Network Data Processor - Deep Content Inspection At Wire Line Speeds

Open Service Bus

Open Service BusRunning as a high performance, multi-threaded system daemon, the Open Service Bus (OSB) applies a set of content inspection and optimization algorithms to the data payload routed by the Subsonic Engine via an inter-process communication that is based on the shared memory. These content inspection algorithms are typically provided by third party vendors in the form for software libraries. Figure 9 illustrates the high level relationship among the Subsonic Engine, The OSB, and the Content Inspection Services.

The OSB provides cross-protocol content inspection services for the Subsonic Engine. Those services include anti-virus scanning, anti-spam scanning, etc. It provides a unified layer around the content inspection services to present a set of consistent invocation methods/interface for the Subsonic Engine. It insulates and manages the third party services in separate process spaces to limit the impact of possible faults. This architecture allows the distribution of the inspection workload to multiple processors/machines.

Architecture Advantages of the Open Service Bus

The OSB architecture provides the following advantages to the NDPOS:

  • Fault tolerance to third party content inspection services. The OSB monitors the service availability of the third party modules. If a failure is detected, OBS will for the start of another instance of the failed service.
  • Higher performance than the standalone third party services. The shared memory based IPC allows significantly faster (5+ times) inspection throughput.
  • The multi-threaded service invocation mechanism takes full advantage of today’s multi-core, multi-processor hardware platforms.
  • The data payload only needs to be routed once to the OSB to go through all the content inspection services. This is a much improved approach than the conventional approach of “gathering 〉unpacking 〉inspection service 1 〉packing 〉passing on 〉gathering 〉unpacking…”
  • Quality assurance for third party services can be done by testing on a simple set of APIs. Therefore new releases with killer algorithms can be easily integrated within the NDPOS.
  • New services can be easily integrated to provide new policy enforcement for content.

Technology Partners