1. Home
  2. >
  3. Resources
  4. >
  5. Blog


How to Choose DPI Technology that Will Raise the Performance of Your SD-WAN Solution

<< Back to the list

According to Rohit Mehra, Vice President, Network Infrastructure, IDC, “the emergence of SD-WAN technology has been one of the fastest industry transformations we have seen in years (1).”The high growth potential of the SD-WAN market means that competition is high among solution providers. They need to add value to their solutions in order to differentiate their offerings and gain a competitive advantage. One way to do this is to bundle features based on Software-Defined Networking (SDN) and Network Function Virtualization (NFV) technologies into a wider SD-WAN offering. However, the success of these offerings depends on the ability to provide the solutions with a detailed understanding of network traffic through access to application-level and user-level visibility. The only technology capable of delivering such a granular view is Deep Packet Inspection (DPI). By providing detailed information about IP flows and their content in real-time, a DPI engine creates visibility that is essential to the delivery of more responsive and precise SD-WAN functions.


Support for uCPE: the must-have feature

The move towards virtualized architectures has created additional requirements, notably support for uCPE, which is essential for reducing total cost of ownership and the ability to deliver features such as Virtual Network Functions (VNFs). Any SD-WAN solution must therefore be able to function seamlessly across uCPE as well as dedicated hardware to cover all deployment scenarios. This means that embedded DPI engines must also support different runtime environments, including small, low-cost, access devices.


Encryption: it doesn’t have to be an issue

An increasing proportion of flows on IP networks, especially Internet traffic, is now encrypted. By definition, a DPI engine cannot read a packet payload that is encrypted. However, some DPI experts have developed advanced techniques such as statistical flow analysis, session prediction, peer matching, and certificate inspection that work around this and allow encrypted flows to be classified. Classification of these flows mean that value-added SD-WAN features such as traffic optimization, policy enforcement, and user experience are largely unaffected by encryption.

The Qosmos Division of Enea is a specialist in DPI technologies. Using techniques developed specifically for the classification of encrypted traffic, the following flows can be classified:

  • HTTPS/SSL encrypted flows
  • Encrypted P2P protocols like BitTorrent
  • Applications that use their own encryption protocol like Skype. Qosmos can also identify services like VoIP and chat within Skype by using statistical recognition.
  • IPSec tunnels
  • Session prediction based on DNS cache

DPI: build vs. buy

One of the top questions facing developers of SD-WAN solutions is whether to build a proprietary DPI engine or to buy one from a specialist? In the end, it all comes down to cost and accuracy. Building an effective DPI engine is a highly specialized task. It requires the right kind of technical expertise, dedicated resources and a lot of time. However, and perhaps more importantly, achieving and maintaining the required level of accuracy as time goes by is a mountainous task. Applications and protocols constantly evolve so that over the long term, the number of hours required to maintain a fresh DPI solution far exceeds those required to build it in the first place.

By outsourcing DPI technology, development teams are free to concentrate resources on SD-WAN functionalities and performance while providing solutions with the most advanced DPI technologies available. In addition, sourcing a ready-to-use DPI engine component from a specialist gives access to a comprehensive protocol library that is regularly updated with new signatures and classification techniques, ensuring the highest level of network visibility at all times. Time-to-market for SD-WAN solutions is accelerated while development and maintenance costs are reduced, resulting in more effective management of overall operational expenditures.


What to look for in a DPI engine?

Certain DPI engine characteristics have a higher impact on the performance of SD-WAN solutions than others. The following is a list of key characteristics to look for when choosing a DPI engine:

  • Number of protocols and applications that can be identified
  • Ability to integrate custom signatures
  • Extraction of application metadata and number of metadata available
  • Ability to analyze traffic in real-time at any connection speed
  • Ability to classify and keep track of all network flows by application and user
  • Volume, delay and jitter provided per application, user and network link
  • Support for SDN/NFV environments by using a flow-based approach to cover traffic going across both physical and logical interfaces
  • Support for a wide range of run-time environments, from uCPE to appliances
  • Availability of actionable security information in real-time (e.g. automatic identification of fake or corrupted files)
  • Availability of computed statistics in real-time (e.g. MOS for VoIP)

To find out more, download the whitepaper Adding Value to SD-WAN with DPI.


This is Part 2 of the full article on “Gaining a Competitive Advantage in SD-WAN – The Role of DPI“.

You can read Part 1 here: “How to Gain a Competitive Advantage in Fast Growing SD-WAN Market“.


Article first published on December 14th 2018 in The Fast Mode


About the Author
Erik Larsson is the Senior Vice President of Marketing at Enea, where he drives product marketing, demand generation, branding and communication. Erik’s views on high-tech trends are regularly featured in articles, blog posts, webcasts, video interviews, and industry events.


Contact the author or request more information >>>