OpenGate: Towards an open network services gateway

In this paper, we propose an extensible open network services gateway (OpenGate) for high-performance network processing at the edge of high-speed networks. The OpenGate system embraces recent advances of open network technologies: the performance is guaranteed by using open-standard ATCA platforms; and the extensibility is achieved by employing parallelized open source software. As an application example of OpenGate, a high-performance security gateway, OpenGate-SG, was developed using existing ATCA platforms and open source software. This system provides multiple security services, including stateful firewall, intrusion prevention and anti-virus. Experimental results show that, OpenGate-SG can achieve up to 200 Gbps stateful firewall throughput with 8 Gbps intrusion prevention and anti-virus, which is competitive to the performance of today’s high-end security products. OpenGate-SG has also been tested as a security gateway for a university campus network with more than 1000 students.