Virtually all organizations—businesses, government agencies, and non-profits—face escalating cybersecurity challenges. Attackers are becoming more sophisticated, and the volume of data that must be inspected continues to surge.
The Escalating Cybersecurity Landscape #
Cybersecurity pressure grows due to factors such as:
- An explosion of malware including viruses, Trojans, and worms
- Increasing scale and complexity of DDoS attacks
- Widespread deployment of IoT devices
- Rapid increases in data center link speeds (1G → 10G → 25G → 40G and beyond)
These trends push security systems to process ever-larger volumes of network traffic without missing threats.
Limitations of CPU-Based Open-Source Security Tools #
The cybersecurity ecosystem includes both proprietary hardware/software appliances and widely used open-source tools such as:
- Zeek (Bro): Deep network visibility, extracting rich metadata from traffic
- Suricata: IDS/IPS/NSM engine for real-time detection and packet capture
- Snort: Real-time traffic analysis and pattern-based threat detection
- ntop n2disk / nProbe Cento: High-speed network capture and traffic analytics
Although open-source solutions are cost-effective, CPU-only servers become a bottleneck. A typical CPU-based server can process around 15 Gbps of real-time traffic. Modern data centers far exceed this load.
This leads to a common but costly workaround:
- Deploy multiple CPU security servers
- Use load balancers to distribute traffic
- Manage a growing number of nodes
This increases hardware, networking, and operational expenses.
FPGA Acceleration: Intel® PAC + Napatech #
To bridge the gap between expensive proprietary appliances and overloaded CPU-based servers, Napatech uses the Intel® Programmable Acceleration Card (PAC) with Intel® Arria® 10 GX FPGA.
This FPGA-based SmartNIC architecture accelerates open-source cybersecurity tools, allowing standard servers to handle far higher traffic volumes.
Applications Accelerated by Intel® FPGA Technology #
Napatech’s solution enhances performance across several network and security tools:
- Suricata – real-time IDS/IPS acceleration
- n2disk – high-speed packet recording
- TRex – DPDK-based traffic generator for L4–L7 workloads
- Wireshark – deep protocol analysis
With Intel® Arria® 10 FPGA acceleration, properly configured servers can process 40 Gbps at full line rate with zero packet loss.
Latest Performance Gains #
- Suricata — 4× acceleration
- n2disk — 3× acceleration
- TRex — 4× acceleration
- Wireshark — 7× acceleration
Transforming the Server into a SmartNIC-Powered Security Appliance #
Napatech’s Link™ Capture Software for the Intel® PAC converts the accelerator card into a fully featured SmartNIC, enhancing performance for a wide range of open-source security workloads.
This enables data center operators to:
- Use open-source tools without sacrificing throughput
- Reduce the number of security servers required
- Avoid costly specialized hardware
- Achieve line-rate visibility at modern data center speeds
In effect, Napatech transforms off-the-shelf servers into high-performance cybersecurity appliances capable of keeping pace with today’s network demands.