Netify DPI Engine

Open Source DPI for Integrators
Managing modern networks requires insights at the application, protocol, security, and data intelligence layers. Netflow data is good, but DPI provides the metadata to take network and cybersecurity analysis to the next level. If you are looking for a open source deep packet inspection engine to integrate with your solution, then you have come to the right place. Our Netify DPI software has been integrated into firewalls, routers, SD-WAN solutions, IoT gateways, mobile core network engines, virtual probes, software-defined network architectures and other OEM devices.
What Is Netify DPI?
The open source Netify Agent is small footprint engine that performs the underlying deep packet inspection (DPI) and metadata extraction. The analyzed network data is then streamed to an open format which can be consumed by 3rd party applications, firewalls, QoS engines and more. You can find the full feature list further below, and technical details including source code information here.
Signature Management
Deep packet inspection is not a one-time implementation. New applications, protocols, and network security algorithms are constantly evolving. We provide not only regular software engine updates, but also cloud-based tools to manage application signatures for your solution.
- Tools to create and manage signatures unique to your market and customers
- Signature management based on geolocation
- Endpoint signature control
- Signature intelligence reports
Netify DPI Features
Open Source
Provides deep packet inspection and network analysis powered by our open source Netify DPI Agent.
Small Footprint
Runs on big iron as well as embedded systems including the Raspberry Pi and OpenWRT devices.
Protocol Detection
Detects detects over 190 protocols including BitTorrent, VPNs, Proxies, VoIP and many others.
Hostname Detection
Unpacks DNS, DHCP, SSL, HTTP and other requests so you can log all hostname lookups on your network. Catch hostname traffic flowing on alternate TCP/UDP ports.
Firewall and QoS Hooks
Provides live flow data in an open format via the Netify agent -- this can be used to provide hooks into firewalls and QoS engines using the Netify Firewall Agent.
Application Detection
Detects apps like Facebook, Twitter, YouTube, Netflix etc. by mapping DNS lookups, extracting SSL/TLS certificate domain names, SNI hostnames and more.
Cipher Detection
Detects SSL/TLS cipher versions in use so you can catch weak spots on your network. Old ciphers often indicate devices with other security weaknesses.
User Agent Extraction
Extracts user agent information to help provide details about devices on your network: Mobiles, tables, laptops, TVs, IoT devices and more.
Netflow and Bandwidth
Provides standard Netflow data: source and destination IPs, MACs, Layer 4 protocols, IP version, packet counters, byte counters and more.
Compare with Traditional DPI
Netify DPI can be integrated on devices, in containers, and in the cloud.
Traditional DPI | Netify DPI |
---|---|
Proprietary | Open source |
Expensive | Affordable |
License fees | Unencumbered |
Inflexible | Dynamic and customizable |
On-premise only | Optional cloud intelligence |
Vendor-locked signatures | Open and custom signatures |
Optional Network Intelligence
The Netify DPI Agent provides a great starting point. As an optional add-on, we complement the on-premise DPI data with cloud-based network intelligence and visibility. Features include:
- Device Discovery
- Advanced Risk Analysis
- Bandwidth Monitoring
- Hostname Visibility
- Forensics and Archiving
- Cloud-based Application Detection
- AI-based Network Events
- Connection Tracking
Why Netify DPI?
Supported Platforms









Integration and Custom Solutions
Do you have any questions about integration, APIs or custom development?
Contact Us