CyberMapper leverages the power and flexibility of the programmable SDN match-action pipeline to implement fine grain mapping of cyber mitigation events including reputation filtering and load balancing into a DPI security cluster, delivering a high-performance Threat Intelligence Gateway that can process up to 6.5 Tbps in a single switch using open standard interfaces such as OpenFlow, gRPC and P4-runtime.
CyberMapper Reputation Filtering
CyberMapper identifies known-safe (whitelist) or known-hostile (blacklist) traffic before it enters the network, dropping hostile traffic and filtering out traffic that doesn’t need further security scrutiny reducing the load on expensive DPI servers by 30% or more!
CyberMapper integrates real-time inputs from trusted industry IP Reputation Feeds as well as mitigation events generated by DPI threat engines by implementing them as new OpenFlow rules instantly distributed to all OpenFlow switches managed by CyberMapper.
CyberMapper Affinity Load Balancing
Unlike traditional load balancers, CyberMapper uses the large rule set capabilities of NoviFlow’s NoviSwitches to implement an “Affinity” high-availability (HA) load balancing algorithm with non-destructive failover, far superior to any simple hashing or LAG based Load Balancing. This function provides Non-Destructive Load Balancing services to the Security Content Filtering DPI Cluster specifically designed to protect the stateful nature of Security DPI servers. This reduces costs by eliminating the need for expensive Load Balancing appliances fronting the DPI Cluster, and enables upgrades, additions, and repair of Security DPI Servers without impeding security analysis of remaining DPI Servers.
CyberMapper also includes a browser-based tool that administrators use to monitor the functions of the CyberMapper Gateway and its environment. It provides real-time status on each DPI Server in the security cluster, traffic flow information on the WAN and LAN ports, plus the active status of Reputation and Mitigation filtering
The Dashboard helps protect networks by enabling real-time evaluation of the effects of attacks in progress and results of mitigation, as well as capacity analysis of flow volumes to DPI Servers. It is designed to handle very demanding probes into the switch and data visualization, and provides a solid core for future development of CyberMapper analytics and big-data visualization.
Use of the SDxCentral service directory is governed by our Terms of Service, including without limitation those sections under the headings "CONTENT", "LICENSING AND OTHER TERMS APPLYING TO CONTENT POSTED ON THE SDXCENTRAL SITES", "INDEMNITY; DISCLAIMER; LIMITATION OF LIABILITY" AND "COPYRIGHTS". Under no circumstances will SDxCentral be liable in any way for any Content, including, but not limited to, liability for any errors or omissions in any Content or for any loss or damage of any kind incurred as a result of the use of any Content posted, emailed or otherwise transmitted via the Sites.