What is deep packet inspection?
Deep packet inspection (DPI) refers to the method of examining the full content of data packets as they traverse a monitored network checkpoint. Whereas conventional forms of stateful packet inspection only evaluate packet header information, such as source IP address, destination IP address, and port number, deep packet inspection looks at fuller range of data and metadata associated with individual packets. Deep packet inspection will not only scrutinize the information in the packet header, but also the content contained within the payload of the packet.
The rich data evaluated by the deep packet inspection provides a more robust mechanism for enforcing network packet filtering, as DPI can be used to more accurately identify and block a range of complex threats hiding in network data streams, including:
Malware
Data exfiltration attempts
Content policy violations
Criminal command and control communications
Deep packet inspection capabilities have evolved to…
 |
Posted by: Ericka Chickowski |
The post Deep packet inspection explained appeared first on Cybersecurity Insiders.
October 15, 2020 at 09:10PM
0 comments:
Post a Comment