Next Generation Firewall (NGFW) adds new capabilities of a standard firewall with an ability to inspect packets' contents, thus increasing precision. Three main usages of NGFW are to improve the Quality of Service (QoS) of a business, as an application-based filtering firewall, and to protect the network from known security threats. A complete NGFW system has three main components: Deep Packet Inspection (DPI), Intrusion Prevention System (IPS), and an extra-firewall intelligence mechanism. One example of open-source DPI implementations is called nDPI. As the number of enterprise applications (used in the commercial organizations) continues to rise, nDPI is also lagging in terms of coverage for enterprise software support. The aim of this research is to design and implement better enterprise-grade software support protocols on nDPI. Five common enterprise applications were chosen and implemented. The experiment results were then compared with the commercial implementation of NGFW in terms of overall precision and performance of nDPI. The results show that the accuracy of nDPI the new protocols implemented reaches more than 90% with a small (less than 3,5%) increase of CPU execution time and very small (less than 1%) increase of peak heap memory usage.
展开▼
