Freescale PowerQUICC® III family of processors has imposed itself as the leading solution for communication systems, becoming a reference point for the wireless, networking, and switching fields of application. A member of this family, the MPC8572E, is the first PowerQUICC® III processor integrating a pattern matching functionality, and has been especially designed to provide two innovative features, up to now available only on high-level communication equipments: the application-awareness and the content security. These properties make the MPC8572E the right solution for implementing the ever increasingly popular Universal Threat Management (UTM) capability, unifying the main security appliances such as: firewall, routing, IPSec Virtual Private Network (VPN), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), anti-spam, anti-virus, and content filtering. The MPC8572E is able to provide these features at an operative costs which are much lower compared to those required by a solution consisting in several devices, which had to be purchased and maintained separately. The idea of Freescale is to make secure and high-performance network systems available to everyone: the MPC8572E is the right product to make that idea become a reality.

MPC8572E main features

This processor offers a whole set of outstanding features without which it would not be possible to achieve the level of performance and computational capacity required to implement a Universal Threat Management solution. Let us see those features, understanding why they are so important and innovative on a commercial microprocessor:

• It is built on a highly integrated multicore architecture (Power Architecture Technology). PowerQUICC® III processors family (as its predecessor) is based on a dual core architecture: one core is specialized for communication tasks (also called CP, Communication Processor), whereas the other one is a kind of supervisor. In particular, the processor is based on a Sistem-on-Chip (SoC) platform, with a couple of e500 cores running at a clock frequency between 1.2 and 1.5 GHz. This architecture is able to support both symmetric and asymmetric multi-processing; that means that it can run multiple operating systems, such as, for instance, Linux and a Real Time Operating System (RTOS) at the same time
• It has 32 KB of instruction cache, 32 KB of data cache, a 1 MB level 2 cache, two 64-bit DDR2/DDR3 SDRAM controller, support for PCI Express, Serial RapidIO, DMA, and several other high-speed communication interfaces, that make it easy to interface with highly specialized external devices such as network processors or dedicated ASICs. In this way the MPC8572E can concentrate on the control and supervising processing tasks
• It includes four integrated triple-speed Ethernet controllers (eTSEC) able to speed-up packet I/O by performing checksum calculation. They also provide Quality Of Service (QoS) support, offering 8 Rx and 8 Tx hardware queues to accelerate the traffic according to priority schemes
• It is based on Freescale’s 90 nm silicon-on-insulator (SOI) process technology, delivering high performance with a low power dissipation
• It integrates four advanced and powerful engines on the same chip:
  • two Table Lookup Units (TLU), necessary to perform efficient table searches and packet header inspections
  • a Pattern Matching Engine (PME), able to work with regular expression (regex) matching. A Regex Compiler is provided to support this feature, The Pattern Matcher is able to match thousands of Regexes in parallel at a multi-gigabit data rate
  • a deflate engine, able to perform the processing related to file decompression
  • a security engine, to speed up cryptographic operations in IPSec and SSL/TLS for Virtual Private Network
• Freescale Semiconductor has partnerships with several experts in the field of security and communication solutions. Among them, we should mention Kaspersky Lab, that through the Accelerated Anti-Virus platform can help Freescale to adopt optimized anti-virus solutions and other networking solutions requiring intensive data processing

The importance of UTM

UTM (Universal Threat Management) is also known as ISR (Integrated Services Router) or SSG (Secure Services Gateway). It is increasing its popularity because it is being adopted as the most important network security solution by many companies, especially for small- and medium-sized offices. The main advantage of UTM is due to the fact that it is able to ensure the same level of network security involving a minor number of devices; as a result, the investment is inferior and there are only few devices to be maintained. The following two pictures show the scenario “before” and “after” the adoption of UTM solution for network security.

As shown in the picture, the first device that interfaces with the open Internet is the router that provides networking functionalities. After that, there are the firewall and the VPN IPSec: the first one is in charge to stopping unwanted traffic either entering or leaving the internal network and historically it has probably been the weakest ring of the network chain; the second one allows to establish a Virtual Private Network, that is a secure communication between two nodes passing through the open Internet channel (VPN is often used by employers who work for a company staying at home or far away from their office). The most common strategy adopted by firewalls is to match each packet header contents against an Access Control List (ACL). However, that solution is not enough to stop external attacks; so many enterprises have deployed also an Intrusion Detection System (IDS) to monitor the traffic on critical segments of the network. IDS, however, is only able to detect an attack, but it cannot stop it; as a result, an additional service, Intrusion Prevention System (IPS) has been further added to terminate each attack detected by IDS. The network security, finally, is completed by deploying other services such as anti-spam, anti-virus, and content filtering: they increase the security level by protecting the network from “internal” attacks (most of time unwanted) such as viruses and worms; this aspect is gaining much importance due to spread of wireless connections. UTM integrates most, if not all, those network security services, thus providing a very competitive network security solution.

Source: MPC8535E: PowerQUICC III Integrated Communications Processor

Read the Italian version: UTM (Universal Threat Management) con il Freescale PowerQUICC® III

CONTACT REQUEST
If you want to know more about this Freescale product, please submit your request to Arrow Italy using this form.

NOTE: this form is valid ONLY for Companies or Customers based in Italy and working in the Italian area.