This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Question regarding AP302W and the onboard statefull L2-L7 DPI firewall

Question regarding AP302W and the onboard statefull L2-L7 DPI firewall

Go to solution
martin_groenne
New Contributor

‎06-04-2021 10:40 AM

Link to the datasheet: https://cloud.kapostcontent.net/pub/4c3ebc40-2384-4de6-9bb7-ff7562f66ce2/ap302w-data-sheet

How can it have it's own L2-L7 DPI Firewall? Doenst it take a huch amount of procession power? 

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Tomasz
Valued Contributor II

‎06-04-2021 09:28 PM

Hi Martin,

 

It can. 😉 Digital circuits become minimized, you can put more and more processing power in such small boxes. L2-L4 DPI is not a big deal, however L2 might be more CPU intensive, apparently. L7 DPI is also possible, but it depends which OS we are talking about. It could either be real L2-L7 analysis to understand what application is running over a certain flow, and then decide to block or not (have in mind, it’s not super strict when we talk about security, as few packets might have to go through to have anything for analysis), or it could be DNS-snooping based binding of domain names to IPs and then blocking just on L3.

 

Hope that helps,

Tomasz

View solution in original post

0 Kudos
1 REPLY 1

Go to solution
Tomasz
Valued Contributor II

‎06-04-2021 09:28 PM

Hi Martin,

 

It can. 😉 Digital circuits become minimized, you can put more and more processing power in such small boxes. L2-L4 DPI is not a big deal, however L2 might be more CPU intensive, apparently. L7 DPI is also possible, but it depends which OS we are talking about. It could either be real L2-L7 analysis to understand what application is running over a certain flow, and then decide to block or not (have in mind, it’s not super strict when we talk about security, as few packets might have to go through to have anything for analysis), or it could be DNS-snooping based binding of domain names to IPs and then blocking just on L3.

 

Hope that helps,

Tomasz

0 Kudos
GTM-P2G8KFN