[152972] in North American Network Operators' Group
RE: ISPs and full packet inspection
daemon@ATHENA.MIT.EDU (Don Bowman)
Fri May 25 09:14:39 2012
From: Don Bowman <don@sandvine.com>
To: not common <notcommonmistakes@gmail.com>, "nanog@nanog.org"
<nanog@nanog.org>
Date: Fri, 25 May 2012 13:13:25 +0000
In-Reply-To: <CAKF9zbBnvkw4bEq3f1YP0bXM9bS0in+Axj=0zrmnN3YZKcdKmA@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
From: not common [mailto:notcommonmistakes@gmail.com]=20
>Hello,
>
>I am looking for some guidance on full packet inspection at the ISP level.
>
>Is there any regulations that prohibit or provide guidance on this?
Your better to discuss use cases than technology.
E.g. do you plan to do per-user behavioural targeted advertising?
To secure the network from DNS changer malware?
To block slammer worm?
To deploy a session border controller?
To deploy a carrier-grade NAT (LSN)?
To collect bank information and profit?
To enhance the QoS of VoIP?
To deploy a transparent web or video cache?
All of them use packet inspection. All can be achieved w/o packet inspectio=
n.=20
All of them vary wildly in how people would react :)
So... phrase your question and 'guidance' around the use case, not the
method you plan to achieve it today.
