From gfortaine at live.com Tue Aug 10 22:41:41 2010 From: gfortaine at live.com (Guillaume FORTAINE) Date: Wed, 11 Aug 2010 04:41:41 +0200 Subject: [Oisf-wg-nonstandardacceleration] Network monitoring meets FPGA development Message-ID: Misters, For your information : http://www.fpgagurus.edn.com/blog/fpga-gurus-blog/network-monitoring-meets-fpga-development This blog has covered communications companies that use FPGAs for at-speed tasks in deep packet inspection and header analysis in 1-Gbit and 10-Gbit networks. ?We?ve also covered plenty of companies offering board-level FPGA development tools. ?Finding a company with activities in both realms, however, is pretty unique. Meet INVEA-TECH, a Czech university spinoff company in Brno that is showing the NetCOPE platform to potential customers in Europe. CESNET, the Czech agency responsible for running Czech NREN networks, launched a project for programmability in high-speed networking called ?Liberouter?. ?Concepts for such products as NIFIC and FFlowmon originated within Liberouter, and mature concepts were passed to INVEA-TECH for commercialization. Guillaume Fortaine, CS engineer at INVEA-TECH, said that the company has identified three separate tiers of deliverable technology to partners ? individual COMBO FPGA boards; COMBO sets to combine a processing board with companion interfaces; and system-level products, including fully-bundled appliances for network monitoring, and board-level suites in the NetCOPE family. INVEA-TECH used the Xilinx Virtex-5 at the core of its COMBO boards, which have a ten-year history within the Liberouter project, and are based on PCI Express interfaces. ?The motherboard utilizes SRAM and DRAM memory, and Ethernet interface cards are offered for dual 10-Gbit links, and quad 1-Gbit and 10-Gbit links. ?One version of an interface card, based on the LXT version of Virtex-5, offers a unique on-the-fly reboot for the Virtex-5, in which a companion Spartan 3A is used to reboot the Virtex-5 without a power-down or PC reset. NetCOPE arose out of the realization that the boards could be used to let customers program FPGA firmware directly, to customize unique networking and communication applications. ?The host interface and network interface on the Virtex-5 remains fixed, while the customer defines an application core. ?INVEA-TECH defines a multi-channel DMA engines to automatically load-balance packets across CPU cores, and a suite of Locallink tools to manipulate packet streams in real time, splitting and binding traffic flows for an optimal packet monitor tool. ?INVEA-TECH also offers special cores for pattern matching, header field extraction, and a classfier operating at 20 Gbits/sec. INVEA-TECH offers a range of pre-configured appliances for network monitoring, such as FlowMON for comprehensive per-packet monitoring at wire speed; and NIFIC, for wire-speed packet filtering and forwarding for applications such as firewalls and lawful intercept. ?The enterprise networking OEM world is a competitive and unforgiving realm, however, and INVEA-TECH executives are smart to offer customers a range of options for rolling custom solutions ? while becoming more familiar with FPGAs at the same time. Best Regards, Guillaume FORTAINE Tel : +33(0)631092519? From pppmarinho at gmail.com Wed Aug 11 12:53:51 2010 From: pppmarinho at gmail.com (Pedro Marinho) Date: Wed, 11 Aug 2010 13:53:51 -0300 Subject: [Oisf-wg-nonstandardacceleration] Oisf-wg-nonstandardacceleration Digest, Vol 2, Issue 1 In-Reply-To: References: Message-ID: Hello, I think that using FPGA and VHDL is a very good way to improve performance. Maybe better than GPU i don?t know. I have a friend that have made some chips using VHDL and knows pretty much to be at a project to develop that hardware and a linux and unix driver for it for suricata. If you will he can send his curriculum. He knows pretty much about I2C protocol, FPGA, VHDL, assembly, c, reversing engineering in hardware and software. ps: i think is worthy a try.. 2010/8/11 > Send Oisf-wg-nonstandardacceleration mailing list submissions to > oisf-wg-nonstandardacceleration at openinfosecfoundation.org > > To subscribe or unsubscribe via the World Wide Web, visit > > http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-wg-nonstandardacceleration > > or, via email, send a message with subject or body 'help' to > oisf-wg-nonstandardacceleration-request at openinfosecfoundation.org > > You can reach the person managing the list at > oisf-wg-nonstandardacceleration-owner at openinfosecfoundation.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Oisf-wg-nonstandardacceleration digest..." > > > Today's Topics: > > 1. Network monitoring meets FPGA development (Guillaume FORTAINE) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 11 Aug 2010 04:41:41 +0200 > From: Guillaume FORTAINE > Subject: [Oisf-wg-nonstandardacceleration] Network monitoring meets > FPGA development > To: > Message-ID: > Content-Type: text/plain; charset="Windows-1252" > > > Misters, > For your information : > > > http://www.fpgagurus.edn.com/blog/fpga-gurus-blog/network-monitoring-meets-fpga-development > > This blog has covered communications companies that use FPGAs for > at-speed tasks in deep packet inspection and header analysis in 1-Gbit > and 10-Gbit networks. ?We?ve also covered plenty of companies offering > board-level FPGA development tools. ?Finding a company with activities > in both realms, however, is pretty unique. > > Meet INVEA-TECH, a Czech university spinoff company in Brno that is > showing the NetCOPE platform to potential customers in Europe. > CESNET, the Czech agency responsible for running Czech NREN networks, > launched a project for programmability in high-speed networking called > ?Liberouter?. ?Concepts for such products as NIFIC and FFlowmon > originated within Liberouter, and mature concepts were passed to > INVEA-TECH for commercialization. > > Guillaume Fortaine, CS engineer at INVEA-TECH, said that the company > has identified three separate tiers of deliverable technology to > partners ? individual COMBO FPGA boards; COMBO sets to combine a > processing board with companion interfaces; and system-level products, > including fully-bundled appliances for network monitoring, and > board-level suites in the NetCOPE family. > > INVEA-TECH used the Xilinx Virtex-5 at the core of its COMBO boards, > which have a ten-year history within the Liberouter project, and are > based on PCI Express interfaces. ?The motherboard utilizes SRAM and > DRAM memory, and Ethernet interface cards are offered for dual 10-Gbit > links, and quad 1-Gbit and 10-Gbit links. ?One version of an interface > card, based on the LXT version of Virtex-5, offers a unique on-the-fly > reboot for the Virtex-5, in which a companion Spartan 3A is used to > reboot the Virtex-5 without a power-down or PC reset. > > NetCOPE arose out of the realization that the boards could be used to > let customers program FPGA firmware directly, to customize unique > networking and communication applications. ?The host interface and > network interface on the Virtex-5 remains fixed, while the customer > defines an application core. ?INVEA-TECH defines a multi-channel DMA > engines to automatically load-balance packets across CPU cores, and a > suite of Locallink tools to manipulate packet streams in real time, > splitting and binding traffic flows for an optimal packet monitor > tool. ?INVEA-TECH also offers special cores for pattern matching, > header field extraction, and a classfier operating at 20 Gbits/sec. > > INVEA-TECH offers a range of pre-configured appliances for network > monitoring, such as FlowMON for comprehensive per-packet monitoring at > wire speed; and NIFIC, for wire-speed packet filtering and forwarding > for applications such as firewalls and lawful intercept. ?The > enterprise networking OEM world is a competitive and unforgiving > realm, however, and INVEA-TECH executives are smart to offer customers > a range of options for rolling custom solutions ? while becoming more > familiar with FPGAs at the same time. > > Best Regards, > > Guillaume FORTAINE > Tel : +33(0)631092519? > > ------------------------------ > > _______________________________________________ > Oisf-wg-nonstandardacceleration mailing list > Oisf-wg-nonstandardacceleration at openinfosecfoundation.org > > http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-wg-nonstandardacceleration > > > End of Oisf-wg-nonstandardacceleration Digest, Vol 2, Issue 1 > ************************************************************* > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.openinfosecfoundation.org/pipermail/oisf-wg-nonstandardacceleration/attachments/20100811/ab9f359c/attachment.html From pppmarinho at gmail.com Wed Aug 11 13:00:48 2010 From: pppmarinho at gmail.com (Pedro Marinho) Date: Wed, 11 Aug 2010 14:00:48 -0300 Subject: [Oisf-wg-nonstandardacceleration] Oisf-wg-nonstandardacceleration Digest, Vol 2, Issue 1 In-Reply-To: References: Message-ID: Hello, The idea is make a special network card for suricata. With a FPGA fisically connected to it. 2010/8/11 > Send Oisf-wg-nonstandardacceleration mailing list submissions to > oisf-wg-nonstandardacceleration at openinfosecfoundation.org > > To subscribe or unsubscribe via the World Wide Web, visit > > http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-wg-nonstandardacceleration > > or, via email, send a message with subject or body 'help' to > oisf-wg-nonstandardacceleration-request at openinfosecfoundation.org > > You can reach the person managing the list at > oisf-wg-nonstandardacceleration-owner at openinfosecfoundation.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Oisf-wg-nonstandardacceleration digest..." > > > Today's Topics: > > 1. Network monitoring meets FPGA development (Guillaume FORTAINE) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 11 Aug 2010 04:41:41 +0200 > From: Guillaume FORTAINE > Subject: [Oisf-wg-nonstandardacceleration] Network monitoring meets > FPGA development > To: > Message-ID: > Content-Type: text/plain; charset="Windows-1252" > > > Misters, > For your information : > > > http://www.fpgagurus.edn.com/blog/fpga-gurus-blog/network-monitoring-meets-fpga-development > > This blog has covered communications companies that use FPGAs for > at-speed tasks in deep packet inspection and header analysis in 1-Gbit > and 10-Gbit networks. ?We?ve also covered plenty of companies offering > board-level FPGA development tools. ?Finding a company with activities > in both realms, however, is pretty unique. > > Meet INVEA-TECH, a Czech university spinoff company in Brno that is > showing the NetCOPE platform to potential customers in Europe. > CESNET, the Czech agency responsible for running Czech NREN networks, > launched a project for programmability in high-speed networking called > ?Liberouter?. ?Concepts for such products as NIFIC and FFlowmon > originated within Liberouter, and mature concepts were passed to > INVEA-TECH for commercialization. > > Guillaume Fortaine, CS engineer at INVEA-TECH, said that the company > has identified three separate tiers of deliverable technology to > partners ? individual COMBO FPGA boards; COMBO sets to combine a > processing board with companion interfaces; and system-level products, > including fully-bundled appliances for network monitoring, and > board-level suites in the NetCOPE family. > > INVEA-TECH used the Xilinx Virtex-5 at the core of its COMBO boards, > which have a ten-year history within the Liberouter project, and are > based on PCI Express interfaces. ?The motherboard utilizes SRAM and > DRAM memory, and Ethernet interface cards are offered for dual 10-Gbit > links, and quad 1-Gbit and 10-Gbit links. ?One version of an interface > card, based on the LXT version of Virtex-5, offers a unique on-the-fly > reboot for the Virtex-5, in which a companion Spartan 3A is used to > reboot the Virtex-5 without a power-down or PC reset. > > NetCOPE arose out of the realization that the boards could be used to > let customers program FPGA firmware directly, to customize unique > networking and communication applications. ?The host interface and > network interface on the Virtex-5 remains fixed, while the customer > defines an application core. ?INVEA-TECH defines a multi-channel DMA > engines to automatically load-balance packets across CPU cores, and a > suite of Locallink tools to manipulate packet streams in real time, > splitting and binding traffic flows for an optimal packet monitor > tool. ?INVEA-TECH also offers special cores for pattern matching, > header field extraction, and a classfier operating at 20 Gbits/sec. > > INVEA-TECH offers a range of pre-configured appliances for network > monitoring, such as FlowMON for comprehensive per-packet monitoring at > wire speed; and NIFIC, for wire-speed packet filtering and forwarding > for applications such as firewalls and lawful intercept. ?The > enterprise networking OEM world is a competitive and unforgiving > realm, however, and INVEA-TECH executives are smart to offer customers > a range of options for rolling custom solutions ? while becoming more > familiar with FPGAs at the same time. > > Best Regards, > > Guillaume FORTAINE > Tel : +33(0)631092519? > > ------------------------------ > > _______________________________________________ > Oisf-wg-nonstandardacceleration mailing list > Oisf-wg-nonstandardacceleration at openinfosecfoundation.org > > http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-wg-nonstandardacceleration > > > End of Oisf-wg-nonstandardacceleration Digest, Vol 2, Issue 1 > ************************************************************* > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.openinfosecfoundation.org/pipermail/oisf-wg-nonstandardacceleration/attachments/20100811/5081c8ef/attachment-0001.html