Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Packet Capture Solutions: PcapDB Benchmark for High-Bandwidth Capture, Storage, and Searching

Technical Report ·
DOI:https://doi.org/10.2172/1351206· OSTI ID:1351206
 [1];  [1]
  1. Los Alamos National Lab. (LANL), Los Alamos, NM (United States)
+ Show Author Affiliations
PcapDB stands alone when looking at the overall field of competitors, from the cost-effective COTS hardware, to the efficient utilization of disk space that enables a longer packet history. A scalable, 100GbE-enabled system that indexes every packet and indexes flow data without complicated load-balancing requirements. The Transport Layer search and indexing approach led to patent-pending flow indexing technology, providing a specialized database system specifically optimized around providing fast flow searches. While there are a plethora of options in network packet capture, there are very few that are able to effectively manage capture rates of more than 10 Gb/s, distributed capture and querying, and a responsive user interface. By far, the primary competitor in the market place is Endace and DeepSee; in addition to meeting the technical requirements we set out in this document, they provide technical support and a fully 'appliance like' system. In terms of cost, however, our experience has been that the yearly maintenance charges alone outstrip the entire hardware cost of solutions like PcapDB. Investment in cyber security research and development is a large part of what has enabled us to build the base of knowlegable workers needed to defend government resources in the rapidly evolving cyber security landscape. We believe projects like Bro, WireCap, and Farm do more than just fill temporary gaps in our capabilities. They give allow us to build the firm foundation needed to tackle the next generation of cyber challenges. PcapDB was built with loftier ambitions than simply solving the packet capture of a single lab site, but instead to provide a robust, scaleable packet capture solution to the DOE complex and beyond.
Research Organization:
Los Alamos National Lab. (LANL), Los Alamos, NM (United States)
Sponsoring Organization:
USDOE National Nuclear Security Administration (NNSA)
DOE Contract Number:
AC52-06NA25396
OSTI ID:
1351206
Report Number(s):
LA-UR--17-22359
Country of Publication:
United States
Language:
English

Similar Records

PcapDB: Search Optimized Packet Capture, Version 0.1.0.0
Software · Fri Nov 04 00:00:00 EDT 2016 · OSTI ID:1337568
PcapDB: Search Optimized Packet Capture, Version 0.1.0.0
Software · Wed Dec 21 19:00:00 EST 2016 · OSTI ID:code-4957
Full flow retrieval optimized packet capture
Patent · Tue Mar 12 00:00:00 EDT 2019 · OSTI ID:1525041

Related Subjects

96 KNOWLEDGE MANAGEMENT AND PRESERVATION
Bluecoast DeepSee
Bro
Endace
FireEye PX
Moloch
Packet capture
PcapDB
Solera
Stenographer
VAST OpenFPC
high speed capture
network
pcap