Deep Packet Inspection, Version 2
The collision of abbreviations, like that of celestial objects, is a rare but enlightening event. Take DPI, for instance.
Digital program insertion (DPI) appeared on the editorial calendar of Communications Technology, and this month’s issue features an article on that very topic. Meanwhile, we heard from firms representing the several companies engaged in the other DPI (deep packet inspection).
More on those companies will appear in the October issue, but one takeaway is that the data network version of DPI is alive and kicking, even as that category evolves amidst shifting trends. Quick history Not so long ago, discussion of packet inspection took place under the looming shadow of the peer-to-peer (P2P) phenomenon. From early popular applications such as Napster and Kazaa (Skype Founder Niklas Zennstrom’s earlier claim to fame) to various successors and imitators, P2P applications all sidestep so-called "control nodes" as a way to promote resource (aka ‘file’) sharing.
In so doing, however, these apps recruited sometimes unwitting computers, flirted with copyright infringement and strained the usage models on which data networks had been designed.
In a July 2003 CT article on P2P, for instance, Buckeye Cablesystem CTO Joe Jensen shared a monthly subscriber usage report that had 5 percent of his subscribers accounting for 80 percent of the monthly byte total.
That landscape has shifted. There are still people who "pound the network," as Jensen told us then. What’s changed is that you can’t just point to P2P apps consuming 24/7 at the all-you-can-eat data buffet. Current trends A study released by DPI vendor Ellacoya at the 2007 NXTcomm Show in June, for instance, indicated that hypertext transfer protocol (HTTP) or Web traffic had overtaken P2P and was continuing to grow, with YouTube alone accounting for 20 percent of all HTTP traffic.
Not everyone agreed. Thomas Mennecke, news editor of Slyck.com, a site that hosts of more than a dozen P2P forums (and access to which your corporate firewall may deny you) made several points. First, partly as a result of DPI technology having been deployed, some networks were less hospitable to the P2P apps than others; so results could vary depending on the population sampled.
To that end, Mennecke drew from additional data offered by another DPI vendor, Sandvine, which contended that P2P remained dominant, although HTTP traffic was indeed making significant gains, thanks to YouTube, iTunes and the newsgroup category (which, interestingly, is one of the areas that P2P apps had first arisen.)
Points well taken. First, service providers of various stripes are indeed sniffing packets. Ellacoya was boasting this summer of a deployment with British Telecom‘s retail broadband network of more than 3 million subscribers. Sandvine claims more than 80 customers worldwide, including a majority of the largest North American cable operators.
Second, the rise of HTTP traffic is significant. DPI vendors are increasingly casting their role in terms of enabling new services rather than simply sniffing out – and helping to throttle – bandwidth hogs. Sandvine’s acquisition of CableMatrix‘s policy server assets this summer, discussed previously here, is an example of that trend.
How does CableMatrix’s erstwhile competitor see this combination of approaches? "Our perspective is that, absolutely, there is a place for DPI technology, and it’s a good technology for serving certain kinds of problems," says Camiant CTO Suzie Kim Riley. "But it’s not the way you would solve all problems."
For more on how and whether DPI can play both offense and defense, stay tuned for the October issue of CT. – Jonathan Tombes
