P-Series

• Inspect, monitor, and protect at line-rate Gigabit and 10 Gigabit speeds
• Open, flexible architecture
• Predictable performance under all traffic conditions
• 100 percent hardware-based rules processing

High Performance Traffic Inspection, Monitoring and Protection at 10 Gbps

The Force10 P-Series family of Gigabit and 10 Gigabit security appliances are the first to deliver line-rate 10 Gigabit per second performance. Based on patented Dynamic Parallel Inspection (DPI) technology, the P-Series uses an innovative, new processing architecture to simultaneously apply thousands of rules to each packet. In fact, security rules are dynamically embedded into the fabric of the hardware allowing the P-Series to deliver predictable performance and signature scalability under all traffic conditions.

To provide further flexibility, the Force10 P1 and P10 support open source network security and monitoring applications, enabling customers to specify capture and filtering policies from public domain signatures, standard network monitoring libraries or customer-defined custom rules bases.

Key P-Series Applications

• Intrusion detection and prevention at line-rate Gigabit and 10 Gigabit speeds
• Pre-processing for legacy security devices at the WAN edge
• Assists with inspection and flexible capture for lawfully authorized electronic surveillance and CALEA applications
• Continuous guard, monitor and capture of key data to ensure compliance with regulations such as Sarbanes-Oxley and the Gramm–Leach-Bliley Act
• Open application program interface for creating custom network security and monitoring applications

Key P-Series Features

• Line-rate 10 Gbps deep packet inspection with support for Jumbo frames
• Predictable performance regardless of traffic conditions or number of rules
• Support for both active inline or passive monitor/capture deployments
• Dynamically write rules directly into hardware for greater flexibility in responding to malicious traffic
• Compatible with Snort, Bro, Ethereal, and Tcpdump

Performance

The IPS engines run at full line-rate for GbE or 10 GbE network links with full deep-packet inspection and stateful signatures/policies enabled.

Predictable Performance

As a pure hardware-based inspection system, the P-Series is inherently 100% predictable in how operations are performed and won’t write a rule that won’t fit in wire-speed packet analysis. This leads to identical performance, identical throughput, and identical latency under any traffic load, or with any number of rules applied.

Manageability

The P-Series are managed with a simple text-based rule-management screen that enables users to:

• Start and stop the interface; turn on/off each rule
• Manage runtime parameters such as packet truncation, flow length, and timeout
• Set capture/ignore and block/forward policies for each rule

P-Series Product Matrix