Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
|
google unix.com
|
|||||||
| Forums | Register | Forum Rules | Links | Albums | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
 |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| S-096: Application Inspection Vulnerability in Cisco Firewall Services Module | iBot | Security Advisories (RSS) | 0 | 12-24-2007 09:40 AM |
| recursion too deep | swamy455 | Shell Programming and Scripting | 3 | 07-18-2005 03:18 PM |
| Getting an ACK for RAW SYN packet | zampya | High Level Programming | 17 | 05-24-2004 09:15 PM |
| I need to ls all files in 4-6 deep dirs | gforty | UNIX for Dummies Questions & Answers | 4 | 09-18-2003 05:18 PM |
| Seeing IP packet | manjunath | IP Networking | 4 | 09-15-2002 11:46 PM |
 |
Powered by 
|
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
|
|
05-29-2008
|
|||||
|
|||||
|
Using Deep Packet Inspection
Large companies are now starting to evaluate deep packet inspection technologies for several different purposes and a lot of questions are being made for network/security professionals about this technology. Let's talk about some of these questions:
First: What is Deep Packet Inspection? Deep packet inspection (DPI) is a form of packet analysis that examines the entire payload of a packet (sometimes at wirespeed) searching for non-protocol compliance, viruses, spam, intrusions, applications (P2P programs using well known ports like port 80 per example) to decide if the packet can pass or if it needs to be routed/rated/blocked, or for the purpose of collecting statistical information. Second: What's being done related with Security? DPI enables advanced security functions like full packet string search that enable administrators to identify/block Layer 7 attacks like virus, worms, spam, etc with less false positives. Also Law Enforcement Agencies are start using DPI for Lawful Interception in core IP networks. Third: What's being done related with Network? DPI is being used for companies/carriers for Internet data mining, application traffic control and network visibility. It enables companies/carriers to control non desired applications (P2P, Video Streaming, etc) wich consumes bandwidth with control and don't generate revenue (for carriers), allows administrators to identify users that are using non permited applications (for companies). With network visibility administrator can identify more easily network pain points (bottlenecks) and plan better the nework growth. Fourth: What else? There's several other applications that DPI can help.
DPI is a controversial technology (some says that DPI can change the Net neutrality) and there's rumors that is being used for Internet censorship. In my point of view like everything else DPI can be used for the good or the bad...It's always up to us to decide. It really works? I evaluated some DPI technologies and for sure there's a lot of beneficts that administrators can get with it. There are limitations but in the overall It really works. My recomendation? See for yourself! Regards More... |
|
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Hybrid Mode
