Deep Packet Inspection (DPI) is the foremost technology for identifying and authenticating protocols and applications (IP flows or sessions in general) conveyed by IP. Deploying DPI opens up many opportunities for ISPs and carriers including new sources of revenue, solving bottleneck issues and guaranteeing Quality of Service (QoS).

Looking at Shallow vs. Deep Packet Inspection

The standard packet inspection process (a.k.a. shallow packet inspection) extracts basic protocol information such as IP addresses (source, destination) and other low-level connection states. This information typically resides in the packet header and reflects only rudimentary information about the communication.

The inspection level in the shallow inspection process is insufficient to reach any application-related deductions. For example, if a packet is the result of an application trying to set up additional connections for its core operation, an examination of the source or destination addresses as they appear within the packet header itself will not reveal any useful information regarding the connections to be used in the future, as requested by the application. Furthermore, as in this example, it is very common that the necessary information is spread over several packet transactions; and once again, examination of the header information alone overlooks the complete transaction perspective.

DPI, on the other hand, provides application awareness. This is achieved by analyzing the content in both the packet header and the payload over a series of packet transactions. Consequently, DPI provides the ability to analyze network usage and optimize network performance, thereby playing a crucial role in the equation between supply and demand faced by every network operator.

These capabilities have made DPI one of the hottest issues for ISPs and carriers. Constantly seeking new sources of revenue and to reduce churn, they are deploying or forming projects for the deployment of triple play and new services. This is where DPI comes in:
- To analyze their current network situations and their readiness to receive rich, demanding, consuming and real time traffic.
- To analyze their subscribers' behavior, such as traffic patterns generated per hour/day/week and measure the over-the-top services being used by subscribers.
- To set up global application control policies - such as the total quantity of P2P or VoIP/Skype traffic - at the various peering points where they purchase bandwidth from upstream providers.
- To set up per subscriber SLAs/policies, in order to enforce smarter services, volume/duration-based billing, be more competitive, provide better QoE, and increase ARPU.

Solving Bottleneck Issues

Additionally, DPI can solve the bottleneck issues ISPs and carriers face. For example, consider what is important to make traffic flow easily on a major city ring-road or reduce congestion in city centers. Enlarge the roads? Install traffic lights and road signals? Set up specific lanes for priority vehicles? Implement cameras, sensors and helicopters to centrally manage collected data and react quickly when an accident occurs? Establish a web site providing real time data on where to go and where not to go? Optimize car loads with a maximum number of travelers? Establish fees for people wanting to drive faster in a reserved lane?

The answer to addressing these bottleneck issues is a combination of all the above and more. It all focuses on bringing intelligence to the subject: collecting data to understand when a situation is becoming problematic or serious; and creating regulations and priorities to control and optimize usage. Analogous challenges exist in identifying and managing traffic patterns and bandwidth utilization in IP networks, which lack this essential intelligence. It is the in-depth data made available by DPI which provides the intelligence to identify and control broadband bottleneck issues in real time.

Guaranteeing Quality of Service (QoS)

The ability to know what is running on the network enables ISPs and carriers to offer new, differentiated services to subscribers and guarantee their QoS. Many wonder whether subscribers are willing to spend more in monthly fees in exchange for this. This naturally depends on the subscriber's profile. Subscribers seeking priority for Skype or QoS for on-line gaming will be prepared to be pay for these services. Other subscribers would like to pay on demand (as seen for example in the mobile phone world’s use of subscription billing for special packages of SMS, frequently dialed numbers and weekend rates).

To gauge the market and offer the appropriate services, ISPs and carriers must have the ability to survey and constantly monitor their subscribers’ habits. This ability can only be provided by DPI. Once this data is known, they can segment their subscribers into different types of user groups and put together customized service packages designed to meet the specific requirements of each group.

DPI Meets the Market Need

The DPI market landscape is still evolving. This is being fired by a number of factors - primarily the burgeoning number of social applications such as IM, voice, video on demand and network gaming; the proliferation of more instant publications like blogs, wikis and “YouTube” type self-publishing zones; and the constantly growing dependence on the Internet in general, as seen in Google Earth, on-line banking and Web2.0.

These drivers are forcing ISPs and carriers to constantly evolve and compete to facilitate heavy downloads and uploads (video/pictures/backup/Itune/podcasting), real time traffic (voice - telephony), social traffic (IM and gaming), billing by volume and/or duration (pay on usage, pay per view), on-demand services via portals, security, availability and Quality of Experience.

To meet these needs, the industry will have to innovate, particularly in the areas of differentiated services, real time subscriber management and billing, and a lot of “on-demand” possibilities offering “click and start” capabilities. All this can be achieved using DPI.