Keep in control
To meet today's challenges of secure digital communications, IT managers need powerful technology and software to help them stay on top and in control. Especially in the field of network security, efficiency is increasingly becoming an indispensable component for staying on top of the sheer mass of traffic. To optimize the management of individual applications in the ever-growing network traffic, the LANCOM R&S®Unified Firewalls use the R&S®PACE 2 Deep Packet Inspection (DPI) engine. This software provides detailed insights into critical applications and supports your internal IT security with high classification accuracy.
Learn more about the features and benefits of the DPI engine here and also download the Whitepaper.
What exactly is Deep Packet Inspection?
Deep Packet Inspection (DPI) enables protection against cyberattacks and data leaks by precisely classifying network traffic and the protocols and applications used. Unlike traditional analysis technologies such as Stateful Packet Inspection, which only analyzes the metadata (headers) of the data packets, DPI inspects all the way down to Layer 7 level, i.e. the data area of the data packet. By means of "Encrypted Traffic Analysis", HTTPS data packets are also detected at a fine granular level. This is the intelligent basis for easily setting up even detailed security policies for the use of specific applications via the LANCOM R&S®Unified Firewalls.
When do we use Deep Packet Inspection?
The precise classification of network traffic at the application level (Layer 7) by a DPI engine enables IT managers to decide for themselves which applications should be allowed or blocked in their network, for example via Application Management integrated on UTM firewalls. To increase network performance, trusted applications can also be redirected directly to the Internet or to an external remote station via Local Breakouts.
The industry-leading R&S®PACE 2 DPI engine is a software library that uses various technologies such as Deep Packet Inspection, pattern matching, behavioral and statistical analysis, and machine learning (ML) methods. The combination of these methods ensures the reliable and automatic identification and classification of thousands of network protocols and applications, including application characteristics and service types, in real time, including with encrypted or obfuscated IP traffic at application layer 7 and beyond. The R&S®PACE 2 DPI engine thus provides robust traffic analysis and comprehensive traffic management for cyber-threat protection by monitoring and controlling application performance.
Developed by the R&S subsidiary ipoque for OEM use in security equipment, the futureproof R&S®PACE 2 is licensed by LANCOM Systems for use in their LANCOM R&S®Unified Firewalls to provide state-of-the-art protocol and application detection. The licensing of this leading DPI technology guarantees field-tested top technology and thus the highest network security for companies and the public sector.
High accuracy of classification
The very broad classification portfolio is suitable for countless business and mobile applications and application services across all industries and regions. By using a variety of cutting-edge classification techniques, R&S®PACE 2 offers the highest detection rate of network protocols and applications on the market, even with advanced obfuscation and encryption and beyond layer 7. Thanks to the feedback and demands from customers all over the world, R&S®PACE 2 provides a very low false negative rate, i.e. unrecognized applications. What this means is: Very high traffic-detection accuracy and reliability with virtually no false positives. The constant observation for new versions of applications and their behavior on different devices, with different operating systems and in different networks ensures high accuracy in the classification of applications at all times.
Using the R&S®PACE 2 in Next-Generation Firewalls (NGFW)
Encryption and obfuscation, the Internet of Things, the cloud, and the increasing number of mobile employees with their own devices in the company network (Bring Your Own Device, BYOD) are just a few of the challenges that a modern firewall has to meet. Nextgeneration firewalls therefore provide granular insights into IP traffic to identify threats and protect users from rapidly evolving new cyber threats. R&S®PACE 2 enables LANCOM R&S®Unified Firewalls to easily distinguish between secure and malicious traffic while offering the highest accuracy of protocol and application classification on the market—including business, messaging, and IoT applications. Furthermore, in market comparisons the R&S®PACE 2 detects the most VPN, anonymization, and tunneling protocols.
Network security with LANCOM R&S®Unified Firewalls
The R&S®PACE 2 DPI engine offers the top technology required to ensure reliable network security in an increasingly complex threat environment. Even new applications are recognized and classified into safe and malicious data traffic. More about the LANCOM R&S®Unified Firewalls and their security features and management tools can be found at our security product sites.