GROVF Network security solutions already on the Xilinx website

 

Empowering network security measures at a hardware level has always been one of the key directions for GROVF. Given how quickly new threats and assaults evolve, Big Data performance and newer methods to network traffic management have been becoming highly essential. Grovf provides hardware acceleration and an easy approach to employ powerful FPGA devices for a wide range of security. applications.

Grovf Network Security Acceleration and Offload Solutions, specifically WireHex, GRegex, and GSearch bring computing to higher speeds that are beyond the capabilities of CPUs and software implementations.  Based on Smart NICs that contain FPGA as a processing unit, they achieve 100 Gbps throughput regardless of the regular expression or searching rule set. 

 

 

WireHex

WireHex is a deep packet inspection and analysis tool designed for 100Gbps networks. Based on Xilinx Alveo cards, WireHex acts as a transparent network device that conducts complex network analysis, DPI, and firewalling activities. The device can block packets based on network header characteristics and lookup payloads using 20K user-defined rules. Packets are captured in the host server using the Elasticsearch DB engine relying on the matching information. Integration with the Kibana visualization tool enables advanced statistical analysis of data running across a 100Gbps network. The accuracy of data visualization is 99 percent.

 

GSearch

GSearch is a probabilistic search engine that can scan 100G traffic for > 10K rules without slowing down the traffic flow. In comparison, software implementations are much slower. Software speed decreases as Rule size or the number of Rules increase. 

The solution consists of two parts: Probabilistic match IP core on the FPGA side and the drivers on the Host side: The data sources of the solution can be the NIC of the server using Linux Kernel or DPDK library, the network interface available directly on the acceleration card or any application running on the Linux environment for feeding the IP Engine Drivers with the data.

 

GRegex

GRegeX is a single-IP core version of the standard regular expression algorithm on an FPGA device, delivering 12.8 GB/s throughputs that can be achieved regardless of the regular expression rule set while software implementation speed decreases when using more complex regex rules such as brackets and repeat symbols. Developers can design desired rules that can be processed in a chip without compromising performance using a wide variety of available regular expression functions. Smart firewalls, security, and log text analysis are among the applications targeted. The solution consists of two parts: Regular Expression IP core on the FPGA side and the drivers on the Host side.