Exciting Announcement! In celebration of launching our AI Certification, we’re thrilled to offer a 50% discount exclusively. Seize this unique chance—don’t let it slip by!

Deep packet inspection through User Defined Filtering (UDF) with Open Packet Broker

Indeed, in enterprise environments where traditional network monitoring and filtering methods may not provide the desired level of accuracy or granularity, Deep Packet Inspection (DPI) can be a valuable solution. DPI goes a step further by analyzing the entire content of data packets. This allows for a more comprehensive understanding of the data being transmitted.

Why do we need Deep Packet Inspection?

Customization and Specific Offset Inspection: DPI can be tailored to meet the specific needs of the enterprise. Network administrators can define the offsets within data packets that they want to inspect. This level of customization enables precise filtering and monitoring based on the exact location and values within the packet.

Enhanced Accuracy: By focusing on specific offsets and values within data packets, DPI can provide enhanced accuracy in identifying and classifying traffic. This is particularly valuable when dealing with complex or non-standard protocols and applications.

Security and Threat Detection: DPI’s ability to inspect specific offsets allows for the detection of specific patterns, signatures, or anomalies within data packets. This is instrumental in identifying and mitigating security threats, including advanced and zero-day attacks.

Custom Policy Enforcement: Enterprises can enforce custom policies based on the content found at specific offsets. For example, they can filter out sensitive data, block certain types of content, or prioritize specific applications or services.

Data Loss Prevention (DLP): DPI can be used for data loss prevention by monitoring data packets for sensitive information, such as proprietary company data, and preventing their unauthorized transmission.

How does User Defined Filtering work in Aviz OPB?

User Defined Filtering (UDF) as implemented in the Aviz Open Packet Broker (OPB) built over the open-source Software for Open Networking in the Cloud (SoNiC) is a powerful and customizable network packet processing solution. This combination allows network administrators to perform deep packet inspection and filtering based on specific offsets within data packets, offering fine-grained control and flexibility.

Key aspect of User Defined filter:

Figure 1: UDF – flow diagram via OPBNOS

Using UDF, users can configure a rule to match specific bytes in the ingress packet based on a given offset to permit or deny matched packets

				
					flow flow1
network-ports Ethernet12/1
tool-ports Ethernet14/1
rule 1 permit description "UDF" udf-data 0xb166 udf-extraction-group l2 udf-offset 2 counters enable
rule 2 permit description "UDF" udf-data 0x4500 udf-extraction-group l3 udf-extraction-point ipv4 udf-offset 0 counters enable 

				
			

Figure 2: UDF based rule configuration

Figure 3: Flow configure through API’s

Aviz OPB and UDF: The Ultimate Solution for Precise Network Traffic Control

Overall, the combination of Aviz OPB and UDF offers advanced network packet processing capabilities with deep packet inspection and filtering based on specific offsets defined by network administrators. This level of customization is valuable for organizations that require precise control over their network traffic to meet security, compliance, and performance objectives with minimal cost using SONiC.

Ready to Experience the Power of Aviz OPB? Contact Us Today!

Share the Post:

Related Posts

Explore the nuances of ONES latency measurement, serving as the bedrock of accuracy and effectiveness in network latency calculations. The backend, with its thorough data collection, processing, and analysis, guarantees a holistic grasp of the

AI utilized in network management involves the deployment of artificial intelligence methodologies like machine learning, deep learning, and natural language…

The ONES Rule Engine is a sophisticated feature that enhances your network management capabilities by incorporating an integrated alert and…

Deep packet inspection through User Defined Filtering (UDF) with Open Packet Broker

Indeed, in enterprise environments where traditional network monitoring and filtering methods may not provide the desired level of accuracy or…