In today’s network environment, security threats are everywhere; from Web- and email-borne viruses and worms to productivity hampering spam and spyware to malicious break-in attempts. Security functionality in network equipment is no longer “nice to have”—it is now a fundamental design requirement.

Designers of network equipment must be able to integrate applications such as antivirus, anti-spam, anti-spyware, intrusion detection and prevention, content filtering, and sometimes all of these in one box (a universal threat management or UTM appliance), without sacrificing performance throughput or detection accuracy. With today’s rapidly increasing network speeds and the growing taxonomy of network threats, this is a difficult design challenge.

In this article, we’ll present an FPGA based solution to the problem and describe how to integrate security functions using an architecture that can be easily upgraded over time.

Reprinted with permission from Xcell Journal / First Quarter 2006. Article © Xcell Journal.