DPI in the cloud era
The cloud is everywhere. Everywhere you turn more and more companies are in the process of taking their internal applications and migrating them to cloud based solutions.
Which applications are being migrated, and how those migrations happen, varies from company to company and application to application. Some companies are abandoning their existing solutions, such as internal CRM or help desk ticketing solutions, and moving to cloud solutions such as Salesforce and Zendesk. Some companies are migrating their existing technology, whether they are custom code or off the shelf software, and running it in someone else’s data center.
Evidently, the cloud has a lot going for it. You can get the resources you need, when you need them - without having to provision and maintain all sorts of hardware, power, redundancy, and everything else that comes with running a data center or data closet. Need more capacity? Spin up a new server with the push of a button. Too much capacity? Spin down a whole group of servers just as easily. Want to add more Office 365 users? No need to upgrade or add new servers, just create the accounts, pay for the licenses, and you are good to go. It’s a brave new world!
Of course all this functionality comes at a price, and not just a monetary one. Your resources are no longer in your complete control. Someone else is responsible for the data center and the connectivity links, ensuring things work the way you want them to. It may still be your job on the line if things go wrong, but you have less and less control each time a new service is moved from in-house to the cloud.
This is why being able to see how your applications are behaving on the network becomes more and more critical as they migrate out of your control. You need to maintain control by knowing what applications are running across your wires, how they are performing, and what the problems are when they arise. Previously, it was possible to simply view the packets traversing the wire, filter on port, protocol, and IP address, and be able to know what application was what. With the cloud, this approach no longer works. IP addresses change all the time (as may the ports), and solutions are dependent on multiple different servers in multiple different data centers, sometimes from multiple different providers. Identifying what the application is is becoming a challenge unto itself.
There is, however, an answer. And it comes in the form of Layer 7 Deep Packet Inspection (DPI), now available in the cloud.
This technology looks at the packets traversing the wire but, instead of just looking at layer 3 and 4 information (port, protocol, address), it goes much deeper. The entire packet is analyzed - from source and destination information, to the payload of the packet itself. Using these advanced techniques, the Layer 7 DPI engine is able to accurately identify applications beyond just the basic information provided by an IP address or port and protocol. Sinefa can extract URL information even in SSL encrypted traffic without having to decrypt the packets. What this means for you is that with Sinefa, instead of thinking you have HTTPS traffic on your network (e.g. TCP/443 data), you will get a lot more information about the traffic - for example, that people are using Google Docs or consuming bandwidth playing Netflix videos over HTTPS.
Once you have this ability to look deep inside the packets and correctly identify the applications on the wire, a whole host of possibilities opens up. You can shape traffic based on the application. As you are no longer dependent on source and destination addresses, you can ensure that your critical cloud applications are getting the actual bandwidth they need - and other, less critical applications (like Netflix) are being pushed to the side to ensure they do not interfere. You can track the performance of an application to ensure it is performing at its peak, and in the case it is not, you can simply and efficiently identify the necessary information to troubleshoot just that application - all without having to know the IP address of a cloud server.
With applications migrating to the cloud faster than ever, there has never been a more critical time to have a deep view into the network traffic on your wires. You need to be able to identify the applications based on detailed, in-depth criteria and then ensure those applications are performing at their peak. And if they are not, it’s crucial you have the information on hand to go to your service providers and get the issue resolved. DPI visibility provides the deep inspection necessary to correctly identify the applications and the metrics and other data - so that you can see what is really happening with your cloud applications, and begin to understand your network inside and out.