Suricata Network Security IDS / IPS -- Project Updates
Suricata is a free and open source, mature, fast and robust network threat detection engine.
The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline pcap processing.
Suricata inspects the network traffic using a powerful and extensive rules and signature language, and has powerful Lua scripting support for detection of complex threats.
Paxym has helped Customers with OCTEON Multi-core CPUs to achieve excellent performance, above and beyond available from the stock Suricata package (Jan-2018) itself.
- Tests were performed with iperf, iperf3, Traffic generator,
- UDP and TCP packet streams,
- Packet sizes: 75, 300, 642, 1500,
- Flows: 10 flows upto 1000 flows,
- Pcap replay test: typical Office mixed flow streams 20 hours capture,
- Packet scanning extent: Full depth
- Performance gains from 2.5x to almost 4x based on conditions,
- Test platform OCTEON CN7130 4-core system @1.5Ghz with 2G memory (only 2 cores used),
- Suricata I/O path optimized for OCTEON Packet I/O Blocks,
- Suricata in IPS mode and NFQUEUE operation only 3 queues,
- Potential gains estimated upto 25% with HFA acceleration
As a further follow-up Paxym's team also completed for its Customers, a port of Suricata on OpenWRT along with key dependency of Rust programming language. See here.
Paxym, Inc. is a Software Development and Testing Services Company. Providing Consulting Services to its Customers in the areas of Cloud Software, Web Front and Back-End Applications, Network and Security Stacks, Linux, xBSD Kernel development and Performance Tuning. Along with Solutions to a variety of computing problems using combination of SW and Hardware, by its Consultants.