DEEP PACKET INSPECTION (DPI)

Global Velocity's products perform deep packet inspection (DPI), which means we can inspect a greater portion of network data than traditional firewalls.

The seven-layer Open Systems Interconnection (OSI) Reference Model is frequently used to describe computer network communication. The lowest layer, known as the Physical layer, details with low-level details such as wires and connectors. Conversely, the Application layer is the layer at which the typical user interacts with a network. The web browser you are likely using to view this page, for instance, deals with the Application layer.

Many traditional firewalls do not inspect data any deeper than the Network and Transport layers of the OSI model. These firewalls can filter traffic based on simple rules, such as packets originating from or sent to certain network addresses and ports. However, firewalls of this type are incapable of inspecting packet payloads, where more relevant data is contained.

The payload portion of an average-length TCP/IP packet (the type of packet that makes up 85% of all Internet traffic) comprises over 87% of the packet's total size. The payload escalates to 97% of the total on the largest packets as shown in the following figure:

The payload portion contains information that can include legitimate e-mail and Web traffic, but also includes virus signatures, spam, spyware, peer-to-peer traffic, online game traffic and other traffic that may be undesirable to particular organizations. Without performing deep packet inspection and looking beyond the Network and Transport layers, much of this information can never be seen until the packet reaches its destination.

If you aren't filtering the payload, you may as well not be filtering at all.