LateralAccessDevice

takes you back to before the Internet

How It Works | Download LAD | Support | LAD Security | Features & Uses | Resources | Members | User Guide

How Intel’s J-1900 Can Help You With Network Management and Security

Intel released its 4-core J-1900 processor in 2013. The most remarkable thing about it was its low price. It also has very low power consumption – so low that a whole chassis with the J-1900 processor typically consumes only seven to nine watts, not including power draw for the HDD. A system with the J-1900 and a typical enterprise-class SATA HDD consumes under 14W, and can often operate without overheating in ambient temperatures up to 95° F. Even a small UPS could hold up a J-1900 device for hours, outlasting the duration of most power outages. Price and power consumption both sound good, but what can you actually do with the J-1900? Initially it was used to build some low-end laptops, until it was quickly discovered that it did not have enough stamina to run yesterday’s applications. That is not to say that the J-1900 does not have its place in your toolbox.

In addition to its low cost and low power consumption, the J-1900 motherboard comes with multiple built-in Ethernet ports, so it pairs very well with other devices to provide complementary functions. Take the typical network switch, which has dozens of ports and switches traffic very well, but has no way to analyze or store even a minute fraction of the packets it switches here and there. Add a $200 J-1900 chassis and LateralAccessDevice software plus a 6TB hard drive and for around $3.00 per port a 96-port switch gets industrial grade packet capture and monitoring capabilities. And that’s with no hassle: no changing around network topology, no reconfiguring switches, just plug it in and go. Despite their low-end reputation, with the LateralAccessDevice software J-1900 machines can capture and process network data at aggregate speeds up to 940Mbps and up to 100,000 packets per second.

In practical terms, the J-1900 is a handy way to add inexpensive packet capture throughout computer networks, making it possible to deploy packet capture proactively and permanently, rather than after the fact. Continuous, or permanent, packet capture has many virtues, not the least of which is the ability to capture problems when they first occur and in their entirety. This is equally true for debugging and troubleshooting, as well as for investigating security incidents. When considered solely from the perspective of cost, compare the cost of installing a few J-1900-based devices to the cost (in both time and money) of having someone running around with an expensive laptop here and there to do spot captures. Roving laptops also have issues with capacity and accuracy when compared to standalone packet capture appliances of any size. Time and monetary costs aside, packet capture on a laptop is fundamentally a strange proposition, given laptops’ extreme portability and their limited data protection capabilities should they walk off the premises with copies of the companies’ network data and communications. J-1900-based packet capture makes it affordable to get industrial-grade packet capture all the time and have it available the instant it is needed.

While some large switches have built-in storage, the capacity is limited and using it degrades the performance of the whole switch – after all, switches are designed for switching, not for packet capture applications. Even if it were not to slow down the basic switching functions substantially, the miniscule storage only allows for a very limited amount of packet capture. One Gigabyte of built-in storage is good for about 100 minutes of captured data at a speed of just One Mbps. Many networks, however, have minimum utilization closer to 10Mbps or higher, taking the effective capture time down ten times or more, to mere minutes. This limited capacity substantially reduces the utility of in-switch capture as a practical solution to about null (even before factoring in the issue of degraded switching performance, which takes it well into the negative).

On the other hand, it is a far different situation to run a mirror port (or several) off a switch. Mirror ports essentially conform to the basic switching function of the switch and take little, if any, extra processing resources. This combines very handily with J-1900-based capture and at a very reasonable cost, too (around $3.00 per switching port, as mentioned above). Take the example of a managed switch, whether on the corporate campus, at a colocation facility or at a customer’s location. Hang a couple J-1900 packet capture appliances off the switch and when co-workers or customers complain of a problem, direct the switch to mirror the corresponding port(s) to one of the J-1900 packet capture appliances. It adds only marginally to the cost of the managed switch environment yet substantially to the benefit from it, with full line-rate packet capture on demand and no need to run around with a laptop, reconfigure equipment or creatively change cabling in order to get the data to diagnose the problem. Whether old or new installs, having the infrastructure already in place to get the data needed to address network problems could save hours of tech time and immeasurably on customer frustration.

The J-1900 is an oldie, but goodie, and there is good reason Intel still manufactures the J-1900 over seven years after its introduction and seems to be planning to release more low-powered processors. The J-1900 is about the right price with just enough performance to handle your network monitoring and reporting applications – perhaps not Windows or other all-purpose operating systems, but just enough for dedicated security and networking functions such as packet capture, monitoring and access control. It might just be enough for your network, too, and with its low price point, why not try it out?

LAD: LateralAccessDevice is software that turns a computer chassis into a high-performance, multi-purpose Internet / network tool that combines multi-dimensional firewalling, network monitoring, access control, packet capture, DNS, NAT and a host of other applications into one easy to use, integrated, high-security package. LAD takes you back to before the Internet!