Deep Packet Inspection (DPI) Lite
  • 2 Minutes to read

Deep Packet Inspection (DPI) Lite


What is Deep Packet Inspection (DPI) (Lite)?

Deep Packet Inspection (DPI) (Lite) is a security feature that allows Organization Admins to block specific ports and protocols from being accessed while connected to your organization’s virtual private gateways.

For example, you can use DPI to block specific messaging services like Snapchat or Viber and peer-to-peer file-sharing apps like Stealthnet or Thunder.

How to enable DPI (Lite)?

  1. Go to Control PanelNetworkServers or Gateways. Choose the dedicated server, click Configure next to it, and select Deep Packet Inspection (Lite) from the dropdown menu;

Configure dropdown DPI.png

  1. In the request form, select which ports and protocols you want to inspect and block. With NordLayer, you can choose from up to 250 ports and protocols (find the list below);

  2. Once you’re done, click on Request Deep Packet Inspection. Please allow up to 24 hours for the feature to be enabled. You will get an email with the confirmation once it’s ready.

Deep Packet Inspection modal.png

What can you block with DPI (Lite)?

NordLayer allows you to choose from up to 250 ports and protocols to inspect and block. Here are they, listed in alphabetical order:

Category Ports and Protocols
Apple services Apple, AppleiCloud, AppleiTunes, AppleJuice, ApplePush, AppleStore
Domain Name System DNS, OpenDNS, DNScrypt, MDNS
E-commerce Amazon, eBay
Email client protocol/Email services POP3, POPS, Hotmail, Yahoo, SMTP, SMTPS
File sharing TFTP, Dropbox, MS_OneDrive
Gaming WorldOfKungFu, WorldOfWarcraft, Xbox, Starcraft, Steam, Warcraft3, Playstation, PlayStore, MapleStory, Nintendo, HalfLife2, Guildwars, Dofus, Florensia, Armagetron, BattleField, Crossfire, CSGO, Fiesta
Google services GMail, Google, GoogleDocs, GoogleDrive, GoogleHangout, GoogleMaps, GooglePlus, GoogleServices
Hypertext Transfer Protocol HTTP, HTTP_ActiveSync, HTTP_Connect, HTTP_Download, HTTP_Proxy
Identity Radius, Diameter, Kerberos, LDAP, UbuntuONE
Infrastructure/Networking Cloudflare, DHCP, DHCPV6, BGP, DNP3, BJNP, DRDA, EGP, FTP_CONTROL, FTP_DATA, GRE, GTP, HEP, ICMP, ICMPV6, IMAP, IMAPS, IPP, LLMNR, Modbus, MQTT, NetBIOS, NetFlow, NFS, NTP, Ookla, QUIC, RTP, RTSP, SCTP, SMBv1, SMBv23, SNMP, SOCKS, SOMEIP, SSDP, SSH, STUN, UPnP, WebSocket, Whois-DAS
IP tunneling protocol Ayiya, IP_in_IP, IPsec, PPTP
Messaging protocol/services AMQP, RTMP, QQ, QQLive, Slack, Signal, Telegram, Viber, WeChat, WhatsApp, WhatsAppFiles, WhatsAppVoice, Skype, SkypeCall, VHUA, Webex
Microsoft services MS_OneDrive, Microsoft, Microsoft Teams, Office365, MsSQL-TDS, MySQL, WindowsUpdate
Monitoring/SCIM Collectd, CHECKMK, ntop, sFlow, Syslog, Zabbix
Music streaming services Vevo, Deezer, SoundCloud, Spotify
News services Yahoo, AFP, Bloomberg, CNN
Peer-to-peer file sharing OpenFT, Sopcast, Soulseek, Thunder, Targus Dataspeed, Stealthnet, Pando_Media_Booster, Pandora, Gnutella, Kontiki, BitTorrent, Direct_Download_Link, eDonkey, DirectConnect, FastTrack, File sharing
Remote Access Citrix, PcAnywhere, RDP, Redis, RemoteScan, TeamViewer, VNC, VMware, XDMCP
Social media Facebook, FacebookZero, Instagram, IRC, KakaoTalk, KakaoTalk_Voice, LastFM, LinkedIn, Messenger, MSN, Oscar, Sina(Weibo), Snapchat, TikTok, Twitter
Software Development Corba, DCE_RPC, Git, Github, RX
Streaming services AmazonVideo, IceCast, IFLIX, Netflix, Tvants, Twitch, PPLive, PPStream, ShoutCast, YouTube, YouTubeUpload, Zattoo
VoIP protocol H323, MGCP, SIP, TeamSpeak, Unencrypted_Jabber, NOE
VPN services CiscoVPN, HotspotShield, OpenVPN, TINC
Other Aimini, AJP, CAPWAP, CiscoSkinny, COAP, EAQ, FIX, GenericProtocol, IAX, IEC60870, IGMP, LISP, LotusNotes, Megaco, Memcached, Mining, MPEG_TS, NestLogSink, OCS, Oracle, OSPF, Pastebin, PostgreSQL, RSYNC, RTCP, s7comm, SAP, SMPP, SSL, SSL_No_Cert, Telnet, Teredo, Tor, TruPhone, Tuenti, TVUplayer, UBNTAC2, Usenet, VRRP, Waze, Wikipedia, ZeroMQ

Note: In case you have any questions or are experiencing any issues, please feel free to contact our 24/7 customer support team.


Was this article helpful?

What's Next