Rohde & Schwarz reveals future-proof OEM deep packet inspection engine for encrypted traffic visibility

April 2022 by Marc Jacob

Today, ipoque, a Rohde & Schwarz company and an industry-leading provider of OEM deep packet inspection (DPI) software, announced a major enhancement of its AI-powered DPI engine R&S®PACE 2. The DPI engine now leverages machine learning and deep learning methodologies that deliver superior visibility of encrypted traffic and mitigate the loss of traffic visibility that is common with traditional DPI methodologies. With its new ML-based encrypted traffic analytics capabilities, ipoque offers a future-proof DPI engine for networking and cybersecurity solutions unlike any other DPI library on the market.

Over the past years, the use of protocols such as SSL, TLS, SSH, PGP and IPsec in encrypted applications saw a steady rise.

R&S®PACE 2 deploys encrypted traffic intelligence (ETI), a methodology that combines machine learning (ML), deep learning (DL) and high-dimensional data analysis with conventional DPI methods to inspect traffic that is encrypted, anonymized and obfuscated. ETI involves the use of advanced ML algorithms for traffic detection and DL-powered layered processing of data to extract AI features upon which such algorithms are built. These algorithms are applied to data flows in the network to deliver traffic awareness, revealing not only encrypted traffic but also traffic through VPNs/proxies and obfuscated traffic based on methods like randomization, tunneling and mimicry. It combines more than 1,000 features including statistical and time-series features in addition to packet level features, resulting in a very high classification accuracy and overall precision.

Apart from ML and DL, ETI also deploys other advanced DPI methods including statistical/behavioral analysis and heuristics for fine-grained traffic analysis. This enables R&S®PACE 2 to equip network management and cybersecurity solutions such as next-gen firewalls, DDoS prevention systems, SASE, CASBs and NAC with granular insights on malicious and anomalous traffic patterns, identifying source applications and protocols in real time.

R&S®PACE 2 is an advanced OEM protocol and application classification engine based on DPI technology. The DPI engine can be easily integrated into networking and cybersecurity solutions to gain full IP network traffic visibility up to layer 7 and beyond. Weekly signature updates combined with continuous performance and reliability testing ensure that R&S®PACE 2 offers the highest traffic detection rate on the market. By embedding R&S®PACE 2, networking and cybersecurity solution providers can keep up with the rapid growth of IP traffic rates, accelerate time to market, save development costs and concentrate on their core competencies.

