal architecture and bottlenecks encountered are shown
in figure 3, on NetBSD over platforms such as Pentium, MIP, and ARM. With
the past experience of implementing and benchmarking DiffServ over IXP1200,
we are more confident and interested in porting our system over a platform
of high potential such as IXP425, in order to have far lower cost, compared
to Pentium, while gaining much more performance improvement than MIPS. In
addition to ordinary functions mentioned above, some new features, for
instance, AV (anti-virus), and WLB (WAN load balancing), can also be further
supported.
Some business model can be considered after prototyping. That is, we
could release the firmware to some cooperating companies such as D-Link,
Zyxel, and L7 Networks which may be interested in shipping the system on top
of IXP425 to create the win-win situation between Intel, local vendors, and
us.