Honeypot Objectives

In the past few weeks, we have discussed what a honeypot is, along with examples of various types of honeypots. This week we will discuss the objectives of a honeypot. At a macro-level there are two different objectives: research or production.

Research honeypots are used to generally study malicious behavior on the Internet and to identify potential bad actors—often by IP address. As they study malicious behavior, they gather information about attack trends, malware strains, and vulnerabilities that are actively being targeted by bad actors. This information can in turn be used to inform preventative defenses, prioritize when to apply a patch, and generally provide guidance on which processes and procedures need to be fortified.

In contrast, production honeypots are focused on identifying active attacks and compromise on an organization’s internal network and tricking the bad actor(s) in to assuming he/she is attacking real computer infrastructure. Information gathering is still a priority, as honeypots give you additional monitoring opportunities and fill in common detection gaps around identifying network scans and lateral movement. Production honeypots sit with the rest of an organization’s production infrastructure and run common services that would be expected in the organization’s environment.

Generally speaking, research honeypots tend to be more complex and store more types of data than production honeypots.

If you want to learn more about how Accolade Technology can help your business, please contact us at inquire@accoladetechnology.com.

Host CPU Offload Product Features Summary
wdt_ID Speed 1G 10G 10G 10G 10G/40G 10G/40G 100G 100G 100G 100G
1 Model ANIC-4Ku ANIC-20Ku ANIC-40Ku ANIC-40Kq ANIC-80Ku ATLAS-1000
Platform
ANIC-100Kq ANIC-200Ku ANIC-200K
Flex
ANIC-200Kq
2 Port/Type 4 X 1G SFP 2 X 10GSFP+ 4 X 10GSFP+ 1 X 40G4
X 10GQSFP+
2 X
40G8 X
10GQSFP+
SFP+
2 X
40GQSFP4
X10GSFP+
1 X
100GQSFP28
2 X
100GCFP4
2 X
40G2 X
100GQSFP28
2 X
100GQSFP28
3 PCIe Interface Gen3 x8 Gen3 x8 Gen3 x8 Gen3 x8 Gen3 x8 Gen3 x8 Gen3 x16 Gen3 x16 Gen3 x16 Gen3 x16
4 Dimensions
(H x L inches)
4.25 x 6.5   4.25 x 6.25 4.25 x 6.25 4.25 x 6.25 4.25 x 6.25 1.75 x12.28x14 4.25 x 10.5 4.25 x 10.5 4.25 x 6.5 4.25 x 10.5
5 Memory 32MB 4G 4G 4G 4G 16/32G 12G 12G 8G 12G
6 Timestamp 5.7 nS 5.7 nS 5.7 nS 5.7 nS 5.7 nS 5.7 nS 4 nS 4 nS 4 nS 4 nS
7 100% Packet
Capture
8 Gigamon, Arista
Timestamp
9 Packet Merging
10 Packet Parsing

About Accolade

Accolade is the technology leader in FPGA-based Host CPU Offload and 100% Packet Capture PCIe NIC’s and Scalable 1U Platforms. Accolade’s line of 1-100GE products enable 100% packet capture, flow classification, flow shunting, deduplication, packet filtering and more. Our customers are global leaders in network monitoring & cybersecurity applications as well as in the network test and measurement, telecom and video stream monitoring markets.

FPGA Acceleration Features

100% Packet Capture | Flow Classification | Flow Shunting | Precise Time Stamping | Packet Merging | Packet Slicing | Packet Parsing | Packet Filtering | Deduplication | Host Packet Buffer | Packet Steering | Direct Memory Access (DMA) | Statistics (RMON1)

Free Product Evaluation

Resolve all your host CPU offload bottlenecks. Share Your Technical Requirements with our FPGA and software experts to tailor the optimal solution. Accolade offers a 60 day free product evaluation for qualified customers to fully test and evaluate our products.