General Micro Systems, Inc. (GMS) announced the S1U401-MD “Cyclone,” a 1U rackmount, multi-domain server and multi-port Ethernet switch/router based on the Intel® Xeon® E5 server CPU. Designed for lowest price, space efficiency and ultimate battlefield network security, the product is a rugged packaging marvel.
Each of the two isolated domains (Red/Black) in S1U401-MD boasts six times the functionality of traditional imported motherboard-based blade-servers—making the 1U Cyclone a twelve-time improvement over traditional systems. Equally important is the 100 percent USA design and manufacturing, removing risk and doubt about foreign-sourced server motherboards.
Isolating Red and Black network domains to ensure security or designing for redundancy is normally accomplished by at least two chassis: one full depth box for each Red and each Black network domain. S1U401-MD adds more, however: 1) two physically separate servers with extreme speed PCIe Gen 3 backbones; 2) two separate Ethernet multi-port switches with 1/10/40 Gigabit Ethernet (GbE) ports on separate secure subnets; 3) two separate optional routers; 4) eight encrypted RAID-ready removable Gen 3 speed NAS drives; 5) two add-in PCIe expansion slots for encryption or GPGPU processing; and 6) up to eight add-in sites for military I/O such as MIL-STD-1553 or CANbus.
The S1U401-MD’s six functions per domain are ideal for the Army’s multi-domain battlefield and command networks; for the Navy’s and Marines’ shipboard op centers and command/control; and for the Air Force’s airborne C4ISR platforms because Cyclone is available in rugged 110/220 VAC or 28 VDC voltage versions.
“This incredible multi-domain product is the result of nearly 40 years’ experience in designing ultra-compact computer boards and systems,” said Ben Sharfi, CEO, General Micro Systems. “Only GMS could do a 6:1 space reduction per domain in a 1U high chassis while pricing it for less than others can provide for the server function alone.” Of course, S1U401-MD doesn’t compromise on security or ruggedness. “Cyclone’s density is unheard of, which is why we designed our own motherboard that’s one-quarter the size of something from Supermicro,” Sharfi said. “No one else could accomplish all this security, functionality, performance and ruggedness in only 1U.”
CPU/RAM/Power
Each S1U401-MD has two domains—one for Red networking and one for Black networking. Each domain has up to an 18-core Intel Xeon E5 server-class CPU and can be powered via 110/220 VAC or 28VDC per MIL-STD-1275. Each domain’s CPU can support 36 virtual machines, or a whopping 72 VMs for the entire S1U401-MD system in 1U space. There is up to 512 GB of error-correcting DDR4 at 2133MTS per CPU domain—enough memory for complex database operations, routing tables, or enterprise-class processing on the rugged battlefield. Cyclone utilizes all the processor’s available 40x PCIe Gen 3 lanes at 8 Gbits/s to communicate with the drives, networking and I/O in each domain.
Storage
Cyclone has four front panel removable drives per domain (eight total drives), and each SAS/SATA/NVMe drive is accessed at the industry’s fastest Gen 3 speeds via SATA III, SNew LinkAS-3 or PCIe Gen 3. Drives can be encrypted for ultimate security, and they function as network-attached storage (NAS). At 12 TB/drive, S1U401-MD has an impressive 96 TB of total storage. Cyclone supports RAID 0, 1, 5, 10, and 50 via software or the onboard encrypting hardware RAID controller. On-the-fly encryption to/from the drives is unique and essential for secure Red/Black networks. Low latency NVMe drives use PCIe Gen 3 and can be 50 percent faster due to the direct CPU-to-drive PCIe connection, making Cyclone an ideal server/NAS/router or battlefield SIGINT data recorder.
Multi-Domain Networking
Each of the two high-assurance isolated domains (Red/Black) shares no resources, not even the power supply, and starts with one 1GbE and two 10GbE ports for lowest cost. A fully equipped system adds (per domain) two 40GbE fiber ports and twelve additional secure 1GbE ports, each with their own subnet mask—giving the entire S1U401-MD a total of 26x 1GbE, 4x 10GbE and 4x 40GbE ports. This security architecture is unique and provides each LAN port its own subnet mask to avoid data crossover between the ports except at the CPU itself. Enterprise-class software routers from Cisco® (1000V™ Series Cloud Services Router (CSR)) and Juniper® are available. Each domain supports power-over-Ethernet (POE+), supplying up to 150 W (total) to directly power remote nodes such as sensors and to simplify wiring.
Other I/O
Additional standard I/O for each domain includes four USB 3.0 ports, one 1GbE Ethernet, and a DVI-I port for a user console interface. S1U401-MD can also interface to legacy defense systems as well as communicate with all manner of sensors by adding I/O such as MIL-STD-1553, CANbus, or Serial Ports, using two SAM I/O™ (PCIe-Mini) sites. There is also a PCIe add-in slot that can accept any industry-standard low-profile PCIe Gen 3 card such as GPU, GPGPU or hardware RAID controller. S1U401-MD’s architecture is U.S. Army VICTORY conformant.
Besides the Red/Black separation, a zeroize function (“panic”-initiated) is available to securely erase all non-volatile storage in each domain—a non-trivial feature designed to avoid a repeat of the US/China Hainan Island incident. As well, GMS owns the BIOS, which offers users assurance against malware and rootkits, plus allows modification for special security functions such as Anti-Tamper/Intruder Alert. There’s a TPM 2.0 for root of trust and to verify crypto keys. An optional BMC Management Module provides out-of-band management via LAN.
Application Examples
As cyber-security threats grow, the Department of Defense and service branches are hardening worldwide networks by separating secure from insecure through Red/Black isolation and Multiple Independent Levels of Security (MILS). With a Red side and a Black side, S1U401-MD’s low weight and small size make it deployable on many ground, air, and shipboard platforms. S1U401-MD is also ideal for enterprise/cloud data centers or server rooms where the 12:1 size/weight/power reduction is a smart upgrade by combining all the server/switch/router/NAS/Input-Output into one domain, and by combining two domains into only a 1U shelf. Two S1U401-MD boxes can even be mounted back-to-back in a deep 1U shelf.
• For more information regarding GMS products, please visit: www.gms4sbc.com
• Additional S1U401-MD press materials can be found at:
http://www.gms4sbc.com/press/S1U401-MD/S1U401-MD_datasheet
• High resolution product photos available at: http://www.gms4sbc.com/press/S1U401-MD/
• Reader Service Contact: Jonathan Malaney 772-266-4015 ext. 402, jmalaney@gmseast.com
GMS will showcase the new system at the Association of the United States Army (AUSA) annual meeting in Washington D.C., Oct. 9–11, 2017.
Come see us at AUSA booth #7249 upstairs in Halls D and E.
Learn more about General Micro Systems