Deep packet inspection (DPI) is a form of filtering used to inspect data packets sent from one computer to another over a network. DPI operates at the seventh layer (the application layer) of the Open System Interconnection (OSI) reference model. The effective use of DPI enables its users to track down, identify, categorize, reroute or stop packets with undesirable code or data.
Operators utilise DPI to allocate available resources to streamline traffic flow. For example, a message marked as high priority can be routed to its destination ahead of less important or low-priority messages or packets involved in casual Internet browsing.
Limitations
- It is capable of producing new vulnerabilities in addition to protecting against the present types. Although it is successful against denial of service attacks, buffer overflow attacks, and some kinds of malware, DPI could also be used to trigger those same types of attacks.
- It increases the complexity and cumbersome character of firewalls as well as other security-based software.
- It requires periodic updates and alterations to stay optimally efficient.
- When DPI (Deep packet inspection) is implemented, the processor remains busy and ultimately cannot free its resources for other user applications. This adversely affects the speed of the computer.
Advantages
- Shields vulnerable networked systems
- Blocks attempted malware attacks
- Permits internet service providers to identify and “black hole” potential malware packets
