Network Capture Card - NT100A01
for 4×1/10G | 4×10/25G
Use cutting-edge SmartNIC technology to add real-time line-rate performance to your application. The NT100A01 SmartNIC provides full packet capture of network data at 100 Gbps with zero packet loss. Nanosecond precision time-stamping and merge of packets from multiple ports ensures correct timing and sequencing of packets. The NT100A01 SmartNIC can also be used for 100% packet replay with nanosecond precision of all networking traffic for analytics, testing and simulation.
The NT100A01 SmartNIC enables full utilization of CPU cores through advanced receive side scaling with support for tunneling protocols, such as GTP, IP-in-IP, NVGRE and VxLAN. The NT100A01 SmartNIC can also remove duplicate packets, slice packets and filter packets to reduce the amount of data and thereby offload the server system and applications. Stateful flow processing with support for 50 million flows enables CPU-hungry applications, such as Suricata, to intelligently select exactly which flows to process and which to ignore. Flow records are maintained for all flows and reported to the application.
For any link speed at any time
PLUG & PLAY
Out of the box solution
Multiple FPGA SmartNICs in one server
Synchronize multiple servers
Accelerate your application
Full throughput with zero packet loss
Multiple speeds in one server
More powerful server usage
Key Napatech SmartNIC Functions
Napatech’s network cards are highly optimized to capture network traffic even at full line speed, with very low CPU usage on the host server. Lossless packet capturing is critical for applications that need to analyze all network traffic. If anything needs to be discarded, the application makes this decision, so ultimately this should not be a limitation of the network cards.
Standard built-in network interface cards (NICs) are not designed for analysis applications that analyze the entire traffic of a connection or link. Normal NICs are designed from their mode of operation to be used for one communication only, where network data not addressed to the sender or recipient is simply discarded. This shows that NICs are not capable of handling amounts of data that continuously occur in bursts on Ethernet links. In these situations the full bandwidth of a connection is used, which in turn requires the ability to analyze all Ethernet frames. Napatech’s network cards have been designed specifically for this task and offer maximum capacity for uncompromising recording of network data.
Napatech’s network cards have built-in memory for buffering Ethernet frames. Buffering ensures guaranteed delivery of data even if there is an overload when the data is sent to the application. There are three potential sources of congestion: the PCI interface, the server platform and the analytics application.
PCI interfaces provide a fixed bandwidth for transferring data from the accelerator to the application. This limits the amount of data that can be continuously transferred from the network to the application. For example, a 16-track PCIe Gen3 interface can transfer up to 115 Gbps of data to the application. However, if the network speed is 2 × 100 Gbps, a burst of data cannot be transmitted in real time over the PCIe Gen3 interface because the transfer rate exceeds twice the maximum PCIe bandwidth. In this case, the integrated packet buffering of the Napatech card can absorb the burst and ensure that no data is lost, and releases the frames again when the application provides capacity.
Servers and applications can be configured to overload the infrastructure of the servers or even the application itself. Likewise, CPU cores may be busy processing or retrieving data from remote caches and locations, resulting in new Ethernet frames not being able to be transferred properly by standard network cards.
In addition, the application can be configured with only one or a few processing threads, which can cause the application to become overloaded so that new Ethernet frames are not transmitted. Integrated packet buffering allows Ethernet frames to be buffered until the server or application is able to receive them. This ensures that no Ethernet frames are lost and that all network data is made available for analysis without compromise.
Modern servers offer unprecedented computing power through multi-core CPU implementations. This makes standard servers an ideal platform for device development. To fully utilize the processing power of modern servers, it is important that the analysis application also supports multi-threading and that the right Ethernet frames are made available to the right CPU core for processing. However, the frames must also be provided at the right time to ensure that the analysis can be performed in real time.
The Napatech multi-CPU distribution is built and optimized from our extensive knowledge of server architecture and the actual experience of our customers.
Napatech’s network cards ensure that identified data streams from related Ethernet frames are optimally distributed to the available CPU cores. This ensures that the processing load is balanced over the available processing resources and that the right frames are processed by the right CPU cores.
With flow distribution across multiple CPU cores, the throughput of the analysis application can be increased linearly with the number of cores (up to 128). Furthermore, the performance can also be scaled by faster processor cores. This highly flexible mechanism allows many different ways to design a solution and provides the opportunity to optimize cost and/or performance.
Napatech’s cards support different distribution types which are fully configurable:
|The ability to determine the exact time of frame capture is critical for many applications.|
To achieve this, all Napatech SmartNICs are able to provide a highly precise time stamp with a resolution of 1 nanosecond for each frame captured and transmitted.
At 10 Gbit/s, an Ethernet frame can be received and transmitted every 67 nanoseconds. At 100 Gbps this time is reduced to 6.7 nanoseconds. This makes time stamping with nanosecond precision essential for uniquely identifying the reception of a frame. This incredible precision also allows you to sequence frames from multiple ports on multiple accelerators and merge them into a single, timed analysis stream.
To work seamlessly across the various supported operating systems, Napatech SmartNICs support a range of industry-standard timestamp formats and also offer a choice of resolutions suitable for different types of applications.
64-bit timestamp formats:
|Napatech SmartNICs use a buffering strategy that allocates a number of large memory buffers in which as many packets as possible are placed back-to-back in each buffer. In this implementation, only the first access to a packet in the buffer is affected by the access time to external memory. Thanks to cache prefetching, subsequent packets are already in the level 1 cache before the CPU needs them. Since hundreds or even thousands of packets can be placed in a buffer, very high CPU cache performance can be achieved, resulting in application acceleration.|
Buffer configuration can dramatically impact the performance of analytical applications. Different applications have different latency or processing requirements. It is therefore extremely important that the number and size of buffers can be optimized for the specific application. Napatech SmartNICs make this possible.
The flexible server buffer structure supported by Napatech SmartNICs can be optimized for different application requirements. For example, for applications that require a short latency, frames can be delivered in small pieces, optionally with a fixed maximum latency. Applications without latency requirements can benefit from data delivered in large chunks, enabling more effective server CPU processing by the data. Applications that need to correlate information distributed over packets can configure larger server buffers (up to 128 GB).
Up to 128 buffers can be configured and combined with the Napatech multi-CPU distribution (see “Multi-CPU Distribution”).
Multi Port Package Sequencing
|Napatech SmartNICs usually offer multiple connections. The ports are usually paired, with one port receiving upstream packets and another port receiving downstream packets. Since these two streams, which go in different directions, must be analyzed as a single stream, packets from both ports must be merged into a single analysis stream. Napatech SmartNICs can sequence and merge packets received on multiple ports in hardware using the exact timestamps of each Ethernet frame. This is extremely efficient and relieves the analysis application of a significant and costly task.|
There is a growing need for analysis devices that are capable of monitoring and analyzing multiple points on the network and even provide a network-wide view of what is happening. This not only requires the installation of multiple SmartNICs in a single appliance, but also requires that the analysis data from all ports on each accelerator be correlated.
With the Napatech software suite it is possible to sequence the analysis data from multiple SmartNICs and merge them into a single analysis stream. The merging is based on the nanosecond accurate time stamps of each Ethernet frame, which allows a time ordered merging of the individual data streams.
|In mobile networks, all Internet traffic of the subscribers is transmitted in GTP (GPRS Tunneling Protocol) or IP-in-IP tunnels between the nodes in the mobile core. IP-in-IP tunnels are also used in corporate networks. The monitoring of traffic through interfaces between these nodes is crucial to ensure quality of service (QoS).|
Napatech SmartNICs decode these tunnels and provide the ability to correlate and load balance based on the flows in the tunnels. Analysis applications can use this capability to test, secure and optimize mobile networks and services. To effectively analyze the different services associated with each subscriber, it is important to separate them and analyze each one individually. Napatech SmartNICs have the ability to identify the content of tunnels, allowing the analysis of each service used by a subscriber. This quickly provides the application with the information it needs and enables efficient analysis of network and application traffic. Napatech’s frame classification, flow identification, filtering, coloring, splitting and intelligent multi-CPU distribution capabilities can thus be applied to the content of the tunnel rather than the tunnel itself, resulting in more balanced processing and more efficient analysis.
GTP and IP-in-IP tunneling are powerful features for telecommunications equipment vendors who need to build mobile network monitoring products. This feature allows Napatech to outsource and accelerate data analysis so that customers can focus on optimizing the application, maximizing processing resources in standard servers.
|IP fragmentation occurs when larger Ethernet frames need to be broken up into multiple fragments to be transmitted over the network. This may be due to limitations in certain parts of the network, typically when GTP tunneling protocols are used. Fragmented frames are a challenge for analysis applications because all fragments must be identified and possibly reassembled before analysis can be performed. Napatech SmartNICs can identify fragments of the same frame and ensure that they are mapped and sent to the same CPU core for processing. This significantly reduces the processing overhead for analysis applications.|
|For reasons of network security, various traffic scenarios must be simulated and simulated in order to strengthen the infrastructure. The packets must also be replayed to understand delays and interruptions caused by traffic bursts/peaks in order to improve quality of service (QoS). Napatech SmartNICs make it easy to set up and specify the test scenario to play the same PCAP files of real network events at 10G, 40G and 100G connection speeds.|
|Get highly accurate timestamps for traffic that needs to be redistributed to multiple network devices. Napatech SmartNICs systems can route and/or split traffic collected at a single tap point to a cluster of servers for processing without the need for additional devices. This is achieved by the fact that Napatech SmartNICs act as both Smart Taps and packet capture devices and are suitable for multi-box solutions with single tap points. This feature eliminates the need to implement expensive SmartTaps, timestamp switches, packet switches and other time synchronization components.|
|Access control and authentication solutions can now implement full line rate solutions that can handle small packets, with a SmartNIC that enables robust packet transmission under high network load. Session control drives traffic in and out of the SmartNIC with low latency (<5us) while simultaneously copying a subset to the host CPU for analysis. With the session control feature, inline use cases can benefit from low latency at speeds of 1-100G.|
|The Napatech SmartNIC family supports 100 Gbps inline applications, enabling customers to create powerful yet flexible inline solutions on standard servers. The higher the CPU requirements of the application and the higher the speed of the connections, the higher the value of this solution. Features include:|
CPU Socket Load balancing
|Improve your CPU utilization with the CPU socket load balancing feature offered by Napatech NT40E3 SmartNICs. Improve CPU performance by up to 30% per server for 4x10G analysis with Napatech SmartNICs that can efficiently distribute traffic across 2 CPU sockets and make packets available to multiple analysis threads on both CPU sockets simultaneously. This frees CPU resources needed for copying data between the two sockets and eliminates the need for expensive QPI bus transfers.|
Link™ NT100A01-SCC SmartNIC
Link™ NT100A01-NEBS SmartNIC
To generate and control the airflow, the Napatech design contains a blower that takes in air from the top and bottom of the SmartNIC, thereby doubling the amount of air and ensuring superior cooling.
- Durable design for extended real-life operation
- Free choice of server platform
- Reduced noise and power-consumption as server-fans can run at minimum speed
- Freedom to pack unlimited FPGA SmartNICs into a standard server
- No airflow dependency to server
- Well-defined cooling of all critical components
- Guaranteed device hot spot temperatures
- Maximized airflow, ensuring optimal thermal performance
- Dissipated energy exhaled outside server through front plate cutouts
- Significant reduction in temperature drop between FPGA die and heat sink surface
- Mechanical stiffener enabling higher screw torque for fastening heatsink to the PCB
Napatech upholds the highest quality, environmental and safety standards, and complies with all applicable regulations across regions. This helps our customers to realize a seamless integration without delays – and ensures error-free operation throughout the product life cycle.
Ethernet Front Port Compliance
The SmartNIC design maximizes mechanical and electrical front port margin, securing trouble-free operation with the optical or electrical modules of the customer’s choice.
The thermal design is validated dissipating the maximum power level as standardized for the given form factor. Margin on the data interface has been optimized tuning the equalization parameters of the transceivers hosting the front port channel, maximizing EYE margin to the relevant standard.
All Napatech designs have passed EMC compliance testing for major regions, including Europe and North America. By ensuring compliance as an integral part of the design, the risk of delays is eliminated. Moreover, the EMC testing has been performed in a mainstream server, potentially directly applicable to the use case.
The end product (server + installed SmartNIC) must adhere to regional environmental legislation. To enable trouble-free server integration, Napatech SmartNICs are manufactured using only materials that fully comply with the current RoHS, REACH and proprietary Tier 1 legislation.
Full compliance from early inception eliminates the risk delays and product withdrawal due to authority intervention.
Event Handling & System Monitoring
In order for the SmartNIC to become an integral part of the server environment and maximize uptime, it needs to monitor and expose key performance metrics to the application during operation. Napatech SmartNICs monitor the following metrics:
- Blower speed
- Hot spot temperatures
- Key supply voltages and currents
- PCI protocol events
- General system events
With the PCI interface on the SmartNIC dictated by the server plane, the hardware maximizes mechanical and electrical PCI margin, ensuring trouble-free operation in the server and server slot(s) of the customer’s choice. All designs have passed relevant PCI-SIG tests and have been adopted on the PCI-SIG integrators list.
To enable trouble-free server integration, Napatech SmartNICs are fully compliant with all applicable safety standards.
By ensuring safety compliance as an integral part of the SmartNIC design, the risk of delays is eliminated. Compliance testing is performed in a mainstream server, potentially directly applicable to the use case.
Conflict Minerals Compliance
To ensure quick and trouble-free server integration, Napatech SmartNICs are manufactured using only materials that fully comply with the relevant Conflict Mineral Legislation. For US based SmartNIC integrators, this facilitates submission of the mandatory Conflict Mineral report to SEC.
Shock & Vibration Robustness
Many server environments expose the SmartNIC to substantial shock and vibration, predominantly during the transportation phase. To ensure trouble-free server integration and operational robustness throughout the product life cycle, validated design aspects include:
- Cooling enclosure for superior mechanical stiffness
- Key exposed components are under-filled (glued) to the PCB
- Shock robustness validated against JESD22-B110A
- Vibration robustness validated against ASTM D4169-09
Used across industries
Detect Advanced Persistent Threats (APT) and other breaches to your network at 4×1/10G or 4×10/25G – no activity goes unnoticed.
Across industries, cyber assaults are accumulating at alarming rates. Hackers are constantly refining their tactics and repeatedly circumventing static defenses.
To identify any suspicious activity on your network, you need full visibility at all times. Even a marginal fraction of information lost can potentially compromise the safety of your business. Who has been on your network, what have they done, and when exactly did they do it? A myriad of intelligent security solutions are available to help you answer these questions – but to deliver the needed insights, they need fully reliable data.
With the Napatech NT100A01 SmartNIC, we help you ensure that no data is lost and no activity goes unnoticed. Napatech provides guaranteed delivery of network data, and supply all the information needed for effective forensic analysis in real-time, even at speeds up to 4x25G. This means a much shorter response time, improved mitigation and ultimately a reinforced security.
With the increasing number of telecom carriers migrating to 25G and higher speed solutions, the need to continually upgrade network performance is growing. But monitoring and analyzing multiple 25G links brings certain challenges.
The NT100A01 SmartNIC from Napatech enables direct analysis of 4x25G with just a single server. It merges upstream and downstream data so specific information can be delivered directly to the right CPU core even for fragmented traffic and GTP tunnels. This lowers the processing load on the CPUs and enables the application to efficiently analyze the target data.
With the NT100A01 SmartNIC, applications will be able to monitor performance and analyze quality of experience even at 4x25G. This enables telecom operators to improve quality, while better managing the bandwidth challenges posed by rich media applications.
With the colossal growth of web-based applications and cloud services, users are demanding greater access to data at faster speeds. Network operators are in continuous pursuit of more effective monitoring and analysis solutions to help them boost performance. But even the best solutions cannot deliver without completely reliable data.
The NT100A01 SmartNIC guarantees quick and accurate data delivery even at 4x25G. Traffic on the four 25G ports is timestamped with nanosecond precision and delivered to the network application in the right order – a huge benefit for the analysis of network traffic. This enables network solutions to instantly and effectively identify and remediate any performance issues – and ultimately helps to optimize infrastructure, increase network uptime and reduce the number of man-hours required to identify any issues.
|TECH SPECS||Link™ NT100A01-SCC& Link™ NT100A1-NEBS|
|Rx Packet Processing|
|Tx Packet Processing|
|Time Stamping and Synchronization|
|Supported pluggable modules|
|Environment for NT100A01-SCC|
|Environment for NT100A01-NEBS|
|Regulatory Approvals and Compliances|