Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

Allot Goes Deep on Packets

Vendor's deep packet inspection lets service providers track user behavior

CHICAGO -- Globalcomm 2006 -- Auditing your service provider's monthly phone bill works wonders in preventing end users from making costly or inappropriate calls. What if you had that same level of detail when you examined the behavior of Internet-connected end users?

Allot Communications (Nasdaq: ALLT), a maker of deep packet inspection technology, this week at Globalcomm demonstrated a new traffic management appliance, the AC-2500, which could let service providers give IT departments exactly this sort of information.

The AC-2500 lets service providers inspect, identify, and analyze hundreds of applications and protocols, track subscriber behavior, and prioritize traffic, according to Allot.

The system is designed to help service providers create classes of service that they can offer at different price levels. But a key element of the product is the NetXplorer management software, which lets network administrators track bandwidth usage and drill down to individual users, applications, and service plans. Using this data, NetXplorer can trigger alarms programmed to identify potential security risks, according to the vendor.

Deep-packet inspection has been available for some time, but it is usually done as a means of analyzing traffic patterns and end-user behavior over time. The Allot product, which can support throughput rates as fast as 5 Gbit/s, analyzes this data in real time, at carrier-class speeds.

Using the Allot product, service providers could conceivably track network behavior down to the end-user level and warn IT managers of potentially risky activities. The technology also could be used to analyze subscriber behavior over periods of time, much as is done in the phone bill model.

Allot offers deep packet inspection tools for the enterprise as well, but they don't perform at carrier-class speeds. The feature is available now; pricing is dependent on configuration of the product, which can accommodate up to 8 Gbit/s of capacity.

— Tim Wilson, Site Editor, Dark Reading

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/22/2020
How an Industry Consortium Can Reinvent Security Solution Testing
Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Dan Blum, Cybersecurity & Risk Management Strategist,  5/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13485
PUBLISHED: 2020-05-25
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.
CVE-2020-13486
PUBLISHED: 2020-05-25
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.
CVE-2020-13482
PUBLISHED: 2020-05-25
EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified.
CVE-2020-13458
PUBLISHED: 2020-05-25
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.
CVE-2020-13459
PUBLISHED: 2020-05-25
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action.