Netify DPI - Signature Updates

The Netify Signature Updates system is a premium add-on to the Netify Agent.

The free version of Netify contains approximately 175 protocols and 200 application definitions updated approximately once every quarter. Signature Update subscribers get access to over 200 protocols and 1500 applications updated several times a week.

Open Source Signature Updates Subscription
Applications 200 1500
Protocols 175 200
Updated Quarterly Several times a week

How It Works

Deep packet inspection is not a one-time implementation - new applications are continually appearing and evolving. Applications use a variety of domains to deliver an application. For example, Twitter is more than just; there are dozens of domains used to deliver images, videos, APIs, and other application assets:

  • etc.

Netify DPI uses these domains to identify application network traffic flows. The engine uses hostnames derived from TLS SNI, TLS certificate common names, HTTP headers, DNS requests, DNS hinting, and any hostname that pops out of deep packet inspection.

A domain like may not look related to Twitter, but upon inspection, it is. The Netify analysis and machine learning engines are constantly on the prowl for new domains, network blocks, and behaviors.

The following is a list of some of the protocols that are only available with Signature Updates:

Further Reading

Plugins and Addons

Evaluate Netify DPI

Do you want to get started with evaluating Netify DPI? Request the Integrators Kit today.

Integrators Kit