Netify DPI Engine
Netify DPI Engine - Open Source
Managing modern networks requires insights at the application, protocol, security, and data intelligence layers. If you are looking for a free / open source deep packet inspection engine solution to integrate with your product, then you have come to the right place.
At the core of the solution is the open source netifyd daemon. This small footprint daemon performs the underlying deep packet inspection (DPI) and network analysis. The analyzed data is then streamed to a live socket which can then be consumed by 3rd party applications, including:
- Firewall and QoS engines via a customizable Netify Firewall Agent
- Console/command line tools like the ClearOS console tool
- Our very own cloud-based Netify product of course!
To get started, please read the introduction to the Netify Agent.
Netify DPI Engine Features
Deep Packet Inspection
Provides deep packet inspection and network analysis powered by our open source Netify DPI Agent.
Detects detects over 190 protocols including BitTorrent, VPNs, Proxies, VoIP and many others.
Runs on big iron as well as embedded systems including the Raspberry Pi and OpenWRT devices.
Unpacks DNS, DHCP, SSL, HTTP and other requests so you can log all hostname lookups on your network. Catch hostname traffic flowing on alternate TCP/UDP ports.
Firewall and QoS Hooks
Provides live flow data in JSON format via Netifyd's socket -- this can be used to provide hooks into firewalls and QoS engines using the Netify Firewall Agent.
Detects apps like Facebook, Twitter, YouTube, Netflix etc. by mapping DNS lookups, extracting SSL/TLS certificate domain names, detecting SNI hostnames and more.
Detects SSL/TLS cipher versions in use so you can catch weak spots on your network. Old ciphers often indicate devices with other security weaknesses.
User Agent Extraction
Extracts user agent information to help provide details about devices on your network: Mobiles, tables, laptops, TVs, IoT devices and more.
Netflow and Bandwidth
Provides standard Netflow data: source and destination IPs, MACs, Layer 4 protocols, IP version, packet counters, byte counters and more.