5G Secure Access Services Edge (SASE)
Overview of Exium
Exium is an American full-stack cybersecurity and 5G clean networking pioneer helping organizations to connect and secure their teams, users, and mission-critical assets with ease, wherever they are.
Exium’s 5G Secure Access Services Edge (SASE) is built on an open, programmable, reliable, and software-driven Intelligent Cybersecurity Mesh™ that enables secure and private end-to-end connectivity and provides the ability to securely operate anywhere and anytime, regardless of the environment, even on underlying networks that may be compromised.
Robust overlay architecture provides the ability to securely operate globally over any underlying network (5G, WiFi, Fiber/ Cable, and satellites).
Exium Edge deployment on OpenNESS
Following diagram shows reference deployment for Exium’s Secure 5G Core/ MEC. In this deployment, control and management plane is deployed in the public cloud and user plane/ MEC deployed on OpenNESS Clusters.
OpenNESS building blocks
•Exium Edge application is deployed on three of the OpenNESS deployments flavors. Deployment is verified on CERA Core User Plane Flavor, Central Orchestrator Flavor and CERA Minimal Flavor.
Prerequisites (For deploying Exium Edge Application on OpenNESS)
Virtual machine(s) or bare metal server(s) with the following minimum hardware resources: 16 vCPUs, 32 GB RAM, 64GB SSD, 100GB HDD for Boot disk. The server also requires Kubernetes based OpenNESS 20.09 or later cluster. Please refer to user guide for more details.
Bootstrap package with License is needed to start installation. Please connect with Exium to receive this bootstrap package
Please Refer to user guide for Server
The xe-cnf is available in the open-ness/edgeapps repository. To obtain it, just clone the repo.
$ git clone https://github.com/open-ness/edgeapps
Then, into applications/xe-cnf folder there is helm chart folder for installing it.Please install bootstrap package received from Exium before you proceed with installation
For Exium Edge configuration Edit and save config.sh file.
nwu_ip='x.x.x.x' ### IP address for NWU interface
nwu_mask='29' ### Network mask for NWU interface in CIDR format
nwu_pci_addr='aaaa:bb:cc.d' ### PCI addrees, get by cmd: grep PCI_SLOT_NAME /sys/class/net/<interface name>/device/uevent
nwu_gw_ip='y.y.y.y' ### gateway ip for NWU interface
n6_ip='z.z.z.z' ### IP address for N6 interface
n6_mask='29' ### Network mask for N6 interface in CIDR format
n6_pci_addr='aaaa:bb:cc:dd' ### PCI addrees, get by cmd: grep PCI_SLOT_NAME /sys/class/net/<interface name>/device/uevent
n6_gw_ip='a.b.c.d' ### gateway ip for n6 interface
Please Refer to user guide for addition instructions for installation and configuration of OpenNESS.
Install the Chart
Execute following command for installation:
# sh setup.sh
This will install the Istio 1.9.5 with ["Istio core" "Istiod" "CNI" "Ingress gateways"] components into the cluster.
Proceed? (y/N) y
✔ Istio core installed
✔ Istiod installed
✔ CNI installed
✔ Ingress gateways installed
✔ Installation complete
Please provide ‘y’ as input when asked as highlighted above. Above steps will complete the deployment procedure and the xE shall be ready for service.
This completes the xE CNF installation and deployment.
Execute following command for uninstallation:
# sh uninstall.sh
release "n3iwf-eap5g" uninstalled
release "n3iwf-n2ctxt" uninstalled
release "n3iwf-sess" uninstalled
release "upf-n4fe" uninstalled
release "upf-sess" uninstalled
namespace "production" deleted
namespace "exopsagent" deleted
namespace "istio-system" deleted
Where to Purchase
Optimized for Intel® Smart Edge
Exium xEdge (xe-cnf)
Retrieve Container Images and Helm Charts
Helm Charts: https://github.com/open-ness/edgeapps/tree/master/applications/xe-cnf
Pre-load Docker Images on Nodes
Please refer to user guide for script to pre-load docker images