Network security card runs at full GigE speeds

The MTP-1G is billed as the world's first wire-speed Gigabit Ethernet network intrusion detection and prevention system designed to support open-source network security and monitoring applications.

The MTP-1G is billed as the world's first wire-speed Gigabit Ethernet network intrusion detection and prevention system (IDPS) specifically designed to support open-source network security and monitoring applications.

The MTP-1G uses Metanetworks' Meta Traffic Processor (MTP), a unique network processor that was partially developed using research grants from the National Science Foundation and the US Air Force Rome Laboratories.

The MTP is specifically designed to exploit massive, fine-grain, instruction-level parallelism, which is intrinsic to IDPS processing loads.

Livio Ricciulli, Metanetworks Technologies' Chief Scientist, says: "Our MTP cards offer the lowest IPS filtering latency in the world because of our breakthrough processing architecture".

Metanetworks' MTP-1G cards routinely pass Gigabit Ethernet traffic between its two ports with 400ns latency while performing wire-speed, stateful, packet inspection.

When determining whether to capture or block packets, the cards can apply up to 1500 wire-speed stateful policies per packet.

When the MTP-1G captures packets, it presents them to the operating system as a standard NIC in promiscuous mode.

The MTP-1G cards support existing, open-source network security and monitoring applications.

They accomplish this by specifying capture and filtering policies using public-domain IDS signatures or standard network monitoring libraries.

Metanetworks' MTP technology also provides developers a rich API for creating custom network security and monitoring applications.

Because the MTP-1G cards interface with the host operating system as standard NICs, they can seamlessly run a variety of standard application software at much faster speeds.

For example, open-source Snort IDS software can monitor a few hundred megabits of traffic with a standard NIC.

With the MTP-1G card, Snort can monitor a full gigabit of traffic without modification.

The MTP-1G cards are also compatible with other popular libpcap-based network monitoring applications such as tcpdump.

The University of California, Santa Cruz (UCSC) integrated a Metanetworks MTP into one of its production networks and has confirmed that it greatly enhanced their existing IDS capabilities.

"The MTP enables a whole range of open source security applications that were not possible before", says Paul Tartarsky, the UCSC Consultant Network Security Engineer in charge of integrating the MTP-1G.

"As far as I can tell, the MTP has eliminated a huge roadblock to developing high performance IDPS applications at a low cost".

Back to top