TY - GEN
T1 - Deep Packet inspection as a service
AU - Bremler-Barr, Anat
AU - Harchol, Yotam
AU - Hay, David
AU - Koral, Yaron
N1 - Publisher Copyright:
© 2014 ACM.
PY - 2014/12/2
Y1 - 2014/12/2
N2 - Middleboxes play a major role in contemporary networks, as forwarding packets is often not enough to meet operator demands, and other functionalities (such as security, QoS/QoE provisioning, and load balancing) are required. Traffic is usually routed through a sequence of such middleboxes, which either reside across the network or in a single, consolidated location. Although middleboxes provide a vast range of different capabilities, there are components that are shared among many of them. A task common to almost all middleboxes that deal with L7 protocols is Deep Packet Inspection (DPI). Today, traffic is inspected from scratch by all the middleboxes on its route. In this paper, we propose to treat DPI as a service to the middleboxes, implying that traffic should be scanned only once, but against the data of all middleboxes that use the service. The DPI service then passes the scan results to the appropriate middleboxes. Having DPI as a service has significant advantages in performance, scalability, robustness, and as a catalyst for innovation in the middlebox domain. Moreover, technologies and solutions for current Software Defined Networks (SDN) (e.g., SIMPLE [41]) make it feasible to implement such a service and route traffic to and from its instances.
AB - Middleboxes play a major role in contemporary networks, as forwarding packets is often not enough to meet operator demands, and other functionalities (such as security, QoS/QoE provisioning, and load balancing) are required. Traffic is usually routed through a sequence of such middleboxes, which either reside across the network or in a single, consolidated location. Although middleboxes provide a vast range of different capabilities, there are components that are shared among many of them. A task common to almost all middleboxes that deal with L7 protocols is Deep Packet Inspection (DPI). Today, traffic is inspected from scratch by all the middleboxes on its route. In this paper, we propose to treat DPI as a service to the middleboxes, implying that traffic should be scanned only once, but against the data of all middleboxes that use the service. The DPI service then passes the scan results to the appropriate middleboxes. Having DPI as a service has significant advantages in performance, scalability, robustness, and as a catalyst for innovation in the middlebox domain. Moreover, technologies and solutions for current Software Defined Networks (SDN) (e.g., SIMPLE [41]) make it feasible to implement such a service and route traffic to and from its instances.
UR - https://www.scopus.com/pages/publications/84920438426
U2 - 10.1145/2674005.2674984
DO - 10.1145/2674005.2674984
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84920438426
T3 - CoNEXT 2014 - Proceedings of the 2014 Conference on Emerging Networking Experiments and Technologies
SP - 271
EP - 282
BT - CoNEXT 2014 - Proceedings of the 2014 Conference on Emerging Networking Experiments and Technologies
PB - Association for Computing Machinery
T2 - 10th ACM International Conference on Emerging Networking Experiments and Technologies, CoNEXT 2014
Y2 - 2 December 2014 through 5 December 2014
ER -