Agilio OVS Firewall Software

Netronome Agilio SmartNICs and Agilio software track the features of standard OVS, which are continuously evolving and include server-based networking functions such as flexible match-action forwarding, connection tracking (Conntrack), network overlay control with tunneling protocols such as VXLAN and NVGRE, and fine-grained statistics and meters. These features enable functions such as L2/L3 forwarding, network virtualization, security, load balancing and analytics.

Agilio Firewall Software, combined with Agilio SmartNICs augments the Agilio OVS Software product to enable zero-trust stateful security while significantly improving server-based networking performance. Agilio Firewall restores valuable CPU cores by offloading Open vSwitch (OVS), and Linux Connection Tracking (Conntrack) to Netronome’s family of SmartNICs. Provisioning of the zero-trust security policies is enabled through standard OVS interfaces and related OpenStack security group support.

This gives users the ability to define more intelligent filtering policies, security group rules, access control lists, and stateful firewall applications. Agilio OVS Firewall offloads Conntrack from the kernel boosting security performance dramatically. Performing this connection tracking in the NFP, in addition to standard OVS match/action profiles, adds value by offloading and accelerating the enforcement of the most comprehensive policies, thereby eliminating the bottlenecks associated with implementation of zero-trust stateful security within a server.