The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

Q&A: Solarflare’s Bruce Tolley on Packet Capture and Performance Management

Packet capture – grabbing every data packet on a network for analysis – is becoming increasingly important, not just for specialist latency measurement but for higher level monitoring and management of trading and compliance functions. IntelligentTradingTechnology.com spoke to Solarflare’s Bruce Tolley how and why it is being integrated into the company’s network interface cards.

Q: Solarflare has an increasing focus on packet capture. What are drivers for this trend in the financial markets?

A: The British physicist Lord Kelvin (aka William Thomson) said that if you cannot measure something, you cannot improve it. The management consultant Peter Drucker extended this notion to say, if you cannot measure a thing, you cannot manage it. With the pressure on financial institutions not only to measure and improve the performance of their applications and networks, there is an increasing need for financial intuitions, banks, and exchanges to capture and record information for internal audits and regulatory compliance.

Q: What products do you now offer to allow packet capture across servers?

A: Solarflare recently launched a complete family of SolarCapture network recording products. At the low end, we offer a basic version at no cost, which captures data and records that data to disk. The next step up, SolarCapture Pro not only captures data, but also time stamps the data with sub 10-nanosecond resolution. The Pro version can also pass that data to other applications for analysis or aggregation through a standard interface called libpcap. At the top of the line is AOE SolarCapture Pro, which supports all the functions of its two siblings but uses an onboard FPGA, the Solarflare ApplicationOnload Engine (AOE), to off load the host processor by decreasing host CPU and memory utilisation, thereby providing 100% lossless capture on outgoing as well as incoming data.

Q: How does Solarflare’s offering simplify the process of network monitoring, analysis or security? What kind of set up would it typically replace?

A: SolarCapture does not so much replace any existing process or product as it does augment current models of network monitoring, analysis, and security. Now any server can be turned into a packet capture device. And perhaps more important, the packet capture enabled server can now be managed just like any other server in the enterprise or service provider network. There is no need to invest in specialised dedicated appliances. Moreover, existing third-party tools can use the SolarCapture interfaces and recording functionality to yield more precise and complete data. Third-party tools can also take that data captured by SolarCapture, analyse it and present it for actions by management. And with SolarCapture Pro, the server adapter can be used simultaneously for packet capture and standard network traffic if required.

Q: What is the relationship between SolarCapture and your established IEEE 1588 precision time protocol (PTP) products? How do they relate to one another and to the time stamp oscillators that are found in your time synchronisation products?

A: All of our recently launched SFN7000 series server adapters have a precision oscillator on board. The SFN7000 adapters can be field upgraded to full PTP functionality via a software download. Additionally, the host clock can be synchronised by the adapters. This provides a very precise time stamp for the captured packets which increases measurement and forensic accuracy. We call this application flexibility AppFlex. SolarCapture also works elegantly in networks where the customer wants the 10GbE network switch to perform the precision time stamp function. We have a partnership with Arista Networks to enable exactly this scenario. See Solarflare SolarCapture + Arista 7150S at: http://www.aristanetworks.com/en/products/eos/danz

Q: How do Solarflare’s products work with other packet capture and network monitoring offerings from the likes of Splunk, TS Associates, and Packets2Disk? Are they complementary? Is there overlap and how is this managed?

A: Solarflare SolarCapture does not provide analytical or network aggregation functionality at this time because the primary goal was to provide an accurate, flexible, and easy to use 10GbE packet capture platform for these types of applications. We have a very successful partnership world wide with TS Associates and are working with several large customers and various partners such as Splunk, Packets2Disk, and others to provide this type of functionality. By using libpcap or the C and Python libraries included with PacketCapture Pro, customers and partners can build connectors to various applications developed in-house or to other third party tools used to provide analysis and aggregation.

Q: Over the next 12 to 18 months, where do you see over packet capture being deployed in the financial services and banking segment?

A: Performance monitoring, security, audits, and regulatory compliance are driving the electronic trading segment to high-speed packet capture and network monitoring. The big banks and exchanges are also building out proof of concept tests (POCs) with the latest cloud and software defined networking (SDN) technologies. These architectures have demanding requirements for performance monitoring, instrumentation, and the measurement of SLAs. They will need not just sensors, taps, and aggregation to collect OpenFlow and other statistics as well as instrumentation and analytics to determine whether they can deliver the performance and reliability required to support mission-critical applications.

Solarflare is well known for high performance networking software and hardware including the acceleration of network data and applications. With SolarCapture, we are extending our reach into the monitoring of data and applications. In addition to helping customers instrument their SDN POCs, we will be talking more about hardening hosts with augmentations to our middleware stacks in the near future.

Related content

WEBINAR

Recorded Webinar: Adverse media screening – how to cut exposure to criminal activity, from money laundering to human trafficking

Screening for adverse media coverage of counterparties presents an incredible opportunity for financial institutions to limit risk exposures and identify bad actors early. It is required by regulations such as the EU’s sixth Anti-Money Laundering Directive (AML 6), and is one of the most effective ways to steer clear of potential connections with sanctioned activity...

BLOG

Exegy and Vela Merge to Create Market Data and Execution Technology Powerhouse

Exegy, a provider of hardware accelerated solutions for market data and predictive analytics, and Vela, a market data and execution technology provider, have announced the merger of their business operations in an agreement backed by Marlin Equity Partners, a global investment firm with over $7.5 billion of capital commitments under management. Commercial terms of the...

EVENT

RegTech Summit Virtual

The RegTech Summit Virtual is a global online event that brings together an exceptional guest speaker line up of RegTech practitioners, regulators, start-ups and solution providers to collaborate and discuss innovative and effective approaches for building a better regulatory environment.

GUIDE

Entity Data Management Handbook – Seventh Edition

Sourcing entity data and ensuring efficient and effective entity data management is a challenge for many financial institutions as volumes of data rise, more regulations require entity data in reporting, and the fight again financial crime is escalated by bad actors using increasingly sophisticated techniques to attack processes and systems. That said, based on best...