“The shift towards the cloud calls for packet processing technologies capable of delivering the speeds, latency and cost efficiency necessary to support growing traffic volumes and the breadth of applications hosted and delivered from the cloud. The adoption of VPP, which involves vector-based batch processing using a locally-stored vertex memory cache, significantly reduces CPU and energy consumption, allowing our DPI technology to deliver unrivaled performance and scalability in cloud and virtualized environments,” said Dr. Martin Mieth, VP Engineering at ipoque.
The vPACE combines traditional DPI techniques such as statistical/heuristical and behavioral analyses with metadata extraction and encrypted traffic intelligence (ETI) to accurately and reliably identify and classify protocols, applications, and services. Advanced ETI techniques include machine learning, deep learning, and high-dimensional data analysis. They enable traffic inspection in the cloud to be extended to encrypted traffic, including using protocols and techniques such as TLS 1.3, TLS 1.3 0-RTT, ESNI, ECH, DoT and DoH.
The vPACE engine can also handle network traffic that is obfuscated and anonymized, for example, to monitor traffic delivered via CDNs and VPNs, and traffic that is masked by randomization and domain fronting.
The engine builds on the R&S PACE2, a scalar packet processing (SPP)-based DPI engine also developed by ipoque. As well as the native vector processing, vPACE adds a comprehensive, frequently updated signature library and well-defined APIs for seamless integration. It also provides support for first packet classification using smart caching techniques.
The VPP improves DPI processing speeds by a factor of three with a memory footprint of less than 400 bytes per 5-tuple connection and 700 bytes per network endpoint. It also enables thread-safe endpoint access across multiple worker cores.
This enables network functions ranging from policy control and traffic management to analytics functions with application awareness. This allows for granular traffic rules and policies to be applied not only to applications types, but also to different services such as messaging, chat and video. It also provides cloud security tools such as firewalls, IDS/IPS and UTM with timely insights on suspicious and anomalous traffic patterns for an effective detection of cyberthreats and fraud.
Vendors can license the OEM DPI engine to significantly improve their time-to-market and future-proof traffic detection capabilities.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.