Tap Aggregation and Filtering to Enable Deep Packet Inspection (DPI)

Tap Aggregation and Filtering to Enable Deep Packet Inspection (DPI)

The weapon of choice for service-oriented network monitoring is Deep Packet Inspection (DPI). Typically, DPI is performed by high-performance software solutions that run on standard server hardware platforms, enabling providers to identify, classify or even selectively block IP traffic. DPI is used to detect and protect against security threats and network anomalies, and facilitate wiretapping and reconstruction of relevant digital transactions.

For the technology to work, DPI must be able to unobtrusively acquire a high-fidelity replica of production traffic from multiple sources across a triple redundant network. Recently, instead of using conventional network taps, the Data Access Network (DAN) has emerged as the "Best Practice" data access and network monitoring architecture for cost-effective DPI monitoring. The DAN architecture is currently being deployed by several major carriers in nationwide rollouts. DAN has proven to save tens of millions of dollars for these telecom customers by passively tapping and aggregating tapped traffic from multiple network links, separating Service-over-IP (SoIP) from non-SoIP data using hardware based packet filters, and regenerating and logically mapping the aggregated SoIP traffic to multiple DPI analyzers in order to optimize traffic load.

01 Jul 2009
01 Jul 2009
4 Page(s)
White Paper
Already a Bitpipe member? Login here

Download this White Paper!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.