Our DPI technology additionally extracts metadata to determine traffic attributes, including bandwidth used, traffic speed, latency, jitter, user locations and types of devices. It also examines traffic behavior and detects traffic that is malicious, suspicious or anomalous.
ipoque’s DPI technology is built into its renowned DPI engines R&S®PACE 2 and R&S®vPACE. Our long-standing DPI software R&S®PACE 2 is based on scalar packet processing and caters to traffic filtering needs in traditional networks, while our VPP DPI engine R&S®vPACE, which was introduced last year, is based on vector packet processing (VPP) frameworks such as FD.io or DPDK Graph, making it ideal for more intensive computing environments. Both engines leverage an extensive traffic signature library that is updated weekly and that comprises thousands of protocol and application signatures.
Setting a new standard for deep packet inspection
DPI technology has evolved significantly over the years. With a series of ground-breaking innovations ipoque has managed to take the lead in this area. These innovations make it possible to go beyond standard DPI to offer next-gen intelligence solutions which are capable of addressing the needs of future networks. One such enhancement is performance, which is critical in addressing the rapid growth in traffic volumes. R&S®PACE 2 delivers a throughput per core of 14 Gbps on average, while its cloud-native VPP counterpart, R&S®vPACE, delivers up to three times speedup, leveraging an improved average clocks-per-packet ratio. Both DPI engines feature first packet classification, that is, identifying flows from the very first packet, allowing faster and consistent policy responses across all related packets.
Further key criteria for next-gen DPI are scalability and ease of deployment. Our DPI software boast a minimal processing footprint and can be embedded in both virtualized and cloud-native environments and scaled linearly to meet any capacity. This lean form factor allows traffic filtering to take place closer to the traffic source, minimizing latency and improving traffic performance. To give you an idea, in the case of a network with a distributed user base who accesses mostly cloud and SaaS applications, traffic does not need to be backhauled to the data center for filtering and inspection, but can instead be routed through a cloud access security broker (CASB) that is equipped with R&S®PACE 2. Similarly, for IoT use cases, R&S®PACE 2 can be deployed in the edge network close to where a smart city or an Industry 4.0 network is located.
No signature left behind
What often sets standard DPI tools apart from advanced DPI-based network intelligence solutions is coverage and comprehensiveness. A frequently updated signature library is key to any deep packet inspection solution. ipoque tops its weekly updated library with its custom service classifier (CSC), which allows customers to add their own signatures. This is especially useful for customer-specific applications and newly discovered threats. The CSC comes with a predefined list of thousands of web services, allowing customers to focus on hard-to-detect applications and threats.
Encrypted traffic intelligence (ETI) by ipoque takes application awareness to the next level by extending visibility into encrypted, obfuscated and anonymized traffic. ETI involves ML/DL, high-dimensional data analysis and advanced caching methods, such as service caching and DNS caching, to address latest protocols, including TLS 1.3 and TLS 1.3 0-RTT as well as DNS over TLS and DNS over HTTPS (collectively referred to as DoX). Encrypted traffic intelligence mitigates concerns around DPI’s limitation against encrypted traffic, and provides a future-proof method for traffic inspection as more and more network traffic becomes encrypted. ipoque is the only DPI vendor in the market who offers encrypted traffic intelligence (ETI) as part of its DPI technology, whereas rival solutions rely on third-party tools.
Powering an infinite number of use cases in modern networks with DPI
From prioritizing critical enterprise applications to safeguarding enterprise data from infiltration and data breaches, DPI is at the heart of hundreds of network use cases.
Deep packet inspection helps
- manage traffic flows intelligently
- optimize network resources
- ensure service quality
- enforce zero-trust network access and
- eliminate security risks.
The most powerful use case for DPI is perhaps the traffic insights themselves which power thousands of analytics solutions with granular records of packets, flows and applications. From application monitoring and network performance management to active probing, DPI-based analytics offer a high degree of versatility with customizable logging and reporting templates. ipoque customers can also pair their DPI engine with the R&S®PACE 2 flow data exporter plug-in which translates DPI data logs into IPFIX-encoded messages. This offers comprehensive analyses that merge NetFlow/IPFIX reporting with DPI-based insights.
The continuous research and development by ipoque in the network intelligence space and years of deployment experience have paved the way for next-gen DPI solutions that are highly adaptive to network requirements.The VPP DPI engine R&S®vPACE is a prime example of this, with its cloud-native implementation which addresses demanding, high-performant networks. The recently released long-term support (LTS) is another example. LTS delivers an up-to-date release without the need for recompiling or rebooting and eliminates regressions. LTS complements the dynamic upgrade (DU) feature by ipoque which enables signature upgrades and additions during runtime.
New milestones such as these are setting new standards for DPI performance and are pushing DPI deployments across more use cases, especially those that require leaner setups. DPI is already embedded in hundreds of appliances, VNFs and CNFs across various network environments. Both enterprise and telecom networks rely on DPI for real-time traffic visibility with various innovative use cases being announced on the market every month. Some recent innovative DPI use cases powered by ipoque are:
- Granular visibility across all edge traffic for the Graphiant Network Edge
- Application and threat awareness for Celare’s network security platform for Ethernet encryption
- Intelligent data center filtering for APCON
- Real-time traffic intelligence for BBT.live’s telco-grade SDx services
- Granular IP traffic visibility for Keenetic Limited’s portfolio of wireless routers
- Application-level IP traffic visibility for Nubewell’s SD-WAN solution
- Threat visibility for Orsec Technologies’ AI-based cyber threat hunting solution
- Real-time application classification for Barracuda’s CloudGen Firewall F Series
- End-to-end mobile network monitoring with real-time application awareness for EXFO
Why is DPI indispensable?
The rise of latency-sensitive applications and prevalence of rich content such as 8K video or virtual reality requires micro-level policies that route, optimize and control packets based on network capacity, security requirements and SLAs. With deep packet inspection, a network can be fine-tuned to the content it carries, the devices it connects to, the users it serves, its available capacity and its capabilities. Fine-grained insights by next-gen DPI support the continuous alignment of these elements, regardless of whether you are dealing with a small local area network at a branch office or a radio access network that covers an entire city. In other words, deep packet inspection makes it possible for networks to keep performing and to keep delivering a seamless and secure network experience for everyone.
Discover more details in our solution guide on next-gen DPI.