Slashdot Mirror

← Back to Stories (view on slashdot.org)

80 Gbps Deep Packet Inspection Hardware Announced

Posted by ScuttleMonkey on from the comcast-on-backorder-for-months dept.

An anonymous reader writes to tell us that Procera Networks is launching a new weapon on the deep packet inspection (DPI) front. At $800,000 these 80 Gbps tanks aren't going to be sitting in everyone's closet, but it could mean that more traffic shaping is on the way. "The PL10000 can handle up to 5 million subscribers and can track 48 million real-time data flows. That's certainly a potent piece of hardware, but larger ISPs will need more. That's why Procera designed the new machines with full support for synchronizing traffic flows where return traffic might be routed to a different PacketLogic machine. The machine receiving the return traffic can make the machine monitoring the outbound traffic aware that it sees the other half of a TCP/IP conversation, for example, giving the devices more accuracy than those which might only have access to one side."

10 of 185 comments (clear)

  1. $800,000? by Bovius · · Score: 5, Insightful

    At almost a million dollars a pop, is it really saving money for ISPs to use these? How many would a major ISP need to shape all of their traffic?

    1. Re:$800,000? by blhack · · Score: 4, Insightful

      Yep, and how much were computers, originally? The price on these will drop when enough of them are bought. No it won't. There is realistically only a market for a handful of these worldwide. Not several million of them like PCs. Its exactly like cisco hardware, it has remained astronomically expensive simply because only a very small select group of people (network admins) actually buy them.
      --
      NewslilySocial News. No lolcats allowed.
    2. Re:$800,000? by Deadplant · · Score: 5, Insightful

      Seriously.
      Spend the money on a couple more 40Gb fiber lines instead.

  2. Re:DPI - Encrypt by Shakrai · · Score: 5, Insightful

    Can the ISPs afford to give encrypted traffic a very low priority?

    No, but if they wanted to be pricks they could identify p2p users and give THEIR encrypted traffic a very low priority.

    Even if you ran with full encryption and encrypted the communication with the tracker it's still trivial to identify you as a p2p user -- not many VPNs make connections with dozens (or hundreds) of remote hosts.

    The only way around that would be to VPN somewhere and use that VPN link to pass all your p2p traffic -- but if you have the means at your disposal to set that up then you likely have the means to find an ISP that doesn't throttle your p2p traffic.

    --
    I want peace on earth and goodwill toward man.
    We are the United States Government! We don't do that sort of thing.
  3. Math is fun. by Cedric+Tsui · · Score: 4, Insightful

    $800,000/5 million subscribers = $0.16 per subscriber.

    Expect to see the surcharge in your next bill!!!

    1. Re:Math is fun. by gnick · · Score: 4, Insightful

      $800,000/5 million subscribers = $0.16 per subscriber. Yeah, but 80Gbps/5 million subscribers = 2kBps. How long can you keep 5 million subscribers with speeds like that?
      --
      He's getting rather old, but he's a good mouse.
    2. Re:Math is fun. by D'Sphitz · · Score: 5, Insightful

      assuming every single subscriber is using his connection continuously 24 hours per day, not even stopping to so much as read a webpage or an email ...

  4. Re:A waste? by Kartoffel · · Score: 5, Insightful

    Investing in more capacity means a linear increase in customers and profits. Investing in network anti-neutrality, OTOH, means new and lucrative pricing structures for various services. They're just putting money where it stands to return the greater profit.

  5. I've said it before, I'll say it again by Aranykai · · Score: 5, Insightful

    If my ISP is going to inspect my packets to the point of identifying their content as p2p, then they should be 100% responsible for any and all illegal activities I may or may not conduct on their connections.

    The entire concept of the DMCA safe harbor clause was founded on the understanding that it would be virtually impossible for providers to monitor and filter illegal or unlawful activities and data. However, now it has become perfectly reasonable that they can identify and reroute or slow this traffic. This clearly nullify's the safeharbor provisions.

    The ISP's need to realize they cant have it both ways.

    --
    If sharing a song makes you a pirate, what do I have to share to be a ninja?
  6. Somethng Wicked This Way Comes by Whuffo · · Score: 4, Insightful
    This is quite the impressive machine they're talking about. But what they don't seem to cover very well are the legitimate uses for such a device. Just because they call "monitoring your communications" deep packet inspection doesn't make it right.

    It looks like a disaster in a box to me: not only does it allow anyone with the price of the machine to monitor and inspect each and every packet you exchange, it also is capable of destroying the legal protections that ISPs currently enjoy.

    The ISPs are treated like common carriers and are exempt from many liabilities because they carry all traffic equally and don't know or control the content of that traffic. Now that they're insisting that they need to "prioritize" some traffic at the expense of others, monitor and drop traffic because of its content, and are installing machines like these that further refine their ability to monitor and control what traffic you'll be allowed to transmit - well, their "safe harbor" exemptions are based on them not doing any of this.

    Just the existence of this machine will be the undoing of many...