|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Sun, 18 Jul 2004 21:44:10 +0300 From: Petri Helenius <pete@he.iki.fi> To: Walter De Smedt <wdesmedt@telenet.be> Cc: Jared Mauch <jared@puck.nether.net>, Michel Py <michel@arneill-py.sacramento.ca.us>, nanog@merit.edu In-Reply-To: <20040718123116.GA74797@robin.isa-geek.org> Errors-To: owner-nanog-outgoing@merit.edu Walter De Smedt wrote: > >The next step in P2P recognition seems to be deep packet inspection with >signature based detection. The major problem here is scalability - I >don't see some device analyzing 1G, the typical uplink capacity of >Internet gateways in a medium SP network, of traffic at layer 7. >If this should be feasable, what if P2P applications would employ >encryption schemes (e.g. IPSec) - this would render signature-based >recognition useless. > > We can do realistically 1.3G with current bits. I´m not ready to talk about performance by the end of the year. As a bonus, you'll get classification and population reports for both p2p and backdoored / virused hosts without performance impact. (export these with BGP4 to fancy effects, or simple ACL / firewall list for more traditional approach) Pete
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |