Re: DPI or Flow Management

[Suresh Ramasubramanian <ops.lists () gmail com>]

In short, the entire DPI debate is starting to go on similar lines,
and flogging similar horses, as the gun control debate

Yes, dpi has great, useful applications (ddos mitigation and other
security, for example).  And it has bad / harmful applications
(dictatorships doing dpi to catch political dissent).

That says a lot more about inappropriate / appropriate use of dpi
rather than dpi itself.

Nothing at all in DPI that makes it wrong, deeply evil etc.

-srs

On Mon, Mar 2, 2009 at 6:47 AM, Roland Dobbins <rdobbins () cisco com> wrote:
> On Mar 2, 2009, at 9:10 AM, Roland Dobbins wrote:
>
> > With regards to DDoS mitigation, it's sometimes necessary to go above
> > layers-3/-4 in the event of layer-7-targeted attacks.
>
> In fact, it's sometimes important to have the ability to parse packet
> payloads and/or interact with traffic in some layer-3/layer-4 attacks,
> depending upon the type of traffic, source distribution, legitimate proxy
> intermediaries, spoofed vs. non-spoofed, and so forth.
>
> -----------------------------------------------------------------------
> Roland Dobbins <rdobbins () cisco com> // +852.9133.2844 mobile
>
>  Some things are just too precious to entrust to computers.
>
>                   -- Seth Hanford



-- 
Suresh Ramasubramanian (ops.lists () gmail com)