?

Napatech Suricata IDS, IPS and NSM Lab

Bookmark
8 people launched
Solution Overview
Napatech has made its Link Capture Software available for the Intel Programmable Acceleration Card with Intel Arria 10 GX FPGA. 

With this combination, it is now possible to build high-performance, lossless solutions based on standard servers. The solution offloads the most burdensome processes and workloads related to high-speed packet processing, removing I/O networking bottlenecks and delivering line rate packet processing for all packet sizes to and from host applications with zero packet loss. 

This architecture simultaneously frees up valuable host CPU resources returning them to the applications and services that they were intended for. The solution has been benchmarked across a wide range of third-party, commercial and open-source, Linux-based networking and cybersecurity applications, delivering more than triple the performance over servers with standard NIC configurations. Complete solution configurations, installation guides and performance results are available today for Suricata, Snort, TRex, Wireshark and ntop. The solution is also extensible to home-grown IT applications. 

 Features: 
• Full theoretical throughput up to 40 Gbps bi-directional 
• Supports both 10 Gbps and 40 Gbps line-rates 
• Zero packet loss under all conditions 
• Deterministic performance 
• Precise time-stamping of all packets 

Goals & Objectives

The primary audience for this lab are network architects and engineers implementing the Suricata open source intrusion detection (IDS), inline intrusion prevention (IPS), and network security monitoring (NSM) solution. This lab provides a hands-on demonstration of packet processing performance testing for the specified Suricata release on Intel Programmable Acceleration Card with Intel Arria 10 GX FPGA with Napatech Link Capture software.

Hardware & Software

The Napatech intrusion detection solution (IDS) is an integrated solution utilizing the following components:

  • Intel Arria 10GX FPGA
  • HPE ProLiant DL-380 Compute
  • Napatech Suricata open source intrusion detection software

Technologies