MetaProtect™ Firewall

Packet filtering in 112 ns

MetaProtect™ Firewall is a powerful, 48 x 10GbE port network appliance that performs sophisticated packet filtering in parallel between port-pairs. Filtering is implemented via per-port Access Control Lists (ACL). MetaProtect Firewall provides complete flexibility in configuration, allowing authenticated administrators to create mappings between physical port-pairs and apply ACLs to either or both endpoints. MetaProtect is architected for ultra-low-latency with packets passing an ACL being forwarded in 112 nanoseconds or less; significantly faster than most traditional firewalls.

Administrators may also define port-pairs that do not require filtering, in which case packets are passed through in 5 nanoseconds. Any ingress port, pre-or post ACL, may be configured to fan-out to multiple egress ports allowing for maximum flexibility based upon the desired filtering architecture. When a packet fails an ACL, it is not forwarded and its header is logged. 

MetaProtect Firewall is ideal for situations where a firewall solution is mandatory but ultra-low latency as well as high port density are required.

Features and Benefits

High port density 48 x 10GbE SFP+ ports in 1 RU with 32 x 10GbE Firewall filters and accelerated traffic processing capacity
Parallel filtering Cut-through filtering via 32 ACLs with up to 510 rules per ACL. Per-port filtering possible by assigning an ACL to a port.
Flexible ACLs ACLs support permit/deny rules based upon source/destination IP address/Port number. IP addresses may be wild-carded using CIDR style notation.
Ultra-low latency filtering Average filter latency of 112 ns for the minimum latency configuration (1 rule) to 187 ns for the maximum configuration (510 rules) - some of the fastest in the industry
Extensive packet statistics Advanced monitoring and capture of comprehensive packet statistics across all ports.  Support for detailed switch statistics via SNMP, CLI or InfluxDB.
Comprehensive logging
  • logged statistics of permitted and denied packets
  • individually logged events when packet fails an ACL, including packet information, date, time, ACL ID and reason
  • logged administrative ACL rule changes
  • local and remote logging via syslog