June 17, 2006

Layer 7 stateful deep packet inspection — the privacy threat is more serious than we thought

I’ve been reading up on net neutrality, and was just hit by an unhappy realization.

The technology that’s kicked off the whole debate is Layer 7 stateful deep packet inspection. This a feature of telecom equipment, originally found only in high-end firewalls, but now evidently found throughout Cisco’s (and surely also its competitors’) product lines. In IP telecom without this feature, the equipment just sees packets of data, and perhaps header information, but can’t look at the data’s content. However, when you’re looking at Layer 7, the equipment is looking at what the application sees. Everything is visible — every record, every word. And if Cisco’s marketing materials are to be believed, all that technology exists today.

The dangers this presents in terms of privacy and censorship, whether in the basically free countries or the basically authoritarian ones, should be obvious. Fighting for freedom is more urgent than we previously realized.


One Response to “Layer 7 stateful deep packet inspection — the privacy threat is more serious than we thought”

  1. Sachin on January 3rd, 2007 1:06 pm

    Don’t really see the problem here. All traffic you generate (unless encrypted) can still be logged today by the ISP. All that’s changing is that he/she can do so in real-time on a router/switch. Maybe people will finally start using encryption meaningfully.

Leave a Reply

Feed including blog about enterprise technology strategy and public policy Subscribe to the Monash Research feed via RSS or email:


Search our blogs and white papers

Monash Research blogs

User consulting

Building a short list? Refining your strategic plan? We can help.

Vendor advisory

We tell vendors what's happening -- and, more important, what they should do about it.

Monash Research highlights

Learn about white papers, webcasts, and blog highlights, by RSS or email.