I asked more like from technical point of view. Is it something developed by open source community and imported into your own kernel branch or was it entirely developed in house to enhance performance for USFW apps. 

I think USFW is not just a modern VSX anymore because in R81, TLS1.3 support works only in user space which is another interesting topic to discuss 😀

Hi @HristoGrigorov 

In “Kernel Mode Firewall” KMFW, the maximum number of running cores is limited to 40 because of the Linux/Intel limitation of 2GB kernel memory,and because CoreXL architecture needs to load a large driver (~42MB) dozens of times (according to the CPU number, and up to 40 times). Newer platforms that contain more than 40 cores e.g., 23900 or open server are not fully utilized. The solution of the problem is a firewall in the user mode of the Linux operating system. USFW “User Space Firewall” or UMFW stands for “User Mode Firewall”, and it is based on proven VSX code. This mode was introduced in R80.10. According to SK the UMFW is enabled from R80.30 by default and is customized via the installation process. 

Curious why this is a relevant detail (whether we are using an existing Open Source implementation or wrote our own).

I'm assuming TLS1.3 related operations can only be done in userspace, which is what USFW is required for TLS1.3 inspection.
Like I said: USFW is going to be the default in future versions.

Because we expect you to contribute it to open source community as many other vendors do (eg. Microsoft, IBM, etc) ?