1 Sep
2011
1 Sep
'11
3:44 a.m.
On 2/09/2011, at 8:36 AM, Glen Eustace wrote:
I would be interested in knowing how the various firewall products that claim to provide L7 filtering of P2P manage this. Apparently Fortinet (as an example) can even pick P2P when the connection is using TLS or SSL. Call me a skeptic but I am not sure how they can do this.
A lot of DPI engines include behavioral analysis of traffic now since most protocols follow a predictable behavior it allows them to identify what flows are with reasonable certainty without actually looking in the packets.