[WEBINAR] Better to Ask Permission? Best Practices for Privacy and Security

Deep Packet Inspection (DPI)

Definition - What does Deep Packet Inspection (DPI) mean?

Deep packet inspection (DPI) is a form of filtering used to inspect data packets sent from one computer to another over a network. DPI is a sophisticated method of packet filtering that operates at the seventh layer (the application layer) of the Open System Interconnection (OSI) reference model. The effective use of DPI enables its users to track down, identify, categorize, reroute or stop packets with undesirable code or data.

DPI is normally more effective than typical packet filtering, which inspects only the packet headers. DPI inspects the packet's data part (and sometimes the packet header) when it goes over an inspection point, attempting to find protocol noncompliance, intrusions, spam, viruses or other predefined factors to determine whether the packet can pass or whether it must be directed to another location.

With DPI, organizations can boost their network management systems without investing heavily in core network technologies.

Deep packet inspection is also known as complete packet inspection and information extraction.

Techopedia explains Deep Packet Inspection (DPI)

DPI integrates the functions of an intrusion prevention system (IPS) and an intrusion detection system (IDS) with a conventional firewall. It is commonly used by communication engineers and service providers to manage network traffic. They can control network traffic by allocating valuable network resources to high-priority data packets and messages.

Despite its many benefits, DPI has the following limitations:

  • It is capable of producing new vulnerabilities in addition to protecting against the present types. Although it is successful against denial of service attacks (DoS attacks), buffer overflow attacks, and some kinds of malware, DPI could also be used to trigger those same types of attacks.
  • It increases the complexity and cumbersome character of firewalls as well as other security-based software.
  • It requires periodic updates and alterations to stay optimally efficient.
  • When DPI is implemented, the processor remains busy and ultimately cannot free its resources for other user applications. This adversely affects the speed of the computer.

DPI is being used by governments to monitor and protect territorial cyber boundaries. DPI has also been used to inspect user activities, to maintain the security of big local and wide area networks, and to block malware and suspicious software. In addition, service providers make use of DPI to keep track of customers' Web-browsing habits. These customer details are then used by companies focused on targeted advertising.

Share this:

Connect with us

Email Newsletter

Join thousands of others with our weekly newsletter

The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.