Layer 7 load balancing devices, also known as Web or application switches, can drill down into URLs or HTTP headers to direct requests. An emerging technology, deep packet inspection, allows these switches to gain an even better view of content.Layer 7 load balancing devices, also known as Web or application switches, can drill down into URLs or HTTP headers to direct requests. An emerging technology, deep packet inspection, allows these switches to gain an even better view of content.Web switches act as proxies for Web applications and servers sitting behind them. Users can virtualize an unlimited number of back-end Web applications and servers, providing better availability, scaling and performance. If an application or switch goes down, the switch directs client sessions to fail over to other available applications and servers without interrupting the client.Non-HTTP-based applications or transactions would benefit from the same horizontal-scaling model. Many applications never use HTTP, and others might use HTTP only as the transport, such as Web services. Traditional Web or application switches can’t do the job because HTTP is the only type of traffic they can act upon. To extend the benefits of horizontal scaling to all IP applications, the load-balancing device needs to inspect deeper than the URL or HTTP header and into the IP datagram. Now companies can use the same architecture for non-HTTP back-office applications to provide the same economies of scale and operational efficiencies that traditional load-balancing devices have provided.Deep packet inspection addresses this problem. This technology directs, persists, filters and logs IP-based applications and Web services traffic based on content encapsulated in a packet’s header or payload, regardless of the protocol or application type. With deep packet inspection in place through a single intelligent network device, companies can boost performance without buying expensive servers or additional security products. Complete viewDeep packet inspection lets the application traffic management device delve into the content of a TCP or User Datagram Protocol (UDP) flow for a complete view. This is accomplished by reassembling IP datagrams, TCP datastreams and UDP packets as they flow through the device to view the entire application content and then act on it according to a company’s defined policies.Through standard TCP/IP networking, messages are broken down into small packets so they can quickly traverse the network. The application traffic management device or load balancer intercepts the data on its way to the final destination, reassembles it into its original sequence and buffers it into memory.By acting as a partial proxy for specific application data flows, the traffic management device continues to build the message so that more content can be seen, while searching for defined variables on which to act. Users configure these variables in a rules or policy engine that enforces those polices based on the application type, its source or its final destination.Optimum transitOnce the traffic management device locates the information in the payload, it sends the data to the application or resource that can best process the client’s request. The application traffic management device then can virtualize or horizontally scale any IP-based application. Deep packet inspection also can be used to inspect transactions for correct application or service variables. If these variables aren’t present, the request is discarded, the event is logged and an alert is sent to an administrator. Because deep packet inspection can recognize any element of a packet, it can be used to manage traffic for any type of IP-based application, including enterprise applications such as CRM, databases, mobile and wireless applications, and Web services. At a large company, for example, a traffic manager with deep packet inspection capabilities could be used to distinguish between read and write traffic to database servers. The company could save money by purchasing less-expensive servers to handle the read traffic.Deep packet inspection provides detailed control of all IP traffic, letting businesses meet complex security and high-availability requirements while gaining operational efficiencies.Giesa is senior director of product management for F5 Networks. He can be reached e.giesa@f5.com. Related content news Fortinet brings AI help to enterprise security teams manage threats Fortinet Advisor aims to help customers respond to threats more quickly By Michael Cooney Dec 11, 2023 3 mins Network Security Security how-to Getting started with scripting on Linux, Part 1 Once a script is prepared and tested, you can get a significant task completed simply by typing the script's name followed by any required arguments. By Sandra Henry-Stocker Dec 11, 2023 5 mins Linux feature Starkey swaps out MPLS for managed SD-WAN Hearing aid manufacturer achieves performance boost, increased reliability and cost savings after a shift from MPLS to managed SD-WAN services from Aryaka. By Neal Weinberg Dec 11, 2023 6 mins SASE SD-WAN Network Security news Nvidia races to fulfill AI demand with its first Vietnam semiconductor hub Vietnam has been a growing tech manufacturing destination for the past few years, and Nvidia said it is open to a new manufacturing partner in Vietnam. By Sam Reynolds Dec 11, 2023 3 mins CPUs and Processors Technology Industry Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe