White Papers and Briefs

IP Network Surveillance using IP Fabrics' DeepSweep

DeepSweep ™ is new systems-level product from IP Fabrics aimed at the emerging IP-based Network Surveillance market.  Included in this market are market segments/application areas such as intelligence gathering for national security, lawful interception for criminal investigations, internal network abuse/misuse detection and capture, and general cyber crime surveillance.  In particular, DeepSweep is a very attractive solution for small ISPs now faced with complying with the FCC’s recent broadband CALEA requirements.

DeepSweep Performance

The DeepSweep surveillance system has a wide breadth of functionality, embodied in its easy-to-use, configurable software functions called Surveillance Modules, to provide a broad range of uses in VoIP and broadband Internet intercept, content or signature-based surveillance, analysis of malicious traffic, forensic analysis of cybercrime, detection of network abuse, and others.  In spite of this functional power, the area where DeepSweep really outshines other solutions is its high performance.  We will explore what makes this so in this paper.

Brief Overview of PPL and the PPL Virtual Machine

PPL (Packet Processing Language) is a very-high-level language for describing the processing of network packets, with the intention (but not requirement) that it be implemented on a network processor, such as the Intel IXP2xxx family.  The primary goal of PPL is to hide the details and complexities of the underlying processor(s) such that the development time of NPU-based networking applications can be measured in days rather than months or years.PPL Time to Market

PPL is a high-level functional packet processing language that one can easily grasp due to its focused syntax and semantics. Programs written in PPL are interpreted by the PPL Virtual Machine to run on a target network processing machine, like the IXP2850 or IXP2350. This allows network engineers to develop, deploy and maintain complex logic rapidly, without having the need to know target machine specifics.

PPL Performance

Performance of a programmable network device is characterized by throughput, latency and footprint. Logic written in PPL and interpreted by PPL Virtual Machine to run on a target machine outperforms code written in low–level languages, for most applications. This is accomplished by hiding memory access latency, performing data-path optimization, reducing communication between threads and enforcing functional re-use. These optimizations scale very well with logic complexity and far outweigh the additional footprint (control store, Sram, Dram).

IP Fabrics PPL Software - Enabling State-of-the-Art Session Border Controllers

Originally developed to provide security and access services in Voice over IP (VoIP) networks, the role of the session border controller has grown as service providers accelerate their delivery of IP-based services. This paper shows how IP Fabrics PPL Software enabled Jasomi Networks* to continue to advance the state-of-the-art technology used in its PeerPoint* products in conjunction with the AdvancedTCA* form factor, programmable Intel® network processors, Intel NetStructure® boards.

IP Fabrics PPL Software - Enabling Modular, Flexible Internet Security Gateways

The proliferation of Internet, VPN, and broadband networks has heightened security awareness among network administrators. Given the essential role of the Internet in the world of business and commerce, transaction and information security is a top priority for corporations and governments worldwide. A modular architecture like Advanced Telecom Computing Architecture (AdvancedTCA* or ATCA*) combined with off-the-shelf solutions addresses the need for high-performance security solutions that handle deep packet processing at multiple gigabit wire speeds. The solution described in this paper shows how IP Fabrics software and tools enable such a solution in conjunction with the RadiSys Promentum* ATCA-7010 and  Intel® building blocks.