WireHex

Deep Packet Inspection & Analysis Tool

The expansion of IoT devices, modern DevOps processes, cloud computing and encryption heavily affected the enterprise network. Increasing network complexity made it harder for security teams to imply more efficient threat detection and responsiveness. Moreover, Deep packet inspection faces challenges when processing traffic at high-speed networks.


So, security practices should evolve as well, giving priority to advanced network traffic analysis and aiming to accelerate DPI technology. Grovf offers WireHex - Deep Packet Inspection & Analysis Tool, designed for 100Gbps networks.


WireHex enables 100Gbps network real-time data analytics and the retrieval of sophisticated statistical information, reaching ~99% data visualization accuracy. Based upon the Xilinx Alveo cards, WireHex acts as a transparent network device that performs advanced network analysis, DPI and firewalling operations. It supports packet blocking based on network header parameters as well as the payload lookup using 20K user-defined rules.

 

Key benefits:

- DPI and network analysis at 100Gbps

- Checking the input data against 20K user-defined rules

- Packet blocking based on user-defined rules

- Transparent bidirectional mode

- Elasticsearch and Kibana integration for data analytics

 

Learn more about the product.
Request a product demo.

100 Gbps

Bandwidth

10X

Faster than CPU

99 %

data retrieval accuracy

Security Log Analytics

Security Log Analytics

Considering how fast new threats and attacks emerge, Big Data performance and new approaches to data analytics acceleration are becoming more vital. Grovf offers hardware acceleration in the form of text processing FPGA cores and Open source software SDK, offering an effortless way to use powerful FPGA devices for vast amounts of security log analysis. FPGA reconfigurable chip, powered with Grovf's Regex, Exact Search and Similarity Search functions, allows organizations to analyze hundreds of megabytes of data in real-time and detect security alerts maximizing their time-efficiency.


Deep packet inspection (DPI) acceleration

Deep packet inspection (DPI) is an advanced method of examining and managing network traffic. It is a form of packet filtering that locates, identifies, classifies, routes, or blocks packets with specific data or code payloads that conventional packet filtering, which examines only packet headers, cannot detect. DPI combines the functionality of an intrusion detection system (IDS) and an Intrusion prevention system (IPS) with a traditional stateful firewall. This combination makes it possible to detect certain attacks that neither the IDS/IPS nor the stateful firewall can catch on their own. Stateful firewalls, while able to see the beginning and end of a packet flow, cannot catch events on their own that would be out of bounds for a particular application

Deep packet inspection (DPI) acceleration