A Deeper Look at DPI Packet Inspection Converges with Other Solutions to Address Mobile Data Boom

By: Paula Bernier

Cellular networks are flooded with data traffic, so it’s probably no surprise that this is where the action is when it comes to deep packet inspection. DPI, sometimes paired with policy management, can help wireless operators figure out what’s what traffic-wise on their networks and, based on that, decide what to do with it.

A study called “MobileTrends: Global Mobile Broadband Traffic Report” released in February by Allot Communications Ltd (News - Alert). indicates that worldwide mobile data bandwidth usage increased by about 72 percent during the second half of 2009 alone. P2P is the major cause of cell congestion in the top

5 percent of cells. HTTP streaming, meanwhile, is the fastest growing application with a 99 percent increase; its global mobile broadband share grew by 50 percent between the second and fourth quarters of 2009. Facebook, Skype (News - Alert) and YouTube are driving much of this mobile use.

That said, there’s little doubt that wireless network operators need to do something to address the heavy loads on their networks.

There are a variety of ways they can do that, explains Randy Fuller (News - Alert), vice president of business development at Camiant Inc., which Infonetics Research has crowned the industry leader in policy control and whose solution Verizon (News - Alert) Wireless plans to use in its LTE network.

“Although both [DPI and policy control] are used to manage broadband services more carefully, policy servers and DPI are different systems that are sometimes deployed together and sometimes deployed separately,” explains Fuller.

DPI analyzes data traffic, which runs through a deep packet inspection device, to determine what applications are involved. It can then trigger a particular action, such as traffic shaping, for various applications, he says. Meanwhile, a policy server works with network equipment to coordinate what enforcement actions need to occur and in what instances, he says, adding that traffic does not run through the policy server.

“As for what system gets used when, the answer is of course: It depends. If the enforcement actions are simple and always the same for all subscribers all the time, DPI can be used alone. If the enforcement does not require DPI-level analysis, a policy server can work with an access gateway without a DPI. If DPI-level analysis or enforcement is required, or the enforcement actions are complex or span more than one enforcement device, then DPI and policy are often deployed together. Then there can be combinations – sometimes only some of the traffic is steered into the DPI, but not all traffic,” says Fuller, who declined to comment as to which scenario matches up with the Verizon Wireless LTE (News - Alert) deployment.

According to Jonathon Gordon, director of marketing with Allot, whose products employ DPI technology, the mobile space is heavily focused on using deep packet inspection to help with policy and enforcement. In fact, Allot in late March was expected to unveil CellWise, a cell-aware monitoring capability giving wireless network operators an intelligent understanding and awareness of what is happening at the cell level. The idea is to enable operators to know precisely why the network is congested, and which subscribers and applications are generating the traffic. Allot also will provide cell-aware policy enforcement as part of the solution, enabling mobile operators to control congestion, ensure fair use and deliver quality of experience to all subscribers.

Gordon says Allot has significant partnerships in place with such companies as Camiant, Hewlett-Packard and 724 Solutions (News - Alert) to ensure its gear works with their traffic prioritization and policy offers. The policy companies, he says, have the tools to access information about subscribers, where they are, what services they pay for, and the like. The job of traffic enforcement, Gordon says, is to make sure subscribers get the amount of bandwidth they’re supposed to get and can otherwise implement the carrier’s policies. However, in a mobile network, he adds, it’s the job of the DPI to do the enforcement of the policy.

The discussion of the integration/convergence of DPI with other functionality might lead one to wonder whether that could result in M&A on this front. Gordon points out that Sandvine (News - Alert) Corp. gave that a try with its purchase of a policy company a couple years ago (in fact, Sandvine in June of 2007 announced plans to acquire both CableMatrix Technologies Inc. and Simplicita Software Inc.). But, according to Gordon, the policy solution piece in that case was not good enough to stack up against those offered by Camiant (News - Alert) and other leading vendors in the space.

Convergence and integration also is happening on the DPI front across wireline and wireless networks as companies like Ericsson (News - Alert) move to combine their DPI solutions to address both types of networks and services. Robert Haim, senior product marketing manager at Ericsson, says the company’s two different DPI products will converge sometime later this year.

Currently DPI functionality is available in a card that fits into Ericsson’s SmartEdge Multi-serve edge router. Because DPI is already a function of this edge router, Haim says, service providers don’t have to backhaul the data to a separate box, which would in that case take up additional ports on the router. Ericsson also has DPI functionality in its gateways.

Regardless of where the deep packet inspection functionality resides, however, Pablo Molinero, strategic product manager for DPI at Ericsson, says, it can be used “to trigger changes in the quality of service.”

That will enable service providers to deliver add-on packages. For example, a wireless operator might decide to offer its subscribers that option of paying an extra $6 a month to get a higher-quality connection for particular content.

By the time this magazine is published at least a couple of wireless service providers will be doing this type of thing, says Molinero. One of those wireless operators is in Western Europe and has about 3 million subscribers, he says; the other is a 100 million-subscriber service provider in Southeast Asia. In both cases, he says, they are offering add-on packages so certain URLs and select applications like streaming get higher priority and better bandwidth.

Of course, playing a role in the delivery of quality of service is just one application for DPI. Another is security.

Security is the Juniper’s big DPI push, explains Brian Lazear, senior director product management of high-end security systems at the company. Juniper offers DPI through various platforms, including its SRX Series Services Gateways, to do both intrusion detection and prevention on enterprise and carrier networks, and to allow service providers to get better visibility into the applications running on their networks.

While much of this article is dedicated to how DPI can be applied to help wireless service providers address growth in wireless traffic, the boom in mobile data and social networking also creates significant new security challenges, Lazear indicates. He notes there’s a need for strong security and tight audit control over applications like Facebook (News - Alert) because they have so many widgets (like, in the case of Facebook, FarmVille, for example), and the more applications and the more users involved, the more possible security breaches. IT

» Internet Telephony Magazine Table of Contents