 |
|
|
Appendix C - The Test Network The network infrastructure for this testing project was based on the Intel NetStructure 480T Routing Switch, which offers up to sixteen 10/100/1000Mbps ports in a single 2U device. All PCs were equipped with one or more Intel Pro/100+ network cards. Intel NetStructure 480T Routing Switch This standalone switch combines a non-blocking switching solution with intelligent routing capabilities to eliminate bottlenecks and boost performance. The 2U-high 480T features twelve 1000BASE-T ports for copper connections and four hot-swappable GBIC ports for fibre connections. This allows networks to migrate to Gigabit switches using existing Category 5 copper cabling, whilst the fibre connectivity supports runs of up to 70 km, aggregating workgroups throughout a building, campus or metro area.
The wire-speed, non-blocking architecture of the 480T can provide performance up to a claimed 48 million packets per second. Link aggregation technology allows faster networks with bigger pipes, supporting up to four trunk groups that each support four members, for resilient, redundant connections. A dual power supply option is also available for added resilience. The 480T is based on a 128Gbps shared-memory switching fabric in a four-slice architecture, consisting of four quad 100/1000 MAC chips. Its design is optimised for wire-speed IP routing and switching, which allows it to take advantage of high-performance silicon and a 128-byte-wide data path for real-time routing in hardware. Located out of the data path so as not to adversely affect performance, the CPU maintains route tables, processes protocols and determines policies and resources used by the ASICs. The 480T also provides layer 3 IP and IPX routing combined with layer 4 traffic management, allowing delivery of QoS capabilities, such as L2/L3/L4 bandwidth shaping for certain classes of traffic (streaming media and Voice over IP, for example). The switch provides layer 2, 3 and 4 processing through hardware rather than within the processor, and this provides full-wire speed performance on the 480T regardless of whether the traffic is switched or routed The 480T helps to ensure bandwidth for specific users through traffic shaping based on layer 2, layer 3 or layer 4 traffic profiles. Once these profiles are established, they can be assigned to 802.1p prioritisation queues, offering up to eight priority queues for advanced traffic control. 802.1Q VLAN support allows grouping of like users which reduces broadcast traffic and enhances security. To facilitate management, the 480T switch has an integrated management agent that provides an embedded Web server, SNMP, RMON, console/telnet session capabilities, and management via Intel Device View. Intel Pro/100+ Ethernet Cards During extensive testing for our IDS report we tested many products on many platforms. In all cases, the biggest potential bottleneck for any IDS system was the speed with which it was able to grab packets from the wire in promiscuous mode and pass these to the IDS engine for processing. The card we finally selected for our �reference� IDS platforms was the Intel Pro/100+ Ethernet NIC. Throughout the tests, only the Pro/100+ cards provided a consistently high level of performance enabling us to process up to 148,000 64-byte packets per second. Note that on certain Linux platforms, it is important that the default driver be replaced with that supplied with the card in order to achieve the highest levels of performance, since the Intel driver provides various parameters that can be altered to save CPU cycles (essential on heavily loaded networks). Key features of the Pro/100+ include:
Click here to return to the VA Index Section |
Security Testing |
Send mail to webmaster
with questions or
|