The FPC-enabled DPI engine, R&S®PACE 2 provides instant application detection and consistent policy enforcement from the very first packet in a flow. In this article, we examine how FPC benefits some of the major application categories.
First packet classification delivers speed and stability for critical 5G NR applications
Applications like autonomous driving, remote surgery and industrial automation demand ultra-low latency and 100% reliability. These applications rely on real-time data exchange with zero tolerance for delays or packet loss, as inefficiencies can lead to major physical consequences. For instance, in industrial automation, a delay in data transmission can cause machinery to malfunction, leading to production halts or even accidents. A combination of ultra-reliable low latency communication (URLLC) as part of 5G New Radio (5G NR) and first-packet enabled DPI allows for instant routing via URLLC segments from the very first packet, ensuring critical data is prioritized and delivered without delay.
FPC-enabled DPI can be embedded in edge routers, industrial gateways and real-time communication modules. It enables these devices and functions to ensure that latency-sensitive data packets are identified and prioritized instantly, enhancing the overall performance and reliability of these highly-critical URLLC systems.
First packet classification ensures premium QoE for high-bandwidth needs
High-bandwidth, low-latency applications, such as VR/AR gaming, 4K/8K video streaming, rich communication services (RCS) and video conferencing, require lightning-fast classification to minimize latency caused by sub-optimal routing of the first few packets and subsequent rerouting of the remaining flow. With first packet classification, DPI provides instant classification that ensures every packet is routed according to the underlying application’s bandwidth and performance needs. For instance, streaming 4K videos on Netflix requires nine times more bandwidth compared to the SD video bitrate of lower resolution YouTube videos1. Instant classification ensures that initial packets of common video flows, such as gQUIC or IETF QUIC connections, can immediately be handled by the correct QoS profile.
Likewise, embedding DPI with FPC in CDNs, media gateways and load balancers allows these systems to route high-bandwidth application traffic quickly and accurately. It ensures that the necessary quality of service (QoS) requirements are maintained across every flow, even for the smallest flows, with bottlenecks, latency spikes and packet loss identified almost instantaneously, and optimization measures meted out in time.
First packet classification for end-to-end, 360° security for enterprise apps
Enterprise applications such as CRM and ERP need end-to-end security protection. DPI with FPC accelerates threat detection by identifying malicious IP addresses and domains through techniques such as FPC-IP and FPC-DECA. This ensures that initial packets of malicious flows are promptly intercepted and potentially blocked. For example, it can prevent a man in the middle (MiTM) attacker from attempting file exfiltration such as intercepting sensitive data like email addresses, social security numbers or bank account information.
Advanced DPI analysis is necessary for detecting more subtle anomalies and sophisticated threats. Integrating first packet classification in a DPI engine, in turn, empowers firewalls, secure web gateways and IDS/IPS in enterprise networks to enforce security and access policies. Once in-depth insights from DPI start pouring in, initial results for FPC can be validated and further advanced decoding can be applied, where necessary. This helps reducing the CPU and memory overheads caused by deep protocol decoding through selectively analyzing flows.
First packet classification fulfils ultra-reliability needs with in-order delivery
The finance sector currently ranks as the second most targeted industry in terms of cyber attacks2. Applications that involve large financial transactions, such as online banking and stock trading, demand high reliability and security. On top of that, these applications must ensure data integrity and in-order delivery. FPC-enabled DPI aids in the rapid identification of intrusion attempts, particularly those originating from unknown IP addresses or malicious C&C servers. By utilizing readily available header and DNS information, DPI can prevent illegitimate connections from forming in the first place. It thereby helps avoid fraudulent transactions or theft of sensitive data through man-in-the-middle (MiTM) attacks.
In addition, out-of-order delivery can create operational challenges for financial applications and systems as it leads to processing delays. Malicious actors can leverage these delays to their benefit by injecting or replaying data packets, making it hard for financial systems to track and validate the integrity of the transaction.
Cloud-based security solutions, such as next-generation firewalls (NGFWs), security service access edge (SASE) and security service edge (SSE), deployed in financial sectors also stand to benefit significantly from DPI’s FPC feature. It enables these gateways to identify sensitive data and transactions as soon as they hit the network. This allows application owners to maintain compliance with applicable regulatory standards, for example regarding data privacy and sovereignty regulations, where citizen data is required to be processed and stored in local data centers.
First packet classification offers lightweight classification for resource constrained IoT environments
The total data volume of connected IoT devices worldwide is projected to soar to 79.4 zettabytes (ZBs) by 2025, up from 13.6 ZBs in 20193. IoT device communication, encompassing applications such as smart homes and IIoT, demands highly efficient resource utilization due to constant pings to the network, devices’ power restrictions and in some cases, the transmission of heavy data such as CCTV footage. In certain M2M networks, for example LPWANs, running every packet through a full-fledged DPI analysis can be overkill, especially in repetitious transmissions.
For this class of applications, FPC provides a lightweight classification, thus reducing the processing load on devices with limited resources and improving battery utilization. For 5G networks carrying diverse traffic types, FPC-enabled DPI can accurately and instantly classify massive machine-type communications (mMTC) traffic, which allows operators to execute accurate slice allocation for thousands of concurrent sessions.
Gearing up for next-gen applications
The emergence of the metaverse, omniverse and extended reality will unleash new applications that are set to redefine human experiences. These and other developments in today’s app market demand greater network responsiveness and dynamics. Next-gen DPI with first packet classification provides networks with bite-sized intelligence that can be applied to lightweight use cases. It also supplies them with full-course analytics for use cases that rely on deeper insights, paving the way for truly optimized networks that bring performance, cost efficiency and user experience to the next level.
To learn more about the first packet classification technology from ipoque, download our data sheet.
To see our first packet classification in action, watch our product demo.
Sources:
[1] https://www.cisco.com/c/en/us/solutions/collateral/executive-perspectives/annual-internet-report/white-paper-c11-741490.html
[2] https://www.ibm.com/reports/threat-intelligence
[3] https://www.statista.com/statistics/1017863/worldwide-iot-connected-devices-data-size/
