|
High Performance Platform for High Performance Security
 The Kynetique Application Platform (KAP) is the platform
of choice for high-performance network applications such as Open Source
Intrusion Detection & Prevention Solutions, VOIP servers,
Firewalls, Unified Threat Management (UTM) Systems, and security
applications. It is a powerful and efficient rearchitected Linux
solution that delivers solid High Performance Computing (HPC)
capabilities and enables a deeper level of packet data inspection and
analysis by operating at extremely high speeds.
Network attacks, cyber terrorism, viral attacks, espionage, and malicious insider threats are increasing with successful compromises being reported weekly. The patent pending Kynetique Application Platform captures 100% of the packets, (0 bytes to 1500 bytes, including Jumbo frames), at full line rate, which then delivers those packets to the application while leaving 95% of the CPU available to the application.
Enhances Performance
The immense bandwidth available on today’s corporate
data networks place great demand on security software and appliances;
requiring robust networking functionality and extreme
high-performance. Built upon an optimized, feature-enhanced
and performance-tuned distribution of the Debian GNU/Linux operating
system, Kynetique’s underlying operating system facilitates optimal
performance gains to your operational or security system with little
additional cost.
Ensures 100% Packet Capture
When applied as an Intrusion Detection System or
Extrusion Detection System, Kynetique customizes the capabilities of
best-of breed industry-standard hardware to fully support the
wire-speed capabilities of network traffic-capture data-acquisition
technology. Its accelerated network interface modules ensure a 100% packet or cell capture and that every packet is made available to the analysis software. With Kynetique, you’ll avoid the possibility of even one packet slipping through to cause possible damage, which is especially useful in compliance issues.
Delivers High Availability
Kynetique was designed with high availability and continual operation
in mind, from sourcing high performance components with proven
reliability, through the provision of redundant hot-swappable power
supplies and robust RAID array storage.
Maximizes Efficiency
Kynetique helps end the one server, one application
problem common in so many enterprises today. Most servers operate at
less than 15% of capacity, yet still consume power and generate heat on
a 24x7 basis. Kynetique consumes almost no machine resources or power
in the absence of specific requests, allowing the datacenter to achieve
higher levels of efficiency and utilization.
Integrates Easily
Based on an open-source operating system, Kynetique
comes with a number of open-source tools that leverage our network
packet-capturing technology and can easily be enabled by the system
administrator. It’s not just a typical security appliance – it is
highly tuned, computationally intensive ready, and has the ability to handle extreme high-speed sustained data-transfer rates right out of the box.
Offers Flexibility and Cost Savings
Available with the GigE and 10GigE
optimized Kynetique systems; the embedded Packet Classification Engine
provides a flexible platform for the classification of packets into
user-customizable categories. This highly optimized appliance allows
for packets belonging to specific categories to be handled differently,
with each packet’s matching rule tag recorded for easy identification
by analysis software. With options such as multiple network
interfaces, including GigE and 10GigE, and powerful AMD Opteron 64 processors, Kynetique can be tailored to any organization’s requirements.
The Kynetique Advantage
Kynetique utilizes the capabilities of best-of-breed
industry standard commodity hardware with proprietary and the most
accurate packet capturing and optimized operating system architecture,
ensuring that every packet is made available to the analysis software. This 100% line-rate traffic capture delivers real-time processing with unprecedented power for any compatible traffic-analysis application.
The Problem
The benefit Kynetique offers security experts is the
ability to re-purpose their tools (applications) to spend more time
performing deep packet analysis, multi-packet chaining, trend analysis
or whatever the purpose of the application or investigation is. For
example; most security analysts are familiar with SNORT® IDS, they are
also keenly aware that even with PF_Ring, SNORT will drop 40%-98% of
the packets when attempting to load even a modest rule set consisting
of 500 rules. This translates into approximately 250Mbs-400Mbs. In
other words during the heaviest periods of traffic on a 1Gig network,
probably during nightly backups 600-800Mbs, the IDS would only be
analyzing 2% of the packets. If you were a hacker when would you plan your attack?
The Answer
Kynetique takes the heavy lifting and pushes it down into the
kernel and driver level of the operating system. Leveraging a patented
architecture design by I.D. Rank Security, the high performance
operating system is finely tuned for network activity. In the case of
a security application, the application can now concentrate on its main
purpose, whether that is:
- signature rule matching
- deep packet inspection
- anomaly detection
- behavior pattern matching
- monitoring and trending
Kynetique does this via its patent pending design, while using less than 2% CPU at 1Gbs and 5% at 10Gbs.
This leaves the CPU available for enhanced application activity. For
example, in the case of an intrusion detection system, automated rules
for intrusion prevention can be activated (unlike 80%+ of the solutions
in production today). And, as a key component of the Kynetique
Advantage, the CPU is available to not only address intrusion; it has
the availability to address extrusion detection and prevention all
within a single security appliance.
Network Interfaces
| Line Interface | Ports |
Total sustained throughput at any packetsize/distribution
|
OC-3 / STM 1 *
|
2 |
310 Mbps
|
OC-12 / STM 4 *
|
2
|
1.2 Gbps |
GigE2
|
2
|
2.0 Gbps
|
OC-48 / STM 16 *
|
2
|
5.0 Gbps
|
| 10GigE / OC-192 |
1
|
9.7 Gbps
|
These line interface types are not currently
offered in the base system.. Please talk with your Sales Engineer about
customized solutions.
Specifications
- Processor/Cache - Intel Quad Core (Clovertown) E535 2.66GHz, 1333 FSB, 8MB cache, Socket 771
- System Bus - 1333 / 1066 / 667 MHz
- System Memory - (4) Four 4GB DDR2 667 Fully Buffered DIMMs (Total 16GB)
- Storage/Media - (2) Seagate ST3500640NS 500GB Enterprise Series hard drives with 16MB cache, 7200RPM
Chassis - 2U Short-depth chassis
- Dimensions - 17.2"w x 17.7"d x 3.5"h
- Gross Weight - 45 lbs (20.5kg)
- Power Supply - Dual redundant 700W power supplies
Throughput Size
Kynetique is available in different throughput size versions:
- 1Gb/sec – up to 1Gb of full packet capture
- 5Gb/sec – up to 5 Gb of full packet capture
- 10Gb/sec – up to 10Gb of full packet capture
Software or Hardware Appliance
Each Kynetique product is available as both a software
or hardware appliance. In all instances, a complete installation of
Kynetique is supplied with full configuration and upgrade capability.
All management and monitoring modules are provided. And, should you
need to upgrade to the next level of throughput, each installation is
capable of a smooth and seamless upgrade with the purchase of an
upgrade license.
- Software Appliance – 1Gb and 5Gb Kynetique available as a software product purchase
- Software Appliance – 1Gb and 5Gb Kynetique available in a monthly lease
- Hardware Appliance – 1Gb, 5Gb and 10Gb Kynetique available as a black box solution.
|
