P-Series (Security Appliance)

High Performance Traffic Inspection, Monitoring, and Capture at 10 Gbps

The Force10 P-Series 10 GbE inspection appliance is the first to deliver comprehensive deep packet inspection for line-rate 10 GbE applications. Based on patented Dynamic Parallel Inspection (DPI) technology, the P-Series uses an innovative, new processing architecture to simultaneously apply thousands of rules to each packet. Through the use of an FPGA-based rule engine, the P-Series can also dynamically reprogram hardware rules to deliver predictable performance and total signature flexibility under all traffic conditions.

Using an open framework, the P-Series supports Open Source and customizable network monitoring applications, enabling users to specify capture and filtering policies from public domain signatures, standard network monitoring libraries, or user-defined custom rule bases.

Key P-Series Applications

• High speed programmable network probe delivers inspection and flexible capture rules for lawfully authorized electronic surveillance and CALEA applications
• 10 GbE stateful filtering applications
• Pre-processing and filtering capabilities to scale existing solutions to 10 GbE in the core or at the WAN edge
• Open application program interface for creating custom line-rate monitoring, packet capture, and network security applications

Key P-Series Features

• Line-rate 10 GbE deep packet inspection with support for jumbo frames and LAN or WAN PHY
• Ethernet Frame Deencapsulation (EFD) removes 802.1Q or MPLS headers and passes the raw Ethernet frame with a correct CRC through to devices that cannot understand the encapsulated frame
• Up to 16 Virtual Network Interfaces (VNIs) that support parallel and independent Layer 3 - 7 rules for different filtering or analysis applications
• Dynamically write rules directly into hardware for greater flexibility in responding to malicious traffic and line-rate performance regardless of traffic conditions or number of rules
• Support for both active inline or passive monitor/capture deployments
• Extensive counters for VLAN, subnet and zone-based rules
• Support for both active inline or passive monitor/capture deployments

Flexible Inspection Capabilities

The P-Series runs at full line-rate for 10 GbE network links with full deep-packet inspection and stateful signatures/policies enabled. Anchored content constructs allow flexible custom rules to be written that match the Layer 7 payload at a specific offset from the packet header, or offset from a pattern in the packet.

Line-rate and Low Latency Performance

As a pure hardware-based inspection system, the P-Series is inherently 100% predictable in how operations are performed and always compiles a rule base that runs at line-rate. This leads to identical performance, throughput, and latency under any traffic load, and with any number of rules applied.

Management

Text-based rule management screen that enables users to:

• Start and stop the interface; turn each rule on and off
• Manage runtime parameters such as flow length and timeout
• Set capture/ignore and block/forward policies for each rule

Web-based Node Manager with support for:

• Rule and image management
• Traffic and counter monitoring
• System status and health monitoring

Integration with Sguil, an Open Source network security monitoring and reporting system that provides the ability to:

• Collect, monitor, and correlate security events/alerts in the network
• Analyze security events based on context
• Categorize and escalate events for intrusion response decisions

Monitoring statistics with the P-Series Node Manager

Physical

• 2 line-rate 10 GbE XFP LAN/WAN PHY sensing/inspection ports
• 2 line-rate GbE SFP mirroring ports
• 2 10/100Base-T management Ethernet ports
• 1 RJ45 console/management port with RS232 signaling
• Size: 1 RU, 1.75 h x 17.6 w x 15.5" d
  (4.44 h x 44.7 w x 39.37 cm d)
• Weight: 20 lbs (9.07 kg)
• Power supply:
  • 100-240 VAC 50/60 Hz
• Thermal output:
  888 BTU/h nominal, 1360 BTU/h maximum
• Maximum current draw per system:
  3.6 A at 100/120 VAC, 2 A at 200/240 VAC
• Power consumption:
  260 W nominal, 400 W maximum
• Maximum operating specifications:
  • Operating temperature: 41° to 104°F (5° to 40°C)
  • Operating humidity: 20 to 80% (RH), non-condensing
• Maximum non-operating specifications:
  • Storage temperature: -40° to 149°F (-40° to 65°C)
  • Storage humidity: 20 to 80% (RH), non-condensing

Performance

• Inspection throughput:
  20 Gbps with 64 to 9K byte frames
• Inspection rate: 14,880,952 pps per port
• Latency: < 2 microseconds
  Number of flows: 8,000,000
• Capture rate: 1,000,000 pps
  Full header and IPv4 payload inspection

Order Number	Description	Power Draw (W)	Thermal Output (BTU/h)
PB-10GE-2P	P10 2-port 10 GbE inspection and monitoring appliance with two 10 GbE XFP sensing and two GbE SFP mirroring ports	260	888

All power cords have a straight C13 connector, and are 8' (2.44 m) long. The PB-10GE-2P has a C14 power inlet.

Order Number	Country	Plug	Rating	Approval
PB-10GE-2P	North America	NEMA 5-15P	125 VAC, 10 A	UL, CSA

All power cords have a straight C13 connector, and are 8' (2.44 m) long. The PB-10GE-2P has a C14 power inlet.

Response & Status Regarding European Union ‘RoHS’ Directive Requirements

As of July 1, 2006, products placed on the European Market by Force10 will be compliant. As permitted by EU and national laws, customers in countries where the EU RoHS directive is not in effect may receive pre-RoHS products until a later date. Force10’s RoHS program has made significant progress:

• All components have been assessed for compliance.
• Technical issues resulting from conversion to compliant materials have been resolved.
• Contract Manufacturers are converting to compliant-only parts.

Lead Free Program

RoHS permits the use of lead-in-solder for network infrastructure products while the industry identifies and develops reliable lead-free solder alternatives. All of Force10’s products qualify for the lead-in-solder exemption.

Force10 RoHS Compliance Program Methodology

Force10 is exercising its right to self declare for RoHS compliance and has extended that option to its suppliers. Force10 will periodically survey our suppliers to ensure the accuracy of supplier data.

Force10’s component-level method for achieving compliance with RoHS requirements:

• Is optimized to minimize technical risk associated with a component,
• Will result in products that meet or exceed current performance and quality specifications,
• Will preserve existing orderable product numbers,
• Should not result in changes to system-level form, fit or function,
• Should not require requalification, and
• Should not result in prematurely decommissioned products solely due to RoHS.

Service Replacement

Customers who purchase RoHS-compliant equipment from Force10 after July 1, 2006 with i) a valid Force10 service and support contract and ii) a valid service, support or warranty claim-- will receive RoHS complaint equipment if a replacement is deemed necessary according to Force10’s standard service, support and warranty procedures and through the standard Force10 RMA procedures.