Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Passing Packets: Net Traffic Under Ever More Scrutiny

One of the design goals of the Internet Protocol was easy routing. The router only had to look at address information in the packet header to determine what to do with the packet. The whole process was designed to be payload-independent: The routing device did not even need to know what type of content the packet carried, or how it was encoded.

My, how times have changed.

Network managers now want to make all kinds of decisions"many of them Draconian"based not on the source or destination addresses of a packet, but on its content. Spam must be recognized accurately and filtered out, or the growing impact on knowledge-worker productivity will be so large that it will have to be discussed in the annual report. Not to mention that some types of spam could expose the enterprise to legal liability.

Viruses, worms, Trojan horses and many other types of executable code are to be excluded. Some types of technically harmless but emotionally objectionable content are to be shut out as well. And, increasingly, there are institutional policies to be followed, about not only what may come into a network but also what may leave it.

The only answer is to inspect the content of individual packets-even if they are compressed, camouflaged or encrypted-and to make decisions based on what is found there. But to impose this task high in the network, at an access point, an enterprise gateway or even on the backbone itself, is to accept crippling performance demands. Vendors are now responding with innovative hardware accelerations to meet the challenge, claiming wire-speed deep-packet inspection is not only an achievable goal, but a reality.

  • 1