Aviz Open Packet Broker details deep packet inspection with User Defined Filtering

Aviz Open Packet Broker (OPB) employs User Defined Filtering (UDF) features to facilitate detailed examination of network packets through Deep Packet Inspection (DPI), providing enterprise IT and security teams with precise traffic control and monitoring capabilities.

Research overview

UDF enables administrators to specify particular byte patterns and offsets for filtering and monitoring within packet flows, allowing rule configuration based on exact locations in Layer 2 and Layer 3 headers. This granular approach supports detecting and managing various traffic types and payloads according to customized policies.

The solution builds upon the SONiC open-source platform, offering enterprises a modifiable and cost-effective alternative to proprietary packet brokers, expanding scope for specific traffic handling scenarios.

Technical breakdown

UDF rules target specified bytes starting from offsets relative to IP headers in Layer 3 packets and EtherType fields in Layer 2 packets, permitting or denying traffic that matches defined criteria. Integration with API-driven management interfaces allows dynamic updating of filtering rules to align with changing network conditions.

Aviz OPB leverages hardware acceleration and SONiC’s hardware-agnostic design to maintain performance efficiency in high-throughput environments, supporting multi-vendor infrastructure compatibility.

Operational impact

The platform supports monitoring and reporting functionalities that provide visibility into network activity, traffic patterns, and compliance adherence. It can enforce policies to filter or log transmissions containing sensitive information such as personally identifiable data, assisting compliance requirements for standards including General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), and PCI-DSS.

The flexibility to update rules in real time without causing service interruptions affords administrators agility in responding to emerging security threats and operational needs.

Use cases

Aviz OPB’s Deep Packet Inspection (DPI) capabilities via UDF serve sectors requiring detailed traffic inspection and strict compliance monitoring, such as financial services, healthcare, government agencies, and cloud service providers. It detects complex threats including zero-day attacks and unauthorized data flows that traditional perimeter defenses might not identify.

The platform accommodates both on-premises (on-prem) and hybrid cloud network infrastructures, ensuring consistent enforcement of policies across various deployment models.

Overall, Aviz OPB with UDF offers a customizable, precise packet inspection approach facilitating improved traffic management and security policy enforcement for enterprise networks. This Blog Signals brief provides a factual summary of the vendor’s blog content relevant to technical decision-makers.