The INSECTS Family
The InterNet Software Extensions for Classification and Traffic Shaping (INSECTS) suite of software components is ideal for any routing oriented application running on an embedded system including internet access devices, home and business gateways, chassis-based devices communicating between blades with IP based networking and IP backhaul equipment for aggregated cellular data. Available for licensing as stand-alone modules or as a suite.
The INSECTS Family comprises of:
- Tech Specification
FireFly - Dynamic SPI FirewallFireFly is a high performance, embedded IP packet-filtering firewall implementation. It enables filtering based on a wide variety of criteria such as source and destination IP address, TCP/UDP ports, protocol type, incoming and outgoing interfaces and many other packet fields. Its core engine permits or denies packets from passing through it based on pre-defined and easily configurable policies that may be specified using rules files, a command line interface or programmatically using its flexible APIs. FireFly includes hooks for dynamic firewalling and stateful inspection. Its small footprint, low latency and robustness make it the firewall of choice in embedded networking applications and an ideal perimeter security complement to network security technologies such as IPsec, SSH and SSL.
Read more... - Tech Specification
GNAT - Network Address TranslatorGNAT is a high performance network address translator (NAT) designed for use in an embedded environment. Its core engine maps internal IP addresses to external ones using port translation (NAPT) based on pre-defined mapping rules. With support for bidirectional NAT, static and dynamic rule mappings, and reference Application Level Gateways ALGs such as FTP, GNAT can be used as a tiny, yet flexible functional component in embedded networking devices seeking to isolate a private network from a public one and increase the private IP address space available while using a single or few public IP addresses. It also finds use in separating traffic between an in-system network (e.g. one based on an ethernet backplane) from an external one. GNAT's small footprint, low latency and robustness make it the NAT of choice in embedded networking applications.
Read more... - Tech Specification
ClassHopper - Traffic QueuingClassHopper is a small-footprint, high performance embedded alternate queuing discipline framework which includes classification mechanisms such as CBQ/WFQ for QoS management. It includes the ability to integrate with any classifiers in network packets including QoS tags in layer-2 (802.1p) and layer-3 headers (ToS bits). ClassHopper performs traffic classification, conditioning and scheduling in the input as well as output directions, enabling bandwidth control for different packet types. It also enables the network stack to handle overload conditions gracefully with selective packet discard and for effective avoidance of Denial of Service attacks at the network layer or higher.
Read more...