Shunt Away Unwanted Suricata Traffic

Suricata is an open-source, signature based, intrusion prevention (IPS) and intrusion detection (IDS) system. Like most security and network monitoring applications, Suricata is CPU bound. That is to say, available CPU resources are often not adequate to handle the required application processing load. In Suricata’s case they openly admit this fact in the user guide.

“…having additional CPUs available provides a greater performance boost than having more RAM available. That is, it would be better to spend money on CPUs instead of RAM when configuring a system.” Source: Official Suricata User Guide, release 4.1.0 (page 119)

Sometimes adding more CPUs is the right answer, but there is also an alternative: Adding an FPGA-based hardware adapter/NIC to offload the host CPU from intensive and repetitive tasks.

For more information on ANIC adapter features go here.

Also read our new tech brief on Suricata and Flow Shunting below.

About Accolade

Accolade is the technology leader in FPGA-based Host CPU Offload and 100% Packet Capture PCIe NIC’s and Scalable 1U Platforms. Accolade’s line of 1-100GE products enable 100% packet capture, flow classification, flow shunting, deduplication, packet filtering and more. Our customers are global leaders in network monitoring & cybersecurity applications as well as in the network test and measurement, telecom and video stream monitoring markets.

FPGA Acceleration Features

100% Packet Capture | Flow Classification | Flow Shunting | Precise Time Stamping | Packet Merging | Packet Slicing | Packet Parsing | Packet Filtering | Deduplication | Host Packet Buffer | Packet Steering | Direct Memory Access (DMA) | Statistics (RMON1)

Free Product Evaluation

Resolve all your host CPU offload bottlenecks. Share Your Technical Requirements with our FPGA and software experts to tailor the optimal solution. Accolade offers a 60 day free product evaluation for qualified customers to fully test and evaluate our products.