The flagship product line from Procera Networks, PacketLogic is a deep packet inspection platform that analyzes and identifies network traffic flows for purposes of monitoring, shaping (bandwidth management), and/or filtering the traffic per the customer's needs. Targeted primarily to service providers and carriers, the product is offered in four physical form factors, from the 1U PL5600 to modular 12U (14 slot) PL10000.

At the core of the product line is the PacketLogic firmware, which is shared across the hardware models (the models differ primarily in terms of architecture and overall capacity) and provides several key functionalities based on the vendor's DRDL (Datastream Definition Recognition Language) technology. DRDL allows for the specifications of traffic definitions that are used by the hardware to identify and categorize bi-directional network traffic flows based on such granular criteria as packet sequences, header info, content payload, protocol, etc. The vendor states that currently over 800 traffic identification signatures are included with the technology, and that even encrypted applications can be identified. It is this identification and classification of traffic that then facilitates the downstream reporting, monitoring, filtering, and traffic shaping definitions and controls used by the remaining software components of the platform. Those software components include LiveView, for real-time traffic statistics viewing and monitoring; Traffic Shaping, with the ability to define and apply bandwidth management controls; Filtering, with firewall-like features for the identification and handling (including blocking or rewriting, as needed); and Statistics, which provides the aggregated and detailed historical reporting and analysis features. A WebStatistics extension facilitates Web-based access to the Statistics module; otherwise access is via a Windows/Linux/Mac admin client, SNMP, or Syslog. A CLI for system configuration and a Python-based API are also included.

Other features of the PacketLogic firmware focus on the classifcation and handling of asymmetric traffic flows; including support for flow synchronization (wherein multiple PacketLogic appliances can share metadata pertaining to real-time traffic flows, enabling them to collectively identify a traffic flow over multiple devices); and queue synchronization (for the sharing of shaping rules over multiple appliances such that a flow can be correctly identified and shaped if it bridges over multiple points or connections).

As mentioned, the PacketLogic product line is offered across four hardware modules; from the 1U PL5600 with a pair of 10/100/1000 ports (that is, 1 channel; the vendor defines a channel as consisting of dedicated and separate single input and output ports) and support for up to 80,000 bi-directional flows (all flow data based on ideal conditions); through the PL7600 (1U, 1 channel) and PL7620 (2U, 2 channels) both with support for up to 1,000,000 bi-directional flows; to the PL10000, which is an AdvancedTCA based chassis with either 2 slots (3U), 5 slots (5U) or 12 slots (14U) and support for up to 5,000,000 bi-directional flows per Flow Processor.

The PL10000 specifically can be loaded with combinations of Systems Management cards for the handling of API and GUI functions (1 required, 2 possible for HA); I/O cards, each of which has 6 10/100/1000 ports and 8 SFP+ ports, of which 4 10/100/1000 and 5 SFP+ ports can be dedicated to channels (SFP+ ports support GE or 10 GE ports); LB cards which provide load balancing between the processors and FP cards (for single channel implementations the load balancing can be performed by the FP module itself, making an LB card unnecessary; and in larger implementations a pair of LB cards may be necessary depending on bandwidth); and the Flow Processor cards (at least 1 required), which provide the bulk of the heavy lifting, including the DRDL-based identification and classification. An additional module, the RT (Rear Transition) module can be attached to the FP module to increase port density (each RT includes eight GE/SFP ports).

A single channel is supported without I/O cards; but additional channel support requires additional I/O cards, which must be deployed in pairs. The additional ports on the I/O cards (beyond the 4/5 used for channels) can be used for flow and queue sync communications and potentially for internal traffic forwarding.

Additional platform components include the 2U PL1200 PacketLogic Statistics Server (statistics are pushed to the server for actual analysis), and the new PL1400, a statistics repository specifically for the PL10000 platform that can provide up to four disk arrays, each array featuring 12 300 GB drives (up to 14.4 TB, total). The Sun Microsystems-based PL1400 is deployed out-of-band and connects either directly or remotely to the PL10000. It additionally provides filtering and management controls for stored data (I.E., operators can control what data to store and to what level of granularity).

PacketLogic is available now. Pricing ranges from $7,000 (base bandwidth PL5600) to $800,000 (fully loaded 12U PL10000). The new PL1400 ranges in price from $55,000 to $200,000, depending on configuration.

Visit the Procera Networks Web site for further information.

product submission by EITPlanet Staff

E-Mail this page to a colleague
send info about PacketLogic

Suggest a link
for the PacketLogic fact sheet