Contact Info


706 Brewster Avenue Montreal, Qc, H4C 2K1

USA Office:

440 N Wolfe Road Sunnyvale,CA 94085
Follow Us


Threat Intelligence Gateway | Scalable Network Security



NoviFlow’s CyberMapper is a high-performance Domain Specific Controller. CyberMapper implements a powerful Threat Intelligence Gateway that can accelerate and scale cybersecurity and packet brokering processes into the Terabit scale in a single switch using open standard interfaces such as OpenFlow, gRPC and P4-runtime.

CyberMapper enables NoviWare™ compatible switches (such as NoviFlow’s NoviSwitches and select white-box switches) to deliver packet filtering, threat mitigation and load balancing directly in the network fabric in a simple, scalable, compact form factor, and at a fraction of the price of conventional threat mitigation solutions.


CyberMapper: High-Performance Threat Intelligence Gateway

  • Reduces costs and accelerates time-to-market for security application providers
  • Scale up a cluster of application virtual machines for higher performance
  • CyberMapper load balances across the array of virtual machines, without the cost of external load balancing appliances
  • Improves performance of security applications by moving policy enforcement into CyberMapper
  • Reduces Denial of Service attacks by filtering known bad actors before traffic can enter the network fabric and network appliances
  • Faster time to market and easy integration via REST APIs of IP Reputation feeds and Cyber Security DPI server mitigation.
  • Accelerated performance and reduced costs by 30% or more of existing Cyber Security DPI and Analytics solutions.
  • Significantly reduces network complexity, latency and costs via Scale-Out NoviSwitch hardware deployed anywhere in the network with unlimited linear scalability.
  • Orders of magnitude better performance up to 6.4 tbps is a single NoviFlow NoviSwitch and port speeds up to 100 gbps.
  • Increased capacity per filtering point and ability to filter on up to millions of rules.
  • Non-destructive load balancing and failover. Ideal for stateful DPI Servers and Web Content Filtering Clusters.
  • Multiple NoviSwitches can be installed through network for mitigation/enforcement at network blind spots.
  • Evolved security architecture separates analytics and detection from mitigation/enforcement.
  • Protocol white lists offloads protocol types that do not need analysis.

CyberMapper Threat Intelligence Gateway Data Sheet

SDN threat mitigation with Telemetry

NoviFlow’s CyberMapper Threat Intelligence Gateway +

Barefoot Networks’ Deep Insight Network Monitoring System.

Optional Feature: Dynamic In-Line Packet Broker Services

NoviFlow’s Dynamic In-line Packet Broker Services are an optional (separately licensed) extension to NoviFlow’s CyberMapper and thus inherit all the CyberMapper services.

NoviFlow’s Dynamic In-Line Packet Broker Services deliver optimized flow monitoring and acquisition functions without requiring the use of optical taps to duplicate packets on the main network and transmit them to a monitoring and analytics network. For ease of use and integration into existing brownfield networks, DIPB implements Tap and Filtering services via programmable SDN technology controlled through RESTful APIs. This virtualizes the entire process of traffic monitoring with a tap/filter, and eliminates the cost and time required to install physical tap hardware, enabling traffic to monitored dynamically whenever needed under the control of security or orchestration packages.


Below are the key services provided by the Packet Broker extensions to CyberMapper:

Terabit Throughput Services: The most disruptive feature of the Dynamic In-Line Packet Broker Services is Terabit performance, offering a new level of throughput at a far more affordable price point.

Dynamic Tap/Select Services: NoviFlow’s DIPB Services deliver the ability to dynamically initiate and manage taps and filter network traffic via SDN. Functions include bump-in-wire, dynamic taps (simple or bi-directional), dynamic filter (traffic steering), select on encapsulated IP Header, and select on Protocol.

In-switch Load Balancing to service Tool devices and VNFs with different throughput capabilities, easily accommodating environments where a number of Tools have been added over time and thus vary in capabilities. Enables dynamic scaling of Tool Farms in real-time, and non-destructive fail-over while protecting stateful information (metadata) about flows as virtualized tools are spun up or down in response to changes in traffic.

NoviFlow’s DIPB moves Packet Broker technology into the SDN world. For ease of use and integration into existing brownfield networks, these services are implemented and controlled via a RESTful API.

DIPB’s Multi-Tenant Port Pairs capability allows flows from multiple sources (tenants) to be processed by the same Tool Farm. This provides a significant reduction in cost per port.
Finally, DIPB comes with a web-based dashboard that presents the activity and allocation of the flow Load Balancing to the Tool Farm in real-time.

CyberMapper Dynamic Packet Broker Services Option Datasheet