Hardware strikes back
Not surprisingly, a desperate need for throughput on a complex algorithm elicits responses from hardware architects. But this one is a bit different. The sheer variety of patterns that must be sought is daunting. Their volatility, even from hour to hour in some cases, appears to preclude a hardware-based solution. Yet acceleration is clearly necessary.
Tarari addresses that problem with a proprietary chip called a Content Processing Engine (CPE)-essentially a dense multiprocessing chip with individual processor elements optimized for packet-based operations. The company provides the chip only at the subsystem level, packaged as two chips and supporting memory and interface hardware on a single board.
Software is available from Tarari to equip the engines for a number of tasks, including decompression and decomposition, simple scanning and XML parsing. Its most recent software release is a regular-expression processor for the CPE. This allows the security manager to create a set of Posix 1003.2-compliant expressions, which are then compiled into a single-pass code for the CPE. Individual pattern segments can be switched on and off without re-creating the entire set.
The Tarari board is intended for inclusion in a larger system. But system-level solutions are hitting the market as well. An integrated security system for enterprise networks is being shown this month by iPolicy Networks Inc., a company representing the merged assets of Duet Technologies and Tunnelnet Inc. Originally intended for carrier customers offering managed security services, the Fremont, Calif., company's ipEnforcer is now being introduced in special versions for the enterprise and, eventually, even for remote telecommuters using cable modem or DSL links.
Discover the benefits of scalable backbone and network services for application and cloud providers.
Network automation is gaining momentum. Here's how you can drive this powerful technology to its full potential.
Subsea cable alternatives can provide a level of comfort for those concerned about disruptions. Realistically, they will continue to play a small, but critical role in the short term.
