SDWAN FAQs -Deep Packet Inspection (DPI) / Visibility
FAQs
1. Is it possible to use the level 7 data from DPI for routing, QoS, and filtering policies?
2. What are the possibilities of inspection when SAP is used?
3. What are the possibilities of inspection when Citrix is used?
4. What configuration is needed?
1. Is it possible to use the level 7 data from DPI for routing, QoS, and filtering policies?
Yes. Routing, QoS and Policies can be based on parameters of level 3, 4 and 7.
2. What are the possibilities of inspection when SAP is used?
SAP proprietary application uses well known TCP port 3200, so, identification is easy. For SAP in the public cloud, please, see below about identification in public clouds.
3. What are the possibilities of inspection when Citrix is used?
Citrix allows inspection with granularity at two levels, the first level consist in identifying various applications and the second level consists in identifying different levels of priority that may be necessary for transporting application information within a single application (Citrix provides 4 priority levels: for audio “Very High”, “High” for the visual user interface, for MediaStream “Medium” and “Low” for printers and series and parallel ports). This last form of classification is the most interesting, since it provides a higher granularity and guarantees the necessary priority according to the criticality of the data transmitted. This second level is supported by the DPI (note, it requires to configure ICA in Multi-Stream mode, which implies the transmission of each priority level in a different TCP session).
4. Would it be possible to identify applications in the public cloud such as Salesforce, YouTube, Facebook, WhatsApp, Instagram, Skype, Snapchat, Twitter, Spotify, Google+, Telegram, LinkedIn, Viber, Pinterest or Flickr (cell phones or PCs?
Applications in public cloud are not easy to identify as they use several simultaneous connections to distribute load and roles in different servers, then it is required to have predefined them. For instance, for Salesforce, identification is done by IP address, as indicated clicking here, for Microssoft365 identification is based on domain names and IP addresses and it is available here, in general, information is usually accessible from sources and third parties, for instance for Facebook.
Read our latest Blog Posts
On-board railway technology developments focusing on AI
In most productive sectors, artificial intelligence (AI) has become a key in transforming processes and optimizing business resources, making them more agile and efficient. This path towards modernization revolutionizes our life habits, as well as the technology...
About VLANs on Switches
Continuing the series of blogs posts on the most representative technologies to consider when selecting switches, this time we look at VLAN technology. VLANs arose from the need to isolate different stations operating on the same physical local network. In addition,...
The Spanning Tree algorithm in Switching: a link between reliable and efficient networks
In the boundless realm of telecommunications, making sure networks run efficiently and undisturbed is crucial. Today, we are going to focus on the fascinating Spanning Tree algorithm (STP) and its relationship with switching. We will find out how this unsung hero...
powered by Borlabs Cookie