Deep Packet Inspection (DPI) Lite
- 2 Minutes to read
Deep Packet Inspection (DPI) Lite
- 2 Minutes to read
What is Deep Packet Inspection (DPI) (Lite)?
Deep Packet Inspection (DPI) (Lite) is a security feature that allows Organization Admins to block specific ports and protocols from being accessed while connected to your organization’s virtual private gateways.
For example, you can use DPI to block specific messaging services like Snapchat or Viber and peer-to-peer file-sharing apps like Stealthnet or Thunder.
How to enable DPI (Lite)?
- Go to Control Panel → Network → Servers or Gateways. Choose the dedicated server, click Configure next to it, and select Deep Packet Inspection (Lite) from the dropdown menu;
-
In the request form, select which ports and protocols you want to inspect and block. With NordLayer, you can choose from up to 250 ports and protocols (find the list below);
-
Once you’re done, click on Request Deep Packet Inspection. Please allow up to 24 hours for the feature to be enabled. You will get an email with the confirmation once it’s ready.
What can you block with DPI (Lite)?
NordLayer allows you to choose from up to 250 ports and protocols to inspect and block. Here are they, listed in alphabetical order:
| Category | Ports and Protocols |
|---|---|
| Apple services | Apple, AppleiCloud, AppleiTunes, AppleJuice, ApplePush, AppleStore |
| Domain Name System | DNS, OpenDNS, DNScrypt, MDNS |
| E-commerce | Amazon, eBay |
| Email client protocol/Email services | POP3, POPS, Hotmail, Yahoo, SMTP, SMTPS |
| File sharing | TFTP, Dropbox, MS_OneDrive |
| Gaming | WorldOfKungFu, WorldOfWarcraft, Xbox, Starcraft, Steam, Warcraft3, Playstation, PlayStore, MapleStory, Nintendo, HalfLife2, Guildwars, Dofus, Florensia, Armagetron, BattleField, Crossfire, CSGO, Fiesta |
| Google services | GMail, Google, GoogleDocs, GoogleDrive, GoogleHangout, GoogleMaps, GooglePlus, GoogleServices |
| Hypertext Transfer Protocol | HTTP, HTTP_ActiveSync, HTTP_Connect, HTTP_Download, HTTP_Proxy |
| Identity | Radius, Diameter, Kerberos, LDAP, UbuntuONE |
| Infrastructure/Networking | Cloudflare, DHCP, DHCPV6, BGP, DNP3, BJNP, DRDA, EGP, FTP_CONTROL, FTP_DATA, GRE, GTP, HEP, ICMP, ICMPV6, IMAP, IMAPS, IPP, LLMNR, Modbus, MQTT, NetBIOS, NetFlow, NFS, NTP, Ookla, QUIC, RTP, RTSP, SCTP, SMBv1, SMBv23, SNMP, SOCKS, SOMEIP, SSDP, SSH, STUN, UPnP, WebSocket, Whois-DAS |
| IP tunneling protocol | Ayiya, IP_in_IP, IPsec, PPTP |
| Messaging protocol/services | AMQP, RTMP, QQ, QQLive, Slack, Signal, Telegram, Viber, WeChat, WhatsApp, WhatsAppFiles, WhatsAppVoice, Skype, SkypeCall, VHUA, Webex |
| Microsoft services | MS_OneDrive, Microsoft, Microsoft Teams, Office365, MsSQL-TDS, MySQL, WindowsUpdate |
| Monitoring/SCIM | Collectd, CHECKMK, ntop, sFlow, Syslog, Zabbix |
| Music streaming services | Vevo, Deezer, SoundCloud, Spotify |
| News services | Yahoo, AFP, Bloomberg, CNN |
| Peer-to-peer file sharing | OpenFT, Sopcast, Soulseek, Thunder, Targus Dataspeed, Stealthnet, Pando_Media_Booster, Pandora, Gnutella, Kontiki, BitTorrent, Direct_Download_Link, eDonkey, DirectConnect, FastTrack, File sharing |
| Remote Access | Citrix, PcAnywhere, RDP, Redis, RemoteScan, TeamViewer, VNC, VMware, XDMCP |
| Social media | Facebook, FacebookZero, Instagram, IRC, KakaoTalk, KakaoTalk_Voice, LastFM, LinkedIn, Messenger, MSN, Oscar, Sina(Weibo), Snapchat, TikTok, Twitter |
| Software Development | Corba, DCE_RPC, Git, Github, RX |
| Streaming services | AmazonVideo, IceCast, IFLIX, Netflix, Tvants, Twitch, PPLive, PPStream, ShoutCast, YouTube, YouTubeUpload, Zattoo |
| VoIP protocol | H323, MGCP, SIP, TeamSpeak, Unencrypted_Jabber, NOE |
| VPN services | CiscoVPN, HotspotShield, OpenVPN, TINC |
| Other | Aimini, AJP, CAPWAP, CiscoSkinny, COAP, EAQ, FIX, GenericProtocol, IAX, IEC60870, IGMP, LISP, LotusNotes, Megaco, Memcached, Mining, MPEG_TS, NestLogSink, OCS, Oracle, OSPF, Pastebin, PostgreSQL, RSYNC, RTCP, s7comm, SAP, SMPP, SSL, SSL_No_Cert, Telnet, Teredo, Tor, TruPhone, Tuenti, TVUplayer, UBNTAC2, Usenet, VRRP, Waze, Wikipedia, ZeroMQ |
Note: In case you have any questions or are experiencing any issues, please feel free to contact our 24/7 customer support team.
Was this article helpful?