Posts Tagged ‘deep packet inspection’

Newer Entries »

Mobile World Congress…It is all about the Apps!

Thursday, February 18th, 2010 by Cam Cullen

I have spent the week in Barcelona attending the Mobile World Congress event. Anyone that thinks that there is no vibrancy in the networking world should have been here to see the show. The halls were packed, the booths were busy, and the meeting rooms fully booked. There is a lot of excitement about where the mobile industry is going, and the opportunity that exists for mobile providers going forward.

One thing that jumped out at me during the show was the growing focus on the applications that are driving mobile usage. Yes, there was plenty of LTE hype, and lots of platform and operating system buzz (you should have seen the line for the Android developers lab as well as the push Microsoft made for Windows 7 Mobile), but focus seems to be shifting towards the applications that are driving mobile usage. The operators are keen on pushing new applications, because they will drive up data usage and increase the urge for users to upgrade their devices and service packages.

There is a clear recognition that mobile success may be won or lost on the application front. In the US, Apple has done a good job with marketing the iPhone by focusing on the everyday things that it can do to make your life easier with mobility (finding restaurants, checking on movie showtimes, etc). Google did a great ad during the SuperBowl (American Football for those outside the US) that showed Google search used to progress a storyline for a person’s life (http://www.youtube.com/watch?v=nnsSUqgkDwU) which is not specifically targeted at Android, but can be applied to Android and mobility. Microsoft was showing the same type of applications and integration at MWC as part of their booth show. Ericsson announced an applications store (eStore) with more than 30,000 applications that carriers can offer those apps to their own customers.  A new alliance was formed between 24 operators (including ATT, China Mobile, Orange, etc) called the Wholesale Applications Community (WAC) designed to simplify how application vendors get their applications to the end user.

Why is this important to a DPI vendor? Mobile operators who want to understand what applications are clicking with their users need to look no further than to a “robust” DPI system to understand what applications, clients, and software their users are running – even down to the device level. Application vendors obviously want the operators to know that their application is popular, since it will open up more opportunities to sell that application, whether it is through the operators own application store or the mobile OS store (iTunes, Android market, etc). The DPI “lite” solutions provided by some vendors will never keep pace with the ability of a dedicated DPI solution. At Procera, application recognition has always been a core element of our solution, we release updates every two weeks to keep pace with the new applications our customers encounter in the wild, and this includes mobile applications.

The applications that really jumped out at me are the “useful” applications that can simplify or make life easier for people. Simple navigation capabilities can be helpful even if you are walking through a large city – looking for a specific location for a meeting, searching for a restaurant, looking for a store. VOIP applications (which are finally being approved for mobile use by some operators) can be cheaper than international calls in some instances (or using the VOIP over wi-fi is even better). Even bar-code scanners that allow instant internet price comparisons are really useful if you are shopping and want to make sure you are getting a better deal.

As mobile operators look to understand what they need to do to generate revenue, I am certain that going forward, applications will be a big part of that plan – whether it is enabling some of the applications in real-time (even if it is not sold by the operator – like GPS), or form a retail perspective in their application stores. DPI can help them understand where their greatest opportunities are – and will allow them to service their customers better by meeting their expectations.

Tags: , , , , , , , , ,
Posted in Industry, Technology | No Comments »

Does LTE ♥ DPI?

Monday, February 8th, 2010 by Cam Cullen

There is a lot of talk in the industry about DPI and mobile operators. There was an article on Light Reading in 2008 titled “DPI (hearts) LTE” that explored this topic. The general belief is that mobile operators MUST have DPI in their network to survive and compete, due to a number of bandwidth and usage challenges. Operators are bracing for users that will treat their mobile connection in the same way that they use their fixed broadband networks today (i.e. streaming video, file downloads, peer-to-peer, etc). Since laptops are expected to be one of the earliest LTE devices supported in many of the early LTE deployments, the data requirements of LTE must be addressed from the initial deployment.

The debate has been stoked by the inclusion of a loose requirement in the SAE-GW for Deep Packet Inspection, aimed at application classification and QoS at Layer 7 (not traditional router-style Layer 4 filters). Many traditional GGSN/PDSN gateway vendors have begun to message that DPI is a part of their LTE solutions, and the expectations of mobile operators are rising daily. RFPs are coming at a rapid pace from mobile operators, and every one includes a request for information on how DPI can be deployed in an LTE network.

At Procera, our experiences working with mobile operators have convinced us that DPI will be a key technology for LTE deployments. Mobile operators need network intelligence on what is happening on their network, and the ability of DPI to reach back into the access network and correlate individual subscribers to their location in the Radio Access Network and manage congestion is a vital requirement to ensure a good Quality of Experience for operators. Tight integration with the BSS and OSS backoffice systems ensures that the DPI systems provide a single point of contact for network visualization that includes subscriber, device, location, service plan, and application knowledge. This information can also be used for billing, allowing service providers to create flexible billing packages based on location, time of day, on-net or off-net application, roaming, or usage volume.

That is all well and good, but how does it relate to LTE? These requirements are also valid for 3G deployments, and are even deployed on some 2G networks today. The challenge for LTE and DPI pushes the boundaries of the DPI that is deployed on networks today because the scalability, performance, and service expectations will exponentially increase with LTE deployments over 3G. 10G links are a minimum performance requirement, and the bandwidth and session count per user will skyrocket as mobile devices become more capable of multi-tasking and cloud-based applications take hold. It will not be acceptable to do “a little” DPI, as all traffic will be required to receive DPI treatment. LTE networks will be service and application oriented, as operators will push new applications as a way to justify the higher rates for LTE services, and DPI will be required to recognize and prioritize real-time services.

Many providers of Mobile Gateway solutions will also claim this functionality, and try to convince operators that their integrated DPI solution is “good enough” to provide equivalent functionality for a LTE deployment. But there are some issues with integrated solutions that should cause operators to pause before deploying an integrated solution. The first is that an integrated solution ties you to a single vendor for your deployment, and ties your upgrade in capabilities to what your integrated solution can be upgraded to. Standalone solutions provide more flexibility, and give you more leverage as best-in-breed solutions increase in performance and capabilities. Integrated solutions also tend to suffer from performance and scalability decreases when additional functions are activated in the systems, of which DPI has traditionally been one of the most processor intensive applications on a CPU module. The “single chassis” argument that is commonly made by integrated vendors is also often an invalid one, as the performance and scalability requirements of a full DPI deployment often exceed the capabilities of an integrated chassis. Although LTE deployments will start small, requiring additional chassis systems just to activate DPI functionality will negate any advantage of an integrated solution.

The story of LTE and DPI is just starting to be written, but we are sure that the two will be tightly intertwined together going forward.

Tags: , , , , , , , ,
Posted in Industry, Technology | No Comments »

File Transfer – The Ugly Way

Monday, February 1st, 2010 by Kriss Andsten

Working in the field of traffic analysis, you get to see a rather modest number of good solutions to a given problem, a larger number of decent solutions and – sadly – quite a few less than stellar ideas as well.  My favorite pet peeve – and believe me, there’s a slew to choose from, is using FTP as an update mechanism for games, and doing it in a not very thought-out manner.

Say that you have 4000 asset files in a given game. Most of them are pretty small – well under 8KB. You want to support users going from version A, B or C to version D, utilizing the least amount of bandwidth in the process. Logic dictates that it would make a lot of sense to get a checksum of all your local files, send the checksums to the server and have the server return a list of files you need to update, right? A minimum amount of bandwidth is utilized and the user can update from pretty much any version.

Enter FTP. FTP uses one control connection and n data connections, where n equals the number of transferred files and directory listings done over the lifetime of the session. And by ‘connection’, that’s a full-blown TCP stream, three-way handshake and all. Let’s pretend that I have a 100ms latency to the update server and the server or clients themselves incur no extra overhead – that leaves us with:

* One PASV call in the control connection and the response to that one. 200 ms.

* One three-way handshake, add another 300 ms (SYN, SYNACK, ACK) – plus another 100 ms before I start seeing the data from the server.

So the tally: To transfer a given file (be it 0.5 KB, 200 KB or 15 MB), the transfer overhead itself will be 600 ms. ,which could be OK’ish for one large patch file. Let’s say there’s a 200 MB update covering 1500 files – that’s 15 minutes worth of waiting for the transfers to start for a set of files that should take something along the lines of two minutes to actually transfer over a pretty basic broadband connection.

I think World of Warcraft  (and others, but they’re a good example) got the right idea from a developer’s perspective – they transfer the patches in sets – going from A to D would require you to go from A to B to C to D – more to download, but people can do such over BitTorrent or any old HTTP mirror rather than the developer’s own site. Game developers, take note. Please.

Tags: , , , ,
Posted in Technology | No Comments »

Don’t Invest In DPI Until Net Neutrality Has Been Resolved

Monday, January 25th, 2010 by Jon Linden

Sorry, there should be a question mark at the end of that heading, and the answer is No!  The fact is you need to invest in DPI now. I know I’m biased, but that’s why I possess hands-on knowledge and facts of what our customers do and why.

DPI does not equal P2P throttling and Net Neutrality infringement. P2P control originally presented itself as an opportunity for DPI with a quick ROI on a hair-on-fire issue where P2P filesharing rampaged at an exponential growth rate, which meant exponential cost. But today we’re in the second, or I would even argue the third generation of DPI, and both products, and the use of these products, have evolved and become much more sophisticated.

Today the most common request is visibility. Visibility of what traffic is traversing the network in order to detect changes early in user behavior to avoid surprises on the core business and business models. Today’s rapid increase in streaming video is both a threat and an opportunity to cable MSOs, whose core business is TV distribution.

This is a good illustration of why network traffic intelligence is so important. Today we don’t watch TV as we did before. We don’t watch in real-time since we have TiVo and subscribe to episodes as they are “released”. It’s just a small step to Hulu and the broadcasting companies’ Play services. Early detection of these phenomena gives the operator the ability to offer relevant packages, change pricing, and develop new services without being left far behind.

In all honesty, very few of our customers and prospects even consider limitation of competing over-the-top (OTT) services. Savvy end-users catch what they do, draw attention to it, and the operator is caught with their pants down. You don’t “get away with it”.

But knowledge is power. Based on proper network intelligence you can make proper decisions. For example reach out to emerging services and join them instead of trying to beat them, look at the value add of your paid-for services compared to free OTT services, see the impact on your network of new applications, and project the investments required to accommodate these new services.

You could actually go as far as to say that DPI is required to enable Net Neutrality. Transparency is a cornerstone in Net Neutrality and DPI offers the tools that verify that you are transparent, that you’re not preventing good service levels due to obsolete policies supporting an old reality.

We, Procera, have not seen an impact on our DPI business from Net Neutrality, and I think it’s due to the above. Operators understand this, have understood why DPI is necessary, how it’s used properly, and are able to discard the background noise of an infected discussion while listening to creative and reasonable input.

Tags: , , , , , , , , , , ,
Posted in Industry, Technology | 1 Comment »

DPI + Policy Control = True

Monday, January 11th, 2010 by Jon Linden

The rumor is true, DPI and Policy Control are confirmed to be a couple and have been seen hand-in-hand even in public recently. Feelings are mutual and this is bound to last “until death do us part”.

The 3GPP framework rules! At least in the mobile space and it’s also making headway into fixed. That’s good. DPI has become a critical component in a service provider network, which requires DPI to interact with surrounding systems. On top of this complexity grows with tiered services, volume quotas, sponsored sites, and premium gaming and telecommuter services.

This is where the policy server, or PCRF (Policy Charging and Rules Function), comes in.  DPI is an excellent traffic analyzer and policy enforcer. But since DPI in most cases resides inline and manages large volumes of traffic, it can’t afford  “wasting” cycles on polling information from other systems and correlating a lot of conditions.

This is a perfect assignment for the out-of-band PCRF server. PCRF is a decision point – PDP (Policy Decision Point). Once the decision is made it’s sent out to one or more PEPs (Policy Enforcement Point). DPI is a great PEP, but other equipment in the network might occasionally be better suited to host certain policies. The Gx interface in 3GPP enables standardized integration between DPI and PCRF. But the fact is that most installations still use a SOAP interface and a more or less proprietary API, but Gx is starting to make an entrance.

Since DPI and PCRF is part of the same eco system, resolving the same challenges, it’s quite understandable that there is some confusion as to whether or not DPI competes with PCRF vendors like Camiant, Openet, Bridgewater and Volubill. That’s certainly not the case. It’s rather the opposite where everyone’s working with everyone. I dare say it’s flat out promiscuous. Do I also dare to assume there will be consolidation within and between the two segments? Well, let me put it this way: anything else would surprise me.

We, Procera, see that most of our customers and prospects either made a decision or are making a decision on PCRF as they deploy DPI today. This is great. It opens up even more opportunities and options for how to create new services, how to strengthen the operators’ business case, and how to adjust to accommodate the ever-changing reality.

Tags: , , , , , , , , , ,
Posted in Industry, Technology | No Comments »

Mobile Internet – Just A Bit Pipe?

Wednesday, December 2nd, 2009 by Jon Linden

I’ve argued that mobile Internet is “just another Internet access”. This used to be a controversial and provocative statement when talking to mobile operators who defended their premium network investments they made,  in order to deliver pretty fast Internet connectivity.

Imagine my surprise when I recently attended a traffic management conference in London where all mobile operators in chorus surrendered to being just a bit-pipe competing with wireline broadband… What happened?

I assume they’re realizing that they don’t have the recipe for the all-resolving secret sauce, which is why it currently feels a bit hopeless. Walled gardens didn’t work, a price war has driven prices down, customers don’t pay for added-value services, and another network upgrade, this time to the fourth generation, is just around the corner.

The good thing is that this puts the spotlight on the fundamentals – production cost. You consider how you can limit OPEX by minimizing helpdesk calls, you look at how you can maximize the utilization of your network, you want to automate up-sales, and you implement cost thresholds like volume quotas and international roaming control. Oh by the way, these are all things you can do using DPI.

Once we’re past this realization we must get ourselves out of this sorrow and start looking forward. Mobile Internet certainly has added value over wireline. The growth in mobile Internet is probably the best validation of this. But speed, i.e. bandwidth, is not one of them. Maybe it’s time to take the lead on selling non-bandwidth-centric services? How can you leverage mobility? For what customers is mobile Internet the only, or the best, option? How will built-in 3G modems in laptops impact the market and the ability to sell pre-paid services?

This is putting a lot of demand on the business developement and product management people at mobile operators. It’s time to get your moneys worth guys! Every case is certainly unique. Do you provide mobile and fixed line, do you go after specific customer segments, or are you the low price option? This will impact your strategy more than ever.

So I guess I must convert to the other side and argue “Mobile Internet is more than just a bit-pipe”. It doesn’t feel as controversial, but a man’s got to do what a man’s got to do.

Tags: , , , , , , , , ,
Posted in Industry | No Comments »

Is Accuracy Really That Important?

Wednesday, December 2nd, 2009 by Jon Linden

Trust me, it is. There are a lot of good reasons why we promote “accuracy and control, redefined” in our logo. Ask any operator with DPI experience, and you’ll hear that accuracy is top of the list. And we can, in all honesty, say that DPI didn’t really deliver on this promise originally. The first generation of DPI identified port-hoping filesharing applications good enough to cap them to avoid disaster.

But times have changed. Today we have very sophisticated tools in our bag and our traffic identification engine looks at several criteria when determining what application each individual connection is. We also leverage characteristics, like interactive, streaming, download and bulky to categorize traffic in an application-agnostic fashion.

Online applications have evolved extensively over the years I’ve been working with DPI. Back in the days when IP and TCP were invented, all traffic was client-server-based. The applications were neither time nor quality sensitive, but everyone was happy with a global and resilient network.

Fast forward to today. P2P technology is used to leverage bandwidth and CPU capacity at the edge of the network for faster connectivity and to decrease the traffic being sent over the core network. P2P technology is used by the streaming music services we run all day at the office, as well as the online HD video on demand service we use at home at night. Both Salesforce.com and our office phones run over IP enabling us to work from home as if we were at the office. But we would also be totally paralized if the Internet connection (as well as the redundant link ;-) ) was down. This is how crucial and integrated the Internet is in our lives today, and this is why traffic volumes grow at a pace that outdoes Moore’s law and that saturates pipes.

Of course, these applications are totally different in nature and have different requirements for how to be treated to function properly. Of course, different users have different expectations in different situations at different times of day. Of course, it would be an issue if you treat HD video as filesharing or World of Warcraft as SIP. This will impact the performance of the network, but also your ability to manage expectations and create viable business cases for how to satisfy different user profiles. Step one in any process is analysis, and unless you trust the intelligence you use for your analysis you won’t dare to make decisions based on these facts.

So, this is one of these cases where good enough isn’t good enough. Trust me when I say that you will want to trust the information you have at hand when you make critical decisions.

Tags: , , , , , , , , , , , , , , ,
Posted in Products, Technology | No Comments »

Do’s and Don’ts in Bandwidth Control

Wednesday, December 2nd, 2009 by Jon Linden

Suddenly it all happens at once. We went from zero to two events focused on DPI in one week – Light Reading’s virtual tradeshow Policy Control & Deep Packet Inspection, and Informa’s Broadband Traffic Management event IRL in London early last week. These events are good validation that DPI has grown up to get proper attention.

I was on-site at the event in London – and I apologies for the hotel lobby background noise on my line in the LR panel discussion. But I also had the pleasure to be on a panel in London together with Benny Lim from SingTel and David Hodgers from O2 Ireland, moderated by Mark Newman from Informa. The topic was “Lessons Learnt: The Do’s and Don’ts of Bandwidth Control”.

So what are the lessons learnt on bandwidth control? Let me quickly go through my conclusions and what I told the audience. When looking at do’s and don’ts I see two categories: what works and what ‘s ethical. The latter is more challenging with today’s fast moving social media where bad news travels fast and subscribers vote with their feet.

How do you manage this? Well, don’t expect to “get away with it”. Internet users are savvy and operators in London confirmed that non-transparency came back to bite them. You must be able to defend what you’re doing, and a good test is if you’d accept it yourself. Greed is not an acceptable reason, though a viable business case normally is.

Do’s and don’ts also depend on what you’re trying to achieve. DPI and bandwidth control spans over a broad range of applications, from network protection and congestion control to quality assurance and service differentiation. We tend to be very introvert and technology-driven in this industry, but you must start from business benefits and objectives in order to define intentions and make it understandable to your end-users.

The key to what works is knowing what’s going on. It’s not an option to guess what your customers do and how your network is doing. And conditions change – all the time. What used to be 80% filesharing a year and a half ago is today replaced with 40% streaming video as the largest bandwidth consumer. A policy rule-set that is not up-to-date will cause some strange consequences.

I wish I could provide a blueprint for what works, but every situation is unique. Your product mix, fixed and/or mobile, target groups, price positioning, and on top of this there are geographical differences like what applications are used and what bandwidth control practices are accepted.

This means that the number one thing to do is try. You will have to try it out and assess the outcome in your specific situation and your environment. I know this sound scary, but be adaptive, be quick, and make sure you make qualified decisions based on facts rather than guesstimates and assumptions.

Let me also summarize my don’ts: Don’t lie – be transparent. Don’t insert packets – honor integrity. Don’t get introverted and super techie – understand your business and your customers. And don’t do nothing – this is the most expensive decision of them all…

Let me wrap up with one more suggestion for what you should do: Keep it simple! Complexity kills this cat. If it’s too complicated you won’t be able to communicate to your subscribers, it’ll be impossible to update and change, and you won’t be able to measure if you successfully achieved what you intended to. This is hard to make simple – which is why we, Procera, are here to help ;-)

Tags: , , , , , , , , , , , , , ,
Posted in Industry | No Comments »

Newer Entries »