Cyber security is a huge issue these days that can make our nation be looked upon as an easy target. Last year, President Obama admitted that the U.S. is not completely safe from security threats, and would not have the capabilities to defend itself against major network threats.
SIEM (Security Information and Event Management) applications are a great way to protect our country from these potential threats. The current level of security, as well as the security of years to come, will rely heavily on these applications to increase its functionalities—in order to protect our cyber-infrastructure and networks.
Right now, a majority of national security and government networked systems cannot handle the control analytics crucial to power a true security management system. Networks are in desperate need of a upgrade, and are currently overflowing with static network monitoring and data logging applications. If a real-time system isn’t designed quickly that can strictly monitor network assets, the systems will remain wide open for cyber-terrorism.
Security market and regulatory requirements demand the capture of 100,000 events per second or more, but legacy SIEM architectures can scale only 10,000-15,000 events per second. A way to increase the performance of this architecture is by leveraging the massive quantity of CPU cores available today in a Deep Packet Inspection (DPI)-based security management solution, an NEI blog post stated.
The recently released ATCA multi-core CPU blades based upon Intel’s (News - Alert) Xeon 5600 processors offers six cores per processor that will meet SIEM’s scalability demands. New platform solutions including the RadiSys ATCA-7220, a dual OCTEON packet processing AdvancedTCA (News - Alert) blade, will work seamlessly when connected to the DPI. According to this blog post, this blade contains an on-board 10GE switch that will work as a smart front end for its OCTEON processors, which allows independent resettling of the OCTEON processing complexes for fault isolation and provides flexible data flow options.
As AdvancedTCA architecture transitions from 10G to 40G, real-time access to important data can help to control cyber threats. Having 40G bandwidth will help to combine security forces with real-time management, a much need step when trying to protect cyber security. As cyber threats continue to increase in severity, SIEM and the network platforms on which they operate will continue to improve, for the betterment of our critical systems- and the security of our nation.