Overcoming Packet Broker Limitations

Shlomo Gurfinkel

Cyber Security applications are often overutilized with irrelevant traffic to the point where they cannot get the job done, placing the enterprise at risk. Here are three examples for such scenarios: The first example is in the case of duplicated packets that are collected from TAPs and SPAN ports that do not add any value to the analysis and yet overload the cyber security application. A second example are application specific security or monitoring solutions such as WAF that analyzes HTTP traffic and needs to filter out non-HTTP traffic. A third example could be a nation level cyber security solution that needs to identify a black list of 10,000 URLs or 1,000,000 IP addresses.

The solution for these challenges are packet brokers that eliminate duplicated packets, filter traffic according to IP and MAC addresses and track URLs with regular expressions.

However, there are two challenges with most of the packet broker solutions:

  1. Performance limitations of the packet broker hardware that lags behind the network infrastructure
  2. The high price of packet brokers appliances for complex and demanding 40G and 100G deployments

CGS Tower Networks resolves these challenges by introducing a packet broker software deployed on modern, powerful, scalable and affordable server platforms.

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.

Skip to content