The U.S. Department of State (DoS) is in ".. search of potential sources for Deep Packet Capture and Inspection (DPCI). The scope of the envisioned Deep Packet Capture and Inspection (DPCI) solution is to provide the following high-level functionality:
- Capture 100 % of all network packets traversing the borders of the DoS’ Points of Presence (POPs).
- Perform rapid classification and analysis of these packets, for access by DoS security analysts.
- Recall only selected network packets for an analyst, to reconstruct a session of interest.
- Filter on packets of interest, to allow for investigating whether malcode is attempting to be infiltrated into the network.
- Create many sorts of queries and automated alerting on the collected packets, either ad hoc or predefined, to discover anomalous network traffic.
- Generate both low-level and high-level reports on network traffic based on a wide range of criteria, such as time period, source and/or destination IP address, IPv4 and IPv6 protocols and ports, Internet domains, and e-mail addresses.
See "Deep Packet Capture and Inspection" - here.
No comments:
Post a Comment