SSE Services Essential Security Elements - NGDPI | MONITORAPP

Blog

Get the latest cybersecurity news

SSE Services Essential Security Elements – NGDPI

 

 

Hello, this is MONITORAPP.

Today, as in the last time, we will continue to learn more about

 

AIONCLOUD's Security Service Edge (SSE) platform, Secure Internet Access (SIA).

SIA is a Zero-Trust-based security solution and is an SSE service that includes

'SWG', 'FWaaS', 'CASB', 'NG DPI', 'ATP', and 'RBI'.

 

Following the introduction of FWaaS last time, today we will introduce NG DPI.

 


 

What is Next Gen Deep Packet Inspection (NG DPI)?

 

 

NG DPI is AIONCLOUD SIA's Deep Packet Inspection (DPI) solution.

Before we get into what DPI is, let's briefly explain the most basic of packets.

A packet is a transmission unit of data that is truncated to make it easier to transmit over a network.

In other words, all data traveling to and from a network is a collection of "packets".

 

 

 

 

 

 

 

 

 

To briefly explain the structure of a packet, a packet consists of a header and a payload (body).

The header of a packet contains information such as the origin and destination IP addresses, port number, and protocol type.

Packet Inspection, which is the basis of DPI, primarily refers to examining the header of a packet.

By examining the headers of packets, you can perform basic traffic control by simply identifying the destination of the data.

 

 

 

 

 

 

 

 

 

This is why it's used in firewalls to block or allow incoming traffic from specific IP addresses or ports,

or in routers to forward packets by choosing the correct network path based on the packet's destination IP address.

 

 

 

 

 

 

 

 

 

 

 

 

However, typical packet analysis is limited in its ability to provide insight into the content,

detailed characteristics, or purpose of network traffic.

These limitations in data analysis have led to the emergence of a technique called DPI.

 


 

What is Deep Packet Inspection (DPI)?

 

 

 

 

 

 

 

 

 

 

 

 

 

DPI is a technique that examines the entire packet, including both the header of the data packet and the actual data (payload) inside the packet.

This allows you to analyze application-level (L7) data to identify traffic generated by a specific application or service.

With DPI, you can determine everything from the nature, source, and destination of the data being transmitted, enabling a complete analysis of network traffic in real-time.

DPI can also analyze the content of traffic and allocate bandwidth for different traffic types.

This means you can manage quality of service (QoS) to ensure the performance of certain delay-sensitive applications, such as VoIP and video streaming.

 

 

 

 

 

 

 

 

 

 

 

 

 

Various network applications, such as file-sharing applications, social media, streaming applications,

and more, can be potential security vulnerabilities that can lead to unauthorized access to corporate resources and even data breaches.

This, in turn, can very likely lead to a reduction in business productivity.

 


 

Key features of NG DPI

 

 

Organizations need a visibility solution for network traffic to prevent these potential security vulnerabilities.

AIONCLOUD SIA's NG DPI is a DPI solution

 

 

 

 

 

 

 

 

 

that provides 'network application control' and 'QoS' management functions.

 

 

 

 

 

 

 

 

Network application control is a specialized system that identifies network applications and protocols to distinguish and classify traffic that is unauthorized or intended to bypass the enterprise.

Security personnel in the enterprise can block access to unauthorized applications through the application of separate policies.

AIONCOUD SIA can identify more than 2,500 network applications and 250 network protocols and analyze their usage in real-time.

For a simple example, let's create and apply a policy

"Block all employees from using VPN applications for security reasons".

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

We created the policy by selecting All employees for the From / To condition

and selecting the entire category Applications -> 'Tunnel' for the Service.

We activated the policy, and when they tried to connect to the VPN, they were unable to connect.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

This way, we can see the traffic blocked by the policy in real-time.

 


 

Efficient network operation

 

It is also very important to operate the network efficiently with limited network resources.

AIONCLOUD SIA provides application-specific QoS management through network application identification.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

You can set the bandwidth of specific latency-sensitive applications, such as VoIP services, to ensure the performance of specific applications.

 


 

Today, we've introduced AIONCLOUD SIA's NG DPI, but you can experience a safer and more efficient internet environment with AIONCLOUD SIA,

which also offers a variety of other security solutions in one service.

 

If you are interested in learning more about AIONCLOUD SIA,

please visit https://www.aioncloud.com/secure-internet-access

 

We will introduce the rest of the features of SIA in the next post.

Thank you.

Scroll Up