Industry Leading Next-Generation DPI Engine
Procera Networks’ Network Application Visibility Library (NAVL) is a next-generation Deep Packet Inspection (DPI) software engine that provides real-time, Layer-7 classification of network traffic. NAVL uses a combination of deep packet and deep flow inspection techniques to accurately identify today’s most common applications including Mobile, Social Networking, P2P, Instant Messaging, File Sharing, Enterprise and Web 2.0 applications.
NAVL leads the industry in the following areas:
NAVL quickly and accurately classifies all major network-delivered enterprise and consumer applications and sub-applications, enabling network equipment vendors to differentiate business-critical from non-critical applications. It even distinguishes among the voice, video, chat and file transfer capabilities of most social applications.
Procera provides a steady stream of real-time, up-to-date classification additions and updates through the dynamic NAVL’s plug-in architecture. Custom signatures can also be created using Procera's custom definition API, allowing customers to extend NAVL's capabilities to meet their specific needs.
NAVL uses true Layer 7 DPI as well as a variety of other traffic flow inspection techniques to ensure unparalled classification accuracy. Procera's NAVL is known for its ability to identify key traffic flows and limit the number of false-positives to ensure the most accurate classification of network traffic.
Procera's application classification techniques include:
- Surgical Pattern Matching
- Deep Protocol Dissection
- Semantic and Conversational Awareness
- Behavioral Analysis
- Flow registration and association
NAVL features industry-leading applicaiton classification at speeds of more than 40Gbps with minimal onboard resource consumption. Procera’s innovative lock-free, multi-threaded support provides linear scalability with increased core density, delivering performance beyond 40Gbps1. Keeping the amount of resources that integrated DPI and application classification technology requires low is critical. The fewer cores (on a multi-core processor) and the less on-board memory (on an x86 appliance) an engine needs, the better. Maintaining a small footprint with high performance helps contain costs for network infrastructure vendors and their customers. This is also important when applicaiton classification is integrated with enterprise firewalls, gateways and other endpoints, such as Wi-Fi access points. Procera's NAVL is the industry's least resource-intensive DPI and application classification technology.
1 - as tested on 2X Intel Xeon 5690 with a total of 10 cores, 12 threads, average packet size 350 bytes.
Metadata extraction capabilities include the ability to gather and report "data about the data", or supply information regarding an application flow's origin, destination, browser type and version, login, URL and other attributes. This information is of specific importance to vendors using NAVL as a component of security solutions including next-generation firewall, secure web gateway (SWG) and unified threat management (UTM) solutions.
Ease of Integration
Procera provides its customers with industry leading service and support, in addition to a complete set of tools and documentation, to ensure the successful integration of the NAVL DPI engine. The integration tool kit includes:
- Sample applications and tools to aid in test automation and troubleshooting including:
- Capreader – pcap File Analyzer
- Threadtest – Raw Performance Tool
- Qclassify – Netfilter Queue Packet Classifier
- Packet and/or Stream based API
- Support for external or internal connection tracking and management
- Support for IP-defragmentation and TCP reordering
- Access to Procera AppLabs – an online application detail database for every application and protocol that the NAVL engine identifies
- On-site integration training at Procera Networks
- Access to ever-updating Trace Repository and tools to assist with integration testing and automated accuracy regression tests.