惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Schneier on Security
A
Arctic Wolf
S
Security Affairs
O
OpenAI News
SecWiki News
SecWiki News
TaoSecurity Blog
TaoSecurity Blog
H
Heimdal Security Blog
T
Threat Research - Cisco Blogs
Hacker News: Ask HN
Hacker News: Ask HN
N
News | PayPal Newsroom
Google Online Security Blog
Google Online Security Blog
C
Cisco Blogs
The Hacker News
The Hacker News
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
C
CXSECURITY Database RSS Feed - CXSecurity.com
P
Privacy International News Feed
V
Vulnerabilities – Threatpost
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
酷 壳 – CoolShell
酷 壳 – CoolShell
H
Hacker News: Front Page
T
Tenable Blog
T
The Exploit Database - CXSecurity.com
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Spread Privacy
Spread Privacy
人人都是产品经理
人人都是产品经理
www.infosecurity-magazine.com
www.infosecurity-magazine.com
V2EX - 技术
V2EX - 技术
L
LINUX DO - 最新话题
The GitHub Blog
The GitHub Blog
博客园 - 三生石上(FineUI控件)
T
The Blog of Author Tim Ferriss
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
V
Visual Studio Blog
The Cloudflare Blog
N
News and Events Feed by Topic
量子位
Google DeepMind News
Google DeepMind News
Application and Cybersecurity Blog
Application and Cybersecurity Blog
L
LINUX DO - 热门话题
P
Palo Alto Networks Blog
Stack Overflow Blog
Stack Overflow Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Attack and Defense Labs
Attack and Defense Labs
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Hacker News - Newest:
Hacker News - Newest: "LLM"
Apple Machine Learning Research
Apple Machine Learning Research
The Register - Security
The Register - Security
Microsoft Security Blog
Microsoft Security Blog
Know Your Adversary
Know Your Adversary
Webroot Blog
Webroot Blog

NETSCOUT

Resilience Is the Foundation of Modern Security Strategy | NETSCOUT How Machines Are Taking Over Network Traffic | NETSCOUT Why AI Moves Faster Than the Controls Built to Manage It | NETSCOUT NETSCOUT Named a SPARK Matrix™ Leader in Network Observability for the Third Consecutive Year | NETSCOUT Why CDNs Alone Are Not Sufficient for Modern DDoS Protection | NETSCOUT All That Glitters Isn’t Gold: Why AI Needs Better Data | NETSCOUT From Horseback to Real-Time Observability | NETSCOUT Why Digital Twins Are Now Mission-Critical for Scaling 5G with Confidence | NETSCOUT NETSCOUT Earns Six Leader Badges in the G2 Summer 2026 Grid Reports | NETSCOUT When Too Much Data Becomes Too Big an AI Problem | NETSCOUT Game-Changing AI in the RAN Plays by Its Own Rules | NETSCOUT 75,000 DDoS-for-Hire Actors Targeted by Law Enforcement | NETSCOUT What Is NETSCOUT Smart Data and Why Is It So Important? | NETSCOUT Understanding Network Traffic for Threat Hunting | NETSCOUT Black Box Versus Glass Box DDoS Protection Intellyx Names NETSCOUT to Prestigious 2026 Digital Innovator Award List How to Operationalize Threat Hunting with NETSCOUT, SIEM, XDR, EDR, and SOAR Solving Network Blind Spots Created by Massive Data Silos The Self-Healing Network: Why Your AI Strategy Needs a Neutral Lens Does It Feel Like a Stormy Season in Your Cloud? Four AI Trends Transforming Network Operations The 1 A.M. Cloud Migration Meltdown Communication Service Provider Supports Banking Application Success Across International Borders Defending Against DDoS Attacks at Scale AI-Driven Workflow Automation Is the New North Star for Communication Service Providers Key Takeaways from the EMA Network Management Megatrends 2026 The Digital Foundation of Public Trust Is More Than Skin Deep Unlocking the Full Value of 5G with Network Slicing NETSCOUT to Have a Strong Presence at Cisco Live Why Airlines and Airports Must Embrace Observability Ahead of the Summer Travel Surge Beyond “Best Effort”: Why Carrier Grade 5G Slicing Matters More Than Ever | NETSCOUT The Shrinking Lifespan of SSL/TLS Certificates | NETSCOUT From Packets to Insight: How Curated Network Data Powers AI | NETSCOUT Data Centers Are Feeling the Heat, and That’s OK | NETSCOUT If You Can’t See the Slice, You Can’t Sell the SLA | NETSCOUT Insights from the GigaOm Radar for Network Observability v6 Report | NETSCOUT How Shadow AI Creates Zombie Infrastructure NETSCOUT Earns Eight Leader Badges in the G2 Spring 2026 Grid Reports Your Modern Manufacturing Network Deserves a Modern Observability Strategy How Botnet-Driven DDoS Attacks Evolved in 2H 2025 The Hidden Cost of Poor Network Observability Insurance Systems Look Simple, but the Infrastructure Isn’t How AI is Transforming the RAN With the Right Data When Cloud SaaS DDoS Mitigation Offerings Aren’t Enough Frictionless Banking Experiences Start with Observability Colocation Growth Demands Scalable End-to-End Observability Bringing Shadow AI Into the Light AIOps Outcomes Depend on Data Quality, Not Algorithms Why AI, Zero Trust, and Modern Security Require Deep Visibility How Service Behavior Changes in Remote Locations The 10-Hour Problem: How Visibility Gaps Are Burning Out the SOC From Insight to Impact: Observability Fuels AI-Driven Innovation How Orphaned Applications Are Quietly Fueling Your Shadow IT Problem Why Today’s Security Tools Can’t See the Network Anymore How NETSCOUT Addresses Modern Network Observability Challenges Helping IT Organizations Prevent Disruptions Before They Impact Business How Hidden Blind Spots Quietly Became Cybersecurity’s Biggest Vulnerability The Blame Game! Is it the Network or Gaps in Observability? Six Winter 2026 G2 Leader Badges Prove This DDoS Protection Stands Out The Value of Combining Modern Observability Solutions for Actionable Insights AI Failure Is the Norm Because Most Initiatives Are Flying Blind NETSCOUT Distinguished by Frost & Sullivan with the 2025 Company of the Year Recognition 5 Emerging AI Data Trends Enterprise IT Teams Cannot Ignore What is Network Slicing NETSCOUT’s Omnis Cyber Intelligence Earns Security Today’s 2025 CyberSecured Award Turning a Flood of 5G Data into Rocket Fuel for AIOps NETSCOUT Recognized by Comparably as a Top Workplace for Q4 2025 How to deliver consistent ultra-low latency, high-throughput, and total reliability across complex networks Smart Data: The Super Fuel Driving Next-Gen Observability NETSCOUT Recognized for Leadership in Network Detection and Response Removing Barriers to Digital Transformation Gain Real-time Visibility to Future Proof Your Network for Autonomous Operations Why Is Cloud Performance Still Foggy? Smarter DDoS Security at Scale How DPI Is Transforming Observability and Operational Resilience 10 Key Challenges to Optimizing Radio Access Networks in the 5G Era Why Arbor Edge Defense and CDN-Based DDoS Protection Are Better Together NETSCOUT’s Holiday Playlist for IT Teams and Leaders More Data Does Not Always Equate to Better Business Visibility Seeing Clearly with Deep Packet Inspection at Scale How to Ensure High Availability for FWA Services System Integrators and the Future of Enterprise IT The Transformative Power of ‘Thinking’ AI and the Implications for Business How Fast Can Your Organization Identify and Resolve IT Outages? Observability for the “Always On” Power Industry
Integrating Deep Packet Inspection in 5G Networks
Sherrie.Taylor · 2025-12-02 · via NETSCOUT

What is DPI in 5G?

DPI in 5G is an intelligent, cloud-native traffic analysis engine. Communications service providers (CSPs) typically implement DPI engines in the User Plane Function (UPF), which is part of the 5G core (5GC) network responsible for user data forwarding.

How Does DPI Work?

DPI uses sophisticated detection methods to monitor traffic over unencrypted and encrypted protocols and analyze communications patterns to detect anomalies and to enforce policies for enhanced security and service differentiation.

DPI engines can classify thousands of applications at scale and extract metadata to enable services such as content filtering, parental controls, traffic shaping, and advanced threat detection.

Intelligent DPI engines use pattern matching, encrypted traffic analysis, artificial intelligence (AI), and machine learning (ML) to classify and prioritize traffic dynamically, in real time.

With modern DPI technology, CSPs can:

  • Observe and analyze the raw content of the data packets flowing through the network at massive scale
  • Examine and classify traffic by application type
  • Enforce network policies
  • Proactively detect and block malicious or unauthorized traffic
  • Optimize quality of service for latency-sensitive services in real time

Challenge for CSPs

But even with this capability, implementing DPI engines remains complex and challenging, often requiring immense storage capacity. As a result, user plane data extraction is seen as cost prohibitive for CSPs.  
CSPs will only realize these benefits if they consider an end-through-end network observability architecture powered by DPI that has the capacity to curate data at scale, 24/7, in near-real time, to produce what NETSCOUT calls Smart Data.

Integrating DPI in 5G

CSPs typically implement DPI engines in the UPF, which is part of the 5GC network responsible for user data forwarding. DPI uses sophisticated detection methods to monitor traffic over unencrypted and encrypted protocols and analyze communications patterns to detect anomalies and enforce policies for enhanced security and service differentiation. 5G networks rely on the successful operation of DPI techniques to ensure and secure network traffic, as well as to assure high performance for network slices.

DPI supports outcomes for emerging 5G use cases such as:

  • Massive device connectivity (Internet of Things [IoT], smart cities)
  • Ultra-low latency applications (augmented reality/virtual reality [AR/VR], autonomous vehicles)
  • Network slicing (requires precise traffic identification and control)
  • Mobile network security (detected and mitigated cyberthreats)

The integration of DPI within the 5GC supports real-time monitoring and response with minimal impact on network performance. Within the UPF, DPI modules conduct the following tasks:

  • Inspect and classify user traffic
  • Report metadata (e.g., app ID, flow type) to control-plane functions (such as the Policy Control Function [PCF] or Session Management Function [SMF])
  • Trigger policy enforcement (throttling, prioritization, redirection)

DPI Flow

When CSPs integrate DPI engines within the 5GC, the following interaction occurs between DPI, the Network Data Analytics Function [NWDAF], and PCF (see Figure 1):

  • DPI - Analyzes traffic and sends traffic classification to the PCF and detailed metrics to NWDAF in real time
  • NWDAF - Processes the traffic data and predicts any congestion, security threats, or slice performance issues
  • PCF - Uses the inputs from DPI and NWDAF to enforce or adjust policies dynamically in real time, optimizing user experiences and resource allocations, and enabling decision-making for traffic shaping, billing, and service assurance

    DPI NWDAF and PCF Flow Chart

    Figure 1: DPI NWDAF and PCF Flow Chart

NETSCOUT Offers Scalable User Plane Solution

CSPs can rely on NETSCOUT Omnis AI Insights to drive intelligent automation for observability. Powered by modern DPI technology, this solution generates high-fidelity curated data that is AI-ready and delivers comprehensive observability that can help CSPs unlock new value streams for tailored business insights to securely operate their networks toward:

  • Gaining autonomous network performance and services with closed-loop orchestration, on-demand analytics, and automatic management of subscriber experiences
  • Achieving reliability and latency goals
  • Providing opportunities for new revenue and monetization

Learn more about NETSCOUT Omnis AI Insights.