Netflix released an article about how they use eBPF in order to track and analyze network application traffic without having issues with ressources as well as without having to load extra kernel modules, which almost always break, when the next kernel update is installed.
In my opinion eBPF will change a lot like JavaScript did, not only network analysis, but also for security products (like advanced endpoint protection, antivirus, forensic tools, etc), for interface extensions, monitoring systems and so on.
Netflix article about how they use eBPF: https://netflixtechblog.com/how-netflix-uses-ebpf-flow-logs-at-scale-for-network-insight-e3ea997dca96?gi=669388aa6aa6
No comments:
Post a Comment