Home page logo

basics logo Security Basics mailing list archives

Deep Packet Inspection
From: cybersecure4561 () gmail com
Date: 5 Apr 2011 08:14:03 -0000

I'm posting to the forum to ask the opinion of senior fw experts which firewalls truly perform DPI. I've done some 
research & it appears that their is no industry standard that identifies what DPI is or does. 

I ask this question because Cisco IOS CBAC/Inspect or Zone Based rules do use signatures but do not update packet 
signatures. Cisco relies on the edition of IPS packet inspection (updates by SmartNet contract)to achieve the claim of 
DPI. IPS/IDS do have their place in the infrastructure but they are not firewall's. Enterprise security people would 
not say forget the FW let's use an IDS/IPS instead.

Do Check Point & Juniper also rely on an IPS as an integral part of DPI or is this function & process carried out only 
by the FW?

 I know that CP has bundled an IPS into their suite but their IPS is renowned for false positives. It's my humble 
opinion that in the high end firewalls Check Point & Juniper  really do DPI(L7).

Are their any independent organizations/labs that have tested vendor claims & performance of firewalls that do DPI? 

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.


  By Date           By Thread  

Current thread:
  • Deep Packet Inspection cybersecure4561 (Apr 05)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]