SANS: a scalable architecture for network intrusion prevention with stateful frontend.

Fei He,Yaxuan Qi,Yibo Xue,Jun Li
DOI: https://doi.org/10.1145/1882486.1882532
2009-01-01
Abstract:ABSTRACTInline stateful and deep inspection for intrusion prevention is becoming more challenging due to the increase in both the volume of network traffic and the complexity of the analysis requirements. In this work, we pursue a novel architectural approach, named SANS, which takes both the advantage of new generation network processors for packet-header-based processing and the advantage of commodity x86 platforms for packet payload data processing. A session table scheme is designed for the stateful frontend in SANS to achieve wire speed inline processing.
What problem does this paper attempt to address?