Deep packet inspection - What you should know

Anyone who uses the internet needs to be aware of deep packet inspection, its uses and potential misuses.

You may recognise deep packet inspection (DPI) as something internet service providers (ISPs) use to conform to the Communications Assistance for Law Enforcement Act (Calea), the US government-ordered internet wire-tapping directive. If that's not enough, DPI, albeit behind the scenes, allows ISPs to block, shape, and prioritise traffic, which is now fuelling the net-neutrality-versus-traffic-priority debate. So, what is DPI and how does it work?

DPI is next-generation technology that's capable of inspecting every byte of every packet that passes through the DPI device. That means packet headers, types of applications and actual packet content. Up until now, this wasn't possible with intrusion-detection or intrusion-prevention systems (IDS/IPS) or stateful firewalls. The difference is that DPI has the ability to inspect traffic at layers 2 through to 7 — hence the 'deep' in DPI.