The proliferation of deep packet inspection technology is being met with suspicion in some quarters and relief in others. Initially used to identify proliferating peer-to-peer traffic in the network to protect service quality, DPI is now considered part of the general security solution — a means of protecting high-value services and perhaps part of the answer to content piracy.

But it is also seen as a threat to user privacy and as the ultimate weapon of destruction by Net neutrality proponents. DPI vendors say those threats are off base.

“DPI is a force for good in the universe,” said Tom Donnelly, executive vice president of marketing and sales for Sandvine. “There is a lot of negative buzz about DPI based on the perception it is a tool for policing bandwidth. Our customers are large service providers, and they are in the business of making the online experience as good as it can be.”

Azi Ronen, executive vice president of corporate development for Allot Communications, which sells DPI solutions, joined in the defense. “More and more service providers will use this for a [quality of service] function that will enable new services, prioritize services and generate more revenues by increasing the number of users and making sure they have a better experience, which means less churn,” he said.

DPI (see chart) enables service providers to take a real-time look at packets as they pass through the network and, through analysis of that view, determine “signatures” that indicate peer-to-peer traffic, bot activity or denial of service attacks.

There is even the potential for DPI to become an aspect of content protection in conjunction with digital watermarking. “If you mark your content, which is easy to do, then with DPI you have the capability to look at every packet, figure out what stream that packet is part of from thousands of streams, then use DPI to look for those watermark signatures and compare that to what the subscriber is watching,” said Mike Coward, chief technology officer for Continuous Computing.

Given the negative buzz, however, service providers aren't talking about their DPI plans. Verizon doesn't use DPI today as security for its FiOS TV service, according to a spokesman, while AT&T does use DPI but prefers not to talk specifics.

Qwest Communications is using DPI as “one of many tools” to provide a new service that alerts consumers when their computers have been hit with viruses or turned into bots, but also doesn't want to focus on that technology alone, said Melodi Gates, director of risk management for the company.

ONLINE

For more about the deep packet inspection debate, read Carol Wilson's new series on the Telephony Web site.
www.telephonyonline.com