Manualshelf

Pseries Installation Guide

ManualsBrandsForce10 Networks ManualsNetwork CardPSeries 100-00055-01
21222324252627282930
P-Series Installation and Operation Guide, version 2.3.1.2 23
Capturing to a Host CPU
Captured traffic can be sent to a host CPU through a libpcap library interface, where it can be made
available to applications for analysis. A typical implementation provides IDS/Snort acceleration because
of the hardware assist.
Figure 10 Capturing Matched Traffic via the libpcap Interface
SW
HW
libpcap
tcpdump Snort Custom app
M1 P1 P0 M0
Traffic to
monitor
PB-10GE-2P
fn90035mp
Matched Traffic
Use the P-Series in an integrated security monitoring solution through the management port. The P-Series
comes with support for Sguil NSM (see Network Security Monitoring on page 43).
Figure 11 Creating a Network Monitoring Solution with the P-Series
SW
HW
libpcap
Custom app
M1 P1 P0 M0
Matched Traffic
Traffic to
monitor
Mgmt
Port
Custom
security
monitoring
application
PB-10GE-2P
fn90036m
p