Design a high performance COTS-Based NextGen firewall IPS/IDS, WAF and ML based malware detection that can achieve 30 GBPS packet processing throughput. The design incorporates that option of interfacing with hardware accelerators for high speed pattern matching or using software-based pattern matching algorithms like HyperScan.
NextGen UTMS Box using VPP/DPDK
OBJECTIVES/GOAL
CHALLENGES
Build a service chain frameworks that can steer packets to different security services like IPS/IDS, WAF, ML, SSL-Proxy to determine if the packet is to be allowed or blocked. Modifying and integrating Open-Source components to fir design. Benison has integrated F-Stack with SSL Split. Providing interface in SNORT for hardware acceleration.
ACCOMPLISHMENTS
Benison has demonstrated the following capabilities of the box SSL-Proxy to decrypt encrypted traffic for inspection and re-encrypt packets.
WAF and IPS/IDS services for detecting and blocking virus traffic
ML services to detect unknown new viruses with 94% efficiency
TECHNOLOGIES USED
VPP/DPDK
Machine Learning for malware detection
F-Stack integration for Open-Sourced components like – SNORT, SSLSplit and Modsec