In a recent interview, Ariana Lynn, Principal Analyst at The Fast Mode spoke to Benjamin Chambers, President of Netify on the impact of traffic visibility on modern IP networks. Benjamin joins us in a series of discussions with leading networking, analytics and cybersecurity companies, assessing the need for traffic filtering technologies that can deliver real-time, granular application awareness. The series explores how advanced analytics power various network functions amidst the rapid growth in traffic and applications.
Ariana: How effective is deep packet inspection (DPI) technology in addressing today's traffic complexities?
Benjamin: Using DPI on today's networks can still be extremely effective. It is not uncommon to see over 95% classification of Internet-bound flows from a typical client running Netify DPI. One somewhat surprising fact of home and business traffic is how homogenous it is. With over 1B websites (applications) to potentially visit, most DPI vendors - both open source and commercial - track and have metadata for a tiny fraction of that, typically less than 2500 applications. This "don't try and boil the ocean" mentality is highly effective in providing high performance classification even on resource-constrained edge endpoints.
For years, organizations having a wide array of self-interest have made some progress in encrypting the last remnants of metadata that would increase privacy. While Encrypted Server Name Indication (ESNI) is no longer viable, its failure had more to do with technical reasons than ‘political’ ones. Encrypted Client Hello (ECH) appears to have made advancements technically, but is still on a glazier pace for widespread adoption.
Netify DPI, like all DPI vendors who rely on extracting metadata from structured data inside detected protocols, will be affected by ECH. One core tenant to our position is that administrators - from company IT admins to parents - will always have access to the tools required to enforce policy on their networks. Netify can detect ECH traffic flows today and help block this traffic, implementing a policy that strikes a balance for network owners between security, privacy and policy enforcement.
While public network operators may have a tougher time balancing these conflicting priorities, Netify is less likely to be found in these environments, and thus of lesser concern.
Ariana: What is your view on commercial DPI vs open-source DPI?
Benjamin: Over the last 7 years, there has definitely been a trend for increasing interest in Netify, an open-source DPI solution that can be integrated into 3rd party products and services. The number one reason organizations look to open-source DPI solutions is cost-savings. This statistic holds true for both companies who are entering the market and incumbents who are looking to trim opex costs with existing/expiring contracts with commercial DPI vendors.
Of course, vendor selection based on cost alone would be trivializing the decision making process as it relates to commercial vs open-source software. As with many open-source projects, Netify DPI has a business unit that drives quality and security initiatives and provides customers with Service Level Agreements that holds a vendor accountable.
Today, from a technical perspective, the advantage leans towards commercial DPI vendors. Those vendors have had the time and resources to evolve their solutions over more recent entrants like Netify. The advantage commercial DPI solutions have can and is being mitigated in two ways. First, commercial solutions can often do ‘too much’, resulting in customers paying for features that are not required. Second, the messaging we hear quite often is that the commercial-based incumbents are not listening or aren’t interested in hearing what their customers are saying.
The DPI market opportunity is massive and has never looked better for open-source solutions to challenge the status quo.
Benjamin Chambers started his career in Chemical Engineering, graduating in 1994 and spending the first five years focused on process control design and R&D in the plastics industry. In 1999, Ben, along with co-founders Peter Baldwin and Darryl Sokoloski, ventured into entrepreneurship, creating a Linux-based small business, successfully running the business until 2015 when it was acquired by a client/MSP. Post-exit, the very same core team started Netify (www.netify.ai), a network intelligence company that develops solutions around Deep Packet Inspection (DPI). Currently serving as the President, Ben helps guide a small and agile team. His role today revolves more around engaging with customers and understanding their needs.
This interview is a part of The Fast Mode's Traffic Visibility segment, featuring leading networking, analytics and cybersecurity companies and their views on the importance of network intelligence and DPI for today's IP networks. A research report on this topic will be published in June 2024 - for more information, visit here.
