Signature Updates
Netify DPI - Signature Updates
The Netify Signature Updates system is a premium add-on to the Netify Agent.
The free version of Netify contains approximately 270 protocols and 200 application definitions, updated approximately once every quarter. Signature Update subscribers get access to over 300 protocols and 2200 applications updated several times a week.
| Open Source | Signature Updates Subscription | |
|---|---|---|
| Applications | 200 | 2200 |
| Protocols | 270 | 300 |
| Updated | Quarterly | Several times a week |
How It Works
Deep packet inspection is not a one-time implementation - new applications continually appear and evolve. Applications use a variety of domains to deliver an application. For example, Twitter is more than just twitter.com; there are dozens of domains used to deliver images, videos, APIs, and other application assets:
- t.co
- twimg.com
- twitter.com
- twimg.com.akahost.net
- twitter.map.fastly.net
- cs1138.wpc.edgecastcdn.net
- etc.
Netify DPI uses these domains to identify application network traffic flows. The engine uses hostnames derived from TLS SNI, TLS certificate common names, HTTP headers, DNS requests, DNS hinting, and any hostname that pops out of deep packet inspection.
A domain like cs1138.wpc.edgecastcdn.net may not look related to Twitter, but upon inspection, it is. The Netify analysis and machine learning engines constantly prowl for new domains, network blocks, and behaviors.
The Integrators Kit includes access to the latest application and protocol signatures in the Signature Updates system.
The following is a list of some of the protocols that are only available with Signature Updates:
Integration and Custom Solutions
Do you have any questions about integration, APIs or custom development?
Contact Us