Deep Packet Inspection

Intelligent IP interception

IP traffic is often intercepted in a fairly straightforward way by putting a specific IP address under surveillance. Some situations however require a more sophicated way of IP interception.

Intelligent interception based on real-time analysis

In many situations identities of a target are dynamic and depend on the application used. Simple interception based on an IP address can not be used as the IP address is not known. Also in other situations, like when public Internet PC's are used for communication, a more sophisticated type of interception is required. Intelligent post processing of IP data almost always pinpoints the required data. However given the enormous amount of data that flows to IP networks each day, this intelligent filtering must be done at the source of the data; in the IP networks itself. In that case only the filtered data is forwarded to the monitoring center.

This filtering at the source is done by using Deep Packet Inspection probes. Analysing all passing IP packets up to the application level (layer 7), these probes are able to extract traffic based on keywords in email messages, URL's of visited websites, chat identities and a whole list of other dynamic criteria. They are able to make intelligent decisions about whether or not to intercept the traffic, minimising the amount of traffic that is handed over to the LEMF (Monitor Center)

The most challenging aspects of intelligent network filtering are the broad range of applications and the vast amount of data that needs to be analysed. By combining the state of the art Lima DPI Monitor with LIMA Mediators and the LIMA Management System an end-to-end DPI solution is formed that handles traffic up to multiple 10Gb/s links and conforms to the latest handover protocols.