Startup bets on packet inspection ASSP

Startup cPacket Networks Inc. is betting that a mix of deep packet inspection and packet header classification based on pattern-matching algorithms can justify a dedicated application-specific standard product for next-generation LAN switches and line cards. While some vendors of Ethernet switch chips are adding packet inspection at Layers 4 through 7, few can claim to combine that capability with the pattern matching usually found in CAM-based search engines.

CEO Rony Kay does not hide the fact that when he founded cPacket in 2003, it was tough to find investors or potential customers. Traditional network processor architectures had failed to catch fire, and claims of wire-speed content analysis were met with skepticism.

Now that several OEMs have had a chance to see prototypes of the cPacket chip, the company is taking more serious inquiries. In the postrecession period in the networking industry, Kay said, leading network equipment vendors have truncated or eliminated internal ASIC teams, so system designers are more willing to consider ASSPs for packet inspection.

The cPacket Complete Packet Inspection (CPI) processor is based on a pipelined array of very long instruction word (VLIW) elements called the cFabric, which is accessed by an on-chip packet manager and controlled by a configuration and provisioning engine.

The first generation of CPI supports wire-speed packet analysis at simplex 20 Gbits/second or full-duplex 10 Gbits/s. While the chip is optimized for 1- and 10-Gbit Ethernet, the VLIW arrays can scale to support 40- and 100-Gbit/s networks.

Real-time algorithm
Packet provisioning and classification are performed on the basis of templates. Designers at cPacket hope to make future generations of the chip adaptive, in terms of self-adjusting templates and filtering on the basis of packet histories. The detailed seven-layer packet analysis is performed with the aid of a real-time analytical algorithm implemented in hardware. The design uses no cache hierarchies and no shared memories.

To demonstrate early 1-Gbit capabilities of its chip, cPacket designed a system called cVu 1000. At next month's Interop conference, it will show a second-generation cPacket 20G packet inspection system.

The small hardware appliance is intended primarily as a reference design, although Kay said cPacket would consider direct supply of the appliance to ODMs in certain circumstances.

By integrating the chip directly into enterprise switches, cPacket can demonstrate the expansion of such switches into duties such as lawful intercept and real-time monitoring. As architectures such as the Broadcom StrataXGS add analytical blocks like ContentAware, cPacket could run into competition from the switch chip itself, though Kay insists the additional capabilities of header classification cannot be realized in commercial silicon from competitors.

Bob Wheeler, networking and communication processor analyst at The Linley Group, said cPacket faces a challenge in a realm where Layer 4-7 application processor startups have gone under. The company only has angel funding and one undisclosed strategic investor. Unless a couple of large OEMs sign up for the processor very quickly, Wheeler said, cPacket may be limited to either hoping for an acquisition from a broader silicon vendor or licensing its intellectual property for others to produce.

"The obvious problem is that the features being targeted are precisely those being integrated into the next generation of Ethernet switch chips from companies like Broadcom," Wheeler said.

The utility of the CPI processor may depend on the type of interfaces used in a production version of the chip and the array size of the VLIW elements, Wheeler said. Currently, with an undisclosed array size in the test chip, it is unclear whether the search space could expand economically for applications such as antivirus and intrusion detection.

With architectures like those from Tarari Inc., database searches can be expanded using commodity DDR2 SDRAM, Wheeler said, while the cPacket architecture may not be as easy and cheap to expand.

"When you look at the effort spent in developing a packet inspection system, you wonder why they did not choose to go to market with a system-level product," Wheeler added.