-->

We’re Building the Future of Data Infrastructure

Products
Company
Support

Archive for the ‘Enterprise Services’ Category

August 31st, 2020

Arm processors in the Data Center

By Raghib Hussain, Chief Strategy Officer and Executive Vice President, Networking and Processors Group

Last week, Marvell announced a change in our strategy for ThunderX, our Arm-based server-class processor product line. I’d like to take the opportunity to put some more context around that announcement, and our future plans in the data center market.

ThunderX is a product line that we started at Cavium, prior to our merger with Marvell in 2018. At Cavium, we had built many generations of successful processors for infrastructure applications, including our Nitrox security processor and OCTEON infrastructure processor. These processors have been deployed in the world’s most demanding data-plane applications such as firewalls, routers, SSL-acceleration, cellular base stations, and Smart NICs. Today, OCTEON is the most scalable and widely deployed multicore processor in the market.

As co-founder of Cavium, I had a strong belief that Arm-based processors also had a role to play in next generation data centers. One size simply doesn’t fit all anymore, so we started the ThunderX product line for the server market. It was a bold move, and we knew it would take significant time and investment to come to fruition. In fact, we have spent six years now building multiple generations of products, developing the ecosystem, the software, and working with customers to qualify systems for production deployment in large data centers. ThunderX2 was the industry’s first Arm-based processor capable of powering dual socket servers that could go toe-to-toe with x86-based solutions, and clearly established the performance credentials for Arm in the server market. We moved the bar higher yet again with ThunderX3, as we discussed at Hot Chips 32.

Today, we see strong ecosystem support and a significant opportunity for Arm-based processors in the data center. But the real market opportunity for server-class Arm processors is in customized solutions, optimized for the use cases at hyperscale data center operators. This should be no surprise, as the power of the Arm architecture has always been in its ability to be integrated into highly optimized designs tailored for specific use cases, and we see hyperscale datacenter applications as no different.

Our rich IP portfolio, decades of processor expertise with Nitrox, OCTEON, and ThunderX, combined with our new custom ASIC capability, and investment in the latest TSMC 5nm process node, puts Marvell in a unique position to address this market opportunity. So to us, this market driven change just makes sense. We look forward to partnering with our customers and helping to deliver highly optimized solutions tailored to their unique needs.

July 28th, 2020

Living on the Network Edge: Security

By Alik Fishman, Senior Product Marketing Manager, Marvell

Living on the Network Edge: Security

In our series Living on the Network Edge, we have looked at the trends driving Intelligence, Performance and Telemetry to the network edge. In this installment, let’s look at the changing role of network security and the ways integrating security capabilities in network access can assist in effectively streamlining policy enforcement, protection, and remediation across the infrastructure.

Cybersecurity threats are now a daily struggle for businesses experiencing a huge increase in hacked and breached data from sources increasingly common in the workplace like mobile and IoT devices. Not only are the number of security breaches going up, they are also increasing in severity and duration, with the average lifecycle from breach to containment lasting nearly a year1 and presenting expensive operational challenges. With the digital transformation and emerging technology landscape (remote access, cloud-native models, proliferation of IoT devices, etc.) dramatically impacting networking architectures and operations, new security risks are introduced. To address this, enterprise infrastructure is on the verge of a remarkable change, elevating network intelligence, performance, visibility and security2.

COVID-19 has been a wake-up call for accelerating digital transformation – as companies with greater digital presences show more resiliency3. The workforce is expected to transform post-COVID-19 with 20-45%4 becoming distributed and working remotely, either from home or from smaller distributed office spaces. The change in the working environment and accelerated migration to hybrid-cloud and multi-cloud drives a new normal, and the borderless enterprise is now a reality – driving network infrastructure to add end-to-end management, automation and security functionalities needed to support businesses in this new digital era. As mobility and cloud applications extend traditional boundaries and this borderless enterprise becomes increasingly vulnerable, a broader attack surface is no longer contained within well-defined and defended perimeters. Cracks are showing. Remote workers’ identities and devices are the new security perimeter with 70% of all breaches originating at endpoints, according to IDC research5.

This is where embedded security in network access provides essential frontline protection from malicious attacks entry points by enforcing zero-trust access policies. No traffic is trusted from the outset, and the traffic isn’t in the clear within networking devices throughout the infrastructure. Network telemetry and integrated security safeguards capable of inspecting workloads at line-rate team up with security appliances and AI-analytic tools to intelligently flag suspicious traffic and rapidly detect threats. Segmentation of security zones and agile group policy enforcement limits areas of exposure, prevents lateral movement, and enables quick remediation. IEEE 802.1AE MACSec encryption on all ports secure data throughout the network and prevent intrusion. Monitoring control protocol exceptions and activating rate limiters add layers of protection to control and management planes, preventing DDOS attacks. Integrated secure boot and secured storage provide the protection from counterfeit attempts to compromise network hardware and software.

Cybersecurity is now the dominate priorities of every organization, as each adapts to a post-COVID 19 world. Network-embedded security is on the rise to become a powerful ally in fighting the battle against ever evolving security threats. In this dynamic world, what can your network do to secure your assets?

Living on the Network Edge

What steps are you taking to bolster your network for living on the edge? Telemetry, Intelligence, Performance and Security are critical technologies for the growing borderless campus as mobility and cloud applications proliferate and drive networking functions. Learn more at: https://www.marvell.com/solutions/enterprise.html.

###

1 https://www.varonis.com/blog/cybersecurity-statistics
2 Cisco 2019 Global Networking Trends Survey
3 Morgan Stanley, 2Q20 CIO Survey: IT Hardware Takeaways
4 Dell’Oro Group Ethernet Switch – Campus five-year forecast, 2020-2024
5 Forbes 2020 Roundup Of Cybersecurity Forecasts And Market Estimates

July 23rd, 2020

Telemetry: Can You See the Edge?

By Suresh Ravindran, Senior Director, Software Engineering

Telemetry: Can You See the Edge?

So far in our series Living on the Network Edge, we have looked at trends driving Intelligence and Performance to the network edge. In this blog, let’s look into the need for visibility into the network.

As automation trends evolve, the number of connected devices is seeing explosive growth. IDC estimates that there will be 41.6 billion connected IoT devices generating a whopping 79.4 zettabytes of data in 20251. A significant portion of this traffic will be video flows and sensor traffic which will need to be intelligently processed for applications such as personalized user services, inventory management, intrusion prevention and load balancing across a hybrid cloud model. Networking devices will need to be equipped with the ability to intelligently manage processing resources to efficiently handle huge amounts of data flows.

How do you see what you can’t see?

But is your network edgy enough? In order to handle the growth, we’ve seen intelligence pushed to the network edge for application-aware engineering and inferencing applications running in hybrid clouds. In order to keep up with billions of mobile devices using denser applications, we addressed wireless offloading as one method to alleviate the burden on cellular networks. This approach increases the load on edge and enterprise networks with demands for intelligent flow processing capabilities to efficiently utilize the LAN and WAN bandwidth.   With intelligence and performance in place, we also need to address the growing complexity associated with “seeing” how network switching resources are being utilized. Visibility through network telemetry is fundamental to empowering AI-automation, performance, security and troubleshooting. To be proactive and predictive, networks need to be built with switches that look beyond the obvious with intelligent telemetry capabilities.

Intelligent telemetry for effective network visibility

Increased use of analytics and AI for performance monitoring, detection, troubleshooting and response has been ranked a top priority for organizations to achieve their vision of the ideal networkIT professionals leverage telemetry to define workload behaviors requiring network bandwidth timing patterns and whether applications are causing jitter or low-bandwidth issues. In general, telemetry functions have tracked events in hindsight but are now increasingly used to analyze and predict – living on the network edge means monitoring, predicting and managing the anomalies for proactive infrastructure automation and application responses.

An effective telemetry solution also requires network devices to stream a wide range of metadata for network flow and switch resource usage in real time. As streaming telemetry header formats evolve, it is equally important for the switch silicon’s pipeline to have programming abilities which adapt to changes in telemetry tools while performing at line-rate.   

Successfully living at the network edge means detecting and adjusting algorithms in real time. It won’t be enough to move intelligence to the edge and increase the performance for workloads if you can’t see what is happening within the network. Network visibility is crucial in managing workloads to reliably deliver customer and enterprise service level agreements predictively. Telemetry, Intelligence and Performance are critical technologies for the growing borderless campus as mobility and cloud applications proliferate and drive networking functions. In our next blog, we will discuss Security as part of our insights and TIPS to Living on the Network Edge.  Watch out for the edge …

# # #

1 Worldwide Global DataSphere IoT device and data forecast (2019-2023), IDC

July 16th, 2020

The Need for Speed at the Edge

By George Hervey, Principal Architect, Marvell

Marvell Driving Network Intelligence and Processing to the Edge

In the previous TIPS to Living on the Edge, we looked at the trend of driving network intelligence to the edge. With the capacity enabled by the latest wireless networks, like 5G, the infrastructure will enable the development of innovative applications. These applications often employ a high-frequency activity model, for example video or sensors, where the activities are often initiated by the devices themselves generating massive amounts of data moving across the network infrastructure. Cisco’s VNI Forecast Highlights predicts that global business mobile data traffic will grow six-fold from 2017 to 2022, or at an annual growth rate of 42 percent1, requiring a performance upgrade of the network.

Wireless Offload

How do networks with dense wireless connections address the overwhelming bandwidth and connection challenges? One answer is wireless offload. Whether a big box retail store with 1,000 customers or a 60,000-seat stadium or a convention center with 200,000 attendees, the amount of data to be delivered is enormous. The cost to carry the data over wireless has hit a critical inflection point in capacity, driving the need for offload to a wired network. This trend of wireless offload requires higher and higher performance at the network edge enabling users to experience high-performance connectivity and low latency response times they’ve grown to expect.

New Performance Paradigm

Deployment of 5G and Wi-Fi 6 are enabled by advanced wireless access technologies including the use of MIMO and higher frequency spectrum. The capacity being delivered will quickly be consumed by the growing number of devices and new applications. In fact, higher bandwidth at the access layer was a major force behind the definition of Multi-Gig Ethernet. This new performance paradigm will have an impact on all layers of the network, motivating an increase in uplink port speeds to handle the added access bandwidth. Additionally, stacking link capacity will increase to facilitate efficient port deployments and help handle the growth in attached clients.

Network capacity increases enable the adoption of higher bandwidth services, support for emerging real-time applications and an expansion of concurrent active devices on networks. Ironically, the resulting trends and future innovations will continue to drive the need for increased network performance.

Performance is the second part in a series of TIPS that will discuss essential technologies for the growing borderless campus as mobility and cloud applications proliferate and drive networking functions. Telemetry challenges and insights will inspire our next TIPS to Living on the Network Edge.

# # #

1Cisco VNI Complete Forecast Highlights

July 8th, 2020

Driving Network Intelligence and Processing to the Edge

By George Hervey, Principal Architect, Marvell

Marvell Driving Network Intelligence and Processing to the Edge

The mobile phone has become such an essential part of our lives as we move towards more advanced stages of the “always on, always connected” model. Our phones provide instant access to data and communication mediums, and that access influences the decisions we make and ultimately, our behavior.

According to Cisco, global mobile networks will support more than 12 billion mobile devices and IoT connections by 2022.1 And these mobile devices will support a variety of functions. Already, our phones replace gadgets and enable services. Why carry around a wallet when your phone can provide Apple Pay, Google Pay or make an electronic payment? Who needs to carry car keys when your phone can unlock and start your car or open your garage door? Applications now also include live streaming services that enable VR/AR experiences and sharing in real time. While future services and applications seem unlimited to the imagination, they require next-generation data infrastructure to support and facilitate them.

The Need for Intelligence at the Edge
Network connectivity and traffic growth continue to increase as the rate of adoption of new data-intensive applications drive bandwidth requirements and a smarter infrastructure — an infrastructure that can, through intelligence, recognize specific application and infrastructure needs and deliver processing at the edge when necessary. While network speeds increase with advancements of multi-gigabit Ethernet and 400GE backbone connections, the bandwidth available with the latest 5G and Wi-Fi will continue to cause a bottleneck in the backhaul. Edge processing helps prevent the need for moving massive amounts of data across networks. This higher level of network intelligence allows the network to deliver complex software-defined infrastructure management without user intervention, manage inference engines, apply policies, and most importantly, deliver proactive application functionality. This enhances the user experience by offering a near real-time interactive platform with low latency, high reliability and secure infrastructure.

With bandwidth demand growing so much, how do we address it at scale? If we parallel the cloud data centers, we see that one way to scale out and handle the added bandwidth and number of nodes is to add processing to the edge of the network. This was accomplished in data centers through the use of smartNICs to offload complex processing tasks including packet processing, security and virtualization from the servers. A similar approach is being achieved in the carrier networks through the deployment of SD-WAN/uCPE/vCPE appliances placed at the edge to provide the intelligence alongside reduced connectivity costs. However, this approach becomes problematic in enterprise networks where a variety of end point capabilities are needed, and the first location of uniformity takes place at the network’s access layer.

Taking Advantage of Artificial Intelligence (AI)
Yet another challenge is created when legacy methods are used for deploying services in enterprise networks – such as centralized firewalls and authentication servers. With the expected increase in devices accessing the network and more bandwidth needed per device, these legacy constraints can result in bottlenecks. To address these issues, one must truly live on the network edge, pushing out the processing closer to the demand and making it more intelligent. Network OEMs, IT infrastructure owners and service providers will need to take advantage of the new generations of artificial intelligence (AI) and network function offloads at the access layer of the enterprise network.

TIPS to Living on the Network Edge
This is the first in a series providing TIPS about essential technologies that will be needed for the growing borderless campus as mobility and cloud applications proliferate and move networking functions from the core to the edge. Today, we discussed the trend toward expanded Network Intelligence. In Part 2, we will look at the Performance levels needed as we provide more insights and TIPS to Living on the Network Edge.

1 Cisco 2022 Mobile Visual Network Forecast Update

June 7th, 2018

Versatile New Ethernet Switch Simultaneously Addresses Multiple Industry Sectors

By Ran Gu, Marketing Director of Switching Product Line, Marvell

Due to ongoing technological progression and underlying market dynamics, Gigabit Ethernet (GbE) technology with 10 Gigabit uplink speeds is starting to proliferate into the networking infrastructure across a multitude of different applications where elevated levels of connectivity are needed: SMB switch hardware, industrial switching hardware, SOHO routers, enterprise gateways and uCPEs, to name a few. The new Marvell® Link Street™ 88E6393X, which has a broad array of functionality, scalability and cost-effectiveness, provides a compelling switch IC solution with the scope to serve multiple industry sectors.

The 88E6393X switch IC incorporates both 1000BASE-T PHY and 10 Gbps fiber port capabilities, while requiring only 60% of the power budget necessitated by competing solutions. Despite its compact package, this new switch IC offers 8 triple speed (10/100/1000) Ethernet ports, plus 3 XFI/SFI ports, and has a built-in 200 MHz microprocessor. Its SFI support means that the switch can connect to a fiber module without the need to include an external PHY – thereby saving space and bill-of-materials (BoM) costs, as well as simplifying the design. It complies with the IEEE 802.1BR port extension standard and can also play a pivotal role in lowering the management overhead and keeping operational expenditures (OPEX) in check. In addition, it includes L3 routing support for IP forwarding purposes.

Adherence to the latest time sensitive networking (TSN) protocols (such as 802.1AS, 802.1Qat, 802.1Qav and 802.1Qbv) enables delivery of the low latency operation mandated by industrial networks. The 256 entry ternary content-addressable memory (TCAM) allows for real-time, deep packet inspection (DPI) and policing of the data content being transported over the network (with access control and policy control lists being referenced). The denial of service (DoS) prevention mechanism is able to detect illegal packets and mitigate the security threat of DoS attacks.

The 88E6393X device, working in conjunction with a high performance ARMADA® network processing system-on-chip (SoC), can offload some of the packet processing activities so that the CPU’s bandwidth can be better focused on higher level activities. Data integrity is upheld, thanks to the quality of service (QoS) support across 8 traffic classes. In addition, the switch IC presents a scalable solution. The 10 Gbps interfaces provide non-blocking uplink to make it possible to cascade several units together, thus creating higher port count switches (16, 24, etc.).

This new product release features a combination of small footprint, lower power consumption, extensive security and inherent flexibility to bring a highly effective switch IC solution for the SMB, enterprise, industrial and uCPE space.

 

April 2nd, 2018

Understanding Today’s Network Telemetry Requirements

By Tal Mizrahi, Feature Definition Architect, Marvell

There have, in recent years, been fundamental changes to the way in which networks are implemented, as data demands have necessitated a wider breadth of functionality and elevated degrees of operational performance. Accompanying all this is a greater need for accurate measurement of such performance benchmarks in real time, plus in-depth analysis in order to identify and subsequently resolve any underlying issues before they escalate.

The rapidly accelerating speeds and rising levels of complexity that are being exhibited by today’s data networks mean that monitoring activities of this kind are becoming increasingly difficult to execute. Consequently more sophisticated and inherently flexible telemetry mechanisms are now being mandated, particularly for data center and enterprise networks.

A broad spectrum of different options are available when looking to extract telemetry material, whether that be passive monitoring, active measurement, or a hybrid approach. An increasingly common practice is the piggy-backing of telemetry information onto the data packets that are passing through the network. This tactic is being utilized within both in-situ OAM (IOAM) and in-band network telemetry (INT), as well as in an alternate marking performance measurement (AM-PM) context.

At Marvell, our approach is to provide a diverse and versatile toolset through which a wide variety of telemetry approaches can be implemented, rather than being confined to a specific measurement protocol. To learn more about this subject, including longstanding passive and active measurement protocols, and the latest hybrid-based telemetry methodologies, please view the video below and download our white paper.

WHITE PAPER, Network Telemetry Solutions for Data Center and Enterprise Networks