Most packet protocols permit virtually any packet to encapsulate another. So, it's
difficult for any network administrator to
know just what is passing through the network. The solution to this pervasive problem is deep packet inspection, which usually means looking at the data payload of
packets passing through the system.
Software mostly handles this today, but it
doesn't accomplish it at the usual line rates
of 10 Gbits/s or even 1 Gbit/s. Also, it most
likely doesn't include header inspection.
Startup cPacket Networks has fixed that
problem, though, with its cPacket 20G chip.
The cPacket 20G performs deep packet
inspection, including header classification,
at a 20-Gbit/s rate one way or 10 Gbits/s
duplex. With it, designers can build highly
intelligent switches, routers, or other network boxes that can actively analyze and
respond to network traffic based upon a
100% analysis of the packet payloads and
headers. Overall, it provides about 10
times the processing performance at one-tenth the cost of other slower, more complex, and expensive solutions while consuming 6 W (see the figure).
The chip inspects and classifies packets
based upon both payload and header.
Whatever protocol, such as Sonet, Ethernet, or TCP/IP, its pattern-matching algorithms match profiles selected by the user
via cPacket software.
The cPacket 20G then looks at the bit
stream bit-by-bit so it can count, tag, redirect, replicate, or drop information beyond
user-specified protocol. The process is
completely deterministic, meaning independent of the data itself. The algorithm
lets the process scale linearly with the chip
area to 40 and 100 Gbits/s.
The fully pipelined architecture of the
chip comprises a two-dimensional array of
proprietary very long instruction word
(VLIW) processing elements that provides a
predictable throughput under any traffic
condition. As an example, the chip can
monitor events like failed login attempts
and take corrective action by dropping or
rate-limiting specific traffic profiles.
Users set up monitoring and control protocols with software that
modifies the chip, which uses templates to completely eliminate
unwanted programming. Also, users can specify complex traffic profiles without worrying about low-level protocol details like chained virtual local-area networks or case-insensitive pattern searches. Complete packet inspection enables integration of traffic monitoring,
network security, test, and lawful intercept into intelligent switches and network devices.
The chip doesn't have any external memories or coprocessors. It offers in-order processing, and there's
no software in the data path. It provides flexible templates and incremental provisioning. And, the chip can
be placed almost anywhere inside the switch or router,
and it becomes just a "bump in the wire."
With increasing network speeds and the continuous introduction of new applications such as Internet Protocol television (IPTV), Web video conferencing, storage networks, IMS,
P2P, and Voice over Internet Protocol (VoIP), the need to know what's
going on in the network is more important than ever. The cPacket
20G could solve cost-performance issues with current equipment
and eliminate the bottleneck caused by slow software inspection that
is the norm today at a reasonable price.
The cPacket 20G is sampling now. Several reference designs
are available.
cPacket Networks Inc.
www.cpacket.com