Deep Packet Inspection (DPI) Lite
  • 6 Minutes to read

    Deep Packet Inspection (DPI) Lite

      Article summary

      What is Deep Packet Inspection (DPI) (Lite)?

      Deep Packet Inspection (DPI) (Lite) is a security feature that allows Organization Admins to block specific ports and protocols from being accessed while connected to your organization’s Virtual Private Gateway.

      For example, you can use DPI to block specific messaging services like Snapchat or Viber and peer-to-peer file-sharing apps like Stealthnet or Thunder.

      How to enable DPI (Lite)?

      1. Go to Control PanelNetworkServers or Gateways. Choose the dedicated server, click Configure next to it, and select Deep Packet Inspection (Lite) from the dropdown menu;

      Configure dropdown DPI.png

      1. In the request form, select which ports and protocols you want to inspect and block. With NordLayer, you can choose from up to 250 ports and protocols (find the list below);

      2. Once you’re done, click on Request Deep Packet Inspection. Please allow up to 24 hours for the feature to be enabled. You will get an email with the confirmation once it’s ready.

      Deep Packet Inspection modal.png

      What can you block with DPI (Lite)?

      NordLayer allows you to choose from up to 400 ports and protocols to inspect and block. Here are they, listed in alphabetical order:

      CategoryPorts and Protocols
      AdTechAds Analytics Track
      Adult ContentAdult Content
      Amazon Alexa ServicesAmazon Alexa
      Apple ServicesApple TV Plus, iCloud Private Relay, iCloud, iTunes, Push, Siri, Store
      Authentication, Authorization, and Accounting ProtocolDiameter
      Border Gateway ProtocolBGP
      CAPWAP ProtocolCAPWAP
      Client-server RPC ProtocolRX
      Collaboration SoftwareGoTo
      Common Object Request Broker Architecture SystemsCORBA
      Constrained Application ProtocolCoAP
      Content-hosting ServicePastebin
      CryptoCryptocurrencies (Bitcoin, Ethereum, Monero) and Mining
      Cybersecurity ServicesAvast, Avast Secure DNS, CyberSec, FortiClient
      Distributed Network Protocol 3DNP3
      Distributed Relational Database ArchitectureDRDA
      DNS ServicesDHCP, DNS, mDNS, OpenDNS
      Dynamic Host Configuration Protocol Version 6DHCPv6
      E-commerceAlibaba, Amazon, eBay
      EAQ ProtocolEAQ
      Email Client ProtocolPOP3, POPS
      Exterior Gateway ProtocolEGP
      File SharingDropbox, FTP (Control and Data), MS OneDrive, Rsync, TFTP
      Financial Information eXchange ProtocolFIX
      Free Online EncyclopediaWikipedia
      GamingCryNetwork, Dota 2, Electronic Arts, Epic Games, Gaijin Entertainment, GeForce Now, Heroes of the Storm, NVIDIA, Raft, RakNet, Riot Games, Roblox, Source Engine, Steam Datagram Relay, Toca Boca, Activision, Among Us, Armagetron, CrossFire, Dofus, Genshin Impact, Guild Wars, Half-Life 2, MapleStory, Nintendo, PlayStation, Play Store, StarCraft, Steam, Warcraft 3, World of Kung Fu, World of Warcraft, Xbox
      General-purpose Distributed Memory-caching SystemMemcached
      Generic Routing Encapsulation ProtocolGRE
      Google ServicesGoogle Chat, Google Classroom, Google Cloud, Google Meet, Data Saver, Gmail, Google, Google Docs, Google Drive, Google Maps, Google Services, Waze
      GPRS Tunneling ProtocolGTP
      GSMA Accredited Global Mobile NetworkTruphone
      H. 248 Media Gateway Control ProtocolMegaco
      High-speed Web-based Traffic Analysisntopng
      Hypertext Transfer ProtocolHTTP, HTTP2, WebDAV, DoH/DoT, HTTP CONNECT and HTTP Proxy
      IEC60870 Communication ProtocolIEC60870
      Infrastructure/NetworkingAliCloud, Amazon AWS, Beckhoff ADS, Cassandra, Ceph, CIP (Common Industrial Protocol), Cloudflare Warp, Controller Area Network (CAN), DCERPC (Distributed Computing Environment / Remote Procedure Call), Ethernet/IP, Ether-S-Bus, EthersIO, FastCGI, FINS (Fieldbus Interface Specification), FTPS (File Transfer Protocol Secure), Gearman, GTP-C (GPRS Tunneling Protocol Control Plane), GTP' (GPRS Tunneling Protocol Prime), GTP-U (GPRS Tunneling Protocol User Plane), HAProxy, HART-IP (Highway Addressable Remote Transducer over IP), HiSLIP (High-Speed LAN Instrument Protocol), HL7 (Health Level 7), HP Virtgrp (HP Virtual Group), HSRP (Hot Standby Router Protocol), I3D, IEC 62056 (International Electrotechnical Commission standard for electricity metering), IEEE C37.118 (Standard for Synchrophasors for Power Systems), IP PIM (Internet Protocol Protocol Independent Multicast), ISO 9506-1 MMS (Manufacturing Message Specification), KCP (Kademlia Control Protocol), Kismet, Meraki Cloud, NAT-PMP (Network Address Translation - Port Mapping Protocol), OCSP (Online Certificate Status Protocol), OPC UA (OPC Unified Architecture), OpenFlow, PGM (Pragmatic General Multicast), PROFINET IO, PTPv2 (Precision Time Protocol version 2), RESP (REdis Serialization Protocol), RMCP (Remote Management Control Protocol), Roughtime, RTPS (Real-Time Publish-Subscribe), S7commPlus, Service Location Protocol (SLP), SRTP (Secure Real-time Transport Protocol), TP-Link SHP, VXLAN (Virtual Extensible LAN), Yojimbo, Z39.50, Cisco Skinny, Citrix, Cloudflare, CPHA (Checkpoint High Availability), DTLS (Datagram Transport Layer Security), MSSQL-TDS (Microsoft SQL Server Tabular Data Stream), NATS, SOAP (Simple Object Access Protocol), Targus DataSpeed, TLS (Transport Layer Security), VMware, and WSD (Web Services Dynamic Discovery)
      Inter-Asterisk eXchangeIAX
      Internet Control Message ProtocolICMP, ICMPv6
      Internet Group Management ProtocolIGMP
      Internet Message Access ProtocolIMAP, IMAPS
      Internet Printing ProtocolIPP
      Internet Protocol SecurityIPsec
      IP Tunneling ProtocolIP in IP
      IPv6 Transition ProtocolTeredo
      IT Infrastructure Monitoring SoftwareCheckmk
      Lightweight Directory Access ProtocolLDAP
      Link-Local Multicast Name Resolution ProtocolLLMNR
      Locator ID Separation ProtocolLISP
      Lotus Notes Web Service ProtocolLotusNotes
      Machine to Machine Network ProtocolMQTT
      Meeting and Calling SoftwareFuze
      Messaging Protocol/ServicesLine, Line Call, Stomp, Telegram VoIP, Threema, AMQP, IMO, QQ, Signal, Slack, Telegram, Viber, WeChat, WhatsApp, WhatsApp Call, WhatsApp Files
      Microsoft ServicesAzure, Outlook, Microsoft (General), Microsoft 365, MySQL, Teams, Windows Update
      Mobile Virtual Network OperatorTuenti
      NetFlow ProtocolNetflow
      Network Authentication ProtocolKerberos
      Network Basic Input/Output SystemNetbios
      Network File System ProtocolNFS
      Network Time ProtocolNTP
      News and Email ServicesYahoo
      News ServicesAFP, Bloomberg, CNN
      Ookla Speedtest ProtocolOokla
      Open Collaboration Services APIOCS
      Open Shortest Path First Routing ProtocolOSPF
      OpenID-based Single Sign-on ServiceUbuntuOne
      Oracle ServicesOracle
      OtherBACnet, CacheFly, Crashlytics, MS-RPCH, Pluralsight, TeslaServices, UMAS, Xiaomi, NestLogSink
      Peer-to-peer File SharingSyncthing, UFTP, BitTorrent, eDonkey, Gnutella, Kontiki, Pandora, TVUPlayer
      Printer ProtocolBJNP
      Protocol that Authenticates CommunicationsDNSCrypt
      Quick UDP Internet Connections ProtocolQUIC
      Real Time Streaming ProtocolRTSP
      Real-Time Messaging ProtocolRTMP
      Real-time Transport ProtocolRTP
      Relational Database Management SystemPostgreSQL
      Remote AccessJSON-RPC, NoMachine, Radmin, RSH, AnyDesk, RADIUS, RDP, TeamViewer, VNC
      RTP Control ProtocolRTCP
      SaaS CRMSalesforce
      Sampling Technology for Network MonitoringSFlow
      SAP ServicesSAP
      Scalable Service-Oriented Middleware over IPSOMEIP
      Secure Shell ProtocolSSH
      Secure Simple Mail Transfer ProtocolSMTPS
      Serial Communication ProtocolModbus
      Server Message Block Application Layer Network ProtocolSMBv1
      Session Traversal Utilities for NAT ProtocolSTUN
      Short Message Peer-to-Peer ProtocolSMPP
      Siemens S7 Communication ProtocolS7comm
      Simple Mail Transfer ProtocolSMTP
      Simple Network Management ProtocolSNMP
      Simple Service Discovery ProtocolSSDP
      Skype-like Services in ChinaVHUA
      Social MediaBadoo, Facebook VoIP, Facebook Reel Story, Likee, OICQ, Sina, Sina Weibo, Tencent, Tencent Games, Tencent Video, VK, Discord, Facebook, Instagram, IRC, KakaoTalk, KakaoTalk Voice,, LinkedIn, Messenger, Pinterest, Reddit, Snapchat, Snapchat Call, TikTok, Tumblr, Twitter
      Socket Secure Network ProtocolSOCKS
      Software DevelopmentElasticsearch, GitLab, Kafka, Protocol Buffers (Protobuf), Thrift, Tuyalp, AJP, Git, GitHub, MongoDB
      Stream Control Transmission ProtocolSCTP
      Streaming Services1kxun, Dailymotion, DAZN, DIRECTV, Edgecast, HBO, iHeartRadio, Livestream, MPEG-DASH, Showtime, SiriusXM Radio, Tidal, TiVo Connect, TuneIn, Vimeo, Vudu, Amazon Video, Deezer, Disney+, Hulu, Icecast, iFlix, Netflix, PPStream, SoundCloud, Spotify, Twitch, Vevo, YouTube, YouTube Upload, Zattoo
      Syslog ProtocolSyslog
      System Statistics Collection DaemonCollectd
      Telnet ProtocolTelnet
      Tool to Monitor IT InfrastructureZabbix
      UBNTAC2 ProtocolUBNTAC2
      Usenet ProtocolUsenet
      Video Conferencing, Cloud Calling & Screen SharingWebex
      Virtual Router Redundancy ProtocolVRRP
      VoIP ProtocolMumble, SD-RTN, SignalVoIP, Skype Teams, Skype Teams Call, H.323, Jabber, MGCP, MPEG-TS, NoE, SIP, TeamSpeak, Zoom
      VPN ServicesMullvad, OperaVPN, Private Internet Access, ProtonVPN, Psiphon, SoftEther, Tailscale, TunnelBear, UltraSurf, CiscoVPN, Hotspot Shield, OpenVPN, PPTP, Tinc, Tor, WireGuard
      Weather ServiceAccuWeather
      WebSocket ProtocolWebSocket
      WHOIS Query and Response ProtocolWHOIS-DAS
      Windows SMB v2/v3 ProtocolSMBv23
      X Display Manager Control ProtocolXDMCP
      Yandex ServicesCloud, Direct, Disk, Mail, Market, Metrika, Music
      ZeroMQ Message Transport ProtocolZeroMQ

      Note: In case you have any questions or are experiencing any issues, please feel free to contact our 24/7 customer support team.

      Was this article helpful?