Floodgate-Packet Filter for Embedded Devices

Floodgate-Packet Filter, by Icon Laboratories, is an embedded firewall that enables networked devices to control the packets they process. It is designed for use in embedded systems and can be used with operating systems such as VxWorks, Linux, QNX, or eCos, or in systems without an operating system. Floodgate protects against potentially malicious attacks by filtering packets before they are processed by an embedded device. It provides both threshold-based filtering and rules-based filtering. Floodgate-Packet Filter is available now.

Floodgate-Packet Filter embedded firewall - Icon Laboratories

Icon Labs Floodgate-Packet Filter Features

  • Threshold-based filtering protects against denial of service attacks and broadcast storms
  • Provided as a portable source code library that can easily be integrated into an embedded device
  • Can be added at any layer in the IP stack
  • Includes sample applications that illustrate the use of Floodgate at Layer 2 to protect against broadcast storms and at Layer 3 to protect against packet floods
  • Supports VxWorks, Linux, QNX, or eCos
  • Also works on systems without an operating system
  • Static filtering – blocks packets based on fixed criteria
  • Dynamic filtering – blocks packets in real time based on network traffic
  • Fully configurable API including control of:
    • Thresholds for enabling and disabling filtering
    • Interval length
    • Rules-based Filtering Key (IP address, protocol, port, user defined criteria)
    • Permeability controls the percentage of packets that are dropped when filtering is enabled due to a threshold crossing
  • Event logging – all threshold crossings are logged to a file or other I/O device
  • Deterministic or non-deterministic filtering (trade-off performance vs. memory usage)

More information: Icon Laboratories