Inline DPI and Blacklist Matching: Hardware-based Flow Classification Use Cases
Enable High Performance, Low Latency, Scalability and Precision
Implementing flow classification functions in an FPGA (as opposed to software) enables the highest performance, lowest latency, scalability and precision required in sophisticated, mission critical network monitoring and security applications.
The following are a few high-level flow classification characteristics offered with ANIC adapters:
Can track up to 32 million unique IP flows per adapter
Actions such as forward, drop or redirect can be requested on a per flow basis
Both directions of a flow are tracked and recorded
Information such as total packet count, byte count and the last time a packet was seen is maintained for every flow
Inline Deep Packet Inspection (Inline DPI)
Flow classification can be used as a mechanism to selectively drop unwanted flows in live network traffic. The flows could be dropped for many reasons for instance if they are deemed malicious or if they violate some terms of service.
Flow classification can be used to drop or block known bad IP addresses (IPv4 or IPv6). In this scenario, the host application provides the ANIC adapter (via the API) a list of IP addresses and if the source IP address of a flow matches one of the IP addresses in the blacklist, the flow is immediately dropped or blocked and the payload data is sent to the host application for analysis.
Accolade is the technology leader in advanced, lossless packet capture and acceleration adapters and OEM acceleration platforms. Accolade’s 1-100GE ANIC FPGA-based adapters and ATLAS series of acceleration platforms help accelerate network/cyber security and monitoring applications developed by the world’s leading networking companies. ANIC adapters are fully PCIe compliant and seamlessly integrate into standard servers offered by companies such as Cisco, Dell, HP, Super Micro and others. Accolade’s OEM customers offer products for network security and monitoring, flow classification, deep packet inspection, network test and measurement, video stream monitoring, high frequency trading (HFT), and more.