Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Deep packet inspection
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==At the enterprise level== Initially [[Network security|security]] at the enterprise level was just a perimeter discipline, with a dominant philosophy of keeping unauthorized users out, and shielding authorized users from the outside world. The most frequently used tool for accomplishing this has been a stateful firewall. It can permit fine-grained control of access from the outside world to pre-defined destinations on the internal network, as well as permitting access back to other hosts only if a request to the outside world has been made previously.<ref name=Amir2007>{{cite web|url=http://www.itbusinessedge.com/item/?ci=35275|title=The Case for Deep Packet Inspection|website=itbusinessedge.com|author=Elan Amir|date=2007-10-29|access-date=2008-03-02|archive-date=2008-02-04|archive-url=https://web.archive.org/web/20080204203837/http://www.itbusinessedge.com/item/?ci=35275|url-status=dead}}</ref> Vulnerabilities exist at network layers, however, that are not visible to a stateful firewall. Also, an increase in the use of laptops in enterprise makes it more difficult to prevent threats such as [[Computer virus|viruses]], [[Computer worm|worms]], and [[spyware]] from penetrating the corporate network, as many users will connect the laptop to less-secure networks such as home [[broadband]] connections or wireless networks in public locations. Firewalls also do not distinguish between permitted and forbidden uses of legitimately-accessed applications. DPI enables IT administrators and security officials to set policies and enforce them at all layers, including the application and user layer to help combat those threats.<ref>{{Cite journal|date=2020-01-15|title=ACoPE: An adaptive semi-supervised learning approach for complex-policy enforcement in high-bandwidth networks|url=https://www.sciencedirect.com/science/article/abs/pii/S1389128619304074|journal=Computer Networks|language=en|volume=166|pages=106943|doi=10.1016/j.comnet.2019.106943|issn=1389-1286|last1=Noferesti|first1=Morteza|last2=Jalili|first2=Rasool|s2cid=208094726}}</ref><ref>{{Cite web|website=[[TechTarget]].com|title=firewall|url=https://searchsecurity.techtarget.com/definition/firewall}}</ref> Deep Packet Inspection is able to detect a few kinds of [[buffer overflow#Deep packet inspection|buffer overflow]] attacks. DPI may be used by enterprise for [[Data Leak Prevention]] (DLP). When an e-mail user tries to send a protected file, the user may be given information on how to get the proper clearance to send the file.<ref>{{Cite book|last1=Tahboub|first1=Radwan|last2=Saleh|first2=Yousef|date=January 2014|title= 2014 World Congress on Computer Applications and Information Systems (WCCAIS)|chapter=Data Leakage/Loss Prevention Systems (DLP) |chapter-url=https://ieeexplore.ieee.org/document/6916624 |pages=1β6|doi=10.1109/WCCAIS.2014.6916624|s2cid=1022898}}</ref>{{Examples|date=December 2011}}{{Clarify|date=August 2010}}
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)