Network performance optimization and security analytics - DPI
Deep Packet Inspection, or DPI, is defined as the inspecting of the payload of data to determine its content and potentially making a decision based on the result. A typical placement of a device capable of processing packets in either real time or collection for processing later is shown in figure 2. In most cases the DPI device would be on a switch SPAN port and may sit in one of many places in between proxies, routers, switches and firewalls depending on the provider’s network configuration.
The purpose of the DPI device is to analyze the content of information transported by the network and then make a decision based on the result. This may sound like Quality of Service (QoS) at some level, but most QoS decisions are made by the determination of the protocol used, not by the data within the packet. Where QoS typically operates at layers 2 and/or 3 of the OSI model, DPI can operate from layer 2 all the way through to layer 7. See Figure 2.
Figure 2 – OSI Layers
Consider the conceptual packet diagram in Figure 4. QoS would typically see the protocol section of the packet and might identify the pack as a voice over IP packet. It would then instruct the routers to treat the packet with a higher priority to ensure good voice quality. DPI opens the door to inspecting the data or content portion of the packet and handling or billing the packet differently based on rules defined by the service provider. DPI might identify the data as a video or music over http and meter the transmission for a higher charge than email.
Figure 3 – VOIP Packet
We offer services for DPI Implementation along with Network Optimization.
This is integrated in our end to end security and network optimization specifically designed to benefit high scale internet infrastructure such as that for telco’s.