With the increasing use of the cloud, organizations strongly prefer to send SaaS and trusted web traffic directly to the Internet from branch offices rather than wasting bandwidth and adding the latency and expense of backhauling traffic to a data center. SD-WAN introduces the ability to incorporate broadband into the WAN and enable applications to run directly over the internet. However, while some internet-bound traffic is known and trusted, other HTTP/HTTPS traffic is unknown or suspicious. If you cannot identify the specific application on the first packet, you must send all HTTP/HTTPS traffic either to the Internet or backhauling all of it to secure web gateways or to a hub or headquarters for further inspection by corporate firewall and IDS/IPS resources. It’s all or nothing.
Silver Peak’s innovative First-packet iQ identifies applications on the first packet. Using multiple techniques, First-packet iQ identifies more than 10,000 applications and more than 300 million web domains. First-packet iQ goes beyond typical Deep Packet Inspection (DPI) and port-level approaches used today and it adds a cloud-hosted internet map and geolocation database in addition to real-time machine learning to provide the highest levels of application intelligence.
As the industry’s first and only first packet inspection engine, First-packet iQ enables granular and secure breakout of internet bound traffic to the correct path based on application-driven business and security policies. This eliminates the potential for wasted bandwidth and performance bottlenecks for trusted SaaS and web traffic. Trusted traffic gets treated appropriately while questionable traffic is automatically sent to more robust security appliances in accordance with corporate security policies.