deep packet inspection

What would you do with a 288 TB network time machine?

Who needs a DeLorean and its one point twenty-one jiggawatts when you can have a GigaStor SAS, which stores 288 TERABYTES of network data?

According to a press release from Network Instruments, GigaStor “is the largest retrospective network analysis (RNA) platform available for storing and capturing network packets and transactions for later analysis and investigation.” Network Instruments said that the vast capacity was needed as more networks tap into 10 Gigabit Ethernet, particularly for those companies with larger data centers. The appliance was originally designed for a military customer, according to the company, who needed to store a month’s worth of networking data.

Deep diving into deep packet inspection

Speaking of deep packeteering, dPacket.org is a new non-profit with the goal to “foster and support community interest and progress in deep packet inspection (DPI).” OK, so the Gates Foundation it’s not, but I got on the phone with two of the founders, Kyle Rosenthal and Axel Weichert, both formerly with DPI provider Bivio Networks, yesterday to talk a little bit about the site’s ambitions and how it might help network engineers who are tackling how to integrate DPI into their networks.

They said they initially set out to create a very technical community, but they’ve since broadened that mandate to include high-level discussions about the place of DPI at both the network and service provider level. That topic tends to bring out ideologues on both sides, particularly as it’s linked to net neutrality, but hopefully the savvy searcher can avoid the worst of the flame wars and find some useful information, such as vendor profiles and a piece on using DPI to check and improve Skype traffic.

Rosenthal said one of dPacket’s big challenges would be to prove to readers that the site isn’t an industry mouthpiece, which might be tough with financial sponsors like Sandvine and Ellacoya. Still, the more resources there are for complex subjects like DPI the better, particularly if they are willing to tackle both the tough technical aspects of network deployment alongside the creation of ethical guidelines to address how far into the network should DPI peer, and how that information should be handled.

Big Burns is Watching

My friend over at InsideHigherEd stumbled upon a novel approach to discouraging illegal P2P while allowing legitimate research usage:

In order to download (or upload) files on any peer-to-peer network whatsoever, all on-campus users have to pass an online quiz on copyright infringement.

But not just once. Passing the test — with a perfect score — enables peer-to-peer access for six hours on the user’s on-campus registered machines, presumably enough time to download that (legal) song, TV show or e-book. The next time, the student, staff or faculty member has to go to the intranet Web page and take the randomized test again, for a maximum of eight uses per month (which, kind of like vacation days, can accrue to at most 20).

While it’s certainly innovative, what’s the point? Nobody is better off, except maybe the RIAA when they use the quiz to show illegal downloading was “willful infringement,” which can bump damages up to $150,000 per song. Those intent on downloading tend to find creative workarounds , while those with legitimate needs are unduly hassled.

In the enterprise, we often hear that education of Net do’s and don’ts is critical, but randomized quizzes and P2P privilege accrual seems a pretty complicated way of doing it.

On the other hand, the statistics are impressive: The year before the program was implemented, the university got 800 copyright complaints; since, they’ve only received eight. Imagine the work productivity boost if you inserted to a picture of the boss every time an employee accessed a flash game or MySpace profile.

On second thought, no.