Category: Technology
May 7th, 2013 by Cam Cullen; Category: Products, Technology
Share

    Procera announced a brand-spanking new capability today called Dynamic LiveView that is dropping the jaws of network engineers around the world. It is a “WOW” moment when you see what it can show you in real-time about what is happening on your network.

    But, we often get asked the question – “Why do I need to see this in real-time?” Although the question is normally a plant from someone that does not offer a comparable capability, it is a very fair question, as sometimes providing too much information is just as bad as providing too little, or too late (all of which are common complaints by operators).

    Let’s take a look at one use case that we get asked about all the time by mobile operators that illustrates why we launched Dynamic LiveView.

    Use Case: A mobile operator has congestion on a specific portion of their RAN (it could be a cell tower, it could be a SGSN/GSSN, could be a region). They are seeing degraded Quality of Experience on that region with IP applications (let’s say Voice and/or Video applications since they would raise concerns if they were poor quality). The network engineer responsible for that region needs to find the root cause and determine if something can be done before customer complaints start coming into the Call Center. What he needs is a tool that helps him narrow down whether this is an application, site, service, device, security attack, or simply too much usage in that area. Wouldn’t it be nice if he could ask the network the following types of questions?

    1. What devices are active in that region?
    2. What applications are those specific devices running and how much bandwidth are they consuming?
    3. Is a specific device or application using too much bandwidth?
    4. Is a specific destination (Facebook, Google, a CDN, etc.) under heavy load?
    5. Is there a flood type attack (session, bandwidth, etc.) going on, and if so, what are the attack vectors (protocols, sites, applications, etc.)

    If he knew the answers to these questions in real-time, he could determine the root cause of the issue, and either configure a network policy or attack mitigation filter to reduce the network congestion, AND see if that made a difference in real-time.

    Below is an example result of such a query. We picked a specific RNC, and are displaying the network behavior by showing first the device types active on that RNC, then the applications that they are running, and then finally the sites that they are accessing with those applications. This is a very easy way to determine what is happening on that specific area of the network.

    RNCReportperDeviceApplications

    Another interesting use case would be an operator looking to understand what Google Services were being accessed on their Google peering links to see if one specific service was causing network congestion issues. In this scenario, the operator wants to understand the Google sites (i.e. subdomains) that are being accessed from their network, what kinds of sites they are (i.e. the category of those sites), and how those sites were being accessed. Below is the answer:

    Google

    As you can see from the screen capture, not only are we seeing the breakdown on Google Sites in real-time, but we can also distinguish how the customers are accessing these sites – including distinguishing secure access over SSL and SPDY in addition to the site being accessed. This is a powerful view, as it demonstrates that service offerings can include visibility into how services are being accessed when encryption and security are used.

    Dynamic LiveView is a real-time query capability within the existing PacketLogic solutions. No new hardware is needed, no cost for the access. Procera believes strongly that networks need to become smarter to deliver on the promise of Cloud Services, Bring Your Own Device, even Software Defined Networking. And although not everyone needs that information in real-time – when problems occur on networks, the tools to determine exactly what is happening lack context for their data. Dynamic LiveView provides that in a way that other solutions do not – and leverages Procera’s strong technology advantage in real-time visualization.

    Dynamic LiveView is about “Personalization” of the network for the network operators – something that often gets overlooked. Different teams need different views of the network, and Dynamic LiveView is about providing “Your View or Your Network” – however you want it.

    February 28th, 2013 by Cam Cullen; Category: Industry, Technology
    Share

      At Mobile World Congress in Barcelona yesterday, Firefox OS was launched, and if it succeeds, it could have a very interesting effect on Mobile applications and policy enforcement needs. Firefox OS is entirely web-based, and Ars Technica put it best – rather than “there’s an app for that”, their answer is “There’s a Web for that!”. Firefox OS is entirely built on HTML5 and other open web standards. It has the support of a number of phone manufacturers and mobile operators, and would love to offer an option to the current duopoly of Apple and Google for both handset manufacturers as well as consumers.

      Why would the success of Firefox OS have an effect on Intelligent Policy Enforcement? Some of the most interesting use cases for Policy Enforcement are in the analytics and charging area, and with Firefox OS – there are no apps anymore.

      There is just the web.

      No “Facebook for Android”. No “Facebook for IOS”. Even no “Flipboard for IOS”.

      So you can recognize one million application signatures? I just need one, thanks.

      What you would need in this type of environment is the ability to understand web traffic better. A value added service plan for the mobile operator would transition from application-based to site and content-based.

      Sounds good to us – a great opportunity for Content Intelligence.

      February 18th, 2013 by Alexander Haväng; Category: Industry, Products, Technology
      Share

        At Procera, we actively seek out challenges. So when you’ve already got the world’s most sophisticated DPI engine and the largest collection of signatures on the planet, where do you go next? We need something cool for our analysts and programmers in the signature group, so we thought we’d go after something really hard and really valuable. We didn’t call it Content Intelligence at the time, and from the very start we were slightly less ambitious and just wanted to add URL classification so that we can do Parental Control and other kinds of simple URL filtering.

        But let’s start there, URL filtering – what is it and how do you implement it at a scale that works for Tier 1 operators? URL filtering is the technology where a networking device can stop traffic to a particular website (let’s say URL) by looking up the categories of URLs inspected in the passing traffic. The categories are provided by a huge database of URLs. You can build such a DB yourself, but it’s a lot of work and frankly for a company like Procera simply not worth it. We chose to source our filtering database from a recognized vendor that is widely deployed throughout the world.

        But while looking at this, the signature team realized that the real value of URL classification for Procera (and network operators) is NOT with URL filtering – it’s with analytics. And no surprise, the databases out there are not written for that, they’re developed just for filtering. And not all categories are used for filtering really, mostly filtering of porn and other high profile targets. So while the databases are large (huge long-tailish data), they lack the kind of detail that we need for really useful analytics – like multi-dimensional analysis of a URL. For example, not only classify a site as “entertainment”, but as “sport”, and not stop there but go further to “baseball” and then we go really crazy and say “News articles”, “Includes Ads”, “Frequently updated content”, “Youthful audience”, “Horrible spelling”, etc.

        Typically URL filtering solutions are racks and racks of equipment for even modest amounts of traffic (barely ten gigs). That’s because the typical URL filtering devices out there are developed for the enterprise (think UTM devices), with very different scalability requirements compared to the space Procera plays in. IPE (Intelligent Policy Enforcement) devices like PacketLogic are built for maximum scalability and performance. What does that really mean? Well, there’s a lot of different ways to solve a problem in software development. They range from the slowest stupid way (think bogosort), to the quick and dirty (bubble sort), to the smart efficient way (qsort, heapsort) to the mind boggling (positronic sort, I just made that up, I think). Most of the code we write at Procera is of that mind boggling kind – the scale is just crazy. We’re handling tens of millions of packets per second per CPU core, while doing a lot more with every packet than pretty much any other networking device. You can only do that by writing the most efficient code possible – and always looking to improve on everything that you did.

        So let’s apply that kind of mentality to URL classification. Say that we have a million or so URL lookups to do per core per second. Know of any databases running a single core that can support that kind of scale? Didn’t think so.

        Even if they existed, getting the packets from the fast path (PLOS) into userspace to do the lookup would suck. In PLOS we like run-to-completion kind of approaches where we optimize something until it’s appropriate to run in the normal packet flow.

        As such, we can afford a very limited cycle budget. There are RX queues that hold a large handful of packets while we process an expensive packet, but if we take too long the RX queue will fill up and we will drop packets. Can’t have that(!), so let’s make sure we’re fast. So we move in the huge URL database into PLOS memory, implement the fastest possible lookup algorithm and BAM – content categorization at huge scale.

        “No, you can’t do that, it’s 45 million URL entries and well, nobody does it like that! You’re supposed to run this SDK from the DB vendor that implements fast lookups with trees and callbacks and ….”

        Yeah, whatever, honeybadger doesn’t really care, our way is faster.

        And we could stop right there, with the most powerful URL classifier in networking, but unfortunately in the world of IPE, ‘It’s never easy’. We also need a super-scalable way of storing analytics on these URL categories, we need hitless updates to our database, we need LiveView extensions to look at URL categories in real time, etc, and so on – at ever increasing performance and scalability requirements for the largest network operators in the world.

        And that’s just the things we’ve thought of so far.

        February 8th, 2013 by Trevor Failor; Category: Industry, Technology
        Share

          Just got back from a great week at the NTCA/OPASTCO Expo in Orlando where we were thrilled to be an Inner Circle Sponsor this year.   We appreciate the excitement and interest from NTCA/OPASTCO members and are proud to be an NTCA Affiliate vendor member. We are equally fired up about servicing this market and helping rural providers navigate the path to service-enabled networks. Thanks to the many folks who stopped by our booth to learn more about Procera.

          One thing that came through loud and clear is that our recent work with billing vendors is already providing great benefit to our partners, customers and is also resonating well with prospects. Vendor cooperation is critical to your success and our partners and customers all agreed that Procera has established itself as an able, open and willing participant in these integrations. We take our cues from you and realize that no one is served by secretive and proprietary behavior designed to limit customer choice and benefit the few that, frankly, have had a fair number of shots at this apple. Read more [+]

          January 23rd, 2013 by Jon Linden; Category: Industry, Technology
          Share

            Yesterday we introduced Content Intelligence. Did you see that? It’s actually really cool, but I think I might have to add some color to make sure you catch why this matters. This is yet another step in our consistent strategy around Intelligence Everywhere, where we know that you need to see more to do more. But what does Content Intelligence really mean? Well, in short we drill deeper into the HTTP protocol. Why do we do that? Because HTTP is not just a web protocol anymore. Read more [+]