A wire-speed Gigabit Ethernet Network Intrusion Detection and Prevention System that supports open-source network security and monitoring applications is claimed to be a 'world first'.
Metanetworks Technologies, a leading provider of high-speed network security and monitoring hardware, announces its MTP-1G - the world's first wire-speed Gigabit Ethernet Network Intrusion Detection and Prevention System (IDPS) specifically designed to support open-source network security and monitoring applications. The MTP-1G uses Metanetworks' Meta Traffic Processor (MTP), a unique network processor that was partially developed using research grants from the National Science Foundation and the US Air Force Rome Laboratories. The MTP is specifically designed to exploit massive, fine-grain, instruction-level parallelism, which is intrinsic to IDPS processing loads.
Livio Ricciulli, Metanetworks Technologies' chief scientist, states that: 'our MTP cards offer the lowest IPS filtering latency in the world because of our breakthrough processing architecture.' Metanetworks' MTP-1G cards routinely pass Gigabit Ethernet traffic between its two ports with 400ns latency while performing wire-speed, stateful, packet inspection.
When determining whether to capture or block packets, the cards can apply up to 1500 wire-speed stateful policies per packet.
When the MTP-1G captures packets, it presents them to the operating system as a standard NIC in promiscuous mode.
The MTP-1G cards support existing, open-source network security and monitoring applications.
They accomplish this by specifying capture and filtering policies using public-domain IDS signatures or standard network monitoring libraries.
Metanetworks‚ MTP technology also provides developers a rich API for creating custom network security and monitoring applications.
Because the MTP-1G cards interface with the host operating system as standard NICs, they can seamlessly run a variety of standard application software at much faster speeds.
For example, open-source Snort IDS software can monitor a few hundred megabits of traffic with a standard NIC.
With the MTP-1G card, Snort can monitor a full gigabit of traffic without modification.
The MTP-1G cards are also compatible with other popular libpcap-based network monitoring applications such as tcpdump.
The University of California, Santa Cruz (UCSC) presented the impressive capabilities of the MTP-1G PCI cards at the North American Network Operators‚ Group (NANOG) Conference (held on January 30th to February 1st) in Las Vegas, Nevada.
UCSC integrated a Metanetworks MTP into one of its production networks and has confirmed that it greatly enhanced their existing IDS capabilities.
'The MTP enables a whole range of open source security applications that were not possible before,' says Paul Tartarsky, the UCSC consultant network security engineer in charge of integrating the MTP-1G.
'As far as I can tell, the MTP has eliminated a huge roadblock to developing high performance IDPS applications at a low cost.' * About NANOG - NANOG is an educational and operational forum that coordinates and disseminates technical information related to backbone and enterprise networking technologies and operational practices.
Conference participants typically include senior engineering staff from tier-one and tier-two ISPs.
* About Metanetworks Technologies - Metanetworks Technologies is a spin-off of Metanetworks, in the USA, a leading-edge, award-winning networking security innovator since 1999.
Metanetworks Technologies develops and commercializes advanced hardware-based, network-security processing systems for the open source market.
Metanetworks Technologies is located in Los Gatos, California in the heart of Silicon Valley.
No comments:
Post a Comment