Identifying and Measuring Internet Traffic: Techniques and Considerations
An Industry Whitepaper
Accurate traffic identification and insightful measurements form the foundation of network business intelligence and network policy control. Without identifying and measuring the traffic flowing on their networks, CSPs are unable to craft new subscriber services, optimize shared resource utilization, and ensure correct billing and charging.
First and foremost, CSPs must understand their use cases, as these determine tolerance for accuracy. It is likely less of a problem if reports show information that is wrong by a small margin, but it can be catastrophic if subscriber billing/charging is incorrect or management policies are applied to the wrong traffic.
Many techniques exist to identify traffic and extract additional information or measure quantities, ranging from relatively simple to extremely complex; in general, advanced techniques that can provide the most comprehensive information and actionable utility are processor-intensive and are therefore only available on best-of-breed deep packet inspection (DPI) and policy control platforms. So-called embedded solutions typically make do with simplistic approaches.
Faced with such variation, CSPs must understand the technologies, trade-offs (e.g., completeness and false positives), and deployment challenges (e.g., routing asymmetry; tunnels and encapsulation; encryption, obfuscation, and proxies) that exist in the context of traffic classification, and only with this detailed understanding can they ask the right questions in order to truly understand what a vendor is providing, and any limitations that would otherwise be hidden.