Signature Updates
Netify DPI - Signature Updates
The Netify Signature Updates system is a premium add-on to the Netify Agent.
The free version of Netify contains approximately 175 protocols and 200 application definitions updated approximately once every quarter. Signature Update subscribers get access to over 200 protocols and 1500 applications updated several times a week.
| Open Source | Signature Updates Subscription | |
|---|---|---|
| Applications | 200 | 1500 |
| Protocols | 175 | 200 |
| Updated | Quarterly | Several times a week |
How It Works
Deep packet inspection is not a one-time implementation - new applications are continually appearing and evolving. Applications use a variety of domains to deliver an application. For example, Twitter is more than just twitter.com; there are dozens of domains used to deliver images, videos, APIs, and other application assets:
- t.co
- twimg.com
- twitter.com
- twimg.com.akahost.net
- twitter.map.fastly.net
- cs1138.wpc.edgecastcdn.net
- etc.
Netify DPI uses these domains to identify application network traffic flows. The engine uses hostnames derived from TLS SNI, TLS certificate common names, HTTP headers, DNS requests, DNS hinting, and any hostname that pops out of deep packet inspection.
A domain like cs1138.wpc.edgecastcdn.net may not look related to Twitter, but upon inspection, it is. The Netify analysis and machine learning engines are constantly on the prowl for new domains, network blocks, and behaviors.
Netify Evaluation Kit
The open-source Netify Agent (netifyd) comes with 200 application and 180 protocol signatures, as well as full data stream support. Please contact us to gain access to the Netify Evaluation Kit which includes:
- Signature Updates - 1500+ Applications and 200+ Protocols
- Stats Plugin
- IP Sets Plugin
- Connection Tracking (CT) Labels Plugin
Netify Agent
Getting Started
Plugins and Addons
Netify Tools
Open Source DPI
Integration and Custom Solutions
Do you have any questions about integration, APIs or custom development?
Contact Us