Deep Packet Inspection
This article describes how deep packet inspection (DPI) is different from other types of packet processing. Most packet processing is done via the IP header, but deep packet processing inspects the packet contents. How does DPI help to secure a network? What are the different approaches to DPI? Make sure you can explain the three techniques used in DPI and name some of the tools used for packet analysis.
Summary
Traditionally, control and regulation of Internet traffic have been managed by a firewall in the router device. However, routers can only scan the header of an IP packet which contains source, destination addresses, and some next-hop routing information.
Deep Packet Inspection is a technology that allows a service provider to analyze network traffic in real-time using the payload (IP packet content), not merely the IP header. Packets are inspected based on rules assigned by an enterprise, government, or internet service provider. Only packets that clear the inspection can enter the network. Even encrypted data can be analyzed.
DPI can effectively monitor, speed up, slow down, block, filter, make decisions about the traffic. Mobile and broadband service providers widely employ DPI analyzers in their networks. However, unless used judiciously, DPI can also result in an invasion of data privacy and other internet governance issues.
Source: https://devopedia.org/deep-packet-inspection
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.