Publication Details
Trade-offs and Progressive Adoption of FPGA Acceleration in Network Traffic Monitoring
Puš Viktor, Ing., Ph.D. (CESNET)
Benáček Pavel, Ing. (CESNET)
Kořenek Jan, doc. Ing., Ph.D. (DCSY FIT BUT)
FPGA, Monitoring, Acceleration, Application protocols, L7
Current hardware acceleration cores for network traffic processing are often well optimized for one particular task and therefore provide high level of hardware acceleration. But for many applications, such as network traffic monitoring and security, it is also necessary to achieve rapid development cycle to provide fast response to security threats. We propose and evaluate a new concept of hardware acceleration for flexible flow-based network traffic monitoring with support of application protocol analysis. The concept is called Software Defined Monitoring (SDM) and it relies on a configurable hardware accelerator implemented in FPGA, coupled with smart monitoring tasks running as software on general CPU. The monitoring tasks in the software control the level of detail and type of information retained during the hardware processing. This arrangement allows rapid application prototyping in the software, followed by further shifting of the timing critical parts of the processing to the hardware accelerator. The concept is proposed with the scalability in mind, therefore it is suitable for different FPGA based platforms ranging from embedded single-chip solutions (such as Zynq or Cyclone V) to high-speed backbone network monitoring boxes. Our pilot high-speed implementation using FPGA acceleration board in a commodity server performs a 100 Gb/s flow traffic measurement augmented by a selected application protocol analysis.
@INPROCEEDINGS{FITPUB10715, author = "Luk\'{a}\v{s} Kekely and Viktor Pu\v{s} and Pavel Ben\'{a}\v{c}ek and Jan Ko\v{r}enek", title = "Trade-offs and Progressive Adoption of FPGA Acceleration in Network Traffic Monitoring", pages = "264--267", booktitle = "2014 24th International Conference on Field Programmable Logic and Applications (FPL 2014)", year = 2014, location = "Munich, DE", publisher = "IEEE Circuits and Systems Society", ISBN = "978-3-00-044645-0", doi = "10.1109/FPL.2014.6927443", language = "english", url = "https://www.fit.vut.cz/research/publication/10715" }