Cost effective Intrusion Detection System (IDS) to detect malware
For enterprise security Napatech network adapters, installed in a standard server, provide a cost-effective hardware platform for Intrusion Detection Systems (IDS). Napatech adapters can support both passive IDS and active in-line IPS deployment modes.
Key features for IDS
- Build cost effective IDS based on Snort and Suricata
- Packet capture with zero packet loss
- Scale performance with faster CPUs
- Scale with efficient data distribution
Intrusion Detection System based on Snort or Suricata
Napatech has demonstrated full 10G IDS/IPS at several industry events using normal network traffic profile on a standard dual socket server with medium speed CPUs. The solution can scale up to higher performance using faster servers.
This proves that a high performance system can be built using standard off-the-shelf servers and open source software, such as
Snort or Suricata.
Improve intrusion detection with zero packet loss
The Napatech network adapters capture all packets of all sizes with zero packet loss. This means that nothing is missed by the IDS application.
Performance improvement opportunity with faster and more CPU cores
Standard servers improve performance typically 60% per year. Take advantage of this performance growth to improve the IDS appliance performance using
Napatech network adapters.
Scale malware detection
The Napatech adapters
classify frames in real-time and use
hash keys for sorting traffic according to source, destination, ports and protocols. The adapter can identify and distribute flows to
multiple CPU cores. The benefit is efficient distribution to multiple CPU cores so that the IDS application can perform fast analysis on flows.
Record data for off-line analysis
With Napatech network adapters it’s possible to analyze and record data at the same time. Napatech adapters are designed to enable
efficient capture to disk with 100% packet capture of all data. Recorded data can be used for post-event analysis.
