NNSquad - Network Neutrality Squad
[ NNSquad ] Deep Packet Inspection equipment for Tier 1
------- Forwarded Message From: David Farber <dave@farber.net> To: "ip" <ip@v2.listbox.com> Subject: [IP] Deep packet inspection at 80 Gbps Date: Mon, 12 May 2008 20:52:10 -0400 Begin forwarded message: > From: Roger Bohn <Rbohn@ucsd.edu> > Date: May 12, 2008 7:48:39 PM EDT > To: David Farber <dave@farber.net> > Subject: Deep packet inspection at 80 Gbps > > For IP if interested. Excerpted. > > http://arstechnica.com/news.ars/post/20080512-throttle-5m-p2p-users-in-re= al-time-with-800000-dpi-monster.html > Throttle 5 million P2P users with $800K DPI monster > By Nate Anderson | Published: May 12, 2008 - 05:00AM CT > Procera Networks will announce today a new standard in deep packet=20=20 > inspection (DPI) gear: an 80Gbps monster called the PacketLogic=20=20 > PL10000 that is targeted at tier-1 network operators. At up to=20=20 > $800,000 a unit, these aren't cheap, but when you want to throttle,=20=20 > inspect, and shape traffic in real-time on a major network, this is=20=20 > now the fastest thing on the market (and by a large margin). > ....... > The PL10000 can handle up to 5 million subscribers and can track 48=20=20 > million real-time data flows. That's certainly a potent piece of=20=20 > hardware, but larger ISPs will need more. That's why Procera=20=20 > designed the new machines with full support for synchronizing=20=20 > traffic flows where return traffic might be routed to a different=20=20 > PacketLogic machine. The machine receiving the return traffic can=20=20 > make the machine monitoring the outbound traffic aware that it sees=20=20 > the other half of a TCP/IP conversation, for example, giving the=20=20 > devices more accuracy than those which might only have access to one=20= =20 > side. The capability also incurs overhead of only 2-6 percent, far=20=20 > better than the 25 or 50 percent sometimes seen in competing products. > > ........ > > DPI gear in general is astonishing technology, able to drill down to=20= =20 > the packet level in real time, but the PL10000 can do this at 80Gbps=20= =20 > with 96 percent accuracy. But how does it fare with P2P content,=20=20 > especially when it's encrypted? This is one of the key issues for=20=20 > ISPs using DPI gear as a less-expensive alternative to increasing=20=20 > capacity. I spoke James Brear, Procera's CEO, and Jon Lind=C3=A9n, the VP= =20 > of Product Management, about the issue. While they did not break ou=20 > t specific accuracy numbers on P2P, they indicated that Procera was=20=20 > quite good even at sniffing out encrypted P2P traffic. > > Breaking such encryption in real-time isn't currently possible, nor=20=20 > is it desirable from a privacy perspective, but Procera doesn't need=20= =20 > to; most P2P protocols can be detected simply by analyzing header=20=20 > information, handshake peculiarities, or the way in which a=20=20 > particular application exchanges encryption keys. Such telltale=20=20 > traces can give away various kinds of encrypted traffic, and while=20=20 > the information within remains secure, the entire flow can be shaped=20= =20 > or blocked if desired by the ISP. (Note that this alone isn't enough=20= =20 > to filter copyrighted content, but it can put the kibosh on entire=20=20 > protocols that might be heavily used for copyright infringement.) - ------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=3Dnow RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com