Submitted by Eric Byres on Wed, 2012-04-04 21:00
Deep Packet Inspection (DPI) is important for the future of SCADA / ICS security - and in this article I explain why.
DPI SCADA Security: Reviewing the Basics
In Part 1 of this series I explained DPI technology in detail. To review, the traditional IT firewall examines the TCP/IP and Ethernet headers in the network messages it sees. It then makes decisions whether to allow or block a message based on this limited information.
Submitted by Eric Byres on Thu, 2012-03-29 14:31
I have talked repeatedly about something called Deep Packet Inspection (DPI) and why it is so important for SCADA / ICS security (for example, see Air Gaps Won’t Stop Stuxnet’s Children). The trouble is, I have never described what DPI actually is. So in today’s blog I will back up and explain what DPI firewall technology is all about.
