Walter De Smedt wrote:
The next step in P2P recognition seems to be deep packet inspection with signature based detection. The major problem here is scalability - I don't see some device analyzing 1G, the typical uplink capacity of Internet gateways in a medium SP network, of traffic at layer 7. If this should be feasable, what if P2P applications would employ encryption schemes (e.g. IPSec) - this would render signature-based recognition useless.
We can do realistically 1.3G with current bits. I´m not ready to talk about performance by the end of the year. As a bonus, you'll get classification and population reports for both p2p and backdoored / virused hosts without performance impact. (export these with BGP4 to fancy effects, or simple ACL / firewall list for more traditional approach) Pete