What is DPI?
DPI is a mechanism of examining the packet from Layer 3 to application Layer 7. In addition, DPI examines signatures in the content and behavior of the packet flow and protocols. DPI-enabled RGs make decisions, based on the positive identification of any signature, rule or policy match that takes place while examining the packet payload.
DPI scans every packet in its entirety. Because services deployed to the digital home and SOHO/SMEs include time- and latency-sensitive traffic, DPI requires minimal overhead and its implementation needs to be highly optimized.
A number of key applications – such as intrusion detection/prevention systems (IDS/IPS), antispyware, spam detectors and antivirus – can leverage DPI.
DPI plays an important role in “unified threat management.” As RGs continue to evolve, they will not only incorporate interfaces for high bandwidth access and home area network. The RG will go beyond triple play and include the system-level infrastructure needed for supporting unified threat management. Such integration is essential for ensuring reliable and guaranteed service delivery.
The foundation for integrated RGs includes complex and highly efficient system-on-chip (SOC) devices. RG SOCs are purpose-built network processors that, unlike current generation processors, integrate sophisticated engines to execute performance-intensive expression processing algorithms inside the device.
To tackle the issue of high performance while carrying out deep packet inspections, gateway devices of the future are not expected to implement purely software-based DPI mechanisms. These next-generation gateway processors are expected to support DPI hardware-based assist engines to help speed the payload scanning process.
Next-generation RGs are also expected to offer native standard operating systems, like Linux, integrated with publicly available open source SNORT-based IDS packages, including antivirus agents like ClamAV. These systems leverage next-generation gateway silicon devices incorporating sophisticated DPI engines and support flexible policy languages that facilitate rule creation.
Emergence of these advanced RGs provide an opportunity for service providers to deliver an integrated triple play service offering combined with a broad set of unified threat management services to secure the digital home and SOHO/SME.
Service providers must deploy systems that natively support architectures designed to incorporate engines, like DPI, to ensure their systems do not quickly become obsolete and require replacement. With the advent of standardized and centralized network management systems, service providers could ultimately deliver managed security services to compliment their current triple play service offerings.
Vertically integrated service providers are also moving up in value chain by deploying video servers and their associated ecosystem. With DPI and unified threat management, service providers can now integrate security servers in their core infrastructures that effectively interwork with their deployed RGs and SOHO/SME gateways.