Real Time Infrastructure
Save on TCO
100Gbps Network DPI, Content Extraction
Deep packet inspection (DPI) is an advanced method of examining and managing network traffic. It is a form of packet filtering that locates, identifies, classifies, reroutes or blocks packets with specific data or code payloads that conventional packet filtering, which examines only packet headers, cannot detect.
DPI combines the functionality of an intrusion detection system (IDS) and an Intrusion prevention system (IPS) with a traditional stateful firewall. This combination makes it possible to detect certain attacks that neither the IDS/IPS nor the stateful firewall can catch on their own. Stateful firewalls, while able to see the beginning and end of a packet flow, cannot catch events on their own that would be out of bounds for a particular application. While IDSs are able to detect intrusions, they have very little capability in blocking such an attack. DPIs are used to prevent attacks from viruses and worms at wire speeds. More specifically, DPI can be effective against buffer overflow attacks, denial-of-service attacks (DoS), sophisticated intrusions, and a small percentage of worms that fit within a single packet.
DPI-enabled devices have the ability to look at Layer 2 and beyond Layer 3 of the OSI model. In some cases, DPI can be invoked to look through Layer 2-7 of the OSI model. This includes headers and data protocol structures as well as the payload of the message. DPI functionality is invoked when a device looks or takes other action, based on information beyond Layer 3 of the OSI model. DPI can identify and classify traffic based on a signature database that includes information extracted from the data part of a packet, allowing finer control than classification based only on header information. Endpoints can utilize encryption and obfuscation techniques to evade DPI actions in many cases.
A classified packet may be redirected, marked/tagged (see the quality of service), blocked, rate limited, and of course, reported to a reporting agent in the network. In this way, HTTP errors of different classifications may be identified and forwarded for analysis. Many DPI devices can identify packet flows (rather than packet-by-packet analysis), allowing control actions based on accumulated flow information.
TODAY'S TRAFFIC AND DPI
Today’s traffic and high-speed 100Gb links put severe pressure on vital security tools like Deep packet Inspection tools (DPI) that inspect traffic to block data leaks and malware. The one way of solving this problem is to effectively distribute traffic from 100Gb network links to the security tools running on the lower speed links to mitigate the gap between the higher data rate of the core network and the lower data processing capacity of the tools to optimize the functionality offered by each tool. To do that sophisticated load balancers are needed in the enterprise infrastructure which is increasing the administration cost and the TCO of the infrastructure. The basic architecture of solving Deep Packet Inspection problem on 100Gbps links are shown below:
FPGA'S ROLE IN DPI
Due to the increasing number of security vulnerabilities and network attacks, the number of Regular Expressions (RE) in DPI is constantly growing. At the same time, the speed of networks is growing too—telecommunication companies started to deploy 100 Gbps links, the 400 Gbps Ethernet standard has recently been ratified, and large data centers already call for a 1 Tbps technology. Consequently, despite many proposed optimizations, existing DPIs are still far from being able to process the traffic in current high-speed networks at the line speed. The best software-based solution we are aware of is the one that can achieve a 100 Gbps throughput using a cluster of servers with a well-designed distribution of network traffic. Processing network traffic at such speeds in single-box DPIs is far beyond the capabilities of software-based solutions—hardware acceleration is needed.
A well-suited technology for accelerating DPIs is that of field-programmable gate arrays (FPGAs). They provide high computing power and flexibility for network traffic processing, and they are increasingly being used in data centers for this purpose.
Why choose FPGA as an acceleration platform? Well, there are several reasons for that.
- Performant enough as an ASIC for certain workloads
- Flexible enough to reconfigure, change schemas, test the market, proof the solution, adjust development, build a viable product based on customer feedback
Meanwhile, FPGAs have their cons as well. It is extremely hard to build a solution on the FPGA silicon, just like building ASIC design which yields to the slow FPGA market adaptation as a default computing unit.
Let's take a deeper look at the FPGAs to understand what is under the hood of these chips.
A field-programmable gate array (FPGA) is an integrated circuit (IC) that can be programmed in the field after manufacture. The FPGA configuration is generally specified using a hardware description language (HDL), similar to that used for an Application-Specific Integrated Circuit (ASIC). FPGAs contain an array of programmable logic blocks, and a hierarchy of "reconfigurable interconnects" that allow the blocks to be "wired together", like many logic gates that can be inter-wired in different configurations. Logic blocks can be configured to perform complex combinational functions or merely simple logic gates like AND and XOR. In most FPGAs, logic blocks also include memory elements, which may be simple flip-flops or more complete blocks of memory. Many FPGAs can be reprogrammed to implement different logic functions, allowing flexible reconfigurable computing as performed in computer software. The simplified schematic view of the FPGA chips are shown below:
Logic blocks - allow designing digital circuits which perform computation
Interconnect - allows connecting your logic blocks to design complex and large designs
IO Blocks - allows interacting with the different interfaces, network, storage, server’s buss
*everything is programmable
*everything is reconfigurable. Change your firmware in milliseconds.
*after FPGA design is successfully implemented you can move forward to produce ASIC immediately if necessary.
MongoDB Acceleration using Grovf's MonetX Platform
Databases provide a wealth of functionality to a wide range of applications. Yet, there are tasks for which they are less than optimal, for instance when processing becomes more complex or the data is less structured. As data is exploding exponentially only CPU based systems no longer provide real-time insights to businesses in a cost-effective way. At Grovf we designed a Monet – A FPGA based smart memory extension for near memory data processing. Monet implemented on top of Xilinx’s Alveo U50 acceleration card and once plugged into server’s PCIe bus acts as a standard RAM memory for the Linux operating system with in-memory compute API capability.
- 10GB/s, 2TB RAM memory on a single PCIe slot
- Network accessible memory
- In-memory data computing
- RAM Memory extension without increasing number of servers’ sockets
- Linux compatible
MonetX acts as a standard RAM memory once connected to the server’s PCIe slot. With in-memory computing capability, it provides a simple API to host layer for easy utilization of the functions. Based on the Monet smart memory extension MongoDB has been accelerated 3.5X for all stages of data aggregation.
MongoDB acceleration is based on Grovf’s MonetX acceleration platform, which is an FPGA based smart memory extension for near memory data processing. The operating system recognizes MonetX as a standard memory extension which also provides high-performance computing cores API for the host layer. Data can be stored to MonetX memory extension, just like into any other memory connected to the server. Applications than can initiate different processing on the data stored into the MonetX platform directly running on FPGA, where data resides also. MonetX supports many high-performance computing cores such as Regular Expression processing, Search/Sort processing, Data compression/decompression, Statistical Data processing algorithms, etc. MongoDB performance has been boosted 3.5X only using the MonetX acceleration platform as a high bandwidth memory extension for standard server architecture without using any build-in high-performance computing cores in the FPGA. This leads to zero code change in the application(MongoDB) side and provides 3.5X acceleration. More acceleration for the MongoDB and any other application can be achieved using build-in accelerated computing cores in the FPGA residing near memory.
Security Log Analytics
Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative.
Cybersecurity brings dual challenge of low-latency detection and remediation of advanced threats, and batch analysis of log data from servers, firewalls, applications and security systems. Considering how fast new threats and attacks emerge, Big Data performance and the use of new types of software and hardware accelerators is becoming more critical.
Technology is essential to giving organizations and individuals the computer security tools needed to protect themselves from cyber attacks. Three main entities must be protected: endpoint devices like computers, smart devices, and routers; networks; and the cloud.
Grovf's text processing FPGA cores and Open source software SDK provide a effortless way to use powerful FPGA devices for vast amount of security log analysis.
FPGA's powered with Grovf's Regex, Exact Search and Similiarity Search functions provide to organizations to analize hundreds of megabytes of data in real-time and detect security alerts.
In 2018, there was generated more data than in the entire previous human history. Current processors have reached their physical limit and are not capable to provide the desired business value.
On Dec 4 at the China National Convention Center, the CTO of Grovf delivered a presentation on Grovf MonetX platform and on database acceleration in general. Accelerating FPGA based MongoDB with zero code change, Artavazd has shown how we manage to reach 3.5X for all stages of data aggregation.Read more
After our participation in SPS 2019, we head to Xilinx Developer Forum (XDF) 2019 in Beijing, China. Join us Dec 4 at the China National Convention Center where our CTO will be delivering a presentation on database acceleration and Grovf MonetX. You can also learn how MongoDB gets accelerated 3.5X for all stages of data aggregation, based on Grovf MonetX innovative platform.Read more
Grovf currently takes part in SPS - Smart Production Solutions Nuremberg 2019, the leading trade show for smart and digital automation. As a part of Xilinx Stand, we demonstrate a demo under the title of on-premises Analysis of Massive Process Data, showcasing Grovf Industrial IoT targeted acceleration on Xilinx Alveo Adaptable Accelerator Cards.Read more
Grovf has been selected as one of 15 finalist startups for the World Congress On Information Technology and will be showcased at Lightning Round Sessions that WCIT hosts for the first time ever.Read more
Grovf has been featured as one of the partners extending the Xilinx ecosystem during XDF 2019 in San Jose.Read more
Grovf Inc. is excited to announce a new partnership with Xilinx Inc., the leader of programmable logic devices and the most dynamic processing technology in the industry. In the scope of Acceleration program partnership, Xilinx and Grovf will engage in a strategic business relationship and offer high-performance solutions, performing faster than CPU.Read more
Months ago Grovf launched High Performance computing course with 21 students shortlisting them from more than 100 applicants. The 2-month intensive course covered the topics of CPU-FPGA pairs, LUT, Pipelining, Logical schemes, provided basic knowledge of Heterogeneous Architecture/SYSTEMS, Verilog, C++, Linux and OpenCL.Read more
We are proud to announce that GROVF accomplished one more milestone. The first stage of a fruitful collaboration with the European Commission is completed.Read more
With 2018 coming to a close, we want to take a moment to thank our clients and partners for being with us and wish a great 2019!Read more
Grovf, the developer of Java Virtual machine accelerator SaaS, finalized the pre-seed round lead by SmartGate VC. Granatus Ventures and US angels are among the investors. The funds will be used for technical hiring and engaging first early adopters in the US market.Read more
GROVF participates in the Xilinx Developer Forum, held in Frankfurt, Germany. The forum brought together about 1100 attendees and 80 speakers from around the world. Participants took part in the breakout sessions relating to the topics of hardware design, embedded system software, edge software development, cloud software development, and much more.Read more
The Secretary General of the International Telecommunication Union (ITU), Houlin Zhao, who arrived in Armenia at the invitation of the RA Prime Minister Nikol Pashinyan, visited the Engineering City with the Minister of Transport, Communication and Information Technologies Hakob Arshakyan.Read more
On 10 and 11 September, Grovf took part in the EIC Innovators’ Summit held in Berlin. With a community of over 4000 companies, the summit gathered together representatives working in life sciences, renewable energy, healthcare, mobility, software development, material engineering, agritech and industry 4.0.Read more
IoT phenomenon brings new challenges to traditional computing systems. The enormous quantity of data is being generated by different devices connected through the internet nowadays. Ability to capture and analyze all the data within a reasonable time range is a major challenge for data centers.Read more
We are delighted to announce that Grovf was awarded a funding grant by Horizon 2020 – Research and Innovation Framework Programme. The award comes as part of an initiative aimed at research and innovation projects which are at the forefront of excellent science, industrial leadership and tackling societal challenges.Read more
Grovf has participated in world’s largest industrial trade fair: Hannover Messe. The world’s leading Trade Fair for Industrial Technology. All key technologies and core areas of the industry – from research and development, industrial automation, IT, industrial supply, production technologies and services to energy and mobility technologies – were presented in Hannover. This year’s focus was Industry 4.0 and Data.Read more
Armenian Public Radio interviewed us about IoT, IIoT and the need for hardware acceleration for databases in the IoT era.Read more