faolan
Uploaded by
11 SLIDES
263 VIEWS
110LIKES

Accelerated Firewall: .NET MANIACS Hardware Solution for Enhanced Performance and Security

DESCRIPTION

The .NET MANIACS project presents a state-of-the-art hardware-accelerated firewall designed to enhance network security and manage performance issues. It aims to mitigate the severe economic impact caused by malware, exemplified by the $1.2 billion loss from the spread of the Sapphire Worm. The solution features a high throughput, capable of monitoring speeds of up to 10 Gbps, and significantly reduces update latencies. This hybrid firewall leverages innovative architecture to process packets efficiently while maintaining rigorous security protocols.

1 / 11

Download Presentation

Accelerated Firewall: .NET MANIACS Hardware Solution for Enhanced Performance and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NET MANIACS Sdn Based Hardware accelerated FIREWALL ByNet Maniacs Abhishek KatuluruArun Kumar LokreMohd Yusuf Abdul HamidVasantham Sudheer KumarSantosh Kalakonda

  2. Problem statement NET MANIACS LOSS $1.2 BILLION 3000000 Infected Hosts 300000 30000 • The Spread of Sapphire Worm in the 30 minutes after its release 1Gbps 10 Gbps 100Mbps

  3. Problem statement Performance Evaluation Hardware ANALYSIS Hardware Update time 2us Firmware Update time 50us Firmware Hosts Affected 1666.5 166.65 16.65 66 6.6 0.666 100Mbps 1Gbps 10 Gbps Line Rate

  4. Firewall application overview NET MANIACS CONTROL NORMAL PACKET PACKET WITH PATTERN INSTRUCTION PACKET DROP ALLOW ! REROUTE ! UPDATED ! NETFPGA NODE 1 NODE 2 NODE 3

  5. PROJECT ARCHITECTURE NET MANIACS OUTPUT PORT LOOKUP INSTRUCTION PACKET ARBITER UPDATED FIFO FIFO LOOKUP HARDWARE CPU CPU RE-ROUTE HW ACC RE-ROUTE HW ACC ARBITER OUTPUT QUEUE

  6. Cpu architecture NET MANIACS Thread 1 Branch Logic ID/EX MEM WB Register File Instruction Memory T1: ADD T1: SW Data Memory MUX ALU Memory Mapped for HW Acc Register File Instruction Memory T2: ADD T2: LW Branch Logic Thread 2

  7. Fifo design NET MANIACS MEMORY NET MANIACS DESIGN CONVENTIONAL DESIGN 0 PACKET RECEIVED RESET Rd_Ptr FIFO Memory FIFO BUSY (Accept Current Pkt and Send Previous Pkt) Wr_Ptr FIFO 255 256 Scratch Memory PACKET PROCESSED CPU BUSY (CPU Processing) 511 Memory Mapped I/O Up to 50%

  8. FIREWALL Hardware Accelerator NET MANIACS LOOKUP HARDWARE ACC. IP LOOKUP ACTION MATCHER Denied List CAM Allowed List CAM IP IP Parse Logic Match Match Packet Packet Normal/ InstPkt Match en en

  9. Performance comparison NET MANIACS • Comparison against the Open Source DPI Firewall. • Performance between H/W and S/W in terms of: •  Throughput •  Latency References: 1)Jedhe, G.S.; Ramamoorthy, A.; Varghee, K., “A Scalable High Throughput Firewall in FPGA,” The 16th International Symposium on Field-Programmable Custom Computing Machines, FCCM’08, Palo Alto, CA, USA, April 14-15, 2008, pp. 43-52. 2) Building Firewall over the Software-Defined Network Controller, Michelle Suh, SaeHyong Park, Byungjoon Lee, SunheeYang, SDN Research Section, ETRI (Electronics and Telecommunications Research Institute), Korea

  10. Project schedule NET MANIACS

  11. NET MANIACS

More Related