Deep Packet Inspection and SD-WAN Delivers Application-Based Network Performance


Software-defined networking (SDN) deployed in a service provider network enables flexible deployment and usage-based solutions between high capacity sites (like headquarters and data centers) SD-WAN services also help optimize traffic flows for performance and cost at branch sites.


Yes, it is possible to “DIY” and configure traditional routers to support a hybrid WAN design, but the network often becomes complex, requiring additional technology and IT support at each site. As application requirements change, WAN configurations must be manually changed to account for new application and traffic patterns.

SOCS SD-WAN centrally manages and provisions network traffic in real-time to accommodate for changes in traffic patterns and the network environment.


The primary driver for most enterprises adopting SD-WAN technology is price. Maintaining an all MPLS-based WAN is expensive, particularly when a majority of traffic is already destined for a public Internet gateway. Alternative transport technologies such as dedicated Internet access (DIA) and broadband present significant cost savings.By replacing traditional branch routers with appliances that assess and utilize different transport technologies based on their performance, it allows enterprises to route large portions of their traffic over cost-effective services, such as broadband.

What is Deep Packet Inspection?

Deep Packet Inspection (DPI) is a network packet analyzer that classifies network flow data in real time. It can accurately identify over 160 protocols and more than 400 Internet applications. Protocol dissectors and application classifiers are continually being added and improved to reduce false positives and unknown applications.

The DPI engine is containerized on the CPE, has modest hardware requirements and works passively so it cannot impact network stability.

How Does DPI Enhance SD-WAN?


High-level DPI statistics can provide a holistic view of an organization’s network usage, providing visibility into:

●  time-wasting activities

●  web browsing policy infractions

●  high-risk or unusual traffic patterns

●  capacity planning

●  Geo-IP based reporting

●  device discovery

Performance Metrics & Control

Bandwidth is a finite resource. The ability to measure latency and jitter is essential to ensure quality-of-service for business-critical protocols such as VoIP and video conferencing applications.

More than 20 attributes from real time DPI analysis can be used to inform and direct the active SD-WAN policy engine. The policy engine then intelligently implements traffic control over routing, prioritization, and the enforcement of policy rules. SD-WAN with DPI integration provides businesses with unparalleled control and flexibility over their networks.

Encrypted Traffic - The Perfect Balance

An increasing amount of network traffic is encrypted. This end-to-end encryption prevents deep-packet metadata from being extracted and used for application detection. While some vendors would have SD-WAN solution providers implement SSL interception, this technique has serious consequences, such as:

●  implementation complexity

●  ongoing maintenance

●  legal/privacy issues

●  security nightmares

SOCS and our technology partners have taken a passive approach when analyzing encrypted flows. Using techniques such as SSL certificate extraction and DNS hinting, high-accuracy classification is possible without the serious challenges and drawbacks of SSL interception.

Summary and Market Opportunities

DPI and SD-WAN are complementary technologies to provide customers the most value from their ISP connection. We expect to see even more service differentiators and value propositions arise as the analytics from DPI on SD-WAN networks migrate from on-premise to the cloud, where AI and Machine Learning algorithms will pave the way for an entirely new set of services.

To realize this potential, SOCS has partnered with technology companies like eGloo to transform how 100% network visibility can positively impact organizations in a disperse landscape spanning network intelligence, regulatory compliance, auditing/forensics and cyber-threat analysis.

Interested in learning more about Deep Packet Inspection? Contact SOCS today.