The Wayback Machine - https://web.archive.org/web/20150317155757/http://cavium.com/css_ids_ips_stk.html
    SOFTWARE > IDS/IPS Software Toolkit
 
A tree for site navigation will open here if you enable JavaScript in your browser.

Ready to Learn More?

Schedule a Consultation

OR CALL 408-943-7100 (US)
+1-408-943-7100 (International)
    
Cavium Multi-core Processors
IDS/IPS Software Toolkit
Benefits
The CSS intrusion detection and prevention software toolkit is designed to offer a high degree of reliability, performance and flexibility in a wide variety of OCTEON-based systems. We have designed the toolkit to be easily integrated into your applications, and we’ve provided a convenient interface so you can get real-time access to intrusion data and update the system’s rules.

Block Diagram


Applications
The IDS/IPS toolkit can be used by most OCTEON applications where intrusion detection is important. It comes with convenient APIs to be integrated into customers’ applications. In the OCTEON processor’s data plane, the intrusion detection system passes the packets tagged with the detection result to the customer software. In control plane, the customer control application may use the APIs to dynamically load new rules, retrieve statistics and read log messages. Coordination between data plane and control plane is maintained internally by the IDS/IPS detection system.
.
Technical Specifications
Two different schemes (packet-based scan/detection, and flow-based scan/detection) work in concert to achieve a high rate of detection success. The OCTEON processor’s HFA hardware accelerates signature pattern matching in the packet payload and in the packet header.

Specific features include the following:

  • In-line-mode and monitor-mode support of IDS/IPS function
  • IP reassembly
  • Support for IPv6
  • TCP reassembly
  • Flow/session-based detection to reduce overhead
  • Comprehensive schemes working on packet metadata (HTTP and HTML), packet payload and flow behavior
  • Real-time signature updates without causing service interruption
  • Real-time statistics
  • Fully optimized on OCTEON hardware with DFA/HFA acceleration
  • Professional services, including customer application integration and rule updates
  • Supports industry-standard IDS/IPS rules provided by a third party (Telus)
.
Ordering Information
Coming soon.

Reference Materials
Coming soon.

Call us
To learn more about our Protocol Analysis Toolkit, call us today: 650-623-7000

All contents are Copyright © 2000 - 2014 Cavium. All rights reserved.

Morty Proxy This is a proxified and sanitized view of the page, visit original site.