7 THINGS I KNOW ABOUT… why the network of the future will be DPI-enabled

Alexander Muller tells New-Tech Magazine Europe how IoT device connectivity and IoT-ready networks create new challenges and revenue streams for operators, and how embedded deep packet inspection can help operators and network equipment vendors to assure connectivity and security across networks, devices and applications in this new world.

  1. IoT devices introduce new network and service requirements for operators

The Internet of Things threatens operators with a loss of end-to-end control and introduces a new level of operational scale. This places new demands on how operators will assure the security and integrity of their networks. Operators are used to serving a limited range of types of end devices that are directly under their management. Now, they will instead serve a wide diversity of connected devices that could be deployed by players from across a wide value chain of enterprises, service providers and manufacturers. Consider for instance a connected alarm clock with a SIM: It will require data download in order to display the time and weather changes, but it will also add an upstream load by sending data on how and when the device itself is being used back to the manufacturer.

  1. Networks need to be managed more efficiently to cater to this increasing demand

Similarly, the application environment in the IoT will be radically different from the current ecosystem: Apps requiring a multitude of different parameters, serving use cases with different tolerances and sensitivities to network performance and presenting very different usage profiles to the network. All of this will place new demands on the management of network elements, service quality and security. A connected car, for instance, will need to be constantly connected and any downtime might threaten human life. A connected fridge, on the other hand, needs to sync with the user’s phone once an hour. SLAs with the different companies, which require to collect IoT data, will change depending on the use case. However, in order to guarantee connectivity, one must be able to manage data in realtime.

  1. SDN and NFV can help manage the network – and DPI is a key enabler

To meet these new demands, operators are leaning on the promises of Software Defined Networks (SDN) and Network Function Virtualization (NFV). They do so to architect a programmable network, in which the control and data plane are separated and network functions can be dynamically scaled up and down in virtualized instances. For the IoT, this offers the ability to deliver per-service quality parameters and deal in a flexible manner with the non-uniform and dynamic demands that are placed on network resources.

DPI engines will be a key enabler of such an architecture when embedded in network probes and next-generation firewalls. Application classification can feed realtime information to SDN and NFV network management systems based on full Layer 4 to 7 packet capture from physical or virtual probes and appliances. This will mean that SDN/NFV control decisions can be based on data that gives full visibility of the applications being served by the network.

Alexander Muller
Product Manager for Deep packet
Inspection at Rohde & Schwarz
Cybersecurity

  1. DPI can also allay IoT network security fears

Building a network with billions of new devices that are connected via a host of gateways, which, in turn, provide access to and from the network, means that you are introducing a new security structure to protect the network and the integrity of the data traversing the network against external threats. This requires a very different type of security, because many of the connected devices connect and disconnect only fleetingly. Therefore, load balancing and meeting demand becomes much more dynamic. Tracking individual devices on the network becomes more difficult. It simply will not be possible to react and respond to this dynamic world by deploying traditional firewalls at every gateway, provisioned to maximum demand and conditioned to meet only known threats. Instead, embedded DPI at the aggregation layer in the network can exist as part of a security capability that can combine application-level intelligence with firewall-based solutions.

  1. Performance does not have to be compromised

The question ensues, surely with DPI analysis one would introduce performance payoffs in the network. Low memory consumption DPI engines are fully passive with a throughput of up to 9 Gigabits per second and physical thread, without impact on network performance. The advantage to having your network security architecture DPI-enabled is that you can add security in the wire. You can drop in added security by a DPI-enabled firewall without the need for changing the network. DPI-enabled solutions provided by Rhode & Schwarz Cybersecurity are the best performing in terms CPU and bandwidth utilization and can achieve tens of Gbps levels.

  1. DPI leads to more efficient 5G and IoT by getting intelligence closer to the user

The large increase in data usage driven by 5G speeds and IoT devices will place an absolute priority on the most efficient routing in the network. This will mean using application layer information to be able to make the best traffic optimization decisions and will result in a more efficient network. The drive to more intelligent decision-making in the network is also a good fit for embedded DPI functionality on the IoT gateway, and even on devices such WiFi access points, because it will be smarter to take some networking decisions as near to the user as possible to maximize Quality-of-Experience (QoE) and bandwith utilization.

  1. But this will mean multi-layer security is a must, and we must design it now

Yes, very small devices will require very efficient solutions in terms of memory, utilizing access to cloud-based IOT analytics platforms and security capabilities higher in the network. But they will also require multi-layer security that can work even when any particular layer may be broken. The time to design this into the network is now. We are at an early stage in terms of standardization at the platform level, and network operational software is far from mature. This means that we must define security within 5G and IoT from the start, before network platforms are mature. We also have to pay special attention to the millions of brownfield environments that become connected to the internet and are not well prepared to deal with the security challenges associated with connected devices. DPI-enabled infrastructure that enables application layer decisions to be made around security, network management and optimization can contribute to jumpstarting the multi-layer, intelligent, secure network of the future. DPI allows network equipment to not just detect applications within network traffic but rather semantically understand the communication protocols in order to detect behavioral anomalies and hacking attempts.

Comments are closed.