Force10 Networks P-Series Security Appliance
The Force10 P-Series 10 GbE inspection appliance is the first to deliver comprehensive deep packet inspection for line-rate 10 GbE applications. Based on patented Dynamic Parallel Inspection (DPI) technology, the P-Series uses an innovative, new processing architecture to simultaneously apply thousands of rules to each packet. Through the use of an FPGA-based rule engine, the P-Series can also dynamically reprogram hardware rules to deliver predictable performance and total signature flexibility under all traffic conditions.
Using an open framework, the P-Series supports Open Source and customizable network monitoring applications, enabling users to specify capture and filtering policies from public domain signatures, standard network monitoring libraries, or user-defined custom rule bases.
Key Features
- Line-rate 10 GbE deep packet inspection with support for jumbo frames and LAN or WAN PHY
- Ethernet Frame Deencapsulation (EFD) removes 802.1Q or MPLS headers and passes the raw Ethernet frame with a correct CRC through to devices that cannot understand the encapsulated frame
- Up to 16 Virtual Network Interfaces (VNIs) that support parallel and independent Layer 3 - 7 rules for different filtering or analysis applications
- Dynamically write rules directly into hardware for greater flexibility in responding to malicious traffic and line-rate performance regardless of traffic conditions or number of rules
- Support for both active inline or passive monitor/capture deployments
- Extensive counters for VLAN, subnet and zone-based rules
- Support for both active inline or passive monitor/capture deployments
Key Applications
- High speed programmable network probe delivers inspection and flexible capture rules for lawfully authorized electronic surveillance and CALEA applications
- 10 GbE stateful filtering applications
- Pre-processing and filtering capabilities to scale existing solutions to 10 GbE in the core or at the WAN edge
- Open application program interface for creating custom line-rate monitoring, packet capture, and network security applications
