Procera Networks -- http://proceranetworks.com That will do what you want. Thanks, --- Patrick Bailey On Jun 13, 2013, at 3:32 PM, Eric Wustrow <ewust@umich.edu> wrote:
Hi all,
I'm looking for a way to block individual TCP flows (5-tuple) on a 1-10 gbps link, with new blocked flows being dropped within a millisecond or so of being added. I've been looking into using OpenFlow on an HP Procurve, but I don't know much in this area, so I'm looking for better alternatives.
Ideally, such a device would add minimal latency (many/expandable CAM entries?), can handle many programatically added flows (hundreds per second), and would be deployable in a production network (fails in bypass mode). Are there any COTS devices I should be looking at? Or is the market for this all under the table to pro-censorship governments?
Thanks,
-Eric