[Oisf-users] Hardware Acceleration / Suricata
rmkml
rmkml at yahoo.fr
Tue Apr 30 20:25:42 UTC 2013
Hi Dan,
First thx for all community devs/users.
That a very (old) good question! (hardware/software)
Depend if you need IDS or IPS/inline mode...
hardware accelerated / software accelerated = comparing price/results ?
software with like pfring/afpacket and suricata = around 10Gbps in IDS
mode on classical x86_64 cpus...
or hardware (40Gbps) libpcap accelerated like endace/emulex or napatech or
npulse ... (+x86_64 cpus)
or full hardware accelerated like tilera TILExtreme-Gx at 160Gbps... (all not tested)
Futur: Suricata accelerated by GPU ?
Regards
Rmkml
https://home.regit.org/2012/07/suricata-to-10gbps-and-beyond/
http://packetchaser.org/index.php/opensource/suricata-10gbps
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Endace_DAG
http://suricata-ids.org/2012/12/21/oisf-welcomes-tilera-as-a-gold-level-consortium-member/
On Tue, 30 Apr 2013, Dan Murphy wrote:
> I'd be interested to know how the experiences have been of those of you running a hardware accelerated Suricata .. be it via napatech, endace etc... What kind of rates you're getting ( yes I realize that
> greatly depends on ruleset any data is more then the zero data I have now). What exactly is accelerated ( like is it just pcap or pattern matching as well ).
> I guess .. any recommendations in general would be greatly appreciated.
>
>
> cheers,
> Dan
>
>
>
More information about the Oisf-users
mailing list