GOVERNMENT
Scaling IPS Performance To 10g And Beyond
- Written by: Webmaster
- Category: GOVERNMENT
At the recent Interop Tokyo event, Napatech successfully demonstrated that a standard server with 8 CPU cores can be used to build a full throughput 10 Gbps Intrusion Prevention System (IPS). Napatech has shown with this breakthrough that high-performance IPS products can be built using off-the-shelf components at lower cost, with less risk and faster time-to-market. More significantly, this demonstration shows that throughput performance can be scaled with the number of available CPU cores leading to even higher throughput possibilities.
"With Napatech network adapters, we can take full advantage of available CPU cores, which allows the solution to scale", according to Erik Norup, President, Napatech. "We can support up to 32 CPU cores, so throughput performance can be increased even higher, if more CPU cores are available. This provides predictable scalability in performance."
"There are several IPS products on the market, but few capable of analyzing at a sustained line-rate of 10 Gbps. Most of these products are based on expensive, customized hardware development", added Norup."By basing IPS products on standard PC servers and Napatech Intelligent Real-time Network Analysis adapters, IPS vendors can avoid the cost, time and risk related to hardware development while taking advantage of the volume pricing and annual improvement in performance of PC servers".
The Napatech demonstration at Interop Tokyo was based on Napatech's NT20E In-line network adapter and 8 instances of SNORT, an open source intrusion detection software application, equally distributed on 8 CPU cores in a standard PC server. Both HP and Dell servers have been used in the demonstration. Napatech achieved full 10 Gbps throughput (10 Gbps receive and 10 Gbps transmit) using real-world traffic. Napatech's new NT20E2 2x10 Gbps low-profile, PCI-Express Gen 2 network adapter was also demonstrated at the event.