SDWAN FAQs -Deep Packet Inspection (DPI) / Visibility
FAQs
1. Is it possible to use the level 7 data from DPI for routing, QoS, and filtering policies?
2. What are the possibilities of inspection when SAP is used?
3. What are the possibilities of inspection when Citrix is used?
4. What configuration is needed?
1. Is it possible to use the level 7 data from DPI for routing, QoS, and filtering policies?
Yes. Routing, QoS and Policies can be based on parameters of level 3, 4 and 7.
2. What are the possibilities of inspection when SAP is used?
SAP proprietary application uses well known TCP port 3200, so, identification is easy. For SAP in the public cloud, please, see below about identification in public clouds.
3. What are the possibilities of inspection when Citrix is used?
Citrix allows inspection with granularity at two levels, the first level consist in identifying various applications and the second level consists in identifying different levels of priority that may be necessary for transporting application information within a single application (Citrix provides 4 priority levels: for audio “Very High”, “High” for the visual user interface, for MediaStream “Medium” and “Low” for printers and series and parallel ports). This last form of classification is the most interesting, since it provides a higher granularity and guarantees the necessary priority according to the criticality of the data transmitted. This second level is supported by the DPI (note, it requires to configure ICA in Multi-Stream mode, which implies the transmission of each priority level in a different TCP session).
4. Would it be possible to identify applications in the public cloud such as Salesforce, YouTube, Facebook, WhatsApp, Instagram, Skype, Snapchat, Twitter, Spotify, Google+, Telegram, LinkedIn, Viber, Pinterest or Flickr (cell phones or PCs?
Applications in public cloud are not easy to identify as they use several simultaneous connections to distribute load and roles in different servers, then it is required to have predefined them. For instance, for Salesforce, identification is done by IP address, as indicated clicking here, for Microssoft365 identification is based on domain names and IP addresses and it is available here, in general, information is usually accessible from sources and third parties, for instance for Facebook.
Read our latest Blog Posts
NIS 2 – Cybersecurity-related legislation in 2024
Now that 2024 is about to end, let’s have a look at this year’s cybersecurity highlights. Changes in legislation like NIS 2 (both in countries and supranational bodies, like the EU) probably rank amongst the most important. All of these changes in legislation have...
5G Networks – Cybersecurity Solutions and Threats
The arrival of 5G networks is set to shake up global connectivity, delivering unprecedented speeds, the ability to connect a vast number of devices, and ultra-low latency. However, this new technology also introduces a series of cybersecurity challenges. This blog...
Network Behavior Analysis: Key to guarantee Security and Performance
In an increasingly complex and interconnected technological environment, the performance and safety of IT networks are key aspects for any organization. Traditional monitoring and protection systems are not enough to respond to advanced threats or optimize the use of...
powered by Borlabs Cookie