This page contains a Flash digital edition of a book.
VENDOR VIEW SPONSORED AND WRITTEN BY


Encryption: will it be the death of DPI?


As more websites move to encrypt their content and user data, more questions are raised over the future of Deep Packet Inspection. But advances in heuristic classification mean that DPI systems will still be able to function in an encrypted world.


E


very time that I participate in a speaking panel on Deep Packet Inspection (DPI), someone asks,


“How do you cope with encryption?” This is a good question since we’re seeing broader deployment of secure web browsing on the Internet; in fact, Facebook publicly moved parts of their site to “https://” in 2011, and Google now defaults to “https://” for their users. What does this mean for DPI and


all the investment that operators have made in DPI technologies? Are all of the DPI-based traffic shaping systems in the market suddenly going to become use- less? Will we need to come up with new techniques to manage traffic? Fundamentally, encryption will not be


the death knell for DPI, but it will force greater innovation as operators seek to manage increasing traffic volumes, and to deliver the customer experience their subscribers demand.


The Drivers for DPI DPI is a technology that can be used for multiple purposes, but the most popular to date has been traffic shaping systems used to manage congestion, first on fixed networks, and more recently on mobile networks. It’s a cliché to talk about the rate at


which mobile data is growing, but this growth remains the dominant driver of mobile infrastructure development and deployment decisions. With the amount of mobile data almost doubling every year, even long-anticipated solutions like Long Term Evolution (LTE) only help—they are not the cure. LTE provides “only” a 3X improvement in spectral efficiency—enough to satisfy 18 months of the projected growth—but is years in


the making and will take years more to fully deploy. Other pieces of the solu- tion include small cells, Wi-Fi offload, and opening up new spectrum, but each of these is likely to provide only part of the solution. Given this reality, it is


Standalone service provider DPI products Forecast to grow to $1.6 billion in 2015 1.8


inevitable that there will be congestion in the network— because operators can’t roll out new technologies and spectrum fast enough to meet the demand. Once this congestion hits, an operator has a limited set of options: • Do nothing, and allow the users to fight it out for bandwidth. In this scenario, a single user downloading a large file can cause poor performance for everyone else in the same cell site.


• Perform simplistic traffic management and allocate each user a fixed share of the spectrum. This is better than noth- ing, but is not very efficient.


• Deploy a DPI-based traffic shaping platform and intelligently adjust the bandwidth to each user and to each subscriber individually. This allows in- dividual applications to be prioritised against each other, and can improve the quality-of-experience (QoE) for every subscriber in the cell, including the heavy users. These traffic shaping platforms have


seen strong market adoption and are expected to be a $1.6bn market by 2015.


DPI-based Platforms: Different Implementations Current DPI or Traffic Shaping platforms can be separated into two categories: those built around a general purpose


0


2011


2015


©Infonetics Research, Service Provider Deep Packet Inspection Products Biannual Market Size, Share, and Forcasts, October 2011


packet processing platform, and those built with dedicated ASICs or FPGAs. The ASIC/FPGA-based systems have


an intuitive appeal: for a given fixed problem, they can be optimised to per- form well on that problem and can offer appealing performance and price points. While they come with a long develop- ment cycle and a high development cost, these drawbacks are often overlooked in the zeal to have the densest or highest performing system. This approach is also more common when the DPI func- tionality is integrated into some other piece of equipment such as a router or a mobile network node like a GGSN or LTE gateway. These systems weren’t designed for DPI, so the functionality is shoe-horned into some limited power and space budget. A different approach uses a general


purpose packet processing platform, which uses a blade-based server that has been adapted for use as a packet processing platform by adding load balancing, special packet routing soft- ware, and multi-core processors. Here the developer uses the processor cores to execute the DPI and packet shaping


Global Revenue in $US Billions


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48