LDA Firewall

Powered by the LDA Neo platform

Part of the Layer 3 product suite by LDA Technologies.

Based on LDA's cutting-edge FPGA networking IP, the Firewall for Neo is part of the Layer 3 Product Suite and provides ultra-low latency packet filtering for environments where market regulations require a firewall.

Packet inspection and forwarding occur at line rate in just 90 ns, regardless of the number of rules, with only a 6.4 ns variance between packets. The Neo platform also provides Layer 1 fabric that reduces latency to a bare minimum of 2.5 ns for directions where firewall security is not needed.

The LDA Firewall for Neo features extensive logging capabilities to comply with strict security regulations. Headers of denied packets are logged individually; per-port and per-firewall rule statistics are also logged once per configured time period.

Filtering is based on firewalls and can be configured on a per-port basis using standard network administrator syntax.

The LDA NEO platform features a powerful server subsystem that can be used for advanced software-defined functionality, such as deep packet inspection and threat detection, specialized logging capabilities and more.

Feature Highlights

FIREWALL FILTERING
10 port pairs
Ultra-low latency and variance: 90 ns minimum, 96.4 ns maximum
Up to 72 rules per port
Permit and Deny rules per MAC, IP address and port (source/destination) configured using Cisco-style syntax
IP address wildcards with CIDR-style notation
STORM CONTROL
Configurable maximum allowed packets per second
Disabling of client-to-exchange packet flow once max is reached
POWERFUL LOGGING AND STATISTICS
Denied packets are logged with headers and firewall rule ID
Aggregated Permitted and Denied packet counts per port and per firewall rule
Logging of firewall rule changes and other administrative actions
General packet statistics per port
Detailed logs record every connection and disconnection event, including source and destination IP addresses and ports
MONITORING AND MANAGEMENT
Simple console tools for firewall configuration
Real-time port and physical link status monitoring
Dedicated statistics viewer application
SNMP and syslog support
LDA NEO DEVICE
Standard 1RU FPGA networking platform with 48 SFP+ ports
Server-grade software performance with AMD EPYC Rome CPU
Industry-standard IPMI management
LAYER 1 FABRIC
Available on all 48 ports
2.5 ns typical port-to-port latency
10G and 1G support. 25G-capable fabric available on request