Dataconomy
  • News
  • AI
  • Big Data
  • Machine Learning
  • Trends
    • Blockchain
    • Cybersecurity
    • FinTech
    • Gaming
    • Internet of Things
    • Startups
    • Whitepapers
  • Industry
    • Energy & Environment
    • Finance
    • Healthcare
    • Industrial Goods & Services
    • Marketing & Sales
    • Retail & Consumer
    • Technology & IT
    • Transportation & Logistics
  • Events
  • About
    • About Us
    • Contact
    • Imprint
    • Legal & Privacy
    • Newsletter
    • Partner With Us
    • Writers wanted
Subscribe
No Result
View All Result
Dataconomy
  • News
  • AI
  • Big Data
  • Machine Learning
  • Trends
    • Blockchain
    • Cybersecurity
    • FinTech
    • Gaming
    • Internet of Things
    • Startups
    • Whitepapers
  • Industry
    • Energy & Environment
    • Finance
    • Healthcare
    • Industrial Goods & Services
    • Marketing & Sales
    • Retail & Consumer
    • Technology & IT
    • Transportation & Logistics
  • Events
  • About
    • About Us
    • Contact
    • Imprint
    • Legal & Privacy
    • Newsletter
    • Partner With Us
    • Writers wanted
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

Why you should build a packet capture device into your network before you build your trust in it

by Editorial Team
February 8, 2022
in Technology & IT, Contributors
Home Industry Technology & IT
Share on FacebookShare on TwitterShare on LinkedInShare on WhatsAppShare on e-mail

The rise of remote work highlights cybersecurity and ethics issues, making organizations adopt numerous tools to keep businesses safe from hackers, malware, and leaks. Given the scale of damage caused by all sorts of troubles that may occur in or via corporate networks, looking for a potential attack is a paramount task, just as making sure that the performance of apps, services, and employees is up to appropriate business standards.

Table of Contents

  • Packet capture me if you can
  • Sounds optimistic and straightforward. But there must be some challenge, right?
  • It’s a new ERA for NVMe
  • What tests say
  • Conclusion

Packet capture me if you can

Packet analyzing is among the most efficient ways to detect threats and check the overall network condition. The objectives are achieved with the help of packet capture devices enabled to ‘extract’ the traffic coming to or from any given address and check anything about it, from a history of requests to the time of reaction of apps and services. Packets of traffic can be captured, recorded, indexed at the administrator’s request or periodically – or an organization may opt for continuous stream capturing, depending on how crucial it is for a business to analyze it. After the data is captured, and if problems are detected, an organization may proceed with urgent steps to handle them and use the captured information in the future for deeper analysis.

Sounds optimistic and straightforward. But there must be some challenge, right?

Yes. The more data you need to analyze, the more performance is demanded from the packet storage devices, which is hugely impacted by the types of drives used and their restrictions. One of the most significant issues in this field is writing sequential data directly to storage with consistent performance. Data capture devices must record data directly at more than 12 GB/s to prevent packet loss when using 100 Gb/s networks, which sounds too much of a task, as most SSDs are optimized for random rather than sequential workloads.

Only NVMe-based solutions can handle such workloads. Unfortunately, due to the prevailing opinion that it is impossible to create an effective fault-tolerant RAID on NVMe in most cases, reliability is sacrificed for performance. Most continue to use non-NVMe hardware and software in RAID 0 configuration (losing reliability) or RAID 10 (losing cost-effectiveness).


Join the Partisia Blockchain Hackathon, design the future, gain new skills, and win!


It’s a new ERA for NVMe

There’s no need for such a sacrifice, though, as a specialized RAID software solution comes into play. When developed to realize a specific protocol’s potential (NVMe in this case), the software can overcome reliability issues and performance bottlenecks that NVMe-based systems are prone to.

RAIDIX ERA embodies a perfect solution for packet capture appliances. Its software RAID is presented by a Linux kernel module and management utility, making it highly compatible. ERA features include innovative RAID technologies based on proprietary algorithms that provide stable and fast performance. With I/O handling parallelization and lockless datapath, ERA maximizes NVMe capabilities, squeezing up to 97% of their possible performance, keeping CPU and RAM usage at a low 10-20%. 

Developed with NVMe architecture in mind and dealing great with sequential operations, RAIDIX ERA is way more efficient. It shows better performance than other RAID solutions such as Intel vROC, hardware controllers, and software RAIDs.

It’s worth saying a few words about RAIDIX itself. The company has been developing software-defined storage solutions for data-intensive tasks since 2009. What makes RAIDIX products different from others are proprietary RAID technologies programmed specifically for enterprise storage environments. Their prowess has been proved by successful uses cases, such as implementing software RAID solutions for autonomous vehicles or nearly doubling the performance of kdb+ databases.

What tests say

As mentioned above, for many RAID 0 or RAID 10 are configurations of choice. Sadly, the former brings high speed alongside sheer reliability fears, while the latter provides performance with bills to pay for the extra hardware. Being able to challenge the write speeds of the riskier or more expensive RAID levels in RAID 5 configuration gives RAIDIX ERA an upper hand — but this certainly needs to be proved.

One example is RAIDIX solution for data logging in autonomous vehicles. The task of recording all the data from every car’s sensor is way too challenging for the absolute majority of server platforms and RAID solutions. Why? Because the write performance has to be extremely high, while the size of the server platform is preferred to be as small as possible. These two criteria left no room for any drives but the brand new SSDs. But even with such top-notch equipment it had remained tricky. Not long ago a full-scale data-logging solution with just 12-16 SSD or NVMe drives was hard to come by, given the needs of data processing and PCIe limitations back in the early and mid-2010s. But since PCIe 4.0 introduction in 2019, things have changed. Nice and small server platforms became suitable for data-logging purposes in terms of performance, and their compact size was exactly what the manufacturers of autonomous vehicles and specialized solutions were looking for.

So this type of PCIe 4.0-based solution was chosen, with RAIDIX aboard, for specialized data-logging server platform tests by StorageReview. The storage system, powered by ERA engine, equipped with NVMe drives and configured as RAID 5 demonstrated sequential read transfer speeds as high as the similar system with no redundancy (in RAID 0 configuration). Also, despite redundancy, it delivered two-thirds of RAID 0’s sequential write speed — which is a powerful result for a cost-effective and fault-tolerant RAID 5.

Autonomous vehicles may present a kind of top-level task, but if you’re not dealing with these and need a performance boost, just add a few SSDs, and PCIe 3.0 will still do the job. But with RAIDIX ERA it will be an excellent type of job, and a few will not be a handy euphemism for dozens. Below we have another case of RAIDIX ERA being way more efficient with NVMe drives in RAID 5 configuration than MDADM, a standard RAID management tool by Linux.

Why you should build a packet capture device into your network before you build your trust in it

System configuration (information disclosed):

CPU: Intel(R) Xeon(R) Gold
Motherboard: Supermicro
Sequential block size: 128k

8 WD SN640 NVMe SSD in RAID5 for both RAIDIX and MDADM

MDADM is completely outclassed and doesn’t seem to be a viable solution for NVMe storage at all, be it data logging, packet analyzing, or any other performance-demanding task.

Another benchmark addressed the old guard approach. Why not go with a hardware controller? It has always brought great performance, they say. Well — as we can see below — the performance gap is in ERA’s favor.

Why you should build a packet capture device into your network before you build your trust in it

System configuration (information disclosed):

CPU: AMD EPYC 7702P

OS: Oracle Linux 8.3
8 WD SN640 NVMe SSD in RAID5 for RAIDIX, MDADM, and MegaRAID

Kernel: UEKR6 (5.4.17-2036.101.2.el8uek.x86_64)

How come that software RAID nearly triples the hardware RAID’s performance on writes — and almost reaches the baseline numbers, with one drive left for parity compared to all-drives baseline mode?

It goes down to ERA’s core design principles, which eliminate the bottleneck of architectural limitations that PCIe switches put on overall performance due to lane oversubscription. That increases costs, adds another hardware layer between the CPU and drives, and imposes performance limitations.

There’s no such bottleneck when there’re no PCIe switches needed at all, as it happens in software-defined storage.

To bring both simplicity and high performance, RAIDIX had developed and stuck to their unique data path approach that takes full advantage of NVMe and PCIe throughput, to NVMe enthusiasts’ great joy — finally, their drives will make a substantial difference. Add to this flexibility, zero hardware costs, and all-vendor compatibility of the ERA software. Also, it’s worth noticing that software RAID is now the only solution to support NVMe-oF JBOF devices for disaggregated storage. MDADM, again, performed poorly compared to RAIDIX ERA.

Finally, RAIDIX conducted ERA tests in its laboratory to determine if the system could stay within or above 12-13GB/s in RAID 50 10-drives NVMe configuration for packet capture devices purposes. It was shown clearly that those numbers are achievable:

Why you should build a packet capture device into your network before you build your trust in it


System configuration (information disclosed):

CPU: Intel(R) Xeon(R) Gold
Motherboard: Supermicro
SmartNIC Napatech
File System: XFS
Sequential block size: 128k
Number of streams: 64
Queue depth: 32
RAID level: 50
Micron 9300 MAX NVMe SSDs

As the interface tells, RAIDIX experts were willing to emulate a real-life functioning of packet capture apps using the fio tool — flexible I/O tester — and the Netkeeper utility for testing.

Conclusion

As a solution for packet capture devices, RAIDIX ERA allows building a network analysis infrastructure without balancing between performance and reliability. This is made possible by using a fault-tolerant RAID 5, which ERA practically equals to RAID 10 or even RAID 0 in terms of performance, and keeps it as economical as RAID 5 is supposed to be. This, ironically, may bring a couple of new worries — about the speed of archiving all that data to external systems or about the resilience of those archives. These are worries that seem to be much more enjoyable, though.

Tags: Networkpacket captureRAIDRAIDIX

Related Posts

What is digital maturity: Model, scale, level

Fostering a culture of innovation through digital maturity

January 30, 2023
5 best office automation tools: Examples

The significance of office automation in today’s rapidly changing business world

January 24, 2023
What is smart robotics: Benefits and challenges

Unlocking the full potential of automation with smart robotics

January 19, 2023
Business intelligence consultant: Salary, job description, role and more

The data-smart consultants: The significance of BI experts in today’s business landscape

January 12, 2023
CES 2023 robots, CES 2023 smart home techs, and CES 2023 top products are here! We summarized the CES 2023 highlights for you.

Robot uprising started at CES 2023

January 9, 2023
What does an automation engineer do: Jobs, salary and more

The intersection of technology and engineering: Automation engineers

January 9, 2023

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

LATEST ARTICLES

Fostering a culture of innovation through digital maturity

Nvidia Eye Contact AI can be the savior of your online meetings

How did ChatGPT passed an MBA exam?

AI prompt engineering is the key to limitless worlds

Transform your data into a competitive advantage with AaaS

Google code red: ChatGPT, You.com and rumors of Apple Search challenge the dominance of search giant

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy
  • Partnership
  • Writers wanted

Follow Us

  • News
  • AI
  • Big Data
  • Machine Learning
  • Trends
    • Blockchain
    • Cybersecurity
    • FinTech
    • Gaming
    • Internet of Things
    • Startups
    • Whitepapers
  • Industry
    • Energy & Environment
    • Finance
    • Healthcare
    • Industrial Goods & Services
    • Marketing & Sales
    • Retail & Consumer
    • Technology & IT
    • Transportation & Logistics
  • Events
  • About
    • About Us
    • Contact
    • Imprint
    • Legal & Privacy
    • Newsletter
    • Partner With Us
    • Writers wanted
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.