Netcope Session Filter

Netcope Session Filter (NSF) is a session-oriented packet capture solution that leverages the hardware platform of Netcope FPGA Boards to accelerate per-packet processing and flow-based stateful filtering, which leaves more CPU performance for complex processing of network traffic, like DPI. The cooperation of hardware and software makes it possible to build a powerful solution even for 100G Ethernet networks based on commodity multi-core servers.

NSF-100G2  Features  Whitepaper

Session Filter

handle the network flows in hardware






Key feature of NSF is stateful filtering-based packet manipulation, which offers significant advantage over per-packet stateless processing. NSF perceives network traffic as a set of network flows and it is able to track hundreds of thousands of network flows directly in hardware. Software applications leverage hardware preprocessing of network flows to identify flows of interest for further processing and instructs hardware through API on how to deal with each flow. In other words, it allows you to zoom in interesting traffic, drop the traffic of no interest and gather statistical information about the rest of the traffic.

NSF provides many ways to handle network flows in hardware. Autonomous in-hardware processing tracks the flows and gathers statistical information about the flow: communicating endpoints (IP addresses, TCP/UDP ports, L4 protocol), timestamps of beginning and end of the communication, number of transferred bytes and packets etc. In case in-software processing is required, NSF can transfer the packets of a network flow to SW in form of whole packets, packets cropped to specified length, or extracted header fields only, depending on the requirements and complexity of processing of the software application.

Features

  • Models for 100G, 40G, and 10G Ethernet available

  • Wire-speed traffic processing including the shortest packets

  • Hardware flow cache with hundreds of thousands of flow records

  • ​Intelligent packet transfer to SW

    • Flow-aware distribution over multiple CPU cores

    • IP fragmentation handling

  • Field upgradable

  • Interconnection of two cards to achieve overall throughput of 200Gbps to software with load balancing​

  • Hardware packet processing based on flow records

    • Update per-flow statistics

    • Transfer per-flow statistics to SW

    • Transfer whole or cropped packet to SW

    • Extract and transfer packet header fields to SW

    • Drop packet

Use Cases

  • Acceleration of DPI-based (deep packet inspection) systems (IDS, IPS, UTM...)

  • Application-specific statistics (time-based, TCP flags, etc.)

  • Acceleration of lawful interception systems

  • Forensic analysis of network traffic (dynamic zoom-in)
  • In-hardware stateful firewall

  • 200Gbps software load balancing

Learn more about NSF

Netcope Session Filter is available for 100G Ethernet technologies. Download product brief to learn more or contact us if you prefer to discuss your needs directly. We are looking forward to hearing from you and answering your questions!


NSF-100G2

"Netcope’s 100G-ready NSF allows for the early classification and hardware offload of sessions that are not relevant to Intrusion Protection using all remaining power to analyse the remaining traffic for Intrusion candidates. Netcope’s Hardware Session-based Offloading coupled with inter-adapter load-balancing of full-duplex links, means that we can deliver 200 Gbps of DPI analyses using standard server configurations.“

Martin Hayes, CTO of Picomass


Learn more about this deployment in our Case Study

Explore more Netcope products

Netcope Packet Capture (NPC)

Netcope Packet Capture (NPC)

Learn more about the network solution for wire-speed, low-latency packet processing.

Netcope FPGA Boards (NFB)

Netcope FPGA Boards (NFB)

High-performance appliances designed for the development of hardware-accelerated applications.

Netcope Development Kit (NDK)

Netcope Development Kit (NDK)

NDK enables rapid design, prototyping and evaluation of hardware-accelerated applications.

Netcope Success Stories

NSF-100G2-Picomass-Netcope

NSF-100G2-Picomass-Netcope Network Traffic Monitoring

Picomass uses Netcope Session Filter in the IPS200 DPI solution because NSF is capable of offloading traffic to hardware. This makes real-time DPI on 100G networks possible.

Flowmon Networks

Flowmon Networks Network Traffic Monitoring

Flowmon Networks aims to develop a new generation of NetFlow/IPFIX probes that can monitor and process traffic of 100GE high-speed networks. Because of that, Flowmon Networks needs to find a network card that would be able of handling 100 GE monitoring requirements.

U.S. trading firm deploys Tradecope

U.S. trading firm deploys Tradecope Electronic Stock Trading

For successful trading on electronic exchanges today, it is not enough to come up with the smartest strategy anymore. Learn more about how U.S trading firm deployed FPGA-based Tradecope solution to increase hit rate of the trading strategy.

Cookies help us deliver our services. By using this website, you agree to the use of cookies.  More information

close