ETX-1p & SF-1p

Tzachi Sadi
Introduction

Proprietary and Confidential 7

 ETX-1p and SecFlow-1p Positioning

• ETX-1p is positioned as a cost optimized branch router with

automation and virtualization, enabling business customers’
transition to the cloud. ETX-1p enables service provides to
deliver advanced IP-VPN services, as well as value added virtual
services from their edge data centers to the customer branch.
Container support enables service providers further flexibility to
enhance functionality in the edge. SF-1p

• Being the “ruggedized brother” of ETX-1p, SecFlow-1p is

positioned as a cost optimized IOT GW with automation and
virtualization. Both run on vCPE-OS, can host containers, and
are based on same HW platform. However, SecFlow-1p also
provides low speed/serial user interfaces and IO contacts,
typically required for IIoT backhaul applications.
ETX-1p

Proprietary and Confidential 8

 vCPE-OS 5.0
From release 5.0, vCPE-OS support uCPEs and pCPEs deployments

vCPE-OS/U vCPE-OS/P
Universal CPE Branch Router for IP VPN services Ruggedized IOT gateway
With NFVI for VNF Service Chaining

ETX-2v/X86 4 – 16 Cores ETX-2v/X86 2 Cores ETX-1p/ARM SF-1p/ARM

Common Features – Common Operation – Common Management

Proprietary and Confidential 9
 ETX-1p & SF-1p

HW and OS Specs

Proprietary and Confidential 10

 ETX-1p Hardware
• WAN: 1 x 1G SFP + 1 x 1G UTP Hosting 3rd party containers

• LAN: 4 x 1G Ethernet UTP

• 1 x RS232 console port
• CPU: ARM A53 64bit dual core with
1G RAM + 8G Storage
• Desktop 0 to 50C ; Plastic Enclosure
• HW ready for 5G modems
• Optional interfaces:
LTE Main WiFi Main WiFi 2nd 4 LAN UTP LTE 2nd
– 1-2 LTE modem
– 2 SIM cards
– Dual LTE modems
– GNNS: GPS, Galileo
– Wi-Fi 802.11b/g/n/ac Dual band
• Power: External AC PS
GPS SIM 1 & 2 WAN SFP WAN UTP Console LTE signal PWR
Proprietary and Confidential 11
 DIGIL Master Specifications
• ARM A53 1.2 GHz Dual Core Processor
• 2 GB RAM, 8 GB SSD storage
• 2 Serial ports: 2x RS-232 or RS-232 + 1 RS-485 LoRa Ant.
GPS
• WAN: SFP 2 x 1000FX Ethernet SFP
SFP LTE Main

• LAN: 4 x 10/100/1000BASE-T Ethernet UTPs SFP

• Console access: Telnet to highest LAN port # Console Access

4 UTP
• Dual modems 2x LTE or LTE+ LoRa GW
• 2 SIM card slots LTE Signal
1 RS232 + 1 RS485

• SD Card 1 port Max size: 32GB

LTE AUX

• GNNS: GPS, Galileo

Hosting 3rd party containers
• Power Consumption < 13W
for customized IIoT applications
• MTBF > 250Kh

Proprietary and Confidential 12

 vCPE-OS Main characteristic

• Linux based

• Based on python 3.8

• HW\SW disaggregation

• Microservice architecture

• Edge computing, Docker engine

• Separation and Isolation using containers and Linux users

Proprietary and Confidential 13

 ETX-1p & SF-1p

Feature highlights

Proprietary and Confidential 14

 Importance of Edge Computing
Support of Edge compute provides openness and flexibility needed for today's solutions

Distributed Applications

Data pre-processing and Filtering

Edge Analytics

Fast response when required

Consolidated workload

Dynamic Security Implementation

Fast & easy adoption of new SW technology

Proprietary and Confidential 15

 Cyber Security
• Security
- Secured software signature
- Zone Based Firewall
- IPsec with Internet Key Exchange (IKE) v1 and v2
- X.509 support for zero touch
- ACLs IPv4 and IPv6 filters
- Management access control filters
- User profile management, strict password policy
- User authentication locally, via RADIUS, TACACS+,
LDAP
- Simple Network Management Protocol (SNMP) v3
- Secure Shell v2 (SSHv2)
- WLAN security with WPA and WPA2
- Mac whitelist
- X.509 with SCEP
- 802.1x

Proprietary and Confidential 16

 Configuration & Management
• Configuration • SW upgrade
- Web-based interface using HTTPS or HTTP - Full SW upgrade
- CLI with password-protected access - SW patches
- REST - Security patches
- SW /patches/configuration files are signed and
• Protocols authenticated
- NETCONF server (v1.0/v1.1)/ YANG
- SNMP v2/v3 • Provisioning
- Telnet, SSH v2, HTTPS server, TFTP/SFTP - Day 0 configuration by factory
• Users - Day 1 configuration with ZTP
- User roles and privileges Minimal configuration to connect to the RAD
bootstrap server
• Monitoring and Diagnostics
- Syslog • Configuration setting including Rollback
- Traceroute, ping procedure
- Alarm and event logs

• DHCP Server
- IPv4, IP subnet pools support 256 addresses

Proprietary and Confidential 17

 Networking Features
• IP Addressing & Routing • IP VPNs
– IPv4 and IPv6 – IPsec, GRE
– Routing protocols: Static, OSPF v2, BGP v4 – IPsec Tunnel mode
– VRF (10) – IPsec encryption: AES 128-bit, 192-bit
– NAT/NAPT: static/dynamic, application pass-through or 256-bit key
– DHCP client, server, relay. IP helper addresses – IPsec ESP hashing: SHA-1, SHA-2 256
– DNS server and 512
– ACL and ACL logging – IKEv1 & IKEv2
– PBR - Policy-Based Routing – GREoIPsec

• IP Quality of Service • Integrated routing and bridging

– IP classification and priority (DiffServ) (IRB)
– Marking of DSCP, remarking – VLAN aware VLAN unaware
– Class-based queuing, SPQ, WFQ
– Shaping

Proprietary and Confidential 18

SF-1p LoRaWAN GW
• Semtech Packet forwarder
- The Semtech UDP Packet Forwarder is the original LoRaWAN packet
forwarder, connecting to servers through the Semtech UDP
protocol. It was built by Semtech, who still maintain it.
LNS 1
- Uplinks, statuses and downlinks are exchanged in a pseudo-JSON
format, through UDP, between the gateway and the network server.
- Easy to reproduce, for testing purposes or for bootstrapping.
LNS 2
• Chirpstack packet multiplexer
- The ChirpStack Packet Multiplexer utility forwards the Semtech
packet-forwarder UDP data to multiple endpoints. It makes it
possible to connect a single LoRa gateway to multiple networks. LNS 3

DIGIL Master

LNS 4

Proprietary and Confidential 19

 Web GUI
Introduction

Proprietary and Confidential 20

 WEB Examples: Login and Home Page

Web Login Page Web Home Page

Proprietary and Confidential 21

 WEB Examples: Router Interface Configuration

Proprietary and Confidential 22

 WEB Examples: IPSec Configuration

Proprietary and Confidential 23

 WEB Examples: Ipsec Crypto
Configuration

Proprietary and Confidential 24

 Use-Cases

Proprietary and Confidential 37

 ETX-1P: NG Router for IP VPNs
Disaggregation Backhaul Carrier Edge DC Clouds
• Disaggregation for lower CapEx:
Edge Computing or Business HQ OTT Services
HW/SW Mix & Match
Containers
VAS
• Automation for lower OpEx: Automate lifecycle
SASE management, SDN-control
IPsec Backup
• Virtualization for increased revenues:
ETX-1p IPsec
Gateway Host VMs & containers to upsell VAS
SME & IaaS
IOT Mobile • Wide range of target services with ruggedized
Broadband
SaaS and non-ruggedized hardware
ARM
HQ
VPN Private Cloud
Network

PE PE

Cost Optimized Business Branch Router with Automation & Virtualization

Proprietary and Confidential 38
 Industrial IoT Main Verticals

• Edge devices are

becoming smarter Power Utilities Smart Cities Connected Industry
(“Smart Factory/ Industry 4.0”)
• Smart Grid • Smart parking
• Automation is the • Re-closers • Traffic monitoring & control • Production floor monitoring
• Load breakers • Bike sharing • Remote PLC control
key for all verticals
• RTUs/SCADA • Smart lighting • Automated quality control
• Secondary substations • Public safety
• Accelerated cloud • Meter concentrators • Payment kiosks (PoS)
adoption and data
analytics

Transportation Gas Utilities Water Utilities

• Traffic control • Flow meters • Flow control
• Info boards • Volume/pressure/level sensors • Quality
• Kiosks • Leakage detection
• Pump/valve control
• Meter sensors

Proprietary and Confidential 39

SF-1p LoRaWAN GW
• Semtech Packet forwarder
- The Semtech UDP Packet Forwarder is the original LoRaWAN packet
forwarder, connecting to servers through the Semtech UDP
protocol. It was built by Semtech, who still maintain it.
LNS 1
- Uplinks, statuses and downlinks are exchanged in a pseudo-JSON
format, through UDP, between the gateway and the network server.
- Easy to reproduce, for testing purposes or for bootstrapping.
LNS 2
• Chirpstack packet multiplexer
- The ChirpStack Packet Multiplexer utility forwards the Semtech
packet-forwarder UDP data to multiple endpoints. It makes it
possible to connect a single LoRa gateway to multiple networks. LNS 3

DIGIL Master

LNS 4

Proprietary and Confidential 40

 Key Takeaway

Proprietary and Confidential 41

 ETX-1p/SF-1p – IOT Market Challengers

• Addresses next generation CE requirements

– Lower price per Mbit/s
– Disaggregated → HW Flexibility, SW Flexibility
– Hybrid Connectivity
• Fixed access + cellular (4G/5G) backup
• Cellular as primary (4G/5G) access
– Overlay, secured service technologies
– Support of Local Break-out to Internet
– Protected by Zone-based Stateful Firewall
– Automation (ZTP and monitoring)

Proprietary and Confidential 42

 Thank you
For your attention

Tzachi Sadi
Regional Sales Director
Africa & GCC

Proprietary and Confidential