The platform, show in Figure 1, integrates Accolade’s APP (Advanced Packet Processor) in the form of an onboard FPGA with acceleration features such as lossless packet capture, nanosecond precision timestamping, packet merging, packet filtering, flow classification, packet steering and more. For a detailed description of packet capture features please visit: https://accoladetechnology.com/features/
Figure 1: Accolade’s APP (Advanced Packet Processor) in the form of an onboard FPGA with acceleration features
The API implemented for the ATLAS-1000 is also common to Accolade’s ANIC packet capture adapters ensuring seamless migration across Accolade’s comprehensive product offerings.
ATLAS-1000 is a very powerful and flexible platform that can be used in a variety of different situations. Following are a few representative use cases to give readers some sense of how to utilize the product. This list is not exhaustive and the platform can be adapted to most any networking or security application. It is particularly effective when there is some specific packet processing or manipulation feature that must be performed at scale.
Capturing flow records is an important monitoring function in computer networks and the de-facto standard format is NetFlow. In some cases, switches or other devices in the network can output NetFlow records. However, there are often points in the network where records are not available or perhaps must be output in another format. In this case, a standalone Flow Exporter appliance is very useful and with ATLAS-1000 the OEM vendor only has to supply the requisite software; leaving all the hardware and advanced packet processing responsibilities to the Accolade platform. The architecture shown in Figure 2 also subsumes the network TAP function directly into the appliance thus eliminating an element from the network.
Figure 2: ATLAS-1000 as Flow Exporter Appliance with Integrated Optical TAP
Duplicated data poses a significant burden on network monitoring appliances. Sometimes as much as 50% of all traffic is duplicate. This is often because a SPAN port is configured to copy ingress and egress data from every switch port, which leads to duplicate packets for every packet that goes into and then out of a network switch. With ATLAS-1000, duplicate packets can be eliminated in hardware at 10 or 40G speeds before they ever reach the network monitoring appliance, thus saving a tremendous number of wasted processing cycles.
ATLAS-1000 can also be deployed as an inline data duplication appliance, as shown in Figure 3, thus operating on live network traffic. In this scenario, for maximum data availability, the platform can be equipped with an optional PIM that includes optical bypass. With bypass, even if the data duplicator loses power or otherwise fails, traffic will continue to flow through the appliance (with no deduplication) uninterrupted.
Figure 3: ATLAS-1000 as Data Deduplicator Appliance
Cluster Load Balancer
For scale purposes a group or cluster of network monitoring appliances (NMAs) is often front-ended by a load balancer or packet broker. At a high level these devices take in packet data from the network, inspect the traffic and intelligently (based upon some rules or policy) distribute the traffic to some number of NMAs that form the cluster. The NMAs may be homogenous (different instances of the same function) or heterogeneous (cluster of NMAs with different purposes such as security and performance monitoring). Figure 4 shows a heterogeneous cluster of NMAs front-ended by an ATLAS-1000.
There are numerous load balancer and packet broker products available in the market from companies such as F5 Networks and Gigamon. These products are certainly appropriate in some situations but they are also very complicated and very expensive. Sometimes a simpler solution that has a targeted purpose with a much lower price point is more appropriate. This is where the ATLAS-1000 platform shines and delivers tremendous value to networking/security companies and their end users alike.
Figure 4: ATLAS-1000 as Cluster Load Balancer Appliance
ATLAS-1000 can be used to limit or completely eliminate certain application traffic (e.g. Skype) within or between networks as show in Figure 5. The platform provides the hardware, optical bypass (in case of appliance power loss) and advanced flow classification. These capabilities combined with deep packet inspection (DPI) software from a leading vendor yields a robust, compact and cost effective solution.
Figure 5: ATLAS-1000 as Inline Deep Packet Inspection (DPI) Appliance
Accolade is the technology leader in advanced, lossless packet capture and acceleration adapters and OEM acceleration platforms. Accolade’s 1-100GE ANIC FPGA-based adapters and ATLAS series of acceleration platforms help accelerate network/cyber security and monitoring applications developed by the world’s leading networking companies. ANIC adapters are fully PCIe compliant and seamlessly integrate into standard servers offered by companies such as Cisco, Dell, HP, Super Micro and others. Accolade’s OEM customers offer products for network security and monitoring, flow classification, deep packet inspection, network test and measurement, video stream monitoring, high frequency trading (HFT), and more.