Daniel Proch, Netronome
-
Integrating flow processors to scale cybersecurity to 40 Gbps and beyond, part 2
In part 1 of this article, we discussed specifically what flow processors were and how they differ greatly from cache-based general-purpose CPUs and network processors. We also described a heterogeneous flow processing architecture that utilizes multiple proven techniques to increase overall system performance, including dynamic load balancing and stateful, per-flow traffic management and action processing. In this second part, we will look deeper into what flow processing is and delve into descriptions of specific applications that require it. We will also discuss potential hardware implementations to realize the vision of flow processing.
-
Integrating flow processors to scale cybersecurity to 40 Gbps and beyond, part 1
Things like optical transmission, Layer 2 switching and Layer 3 routing can operate comfortably at 40 Gbps with current technology and at reasonable cost points. Other applications, though, struggle to operate at 10 Gbps today, not to mention scaling to 40 Gbps and beyond. These are typically applications that require complex processing and all share common characteristics in that they typically convey more Network Intelligence through more exhaustive examination of the packet content, metadata extraction, and stateful management of millions of simultaneous flows. High-touch processing in the areas of cybersecurity and network analytics face complexities to scale to extreme throughputs, and demand processing innovations addressed by Daniel in part one of this two-part series. Part two will explore implementing these innovations into an AdvancedTCA architecture for cybersecurity and other applications.
