Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Deep packet inspection (DPI) is a form of filtering used to inspect data packets sent from one computer to another over a network. DPI is a sophisticated method of packet filtering that operates at the seventh layer (the application layer) of the Open System Interconnection (OSI) reference model. The effective use of DPI enables its users to track down, identify, categorize, reroute or stop packets with undesirable code or data.
DPI is normally more effective than typical packet filtering, which inspects only the packet headers. DPI inspects the packet's data part (and sometimes the packet header) when it goes over an inspection point, attempting to find protocol noncompliance, intrusions, spam, viruses or other predefined factors to determine whether the packet can pass or whether it must be directed to another location.
With DPI, organizations can boost their network management systems without investing heavily in core network technologies.
Deep packet inspection is also known as complete packet inspection and information extraction.
DPI integrates the functions of an intrusion prevention system (IPS) and an intrusion detection system (IDS) with a conventional firewall. It is commonly used by communication engineers and service providers to manage network traffic. They can control network traffic by allocating valuable network resources to high-priority data packets and messages.
Despite its many benefits, DPI has the following limitations:
DPI is being used by governments to monitor and protect territorial cyber boundaries. DPI has also been used to inspect user activities, to maintain the security of big local and wide area networks, and to block malware and suspicious software. In addition, service providers make use of DPI to keep track of customers' Web-browsing habits. These customer details are then used by companies focused on targeted advertising.