In my last post I alluded to the fact that Deep Packet Inspection (DPI) technologies could be used by businesses to try and reduce the possibility of ‘inappropriate’ employee use of bandwidth and wrongful or accidental transmissions of confidential IP. In that last post I was talking about IT security, and this post will continue to reflect on DPI technologies’ applications and benefits to and for corporate environments.
A Quick Refresher on DPI
The “deep” in deep packet inspection refers to the fact that these boxes don’t simply look at the header information as packets pass through them. Rather, they move beyond the IP and TCP header information to look at the payload of the packet. The goal is to identify the applications being used on the network, but some of these devices can go much further; those from a company like Narus, for instance, can look inside all traffic from a specific IP address, pick out the HTTP traffic, then drill even further down to capture only traffic headed to and from Gmail, and can even reassemble e-mails as they are typed out by the user. (Source)
For a slightly longer discussion/description of DPI I suggest that you look at the wiki page that I’m gradually putting together on the topic of Deep Packet Inspection.