Next Generation ATCA Multicore, Meet the SIEM Market
Mar 21, 2011
Cyber security is one of the top issues facing our nation today. President Obama last year conceded that the U.S. is not fully prepared to defend itself against major network threats, and more than 10 million U.S. residents have been victimized by identity theft.
SIEM (Security Information and Event Management) applications are one of our country’s best tools for combating these threats. Our future security, and those of coming generations, will depend on the advancement of these applications to protect our cyber-infrastructure and our critical networks.
As of today, most national security and government networked systems cannot accommodate the control analytics needed to activate a true security management system. Our critical networks need to be upgraded: as of now, these networks are bogged down in static network monitoring and data logging applications. If we don’t work to develop a dedicated, real-time system to monitor critical network assets, they will remain insufficient – and leave our critical systems open to cyber-terrorism.
Today’s security market and regulatory requirements demand the capture of 100,000 events per second or more, but legacy SIEM architectures can scale only 10,000-15,000 events per second. A great way to increase the performance of this architecture is by leveraging the massive quantity of CPU cores available today in a Deep Packet Inspection (DPI)-based security management solution.
The recently released ATCA multi-core CPU blades based upon Intel’s Xeon 5600 processors offers six cores per processor to satisfy SIEM’s scalability demands. New platform solutions like the RadiSys ATCA-7220, a dual OCTEON packet processing AdvancedTCA blade, are ideal for implementing DPI. This blade contains an on-board 10GE switch that acts as a smart front end for its OCTEON processors, which allows independent resettling of the OCTEON processing complexes for fault isolation and provides flexible data flow options.
Final Score from NEI
As AdvancedTCA architecture transitions from 10G to 40G, real-time access to critical data needed to manage cyber threats will be more attainable. Having 40G bandwidth will finally begin to align security forces with real-time management, a crucial step in our struggle for cyber security. As cyber threats become more complex and severe, SIEM and the network platforms on which they operate will continue to improve, for the betterment of our critical systems- and the security of our nation.