Defending the Internet at scale
Posted on 03 April 2013.
A decade ago, engineers tackled the C10K scalability problems that prevented servers from handling more than 10,000 concurrent connections. This problem was solved by fixing OS kernels and moving from threaded servers like Apache to event-driven servers like Nginx/NodeJS.

This talk from Shmoocon 2013 is about the next level in scalability: systems that handle 10 MILLION concurrent connections. Such systems already exist, though instead of being called “servers” they are called “devices”, like firewalls, IPS, DPI, load balancers, carrier NAT, etc.

It’s not hardware that makes these systems scale, but software. Indeed, many of these scalable “devices” are simply x86 servers with a different logo on the front panel. This talk broadly covers the major areas of making a scalable system from a standard x86 desktop, discussing asynchronous event driven design, custom stacks, multi-core programming, low-level optimizations, and security.



Author: Robert David Graham CEO of Errata Security Created the first IPS (BlackICE Guard), which is now sold as “Proventia”, which scales to 10 million concurrent connections on x86 hardware.





Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //