Netify Agent - Open Source
The netifyd engine does one thing and one thing very well: network analysis using deep packet inspection. It does not firewall traffic and it does not shape traffic - that job is left to other tools. The features of netifyd agent are described below.
If you're a technical guy, you can find all the source code and developer documentation on Netify's GitLab project page. If you are a veteran technical guy and know about the old l7-filter (Layer 7) project, you might find the l7-filter vs netifyd document a good place to start.
Netifyd Agent Features
Deep Packet Inspection
Provides deep packet inspection powered by the open source nDPI engine.
Detects over 160 protocols including BitTorrent, VPNs, Proxies, VoIP and many others.
Detects apps like Facebook, Twitter, YouTube, Netflix etc. by deconstructing SSL certificates to extract both the certificate domain name, as well as the SNI hostname.
Unpacks DNS requests so you can log all hostname lookups on your network, including DNS traffic flowing on alternate TCP/UDP ports.
Firewall and QoS Hooks
Provides flow data in JSON format via Netifyd's socket -- this can be used to provide hooks into firewalls and QoS engines.
Runs not only on big iron, but also embedded systems.