The heart of our product is a high-performance security analytics accelerator for content inspection. This is essentially high speed pattern-matching which supports both fixed string rules, and Regular Expression based rules. It uses multiple hardware engines running in parallel and is highly configurable to your application. Titan IC works with clients to ensure that the best performance for your application is achieved.
Our technology is the fastest hardware accelerated regular expression inspection engine on the market at present, able to handle up to 1 million regular expression rules at speeds of up to 40G. We can guarantee that we can solve the software RegEx bottleneck using hardware accelerated offload. This is because our hardware engines can execute up to 8 parallel search threads per byte, as opposed to the 1 search per byte that would be available within software. There are also numerous other advantages to hardware acceleration and offload compared to software solutions – ask us for more information.
Titan-IC has been established for 7 years, and came out of startup stealth mode as a full-fledged company in 2012. It started out as a company which worked with Deep Packet Inspection, however customer demand for pattern matching and regular expression constructs was very high, and so the company progressed in the direction of hardware accelerated content inspection. We are now the only provider on the market who uses FPGA hardware acceleration to process Regular Expressions in a highly parallel environment.
Currently we work with Xilinx FPGA technologies, specifically the Kintex Ultrascale KU115. Our Hyperion card has data offloaded to it from a Linux based OS through a PCIe Gen-3 interface.
The RXP (Regular Expression Processor) created by Titan-IC can be used for a variety of applications – basically anything where searching and matching is required. It is a highly versatile technology, which is one of its greatest strengths. The main uses of the RXP are:
- Intrusion detection/prevention i.e. traffic scanning and Next Generation Firewalls.
- Log file analysis for cyber security analytics.
- Software-Defined Networking.
- Big Data analytics and processing.
- DDoS Mitigation.
- Data Loss Prevention.
Yes, we offer this technology in three distinct forms:
The Helios IP – The Helios Regular Expression Processor is a unique, fully scalable, hardware accelerated solution for content awareness and security processing. Helios is an Intellectual Property (IP) core optimized for Xilinx programmable products, and targeted for a wide range of applications supporting line rates from 10 Gb/s to 100 Gb/s and beyond. It provides at-speed, in- depth, rich syntax, packet and data inspection.
The Hyperion Card – This is a physical card provided to the customer with a Kintex FPGA and all the Titan-IC IP pre-installed. Hyperion is the PCIe-based RegEx accelerator based on Titan-IC’s Regular Expression Processor technology targeted at Xilinx Kintex UltraScale class Field Programmable Gate Arrays (FPGAs). Hyperion is a half-length, half-height PCIe-based card, with a Xilinx Kintex UltraScale XCKU115 FPGA, and is used as the hardware platform.
The technology as a virtual application specific standard product (vASSP): – This is where Titan-IC provide you with a custom FPGA branded with our logo – the pricing is much better than standard FPGA pricing. This part can only be used for Helios functionality.
Yes, we provide the Hyperion Software Development Kit (SDK) to customers who sign an initial license agreement with us. We will provide support throughout your product development and work with you initially to suit your development platform, upon receipt of a license fee. Our SDK is authored in C, and exposes a range of useful APIs for development using the Hyperion card.
Currently we are supported on systems running the Linux operating system only. Specifically Ubuntu and CentOS distributions. The most recent release of our product is supported on Ubuntu 14.04 and 16.04, and CentOS version 7. If none of these operating systems suit your requirements, please ask us and we may be able to cater to your needs.
Can the regular expression rule sets be changed easily? How fast is the turnaround if I need to add or delete rules?
We offer a compiler for rulesets, and so there is minimal effort required to update rules – simply a recompilation of the ruleset, which should be trivial. We also offer within the RXP an “Incremental Rules Update” feature, which means that rules can be updated on-the-fly at runtime, offering maximum flexibility for your requirements.
The RXP Compiler offers support for rules which are fixed patterns or fixed strings, and rules which contain PCRE (Perl Compatible Regular Expressions). We support most commonly used constructs which are detailed within the RXP Helios and Hyperion Documentation.
The RXP comes in three flavours: 10G, 20G and 40G. The difference between these is primarily the size of the FPGA. However all of these use the Xilinx Kintex Ultrascale family of FPGA.
Within the evaluation kit is included: the Hyperion Card (with FPGA), the Hyperion Development Kit (SDK), a reference API and Hyperion Reference Application with tutorials, and 8 hours of assured technical support from Titan-IC.
From RXP version 5.4 and above, the RXP will come with a utility called RXPF (RXP Flash), which means that the card can be flashed on the customer’s premises with new firmware and binaries.
Does a piece of data need to be scanned against all rules, or can it be scanned against a defined subset of rules?
Incoming data will only be scanned against the specific rules within the identified subsets using the subset_ids specified in the data (known in the RXP as a ‘job’). Using Subset IDs allows the user to minimize the required computation by searching through a smaller number of rules rather than the entire rule-set. For example, if a user has 50,000 rules, these can be divided into 1000 subsets so that each subset has around 50 rules. At run-time, a single job can be assigned up to 4 subset IDs so the job can be scanned against 4×50 rules. There is no limit to the number of rules in a subset, and a subset may be as small as 1 rule. It is a flexible approach to fine-tune a search for a given rule-set.