Netify DPI Engine
Open Source DPI for Integrators
Managing modern networks requires insights at the application, protocol, security, and data intelligence layers. Netflow data is good, but DPI provides the metadata to take network and cybersecurity analysis to the next level. If you are looking for a open source deep packet inspection engine to integrate with your solution, then you have come to the right place. Our Netify DPI software has been integrated into firewalls, routers, SD-WAN solutions, IoT gateways, mobile core network engines, virtual probes, software-defined network architectures and other OEM devices.
What Is Netify DPI?
The open source Netify Agent is small footprint engine that performs the underlying deep packet inspection (DPI) and metadata extraction. The analyzed network data is then streamed to an open format which can be consumed by 3rd party applications, firewalls, QoS engines and more. You can find the full feature list further below, and technical details including source code information here.
Netify DPI Features
Provides deep packet inspection and network analysis powered by our open source Netify DPI Agent.
Runs on big iron as well as embedded systems including the Raspberry Pi and OpenWRT devices.
Detects detects over 190 protocols including BitTorrent, VPNs, Proxies, VoIP and many others.
Unpacks DNS, DHCP, SSL, HTTP and other requests so you can log all hostname lookups on your network. Catch hostname traffic flowing on alternate TCP/UDP ports.
Firewall and QoS Hooks
Provides live flow data in an open format via the Netify agent -- this can be used to provide hooks into firewalls and QoS engines using the Netify Firewall Agent.
Detects apps like Facebook, Twitter, YouTube, Netflix etc. by mapping DNS lookups, extracting SSL/TLS certificate domain names, SNI hostnames and more.
Detects SSL/TLS cipher versions in use so you can catch weak spots on your network. Old ciphers often indicate devices with other security weaknesses.
User Agent Extraction
Extracts user agent information to help provide details about devices on your network: Mobiles, tables, laptops, TVs, IoT devices and more.
Netflow and Bandwidth
Provides standard Netflow data: source and destination IPs, MACs, Layer 4 protocols, IP version, packet counters, byte counters and more.
Compare with Traditional DPI
Netify DPI can be integrated on devices, in containers, and in the cloud.
|Traditional DPI||Netify DPI|
|Inflexible||Dynamic and customizable|
|On-premise only||Optional cloud intelligence|
|Vendor-locked signatures||Open and custom signatures|
Optional Network Intelligence
The Netify DPI Agent provides a great starting point. As an optional add-on, we complement the on-premise DPI data with cloud-based network intelligence and visibility. Features include:
- Device Discovery
- Advanced Risk Analysis
- Bandwidth Monitoring
- Hostname Visibility
- Forensics and Archiving
- Cloud-based Application Detection
- AI-based Network Events
- Connection Tracking