THE BOUNCER GUY COMPARISON
Deep packet inspection versus firewall protection aka The Bouncer.
Let’s say you own a night club (the network.) And, you want to only allow a specific type of clientele. That’s where The Bouncer (the firewall) comes into play. He’s got the VIP list and has several ways to protect your club. They are:
1. You’re on the good guy list. He lets you enter.
2. You’re on the bad guy list. No entry for you.
3. You know who you want to talk to in the club (their IP address) and at what table they are sitting (the port.) If The Bouncer confirms the table is accepting new patrons, you may enter the club and converse with the patron.
That style of protection is very different from what an IPS/IDS delivers with deep packet inspection.
Deep packet inspection collects additional data, not just who the person is trying to enter the club and what table they’re going to. It applies essential and much-needed context to the conversation. For example:
1. What is the intent of your conversation?
2. How does the patron react to you once you’ve entered the club?
3. Now that you’re at the table, do you speak the same language as the patron?
Sentinel IPS ensures that you’re dressed appropriately for the club, which presents its own challenges. See our last post for more detail on that. We also make sure you haven’t been known to bother patrons in our other clubs (see CINScore.com.)
In addition, we make sure your conversation with club patrons remains on the up and up. If at any point you become disruptive, Sentinel IPS tosses you right out of the club. Unlike a firewall, once you get past The Bouncer, you’re in and can cause all the mayhem you desire.
BOTTOM LINE: DEEP PACKET INSPECTION VERSUS FIREWALL PROTECTION
We keep the bad guys out of your club and you keep your patrons happy once they’re inside. And, we keep protecting you throughout the night – even after you get past The Bouncer.