The reference design which will be available to OEMs, is an x86 compute node PCIe card that combines an Intel Atom processor, Intel Ethernet E810 network interface, and up to 32GB of memory.
According to Intel, the NetSec Accelerator is designed to enable a "secure access service edge (SASE) model, a combination of software-defined security and wide-area network (WAN) functions implemented as a cloud-native service". This includes cloud access security broker (CASB), secure web gateway (SWG), data loss prevention (DLP), and firewall capabilities.
While these features usually run on a standard server as virtualized or containerized services, the Intel NetSec Accelerator offers an alternative approach by reducing the infrastructure footprint and putting a network security server on a PCIe plug-in card.
Intel also says that this will allow developers to run existing security software (developed for Intel-based systems) "straight out of the box". On the other hand, host servers usually have multiple PCIe slots, so running a NetSec Accelerator for SASE service on the same server definitely makes things easy.
Intel won't launch the device but rather offer it to OEMs as a reference design so it will be interesting to see which of those OEMs will come up with such an offer, and Intel is saying that F5 and Silicom might be the first vendors to come to market.
"This reference design enables a PCIe add-in card to deliver the capabilities of a server within a small, power-efficient package. Vendors can integrate SASE functions in this card to maximize the capabilities of their server infrastructure at the edge," said Intel VP for the Network & Edge Bob Ghaffari in a blog post.