|
|
|
|
Green Hills Software's GateD family of products is a processor-neutral, comprehensive data-plane and control-plane solution. The scalability of the code, complete functionality, and expansive set of APIs make GateD ideal for inclusion in carrier-grade core, edge, and aggregation devices.
|
| Solution
Overview: GateD & INTEGRITY |
)
For over 20 years, anyone who needed comprehensive software solutions
for advanced routing—for everything from server redundancy to scalable,
core IP routers—has relied on GateD, the gold standard in routing
and switching technology. During that time, hundreds of products have
been built and deployed based on GateD technology.
GateD networking protocols comprise the most widely used, processor
and platform-neutral routing suite in the world. With over two decades
of deployment on the Internet, GateD is the most stable, fully-functional
suite of routing protocols available in the world today.
Green Hills Software, the leader in secure and reliable software, has
taken this proven routing and switching offering and has combined it
with the industry’s most secure operating system—INTEGRITY—and
it’s advanced TCP/IPv4/v6 host and routing stack—GHNet—delivering
the most comprehensive end-to-end software suite for building absolutely
secure networking products.
Together, INTEGRITY when combined with GateD represent a substantial
evolutionary step forward in networking technology by enabling device
security at the core. For the first time, equipment manufacturers and
network device developers have at their disposal a secure, scalable foundation
that supports the functionality required for building secure, highly
available, carrier-grade network equipment, including core and edge IP
routers and aggregation devices.
This integrated, scalable solution provides:
- INTEGRITY secure operating system
- GHNet IPv4/v6 host and router stack
- mature Layer 3 unicast routing
- secure network management services
- complete data plane integrated with the latest terabit switch hardware
fabrics ports
- secure guest OS virtualization architecture to execute guest OS applications
- optional software-only data forwarding plane
Deploying GateD with the secure separation kernel architecture
of the INTEGRITY enables the highest levels of security for network devices.
INTEGRITY was designed from the beginning with security in mind, and
supports the requirements and security policies of Multiple Independent
Levels of Security (MILS), which is the architecture for composing secure
computing systems from high-assurance components.
INTEGRITY provides protected execution of native applications, guest
OS applications and system services; guaranteed resource allocation;
information flow control between partitions, stack, router, network management
and application isolation, along with containment of errors and attacks.
All are essential components for hardening any networked device against
both casual and targeted, well funded attacks.
|
| Layer
3 Routing |
|
Gate Layer 3 Routing was the first suite of routing protocols with broad
IPv6 support. With GateD, networking device developers can pick and choose
from individual protocols or license a variety of packages targeted at
specific applications, all integrated, validated and tested with the
INTEGRITY secure operating system and the GHNet IPv4/v6 host/router stack.
With this approach, customers can seamlessly add or reconfigure GateD
routing protocols based on changing system requirements with the highest
level of confidence in the shortest timeframe and at the lowest cost.
The modular design of GateD allows common functionality, data structures,
and APIs to be shared across protocols. From an equipment manufacturer's
perspective, this provides two immediate advantages:
- Additions and modifications to existing APIs at points of integration
have limited effect on the stability of existing protocols. This means
that even major new features can be deployed without anxiety over changes
to long-established, de facto standard code, such as Green Hills' OSPF
and BGP implementations.
- New protocols inherit a high degree of stability and robustness for
the long deployment of standard functions, such as memory allocation,
scheduling, and routing policy.
|
| Layer
2 Switching* |
|
The Green Hills GateD switching protocols set the benchmark for
the next generation of OEM Ethernet switching solutions by providing the
most comprehensive feature set, while allowing maximum flexibility in configuration
and deployment.
GateD's Layer 2 protocol suite excels at speeding time-to-market. By modifying
a few constants in a single, convenient header file, developers can easily
optimize memory consumption and match software to hardware functionality.
Combined with one of Green Hills' out-of-the-box ports available on a number
of reference designs from major merchant switch vendors, an OEM can enter
QA with a fully-featured, stable switch in a matter of days.
For more advanced functionality, the GateD Hardware Abstraction Layer (HAL)
can be populated with driver-specific calls to make use of advanced features
in custom silicon, and is fully integrated with the Green Hills carrier
grade routing stack, resulting in record time-to-market for metro and core
Ethernet switches and routers.
The comprehensive feature set supports equipment requirements spanning
from simple bridging and switching, to advanced VLAN and prioritization
support for voice, video, and data triple plays.
|
| Advanced
Management Interface (AMI) |
|
The GateD Advanced Management Interface (AMI) comes standard with a license
of GateD and consists of two distinct components:
- an API that provides direct access to all configurable options across
all portions of the code, allowing highly scalable, incremental configurations
- an Agent designed for easy integration with any messaging system
available on the control plane OS
AMI's simple, consistent API dramatically improves speed of integration
with any user interface, providing substantial savings in time to market.
When used in conjunction with the AMI Agent, the management plane can
be off-loaded to a separate processor, or even an entirely different
card, removing management overhead from the control plane and improving
efficiency. When combined with Green Hills CLI module, dozens of engineering
years can be saved.
One of the most time-consuming challenges facing equipment manufacturers
today is the integration of management across their various subsystems.
Green Hills has two ways to help you solve this problem. Green Hills
GateD CLI module lets you start working with the code as soon as you
receive it. And the CLI can easily be extended to manage the rest of
the system. AMI provides a simple, consistent interface for integration
with the management plane.
Additionally, the AMI Agent allows communication with a remote management
plane. The AMI Agent is easily ported to a variety of messaging systems.
It provides a common point for integration with your existing CLIs, Web
UI, or out-of-band management tools. For network management, an SNMP suite with MIBs for Layer 2 and Layer 3 is available. The SNMP suite contains a SNMP manager, an SNMP Master-Agent, and sub-agent
interfaces to MIBs. The SNMP agent is part of the common management functionality
shared by routing and switching protocols. Once the SNMP service
is configured, no further work is needed when additional protocols are
added.
When it comes to logging, debugging, and error reporting, the Advanced
Management Interface allows in-depth debugging information to be routed
to the CLI or log files, giving the developers direct access to the run-time
state. The developer can query information on the state of the routing
tables, interfaces, or individual protocols. Additionally, the protocols
share common tracing and logging functions that keep track of events
with a configurable level of verbosity. The output of this information
can be sent to just about any destination, whether it is to a file in
memory or on disk, to a syslog mechanism, or to the console or some other
output device as a stream.
|
| Command
Line Interface (CLI) |
|
The GateD CLI module, which comes standard with a license of GateD, allows
network equipment manufacturers to develop and deploy new network devices
and network equipment at unprecedented speeds by removing the largest
obstacle to deploying carrier-class control plane software—the
development and integration of a complete management solution.
For years now, GateD has saved network equipment manufacturers millions
of dollars in development costs and tremendously reduced time-to-market
for new products with state-of-the-art control plane software. With the
GateD CLI module, Green Hills takes these savings to the next level.
The GateD CLI provides unprecedented functionality and ease of integration
and solves the most difficult technical challenges in control-plane user
interface design.
|
| Secure
Guest Operating System Virtualization |
|
Network equipment manufacturers face growing challenges to deliver more
application services to the user but do it in a way that does not impact
security or system availability. They are also challenged with ways to
enable their customers to incorporate their own value-added applications
separate from the core device routing and switching services without
compromising the integrity of such services.
Now with INTEGRITY Secure Virtualization Technology, customers can run
guest operating systems and their associated guest applications in secure,
separate partitioned virtual machines where such execution is contained
in a manner that compromise or failures of the guest OS or its application
will not affect any other part of the system.
This unique approach is independent of the end device's target processor
type or number of cores—from single core Power Architecture to
multi core Intel IA—and provides maximum architecture design flexibility
while increasing system availability.
You no longer need to deliver separate platforms to perform a mix of
routing, switching and application services. With Green Hills secure
virtualization, next generation network designs can consolidate these
functions on one platform while assuring independent execution, separation
and containment of each function.
|
| Expert
Services
|
|
Expanding on its unique position in the industry by delivering comprehensive
software solutions for secure networking, Green Hills offers a full range
of professional services covering complete networking system design,
integration, debug, optimization, customization, test and validation,
training, and enhanced product support.
These services take into account all aspects of the complete solution
Green Hills offers—covering the INTEGRITY operating system, GHNet
networking stack, and GateD routing and switching. By taking advantage
of these services, customers can deliver higher quality products in a
shorter time to market and at a lower cost to develop and deploy.
Professional services are delivered by highly experienced networking
professionals and include the following:
Design Consulting Service
Green Hills offers consulting services for customers on network
architecture, networking security, software design and hardware design--
helping customers optimize designs and reduce initial architecture challenges
while mitigate schedule risk.
Product Enhancement Service
Green Hills can fast track networking protocol enhancements
or modifications to help customers keep their product release schedules
on track while delivering the required next generation protocol support.
Product Integration Service
Green Hills offers a wide range of product integration services
from support for a unique switch vendors networking reference platform
to complete software integration on customers end platform and can range
from basic Layer 2 switching or Layer 3 routing to complete single switch
OEM solution integration.
Testing, Validation, and Verification Services
Green Hills offers complete conformance, performance, interoperability,
and optimization on the customers end hardware platform by utilizing
our internal suite of test suites in conjunction with ANVL and Spirent
test platforms. These services allow the customer to expedite the availability
of a fully qualified networking solution configured and tested to your
required specifications and running only the set of protocols required
on your end target hardware.
Enhanced Support
Green Hills offers enhanced support services that can be customized to
meet support levels or responsiveness beyond Green Hills standard maintenance
and support terms. Examples of this type of support would be priority
development in a customer code branch, priority bug fixes, custom product
releases, dedicated point of contact and on-site support.
Training
Green Hills has a comprehensive training offering for its GateD routing
and switching products built of the foundational aspects of the secure
INTEGRITY operating system and the GHNet routing stack. We work with
the customer to tailor the content of the training to make sure that
the specific needs of such training will be covered in the training
material delivery.
|
RSS
A common management API across all GateD products
Providing
pre-integrated, pre-developed configuration and management functionality
Integrate
guest operating systems while increasing system availability