Deep Packet Inspection

Apr 14
07:48

2009

Marcia Henin

Marcia Henin

  • Share this article on Facebook
  • Share this article on Twitter
  • Share this article on Linkedin

About DPI – Deep packet inspection, and how it is used for bandwidth monitoring and network protection such as out going spam protection.

mediaimage

Deep Packet Inspection is also known as Information eXtraction - IX and complete packet inspection.  It is a kind of PC network packet filtering that examines the data and header region of packet,Deep Packet Inspection Articles as it passes a review point, looking for protocol non-compliance, spam, viruses, predefined criteria, or intrusions for deciding if that packet is eligible may pass or in case it requires passing through a different location, or for collecting statistical data.

This is contrary to Stateful Packet Inspection also known as Shallow Packet Inspection that checks the header region of the packet.

DPI and filtering not only helps in advanced security operations, but also in online data mining, censorship, and eavesdropping. Proponents of online neutrality fear that Deep Packet Inspection technology can be used for reducing the receptive of Internet. This technology is in use by various service providers, governments, and enterprises in many applications for varies purposes such as bandwidth monitoring.

DPI compounds the practicality and working of IPS (Intrusion Prevention System) and IDS (Intrusion Detection System) with a conventional stateful firewall. Thus, this combination helps in detecting certain attacks that neither IPS nor IDS nor stateful firewall is able to capture.

Stateful firewalls are not able to capture events that are beyond the limits of a specific application. IDSs are capable enough for detecting intrusions, but have little capability for blocking such attacks.

In fact, Deep Packet Inspections is used for preventing attacks from worms and viruses at the speed of wires. To be more specific, DPIs are very efficient against Denial of Service attacks, outgoing spam protection, buffer overflow attacks, and sophisticated intrusions.