[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf vs ASIC firewalls

* Greg Hennessy <[email protected]> [2005-03-17 19:31]:
> On 17 Mar 2005 03:58:26 -0800, [email protected] (Henning Brauer) wrote:
> >> All of that said, I wonder if there isn't some way to implement 
> >> something vaguely PF-ish in an FPGA that would allow more control over 
> >> the rulesets than an off-the-shelf ASIC.
> >
> >there likely is...
> >I mean, state table and state table lookups in hardware, hand off 
> >ruleset processing to the main CPU, that would rock. If done right.
> Be interesting to see if that was possible using commodity offload hardware
> such as that found in 
> http://www.nvidia.com/object/feature_activearmor.html
well that is just marketing bullshit as far as i can tell
Henning Brauer, BS Web Services, http://bsws.de
[email protected] - [email protected]
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)