A new project has its goal to capture 40G rate traffic on a specified schedule.
- security breaches,
- misbehaviours or
- faulty appliances
it is utterly useful to have virtual traces fully recorded.
- You can record the whole Ethernet packet.
- You can trim its payload in case only headers are important for later analysis.
- You can filter the traffic based on IP address and TCP/UDP port.
- First, capture the traffic into the RAM.
- Second, store it on disk.
- Average SSD disk speed is about 500 MB/s
- SATA 3.0 speed is 6Gb/S
It looks a solution could be one of the following or both
- PCI + high-speed SSD disk