Deep Packet Inspection
Most tech savvy people have probably heard the term deep packet inspection or DPI but may not be sure exactly what it entails. At a basic level, DPI is about identifying the various types of traffic that is flowing across a network. The “deep” part in the name is because in order to determine the actual application type in each packet one has to examine the data deep (meaning at the application layer) into the packet as opposed to just the TCP or UDP header information.
DPI can be used for many purposes including security—blocking known malicious applications—, lawful surveillance, traffic management or even internet censorship. As a result, once application or traffic type has been identified it is almost always followed by a decision to block, re-route, log or pass through the identified traffic. Taking some action after identification is the express purpose of DPI.
Accolade SmartNICs are very helpful to increase the capacity and efficacy of DPI. Customers typically deploy DPI software on the host and as that software identifies traffic, it tells the ANIC SmartNIC (via API calls) what action to take on that particular traffic type. The most common way to communicate the action is by updating the ANIC flow table which will in turn take the same action on all packets in a given flow.
To learn more about how an ANIC SmartNIC can help with your DPI or other needs, please contact us at [email protected].