PacketWolf Advanced Paket Processing-Appliance for up to 400G

The NEOXPacketWolf is the ideal platform for advanced packet processing of network data up to 400Gbps per appliance thanks to its FPGA-based architecture.

Our PacketWolf solutions belong to the family of Advanced Packet Processing Appliances and can be deployed as a complement to a Network Packet Broker (NPB) – or stand-alone in an existing network monitoring infrastructure.

The data traffic for processing usually comes from a Network Packet Broker, but can also originate from other sources, such as a SPAN port or Network TAP, and after processing is forwarded by PacketWolf on the same or a separate port to a monitoring/security tool or sent back to the original data source.

The use of an Advanced Packet Processing Appliance offers several advantages worth mentioning.

On the one hand, it is possible to granularly reduce the data load for the monitoring system through the advanced packet processing functions. For example, duplicate packets can be removed from SPAN sessions by means of deduplication (see whitepaper „TAPs vs SPAN Port“), or unwanted packets can be removed by means of various packet filtering options.

On the other hand, functions such as Packet Slicing and Packet Masking can ensure compliance with legal and compliance requirements. Particularly in connection with the GDPR, it may be necessary to use Packet Slicing to remove the user data, as the metadata is often sufficient for an analysis.

Using packet masking, it would also be possible to overwrite or „black out“ personal information such as voice data, GEO data, IMSI or IMEI information in the user data and thus hide sensitive and/or personal information from the eyes of third parties.

The processing of the network packets takes place on the high-performance FPGA in hardware and is carried out loss-free up to 400Gbps by the PacketWolf.


  • Small form factor (1U, only 40cm deep)
  • Supports lossless processing of network data up to 400Gbps at line rate
  • Reliable and low latency due to FPGA architecture
  • Up to 4x 100G QSFP28 interfaces - or 4x 40G QSFP+ / 8x 25G (fan-out) / 16x10G (fan-out)
  • Supports individual configurations for 10G, 25G, 40G, 50G or 100G
  • Supports nanosecond timestamping according to IEEE 1588v2 PTP
  • Scalable and easy to commission
  • Replaceable fans and redundant power supplies


  • Line-rate FPGA features/functionalities:
    • Advanced Filtering
      • Frame length, header length or payload length
      • Frame errors
      • L2 Protocol/Encapsulation
      • L3 IPversion/Protocol/Encapsulation
      • L4 Protocol (Ports)/Tunnel
      • Pattern compare
      • Complex expressions via logical operators (NOT,AND,OR)
    • Advanced Deduplication - removal or forwarding of duplicate packets with a programmable deduplication window of 10 µs to 2 seconds. Configurable packet signatures (masking of variable fields e.g. TTL/Hoplimit, DSCP/TraffType, exclusion of Outer Encapsulations, and more).
    • Masking (for sensitive information in the packets)
    • Slicing/snapping/truncation/trimming - payload removal so that the Ethernet packet contains only the desired number of bytes or information, including a programmable number of bytes offset. Including FCS recalculation. Metadata is preserved. Enables, among other things, to ensure GDPR compliance.
    • Decapsulation/Header Stripping/Header Removal - MPLS, VLAN, VNTag, GTP, PPTP, ERSPAN, VxLAN, GRE, GENEVE, LISP, NVGRE, PPPoE, CFP/FabricPath, EoMPLS, IP-in-IP, MAC-in-MAC and custom/user defined encapsulations
    • De-tunneling (Tunnel Termination) for traffic generated by vTAPs, ERSPAN,VxLAN
    • GTP Filtering
    • Timestamping - with nanosecond accuracy is applied to each processed packet using a PTP time server. Locally or via external PTP grandmaster according to IEEE 1588v2.
    • High precision PCAP Replay at original rate and at any desired rates
    • Source port labeling and VLAN tagging
    • Load-balancing on multiple VLAN tags - wide range of hashing algorithms (e.g. 5 tuple, 2 tuple, VLAN, MPLS, customisable, etc).
    • Low Latency Aggregation - Consolidation of incoming network traffic to optimise port usage. 1:1 and Many:1
  • FPGA accelerated features/functionalities:
    • Loopback (shuffling the L2,L3,L4 sources and destinations)
    • Entire payload masking
  • Host features/functionalities:
    • Highly secure UI
    • GUI (coming very soon)
    • PCAP viewer
    • PCAP composer/editor


Example Application Diagram - Advanced Packet Processing Appliance, Network Packet Broker, Network TAP, Monitoring Tools
PacketWolf – Application Diagram – Advanced Packet Processing

Up to 4x
100G QSFP28
Up to 400G network speed
Very low
FPGA design
very high
Hardware based Nanosecond Timestamping
FPGA based Nanosecond
FPGA based Deduplication
FPGA based
Packet Slicing
Protocol Header Stripping
Entworfen, assembliert, zertifiziert und getestet in Deutschland
Developed & QA
in Germany
Contact Us
Unser Online-Shop


Datasheet Download - PacketWolf Advanced Packet Processing Appliance
Data Sheet PacketWolf


  • Netflow/IPFIX Export – Generate metadata and flow records in standard NetFlow formats such as NetFlow v5, v9 and IPFIX
  • IP List Filtering – Enables to control what kind of IP traffic will be allowed into and out of the network – IPv4/IPv6 subnets/addresses list filtering (based on TCAM/CAM technology for ultra-low latency filtering)
  • Custom/User Defined Fields list filtering (based on TCAM/CAM technology for ultra-low latency filtering)
  • GTP Correlation – filtering the GTP traffic based on the TEID List correlated from IMSI,MSISDN, MEI, MCC, MNC, APN, Bearer QoS … etc (up to 32k TEIDs can be correlated simultaneously)
  • Intelligent dynamic Packet Slicing – identifies the encrypted flows (Also the not standard like HTTPS) and slice the encrypted Data payloads only
  • Full Packet Capture – records the entire ethernet frames on non volatile storage (CTD)
  • Anonymizing MAC, IP addresses, source/destination or custom/user defined fields



  • 1x Intel XEON Scalable
  • 2x 10G LAN management port
  • Redundant and hot-swappable AC power supplies
  • Hot-swappable fans
  • 64GB DDR4 RAM
  • NVMe SSD storage for the operating system

Power Supply

  • 2 power supply units with 500W each
  • Input: 100 to 120 VAC – or- 200 to 240 VAC
  • Output: 500W each at 100 VAC or 240 VAC

Operating Temperature

  • 10° to 35° C (50° to 95° F) at sea level

Relative Humidity

  • In operation – 8% to 90% relative humidity (Rh), 28°C (82.4°F) maximum temperature, non-condensing
  • Storage – 5% to 95% relative humidity (Rh), 101.7°F (38.7°C) maximum temperature, non-condensing

Dimensions & WEIGHT

  • 4.29 cm (H) x 43.46 cm (W) x 70.7 cm (D) – ca. 16 kg
  • 1.7“ (H) x 17.2“ (W) x 15.7“ (D) – ca. 29 lb




PacketWolf - Advanced-Packet-Processing-Appliance - with 2x 100G QSFP+ ports

Item Number Description
NX-PW-100 4x 25G SFP28 interfaces with 100G data throughput – or 4x 1G SFP / 4x 10G SFP+
NX-PW-200 2x 100G QSFP28 interfaces with 200G data throughput – or 2x 40G QSFP+ / 4x 25G (fan-out) / 8x10G (fan-out)
NX-PW-400 4x 100G QSFP28 interfaces with 400G data throughput – or 4x 40G QSFP+ / 8x 25G (fan-out) / 16x10G (fan-out)
Alternative combinations on request

Customers who viewed this product were also interested in the following products:


Network Packet Brokers

PacketLion Stack - High Performance Network Packet Broker


Network Packet Brokers

PacketTiger Product Family - Network Packet Broker


Network Packet Broker

PacketTigerVirtual - Virtual-Network Packet Broker

We will be happy to consult you and look forward to hearing from you!