PACE - Ipoque
PACE - Ipoque
PACE - Ipoque
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
DAtA sHEEt<br />
<strong>PACE</strong><br />
ProtoCol & APPliCAtion ClAssifiCAtion EnginE<br />
ipoque’s Protocol and Application Classification Engine (<strong>PACE</strong>) is a software library using deep packet inspection (DPI) technologies<br />
– including pattern matching and behavioral, heuristic and statistical analysis in real-time – to reliably detect network<br />
protocols, even if they use advanced obfuscation and encryption techniques. It helps network equipment vendors enhance<br />
their products with powerful and proven Layer 7 protocol network management and visibility capabilities. In addition,<br />
it accelerates time-to-market for a variety of different application scenarios. <strong>PACE</strong> consists of fully configurable DPI software<br />
and has been optimized for performance and classification reliability. It is highly flexible and can be integrated in any existing<br />
platform such as firewalls, network security and policy management appliances, and lawful interception systems.<br />
flExiblE intEgrAtion<br />
• Independent of hardware architecture/<br />
endianness<br />
• Runs in any Linux, Mac, Solaris and Windows<br />
environment<br />
• 100% proprietary code provides clean<br />
licensing without GPL compliance issues<br />
• User-defined connection/session tracking<br />
• Fully documented APIs, including code<br />
samples<br />
• Includes ipoque’s powerful network traffic<br />
test tool with a wide range of options<br />
PErforMAnCE<br />
• Developed entirely in C<br />
• Throughput of up to 100 Gbit/s and faster<br />
(SMP support)<br />
• Optimized code for high-end multicore<br />
technology<br />
• Multithreading provides linear scalability on<br />
multi-core systems<br />
• Includes ipoque’s proven Fastpath engine for<br />
even faster detection without impacting<br />
reliable detection rate<br />
• Integrated highly-optimized flow tracking for<br />
millions of concurrent connections<br />
www.ipoque.com<br />
HigHligHts<br />
real-time detection rate with near<br />
100% reliability<br />
support for thousands of applications<br />
High performance for core network links<br />
with speeds of up to 100 gbit/s and faster<br />
Metadata Extraction<br />
flexible and seamless integration in various<br />
network products<br />
Continuous up-to-date support for the<br />
latest protocols
ADvAnCED DEEP PACkEt insPECtion<br />
• Application detection coupled with proven<br />
Layer 7 protocol detection (e.g. Facebook,<br />
Twitter & Dropbox)<br />
• Subtype detection of application clients such<br />
as audio, video or file transfer allows deeper<br />
insight<br />
• Support for thousands of applications and<br />
over 200 real network protocols<br />
• Extraction of application and protocol<br />
metadata<br />
<strong>PACE</strong> - beyond Protocol Detection<br />
• Seamless and dynamic online upgrade<br />
without rebooting<br />
• Automatically decapsulates tunneling<br />
protocols with arbitrary encapsulation depth<br />
• IP defragmentation and TCP packet<br />
reordering included<br />
• Bidirectional and unidirectional traffic<br />
identification<br />
• Flow and subscriber tracking<br />
• Frequent updates of protocol and application<br />
detection ensure reliable detection<br />
Custom Defined Protocols<br />
• Ready-to-use <strong>PACE</strong> extension for defining<br />
your own protocols and applications<br />
• Implementation of individual needs,<br />
independent of existing signature database<br />
• Customization of existing protocol and<br />
application detection<br />
Metadata Extraction<br />
• Integrated metadata extraction as a subset<br />
of PADE, ipoque’s decoding engine/Excerpt:<br />
- HTTP (e.g. host, content, user agent)<br />
- SSL (e.g. serial, country, address,<br />
organization name)<br />
- SIP (e.g. sender, receiver, caller-ID)<br />
Qos/QoE: Measurements<br />
• Statistical traffic measurements<br />
(e.g. SYN/ACK to ACK round-trip time and TCP<br />
out-of-order counter)<br />
• VoIP performance measurements<br />
(e.g. jitter and packet loss rate)<br />
Network<br />
ipoque GmbH, Neumarkt 29-33, 04109 Leipzig, Germany<br />
Phone: +49 341 59403 0 Fax: +49 341 59403 019<br />
APPliCAtion sCEnArios<br />
next-generation firewalls &<br />
WAn optimization Controllers (WoC)<br />
Reliably classify network protocols and applications<br />
– independent of TCP and UDP ports –<br />
for network access control. DPI is a commitment<br />
to maximum network security and a powerful<br />
basis for individual company security policies.<br />
Boost the acceleration of applications for particular<br />
needs, e.g. e-mail, VoIP, SIP.<br />
traffic Analysis, Accounting &<br />
billing systems<br />
Collect detailed statistics based on actual<br />
protocol and application usage for network<br />
resource planning, billing and accounting.<br />
Identify and estimate network trends based on<br />
long-term analysis, e.g. adjustments of data<br />
rate plans. Enables you to respond immediately<br />
to changes within your network.<br />
bandwidth Management &<br />
Policy Enforcement<br />
Network bandwidth management provides<br />
quality of service (QoS) in fixed-line and mobile<br />
networks with bandwidth priorities, guarantees<br />
and caps on a per protocol and per application<br />
basis. The integration of DPI allows prompt<br />
identification of challenges based on increasing<br />
over-the-top traffic (OTT). This improves<br />
network operator profitability and creates new<br />
streams of revenue. Network environment assurance,<br />
e.g. protection against DDoS attacks,<br />
is included.<br />
lawful interception<br />
Reliably classify intercepted traffic for negative<br />
and positive filtering, protocol-based load<br />
balancing and improved post-processing. Realtime<br />
support for key communication technologies<br />
such as VoIP and e-mail.<br />
<strong>PACE</strong> – Protocol & Application Classification Engine<br />
Pre-Processing<br />
• Packet Reordering Engine<br />
• IP Defragmentation Engine<br />
API<br />
Connection &<br />
Subscriber Tracking<br />
www.ipoque.com<br />
info@ipoque.com<br />
DPI Classification<br />
Pace at a glance<br />
superiority<br />
• L7 protocol detection combines different<br />
DPI technologies<br />
• Throughput for deployment of 100<br />
Gbit/s and more<br />
• Flexible and seamless integration<br />
reliability<br />
• Supports over 1000 applications<br />
• Includes more than 200 network<br />
protocols<br />
Precision<br />
• Detection rate of nearly 100%<br />
• Extremely low classification rate for<br />
false positives<br />
responsiveness<br />
• Frequent classification updates<br />
• Swift delivery of popular and important<br />
protocols<br />
Excerpt of supported Environments<br />
• Operating Systems / Distributions<br />
- Linux Standard Base<br />
- Berkeley Software Distribution (BSD), e.g.<br />
MAC OS X, FreeBSD<br />
- Solaris<br />
- Windows<br />
• CPU Architectures<br />
- x86: x86_32 (IA-32), x86_64 (AMD64)<br />
- RISC: MIPS (e.g. Cavium Octeon) and SPARC<br />
(e.g. UltraSPARC)<br />
Application Scenarios<br />
• Next generation firewalls/WOC<br />
• Traffic analysis & billings system<br />
• Bandwidth management<br />
• Policy enforcement<br />
• Lawful interception<br />
© 2012 ipoque GmbH<br />
<strong>PACE</strong> 1208
Change language