Middleboxes are both crucial to today's networks and ubiquitous, but embed knowledge of today's protocols and applications to the detriment of those of tomorrow, making the network harder to evolve. While virtualization technologies like Xen have been around for a long time, it is only in recent years that they have started to be targeted as viable systems for implementing middlebox processing (e.g., firewalls, NATs). Can they provide this functionality while yielding the high performance expected from hardware-based middlebox offerings? In this talk Joao Martins will introduce ClickOS, a tiny, MiniOS-based virtual machine tailored for network processing. In addition to the vm itself, this talk will hopefully help to clarify where some of the bottlenecks in Xen's network I/O pipe are, and describe performance improvements done to the entire system. Finally, Joao Martins will discuss an evaluation showing that ClickOS can be instantiated in 30 msecs, can process traffic at 10Gb/s for almost all packet sizes, introduces delay of only 40 microseconds and can run middleboxes at rates of 5 Mp/s. The audience is anyone interested in improving the network performance of Xen, including improvements to the MiniOS and Linux netfront drivers. In addition, the talk should interest people working towards running large numbers of small virtual machines for network processing, as well as those involved with the recent network function virtualization trend