NVIDIA nForce4 Chipset Preview
Networking and NVIDIA
In keeping with some of NVIDIA's most recent nForce products, a lot of nForce4's improvements center on features that appeal to a broad range of home and office users. The chipset's storage functionality is one example and its improved networking capablities also qualify.
Of the few complaints that many had against the nForce3 Ultra, higher-than-average host processor utilization was one of most significant. The chipset easily enabled higher network bandwidth than any other Gigabit Ethernet controller, yet it did so consuming just a bit more processing power.
With the addition of NVIDIA's hardware-based firewall, the problem was exacerbated. In response, all three models of nForce4 include Firewall 2.0 and the popular Gigabit Ethernet controller. However, only the SLI and Ultra variations come with ActiveArmor, the marketing name given to a new engine that accelerates both the firewall and Gigabit Ethernet functions of the chipset. NVIDIA claims that the overall impact is a significant reduction in processing overhead, which manifests itself as more computational power available to other applications.
* Compared to a typical software firewall, which can consume up to 75% of available processing resources, ActiveArmor purportedly reduces that number to 10%
According to NVIDIA, its Firewall 2.0 includes both firewall and anti-hacking technologies. It supports stateless packet inspection, which is your basic filtering function that either denies or allows packets based on a number of possible variable, and stateful inspection of TCP and UDP packets, which functions similarly to stateless, only it applies rules on a per-connection basis, conserving performance since not every connection is subject to the entire list of rules.
Firewall 2.0 supports a Web-based management interface, selectable security profiles, port blocking, remote admin, and a wizard to simplify the tool's many functions for less advanced users. NVIDIA defines the package's anti-hacking feature set as anti-IP-spoofing, anti-sniffing, anti-ARP cache-poisoning, and ant-DHCP serving, all of which it claims are most important in corporate environments. Similar to other popular software firewalls, NVIDIA's implementation supports application-based filtering through the Intelligent Application Manager, which is effective for blocking unintended outgoing network traffic.