Affirmed Networks adds WiFi gateways to Virtual EPC portfolio

Virtualised ePDG and TWAG functions taps Intel to include carrier grade IPSec encryption in software.

Virtualisation specialist Affirmed Networks has added WiFi gateways – including IPSec encryption – to its portfolio of virtualised core functions. The company said that the addition is designed to meet demands from licenced-spectrum mobile operators, MVNOs and WiFi-first providers for the ability to provide Voice over WiFi services.

The vendor already has two commercial deployments for its WiFi solution and 12 current trials, but is making its first public announcement on the technology.

Affirmed markets a range of EPC functions “collapsed” as software modules that can operate on virtualised  COTS hardware.

ePDG Affirmed

The ePDG (credit: Affirmed Networks)

The launch of the Trusted WLAN Access Gateway/Proxy (TWAG/TWAP) and evolved Packet Data Gateway (ePDG) also includes IPSec encryption enabled in software. (The ePDG is based on Intel Xeon processors with DPDK processor drivers.)

Angela Whiteford, VP Marketing and Product Development, said that had been achieved by making use of new technology from Intel, including its AES (Advanced Encryption Structure) New Instructions and Multi-Buffer Crypto for IPsec Library.

The solution also takes advantage of Intel’s PCI Card to support IPSec processing, as HP’s C7000 blade system does not support a PCI Card to do the IPSec co-processing.

“There’s no product today to do carrier grade IPSec encryption in software,” Whiteford said, “You have needed hardware, either purpose-built or using hardware acceleration. We were fortunate that Intel came out with its software technology – we took a look at that and saw we could take advantage of its integrated library in our application. We were really impressed by the performance we were able to achieve: to scale up into the multi-million tunnel level in terms of tunnels we can support, all in software.”

The packet forward architecture of the EPC has worked very well. We go into bake-offs all the time and perform on those chipsets.

vEPC Affirmed

The “Mobile Content Cloud” (credit: Affirmed Networks)

Whiteford said that the company had proved before that its virtualised MME, gateway (GGSN/SGW), Policy (PECF) and GiLAN Services products could achieve the same performance as legacy hardware. “The packet forward architecture of the EPC has worked very well,” she said. “We go into bake-offs all the time and perform on those chipsets.”

Whiteford said that the WiFi product will benefit from Affirmed’s “Mobile Content Cloud” architecture, which “collapses” functions onto a common architecture and software image, and provides common internal interfaces – Affirmed calls it Open Workflow – between the elements. That enables Service Chaining capabilities across the virtualised packet core, which for WiFi could mean the ability to functions such as add policy enforcement into WiFi sessions, allowing operators to easily handle services such as WiFi-cellular voice roaming and data offload.