Walter De Smedt wrote:
We can do realistically 1.3G with current bits. I�m not ready to talk about performance by the end of the year. As a bonus, you'll get classification and population reports for both p2p and backdoored / virused hosts without performance impact.
The next step in P2P recognition seems to be deep packet inspection with
signature based detection. The major problem here is scalability - I
don't see some device analyzing 1G, the typical uplink capacity of
Internet gateways in a medium SP network, of traffic at layer 7.
If this should be feasable, what if P2P applications would employ
encryption schemes (e.g. IPSec) - this would render signature-based
recognition useless.
(export these with BGP4 to fancy effects, or simple ACL / firewall list for more traditional approach)
Pete
