Session 1: Security Technology Overview

Bob Wheeler, senior analyst at The Linley Group, will present an overview of security technologies (e.g., VPN, DoS, firewall, IDS/IPS, antivirus), where they are being deployed in the network, and the available merchant silicon for implementing these technologies.

Session 2: Locking Down the Network

This session, moderated by Bob Wheeler, examines technologies that improve the integrity of corporate or government networks beyond traditional VPN implementations.

FIPS 140-2 Compliance in Networking Equipment  
   Mike Scruggs, Staff Technical Marketing Engineer, Cavium Networks

Many networking applications in the banking and government sectors require FIPS 140-2 certified security. In this talk, OEMs will learn about the challenges of adding FIPS compliance to networking systems. Additionally, the presentation will describe FIPS 140-2's modular approach that pulls critical security features into a tight "security boundary", and will outline the features of Cavium's CN1000-NFB series of FIPS 140-2 modules.

Beyond the Suite B Protocols – The Revolution in Data Security
   Russell Dietz, CTO, Hifn

Developed by the U.S. National Security Agency (NSA), Suite B Cryptography builds on AES by specifying cryptographic algorithms for hashing, digital signatures, and key exchange. In this talk, Hifn will provide a primer on Suite B protocols and algorithms. The presentation will then discuss implementing higher assurance data security in embedded systems using Suite B.

MACsec: Protecting Your Network from the Ground Up
   Steve Singer, Systems Engineering Manager, SafeNet

While IPsec and SSL VPNs are ideal security solutions for addressing the remote-access requirements of mobile networking, the emergence of high-speed LAN/MANs coupled with several new data-security regulations has solidified demand for link-layer security. Today, MACsec is recognized as a solid way to not only protect the confidentiality and integrity of user traffic, but also to protect the network itself against attacks. In this talk, SafeNet will provide background information on MACsec technology and deployment, address best practices for building MACsec and IPsec into networking equipment, chips, and software, and will discuss its new software and IP-core offerings for MACsec.

Session 3: Pervasive and Scalable Content Inspection

This session, moderated by Bob Wheeler, will examine new silicon architectures that lower the cost of content inspection or deep-packet inspection, enabling broader integration of these functions.

The Current Network Security Model is a Fallacy  
   Rony Kay, President and CTO, cPacket Networks

Assuming perimeter defense and centralized appliances can solve all network-security problems is a fallacy. The increasing complexity of networks inhibits reliability and availability, necessitating comprehensive visibility and control at internal network nodes. Deployment at internal network nodes, however, requires high-speed, low power, and cost effective silicon, which is able to process every bit in every packet at full line rate under any stress conditions. In this talk, cPacket will discuss how its unique architecture and simple software model address embedding network visibility and response capabilities in switches and routers.

Coupling Content and Multicore Processors for Next-Generation Threats  
   Christine Severns, Distinguished Engineer and Security Architect, LSI

Today's networking security threats require a set of responses that can scale with network throughput and detect increasingly sophisticated attacks. Technologies such as content processing and line-rate inspection allow for the detection of threats, while the ability to deeply integrate security processing into devices allows the network to scale. LSI will discuss the Tarari Content Processor family of silicon and share solutions and design approaches that dramatically reduce the power and costs associated with deep packet inspection and embedded security while increasing performance.

1:30

Session 4: Processor Innovations for Embedded Security

This session, moderated by Linley Gwennap, examines the latest innovations in processors aimed at improving system security and security performance.

Integrated Crypto Capabilities in Network Processing Silicon
   Nabil Damouny, Director of Strategic Engineering, Netronome Systems

The Netronome NFP-3200 provides public-key and bulk encryption hardware to support a range of security applications. While these functions can be used in a “lookaside" manner, a distinguishing feature of the Netronome solution is the ability to include these security functions as part of the receive and transmit pipeline between the physical input port and the application without needing the involvement of the main application processor, even in complex multilevel security architectures (for example, IPSEC over 802.1ae). The presentation will detail the architecture and performance of these crypto capabilities using various example applications.

Meeting Security Design Challenges in Embedded Processing
   Chris Bergen, Director, Systems Engineering, AMCC

In this talk, AMCC will discuss the challenges of supporting security features, integration and implementation techniques for optimal performance, and software integration issues for embedded processors. The presentation will cover current standard security protocols as well as new or emerging standards for system or network security. Implementation examples using AMCC PowerPC 405 and 460 family processors will also be presented.

Designing an Integrated Services Router using a Multicore Processor
   Mike Hui, Senior Solutions Architect, Freescale

Network security generally refers to provisions made in the underlying network infrastructure to protect the systems attached to the network as well as the network itself. Integrated services routers are rapidly becoming the single most important network security device in many enterprises, particularly in small- and mid-sized offices.  In this talk, Freescale will discuss how the new breed of embedded processors with multiple general-purpose CPU cores and additional hardware accelerators promise to provide a scalable solution to the challenge of designing these routers.

Session 5: Future Directions for Network-Security Processing

This panel will discuss long-term concerns such as: What security functions must be implemented throughout the network? What silicon products will be needed to perform these functions? How much performance will be required? What are the alternative approaches to integration of multiple functions?

Moderator: Bob Wheeler, The Linley Group
Panelists: Mike Hui, Freescale; Christine Severns, LSI; Steve Singer, SafeNet; Rony Kay, cPacket; Russell Dietz, Hifn.

Reception with Exhibits and Raffle.

View the exhibits, network with the speakers, your colleagues, and our analysts while you nosh on some delicious food and drink. As a special bonus, we'll be giving away an Apple iPod as well as The Linley Group's new report, "A Guide to Security Processors and Accelerators." How can you go wrong?
(Must be present to win.)

Registration: You can either register online or download this form , complete it, and fax it to us at 1.650.745.1490.

Qualified attendees are eligible for free admission if registered by July 11. Registration for non-qualified attendees is $495 if received by that date. Registrations received after July 11, or at the door, will be $125 for qualified attendees and $595 for non-qualified attendees. We reserve the right to determine attendee qualification or to refuse admission to any person.

The seminar is intended for system designers, OEMs, network-equipment vendors, service providers, security-software vendors, press, and the financial community.

Information collected for this event will be shared with the sponsors paying for this seminar. This information will not be shared with companies other than the sponsors of this event.

Further questions?   Contact The Linley Group:
Phone: 1.800.413.2881 (toll free in US) or 1.408.281.1947 or email: customer service