Introduction

At its simplest level OpteQ iQ is a set of functional software modules, hosted and managed by an umbrella module, and running on a hardware platform, which are focused on network security, performance, and management.
This simple definition, while accurate, looses sight of the uniqueness of the Opteq product range and the reason why we have used the term iQ to name the product. In order to highlight and fully appreciate this we need to look at the product from a number of different viewpoints.

System View

The first viewpoint is what the product is in terms of a system. According to systems theory all systems can be viewed as a network or mesh of relationships between objects or components which themselves can be systems or networks. Further when we look at a component or section of a system we can only ever see an approximation of what it is because when the component is part of a broader system then new properties and capabilities emerge which are not present when the component is viewed alone. Using this theory we can then look at the approximations or components and then at the system or emergent properties to fully understand the entire product.

Product ComponentsAll components are selected by Opteq in a similar way. When a need is identified it is carefully researched and defined by a team of highly qualified and experienced technology, network, and business specialists. The entire world is searched for the best available technologies and/or products to address the need. A solution is identified and the component is either purchased, licensed or developed. It is then continuously measured and monitored to ensure that it stays up to date with technology and quality.

1. Hardware. The hardware platform is considered to be the most important component of the system. There would be no point in having the best of breed software if it could not perform at its best due to inferior hardware. It is also often positioned in critical networks and has to be very reliable indeed. Every component is selected for quality, reliability, and compatibility in addition to being the best available technology. It is then assembled and tested in San Jose, USA to achieve the standards of performance and reliability that is required. Even when high level assembly is moved to a local area for a quicker time to market the components are still routed through San Jose for quality control before being sent to the local assembly plant. Every motherboard has similar minimum performance specifications. At the very least the processor, LAN cards, and the disks have separate high performance channels directly to main memory in order to guarantee a minimum of 1Gbps total system throughput. For enhanced reliability and management every system has hardware level monitoring of power, temperature, and fan speeds. Please review the brochures and data sheets on specific models for full details and specifications.

2. Umbrella or foundation module (Singular IQ). Singular IQ is itself a set of carefully selected components. All of which are designed to support the hardware and the functional modules in the best possible way. The core component is a high performance, highly reliable Unix operating system which is multi-tasking and symmetrical multiprocessor capable. Due to licensing, reliability, and performance Linux is not currently used in any Opteq product. The next layer of components is a set of tools and utilities which enable the management and full utilization of the platform. The final layer is common components that can be used in a consistent way by all modules such as the SQL server and the web server. Please review the brochure and data sheet on Singular IQ for full details and specifications.

3. Functional Modules. These software modules all operate on network traffic that is flowing through or to the Opteq unit in order to fulfill a specific requirement or defined need in a consistent way. The foundation module, Singular iQ, manages the flow of packets based on which modules are licensed and operating. Modules either receive pointers to packets in a set sequence (asynchronously) or they receive copies of packets if the module is able to process in parallel (synchronously) such as Monitor iQ.

These modules do not loose anything by being part of a larger system and in fact are always best of breed products in their own right.

Please review the module brochures and data sheets for full details and specification on each module.

System Properties. As mentioned earlier when we combine the components mentioned above into a system we get emergent properties. These are properties which emerge from or are enabled by the system itself. The whole becomes more than the sum of the parts. Some of these are –

1. Performance. A significant portion of the extra time needed to process packets on a network is reading then off the wire, transferring to memory, transferring from memory, and writing back to the wire. Opteq’s modules can all access the packet from the same memory space and can process the packet without incurring the overheads more than once. Significant savings can be made from the order in which packets are processed. It does not make sense, for example, to pass a packet through the bandwidth module if the firewall is going to drop the packet later or the compressor is going to halve the data size or virus scanning a downloaded object which has already been scanned and stored in a cache or spam and virus scanning an email for every recipient. This often happens when multiple units are performing different tasks.

2. Flexibility. The core design of multiple commonly managed modules passing packets sequentially amongst themselves allows a very flexible approach to clustering. All Opteq modules can be run together on one unit or separately on load balanced and redundant clusters. In addition it is a very simple procedure to start with a single module and then add other modules as they may be required as all units already host all modules. A simple software license key is all that is required.

3. Asset Protection and scalability. It is never necessary to throw away an Opteq unit because of load increases or because upgrades become necessary. Units can simply be added and clustered to any extent.

4. Redundancy.

Due to the fact that all modules are designed to work together it is a simple matter to add a hot standby and mirrored unit and/or a load balanced and redundant cluster.

5. Ease of use and Training.

All modules have a consistent look and feel and all documentation and help are online via the core management interface. Once a module is learnt then the others are very much easier to learn and manage. The reduction of the number of units to a single one also makes the network management task simpler and easier.

6. Cost Savings.

If a chargeable module, such as a virus scanner, is required by more than one module we do not need the scanner twice so only one server license is required and the database only needs to be updated once.

It is never necessary to charge for per user licenses as all Opteq modules are server based licenses. Regardless of how many users happen to be going through an Opteq unit at the system level it always looks like a single user.

System Wide Properties

The Opteq iQ product also contains a Central iQ module which takes the theory to another level by bring unlimited units into a Centrally managed environment and therefore even more properties emerge. Central iQ, like all Opteq iQ modules, runs under the Singular iQ umbrella in order to bring you all the benefits mentioned above. This, of course, also means that you do not need a separate hardware platform just to run Central iQ like our competitors and it will run quite happily along with all our modules on the same platform. You can also run it separately as well. Once again the whole becomes more than the sum of the parts and some of the new properties are –

1. Simplified management and ease of use. The same user interface with exactly the same ruleset and option editors means that no extra training is required. All rulesets are managed and maintained in one place for all units. Units can be arranged in groups of similar types or hierarchies for ease of management. Group and server names can be customized. Common rules can be entered once for all units, a group, or a single unit and distributed to all effected units.

2. Risk reduction. All changes can be scheduled to be distributed according to change control procedures or at quite times when users are not effected.

3. Simplified Software Updates. All updates and patches can be automatically applied to all units or groups or single units in a scheduled and automated way.

4. Enhanced Management. All units can be monitored centrally and alerts sent to the system administrator.

5. Enhanced Security All changes and updates are logged centrally and can be viewed easily through the security reporter. User Names, Passwords, and security levels can be managed centrally.

6. Enhanced Reporting. Central iQ can access all logs and reports from all managed units and reported on centrally giving a system wide view rather than just a point view.

Functional View

The next viewpoint from which we can view Opteq iQ is a functional view or what it does or achieves. It has always been Opteq’s contention that the three aspects of a network - namely security, performance, and management are converging and should not be looked at as separate aspects alone. In fact it is our contention that it is not possible to completely separate these aspects at all and if they are then a substantial loss of functionality occurs. For these reasons we have our modules focused in a particular way but we never loose sight of the other functions and make sure that they are covered as well.