|
Products
|
 |
IDT* PAX.port* 2500 content inspection engine (CIE) and Intel® IXP2400 network processor
|
IDT is a global leader in preemptive semiconductor solutions that accelerate packet processing for advanced network services. IDT accelerates intelligent packet processing with content inspection engines that classify and parse data within network processing environments. |
|
|
 |
|
|
|
Intrusion detection and prevention systems are an integral aspect of today's modern networking security infrastructure, identifying and blocking incoming attacks that would otherwise be undetected by a traditional firewall. Content inspection is the primary role of such solutions; all network traffic must pass through this filter. It has become a serious bottleneck in security systems, subject to pressure from an ever-increasing volume of network traffic and the growing complexity of threats. |
|
|
Designers of intrusion detection and prevention systems must mitigate the content inspection bottleneck in order for network security solutions to be effective. Common tactics used to improve overall system throughput involve custom-built ASICs or an elaborate combination of several processors in a single system. Both methods require costly, time-consuming development resources, and offer little flexibility to adapt to new threats. Designers need a different strategy to improve throughput and address new security concerns while keeping development costs down. |
|
|
Using a fully programmable network processor instead of an ASIC allows developers to build in future flexibility. Coupled with a separate classification engine to offload content inspection, this co-processing configuration delivers as much performance as traditional ASICs or multi-processor designs, without the high development cost and using less board space. In this case study, the IDT* PAX.port* 2500 content inspection engine and Intel® IXP2400 network processor combine to achieve as much as 2 Gbps throughput with minimal incremental development effort required. |
|
|
"Network processor technology is an attractive alternative to custom hardware design and Intel is clearly a leader in this area," says Mark Orthodoxou, product manager at IDT. "In addition to outstanding performance capabilities, Intel network processors offer compatible interfaces, good development tools, a proven track record of strong customer support, and programming flexibility - all essential features for a successful network security solution." |
|
|
IDT offers several CIE products that support a variety of glueless interfaces to Intel network processors and support both streaming and look-aside configurations to those NPUs. IDT also has a proven track record for customer support and extensive experience in solving content inspection problems. "Performance requirements for robust intrusion detection continue to grow rapidly," explains Doug Davis, general manager, Intel Network Processor Division. "The combination of Intel network processors and IDT content inspection engines provides OEMs with a broad range of options for deploying secure applications." |
|
|
IDT performed a "proof-of-concept" intrusion detection system test with the Intel IXP2400 network processor and IDT PAX.port 2500 content inspection engine using an adapted implementation of the detection block of SNORT 1.9. In this test, the Intel and IDT co-processing solution sustained 2 Gbps of intrusion detection classification with no dropped packets. For more information, please contact IDT directly at ipchelp@idt.com or (831) 754-4555. |
|
|
|
IDT*
