Tap Aggregation and Filtering to Enable Deep Packet Inspection (DPI)

Cover Image
The weapon of choice for service-oriented network monitoring is Deep Packet Inspection (DPI). Typically, DPI is performed by high-performance software solutions that run on standard server hardware platforms, enabling providers to identify, classify or even selectively block IP traffic. DPI is used to detect and protect against security threats and network anomalies, and facilitate wiretapping and reconstruction of relevant digital transactions.

For the technology to work, DPI must be able to unobtrusively acquire a high-fidelity replica of production traffic from multiple sources across a triple redundant network. Recently, instead of using conventional network taps, the Data Access Network (DAN) has emerged as the "Best Practice" data access and network monitoring architecture for cost-effective DPI monitoring. The DAN architecture is currently being deployed by several major carriers in nationwide rollouts. DAN has proven to save tens of millions of dollars for these telecom customers by passively tapping and aggregating tapped traffic from multiple network links, separating Service-over-IP (SoIP) from non-SoIP data using hardware based packet filters, and regenerating and logically mapping the aggregated SoIP traffic to multiple DPI analyzers in order to optimize traffic load.

Feb 8, 2021
Jul 1, 2009
White Paper
Already a Bitpipe member? Log in here

Download this White Paper!