Re: IPS technology question.

[Jason Wright <jason () nfr net>]

On Tue, THolman () toplayer com said a little something like:
> A standard PCI bus (PCI-X, 133Mhz) is only capable of 1.06Gbps.  This means
> 530Mbs in, and 530Mbs out, not taking into account things like hard-disks,
> logging/reporting and any packet inspection, which only serve to pull this
> number down further.
> It is architecturally impossible for a standard Intel platform to attain a
> throughput of anything higher than 530Mbs, let alone the 2Gpbs you claim
> below?
> A further explanation of these figures may help clear things up?
>
> Regards,
>
> Tim

Nope.

Let's look at the math... 133Mhz * 64bit = 8Gbit/sec.  That's assuming
100% efficiency... PCI-X is ~70% or so... so we get: ~6Gbit/sec.  Assuming
we have traffic to flow in both directions: 3Gbit/sec full duplex.

AND that's PCI-X 1.0... PCI-X 2.0 specifies two faster clock speeds:
266MHz (16Gbit/sec 100% efficiency) and 533MHz (32Gbit/sec, 100%).

The only way your statement is true is if the devices are running 33Mhz
on a 32bit bus.  I doubt any serious vendor is running 32bit/33Mhz
devices.  Now, if you have any slow device, the bus will take the clock
speed of the slowest device along the path to the cpu...  Usually big
systems will have a separate bus for each slot (or will group them),
so taking the slowest device on a bus is not a killer.

Simple multiplication.

--Jason L. Wright
  NFR Security, Inc.
  jason () nfr com

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------