Embedding/integrating multi-core packet processors with DPI becomes more competitive as we now have 3 offering: Cavium (here) and Netronome (here) as well as NetLogic recently announced "..XLP316S multi-core, multi-threaded processor which integrates best-in-class NETL7™ Layer 7 knowledge-based processor technology. This highly integrated processor that combines NetLogic Microsystems’ industry-leading XLP™ multi-core processing and NETL7 knowledge-based processing technologies is ideal for next-generation network security appliances, deep-packet inspection (DPI) gateways, intrusion prevention systems (IPS) and anti-malware gateways".
See "NetLogic Microsystems Introduces Best-in-Class XLP™ Multi-Core Security Processor with Integrated NETL7™ Knowledge-based Processor" - here.
"The XLP316S .. is targeted to offer unparalleled performance of 20Gbps and 30 million packets-per-second (Mpps) .. The NETL7 knowledge-based processing technology features the Intelligent Finite Automaton (IFA) architecture which .. natively performs stateful cross-packet inspection in hardware. Furthermore, it integrates on-chip memory to provide ultra-low latency access to on-chip signature databases, allowing the processors to accelerate complex and iterative content inspection while eliminating the need to provision for the high-latency and costly off-chip memory that are required by competing solutions".
For comparison - Cavium claims for 40Gbps and Netronome for 100Gbps performance. Not sure if all claims are made on equal basis and assumptions ..
Chris O’Reilly (picture), VP of marketing at NetLogic Microsystems said “..As the industry’s only quad-issue, quad-threaded processor with integrated layer 7 knowledge-based processing technology, our XLP316S processor is uniquely suited to address the growing market for Layers 2 - 7 security processing in enterprise, small-and-midsize business (SMB) and carrier-class networks".
I'd definitely choose Netronome over Cavium.
ReplyDelete