Overview

Handle the network flows in Hardware

Netcope Session Filter (NSF) is a session-oriented packet capture solution that leverages the hardware platform of Netcope FPGA Boards to accelerate per-packet processing and flow-based stateful filtering, which leaves more CPU performance for complex processing of network traffic like DPI. The cooperation of hardware and software makes it possible to build a powerful solution even for 100G Ethernet networks based on commodity multi-core servers.

Key feature of NSF is stateful filtering-based Packet manipulation, which offers significant advantage over per-packet stateless processing. NSF perceives network traffic as a set of network flows and it is able to track hundreds of thousands of network flows directly in hardware. Software applications leverage hardware preprocessing of network flows to identify flows of interest for further processing and instructs hardware through API on how to deal with each flow. In other words, it allows you to zoom in interesting traffic, drop the traffic of no interest and gather statistical information about the rest of the traffic. NSF provides many ways to handle network flows in hardware. Autonomous in-hardware processing tracks the flows and gathers statistical information about the flow: communicating endpoints (IP addresses, TCP/UDP ports, L4 protocol), timestamps of beginning and end of the communication, number of transferred bytes and packets etc. In case in-software processing is required, NSF can transfer the packets of a network flow to SW in form of whole packets, packets cropped to specified length, or extracted header fields only, depending on the requirements and complexity of processing of the software application.