Deep Packet Inspection

Deep packet inspection is a networking technology for analyzing data packets in more detail than traditional packet filtering. Deep packet inspection (DPI) looks at more than just the packet header, which is the minimum inspection that traditional packet filtering performs. This reveals more information about what the packet’s carrying and allows networks to catch potential threats and better manage traffic.

How deep packet inspection works

Firewalls use DPI to examine not only the packet headers but also the data within a packet. Traditional packet filtering only looks at the header, which provides basic source and destination information (the IP address from which the packet came and to which it’s going). DPI searches for data within the packet that will give more information about its source and intent, such as its port (the type of network connection or application). Then, if the traffic is harmful, the firewall or system that’s using DPI can drop the packet.

DPI can be used in intrusion detection and prevention systems to track previously recognized threat patterns in packets. IDPS uses insights from a database of information about packets, comparing new network transmissions to past ones. DPI can also be used for outbound traffic, not just inbound.

Because it requires additional analysis, DPI can significantly slow a hardware-based firewall’s performance, especially if the packets come through an HTTPS connection and need to be decrypted and re-encrypted.

DPI for political and national censorship and influence

DPI in China is used to manage IP requests for websites that the government does not want its citizens to see. This includes websites with political views that contradict the Chinese Communist party or just free search engines (Google included). In its Great Firewall, the Chinese government drops packets or reroutes them to different IP addresses than the intended IP destination.

This is one of the most large-scale examples of the ways DPI can be used to influence Internet traffic. Internet service providers in the United States use DPI, too. ISPs monitor their customers’ traffic closely. They can redirect traffic to websites of their choice or throttle IP addresses to which they don’t want their customers to go. This doesn’t always happen with every service provider, but it’s a possibility. ISPs may also sell data about their customers’ Internet traffic to third parties, including government agencies.

 

Jenna Phipps
Jenna Phipps
Jenna Phipps is a writer for Webopedia.com, Enterprise Storage Forum, and CIO Insight. She covers data storage systems and data management, information technology security, and enterprise software solutions.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Embedded Analytics

Embedded analytics brings self-service business intelligence to everyday application users.

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their workforce operations. They provide a central platform for human resources professionals...

Complete List of Cybersecurity Acronyms

Cybersecurity news and best practices are full of acronyms and abbreviations. Without understanding what each one means, it's difficult to comprehend the significance of...

Human Resources Management System

A Human Resources Management System (HRMS) is a software application that supports many functions of a company's Human Resources department, including benefits administration, payroll,...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...