Smart Access Gateway (SAG) supports the deep packet inspection (DPI) feature. The DPI feature allows you to create application-aware quality of service (QoS) policies and access control lists (ACLs) and view monitoring data of applications. This feature regulates network traffic routes through simple and effective solutions and analyzes traffic distribution to provide a better user experience.
Introduction to DPI
DPI retrieves the payload of data packets to identify and re-organize the application data transmitted through the application layer. This allows DPI to gain full insights into an application and filter data packets based on system control policies. In addition, the system can display the distribution of network traffic based on the application data collected by DPI.
- Application-aware QoS policies
- Application-aware ACLs
- Traffic monitoring based on applications
- Specify applications: DPI identifies each application. When you create a policy, you can specify an application.
- Specify application groups: DPI classifies applications into groups based on the application characteristics. When you create a policy, you can specify an application group. After you specify an application group, the policy applies to all applications in the group.
Procedure for using DPI
The DPI feature is disabled by default. You must enable and configure the DPI feature before you can use it.
- Enable the DPI feature. For more information, see Manage DPI.
- Create policies based on your business requirements.
- Create an application-aware QoS policy. For more information, see What is a QoS policy?.
- Create an application-aware ACL. For more information, see ACL overview.
- View monitoring data of applications. For more information, see View traffic monitoring data of applications. Note You must enable the DPI-based monitoring feature for the SAG instance before you can view the traffic monitoring data. For more information, see Manage DPI.