10 Gbps Snort Multiprocessing

MetaFlows has developed 10 Gbps functionality using off-the-shelf hardware.

Previously, MetaFlows measured the performance of PF_RING with Snort inline at 1 Gbps on an I7 950. The results were quiet impressive.

In MetaFlows latest testing, the Development Team reports on their experiment running Snort on a dual processor board with a total of 24 hyperthreads (using the Intel X5670). Besides measuring Snort processing throughput varying the number of rules, they also (1) changed the compiler used to compile Snort (GCC vs. ICC) and (2) compared PF_RING in NAPI mode (running 24 Snort processes in parallel) and PF_RING Direct NIC Access technology (DNA) (running 16 Snort processes in parallel).

Read the full report.