DPI moves out of the security undergrowth

Deep packet inspection (DPI) is most commonly associated with government surveillance and security applications. Now the DPI vendors are making a big push into telecoms. Or as Dr Elan Amir, CEO of Bivio Networking claimed at the Sofnet show in London this week, "It's the operators best chance of competing against Google for advertising revenue based on highly accurate data about their users' behaviour online or mobile."   

DPI's functions include:
"¢ network and user behaviour analysis
"¢ service control
"¢ traffic management
"¢ advert insertion
"¢ content filtering
"¢ security
"¢ distributed denial of attack mitigation
"¢ peer to peer control (such as for VoIP)
"¢ domain name system protection.

Or as Peder Jungck, CEO of rival Cloudshield Technologies put it, "Until now, the telco market has been about vendors selling a box for each app - the Cisco approach. We're saying it doesn't have to be like that. Lots more is going on in Layer 7 because of SIP and it's just not practical to do it that way.'

He added, "Our CS-2000 can work around the usual RVSP mechanism for reserving bandwidth, so that instead of a VoIP call using 64kbps, it uses 16, meaning four more calls for the same bandwidth. On the other hand, it can intercept all incoming traffic and ensure each bit is routed appropriately, even altering the way data is carried if necessary - such as to accommodate a router that can't cope with MPLS."

Cloudshield is keen to move away from the stand-alone device approach: in February Cloudshield teamed up with to develop a carrier-class DPI solution on a blade that fits into IBM's BladeCenter range of chassis. Jungck wouldn't give details, but said his company was in negotiations with other vendors in the telco market.

Amir said, "A common architecture for DPI has been lacking. There is an overlap at point applications, applications take longer to develop and deploy, and cost more, and the wheel has to be reinvented for each one. DPI is a network discipline that needs a network approach."

He predicted the total global DPI market would be worth US$5 billion to US$7  billion (€3.2 billion to €4.47 billion) in the next five years, becoming the single biggest element of network spending, based on an aggregation of analysts' figures for telcos, national security networks and other security applications.

He acknowledged that DPI raises many issues about privacy and network neutrality, which needs to be balanced by regulation to safeguard individuals.