TECH BRIEF:Flow Shunting
Keeping up with the deluge of data is a classic problem for almost every offline security appliance: particularly at 10, 40 and 100G speeds. Security applications such as Suricata and others are all CPU bound and thus their performance is directly related to the number of packets the application has to process.
To solve the problem, Accolade introduced a unique “Flow Shunting” feature preserving critical CPU cycles to enable application performance and significant cost savings.
At a high level, Flow Shunting allows an application to programmatically turn packet transmission on or off—for a given flow (based on 5-tuple). In other words, the application can decide from which flow(s) it does and does not want to receive data traffic. By intelligently “toggling” the flow shunting switch, an application can greatly reduce the amount of data it has to analyze, thereby freeing up CPU resources for more pressing tasks.
Key Benefits of Flow Shunting:
- Offload host CPUs from processing unnecessary traffic.
- Scale network security software applications such as Snort and Suricata
- Cost savings from reduced disk space / CPU utilization requirements.
- Eliminate processing (or storage) of unwanted traffic flows.
Learn how Flow Shunting reduces the number of packets the security application has to process to enable complete, dynamic control over which traffic flows are forwarded from FPGA adapter to application.