Defining Profile Application Visibility Settings

Deep packet inspection (DPI) is an advanced packet filtering technique functioning at the application layer. Use DPI to find, identify, classify, reroute or block packets containing specific data or codes that other packet filtering techniques (examining only packet headers) cannot detect.

Enable DPI to scan data packets passing through the WiNG managed network. The contents of each packet are scanned, occasionally logged and blocked or routed to their destination. Deep packet inspection helps an ISP block the spread of viruses, illegal downloads and prioritize data transmitted by bandwidth-heavy applications (video and VoIP applications) to help prevent network congestion.

DPI is an advanced packet analysis technique, which analyzes packet and packet content headers to determine the nature of network traffic. When DPI is enabled, packets of all flows are subjected to DPI to get accurate results. DPI identifies applications (such as, Netflix, Twitter, Facebook, etc.) and extracts metadata (such as, host name, server name, TCP-RTT, etc.) for further use by the WiNG firewall.

Note

Note

The WiNG 7.1 release does not provide DPI support on AP505 and AP510 model access points. This feature will be supported in future releases.

To configure a profile‘s application visibility settings and overrides:

  1. Go to Configuration → Devices → System Profiles .
  2. Expand the Security menu and select Application Visibility (AVC).
    Click to expand in new window
    Profile Security - Application Visibility Screen
  3. Refer the following Application Visibility and Control settings:
    Enable dpi Enable this setting to provide deep-packet inspection (application assurance) by inspecting every byte of each application header packet passing through the controller or service platform. When enabled, application data streams are inspected at a granular level to help prevent viruses and spyware from accessing the WiNG managed network.
    Enable Applications Logging Select this option to enable event logging for DPI application recognition. This setting is disabled by default.
    Applications Logging Level If enabling DPI application recognition event logging, set the logging level. Severity levels include Emergency, Alert, Critical, Errors, Warning, Notice, Info, and Debug. The default logging level is Notification.
    Enable Voice/Video Metadata Select this option to enable the metadata extraction from voice and video classified flows. The default setting is disabled.
    Enable HTTP Metadata Select this option to enable extraction of metadata from HTTP application data flows. The default setting is disabled.
    Enable SSL Metadata Select this option to enable extraction of metadata from SSL application data flows. The default setting is disabled.
    Enable TCP RTT Select this option to enable extraction of RTT information from TCP flows. The default setting is disabled.
  4. Review the Custom Applications for DPI field to select the custom applications available for this device profile.
  5. Click OK to save the changes or overrides.
    Click Reset to revert to the last saved configuration.