Suricata Network Security IDS / IPS -- Project Updates
Suricata is a free and open source, mature, fast and robust network threat detection engine.
The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline pcap processing.
Suricata inspects the network traffic using a powerful and extensive rules and signature language, and has powerful Lua scripting support for detection of complex threats.
Paxym has helped Customers with OCTEON Multi-core CPUs to achieve excellent performance, above and beyond available from the stock Suricata package (Jan-2018) itself.
- Tests were performed with iperf, iperf3, Traffic generator,
- UDP and TCP packet streams,
- Packet sizes: 75, 300, 642, 1500,
- Flows: 10 flows upto 1000 flows,
- Pcap replay test: typical Office mixed flow streams 20 hours capture,
- Packet scanning extent: Full depth
- Performance gains from 2.5x to almost 4x based on conditions,
- Test platform OCTEON CN7130 4-core system @1.5Ghz with 2G memory (only 2 cores used),
- Suricata I/O path optimized for OCTEON Packet I/O Blocks,
- Suricata in IPS mode and NFQUEUE operation only 3 queues,
- Potential gains estimated upto 25% with HFA acceleration