1、 I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n ITU-T Series Y TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU Supplement 25 (05/2015) SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS ITU-T Y.2770 series Supplement on DPI use
2、cases and application scenarios ITU-T Y-series Recommendations Supplement 25 ITU-T Y-SERIES RECOMMENDATIONS GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS GLOBAL INFORMATION INFRASTRUCTURE General Y.100Y.199 Services, applications and middleware Y.200Y.299
3、Network aspects Y.300Y.399 Interfaces and protocols Y.400Y.499 Numbering, addressing and naming Y.500Y.599 Operation, administration and maintenance Y.600Y.699 Security Y.700Y.799 Performances Y.800Y.899 INTERNET PROTOCOL ASPECTS General Y.1000Y.1099 Services and applications Y.1100Y.1199 Architectu
4、re, access, network capabilities and resource management Y.1200Y.1299 Transport Y.1300Y.1399 Interworking Y.1400Y.1499 Quality of service and network performance Y.1500Y.1599 Signalling Y.1600Y.1699 Operation, administration and maintenance Y.1700Y.1799 Charging Y.1800Y.1899 IPTV over NGN Y.1900Y.19
5、99 NEXT GENERATION NETWORKS Frameworks and functional architecture models Y.2000Y.2099 Quality of Service and performance Y.2100Y.2199 Service aspects: Service capabilities and service architecture Y.2200Y.2249 Service aspects: Interoperability of services and networks in NGN Y.2250Y.2299 Enhancemen
6、ts to NGN Y.2300Y.2399 Network management Y.2400Y.2499 Network control architectures and protocols Y.2500Y.2599 Packet-based Networks Y.2600Y.2699 Security Y.2700Y.2799 Generalized mobility Y.2800Y.2899 Carrier grade open environment Y.2900Y.2999 FUTURE NETWORKS Y.3000Y.3499 CLOUD COMPUTING Y.3500Y.
7、3999 For further details, please refer to the list of ITU-T Recommendations. Y series Supplement 25 (05/2015) i Supplement 25 to ITU-T Y-series Recommendations ITU-T Y.2770 series Supplement on DPI use cases and application scenarios Summary Supplement 25 to the ITU-T Y.2770 series provides compleme
8、ntary information on deep packet inspection (DPI) use cases and application scenarios in evolving networks. Detailed use cases are specified including application identification and traffic detection, application performance measurements, application specific energy measurements, application statist
9、ics reporting, diagnosis and analysis, application traffic optimization and application enrichment, provision of tiered services and parental control. The application scenarios of DPI in next generation networks (NGNs), enterprise networks (ENs) and software-defined networking (SDN) are specified to
10、 help guide the deployment of DPI for service/application awareness in evolving networks. History Edition Recommendation Approval Study Group Unique ID* 1.0 ITU-T Y Suppl. 25 2015-05-01 13 11.1002/1000/12524 _ * To access the Recommendation, type the URL http:/handle.itu.int/ in the address field of
11、 your web browser, followed by the Recommendations unique ID. For example, http:/handle.itu.int/11.1002/1000/11830-en. ii Y series Supplement 25 (05/2015) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, information
12、 and communication technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide
13、 basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA R
14、esolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this publication, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration
15、 and a recognized operating agency. Compliance with this publication is voluntary. However, the publication may contain certain mandatory provisions (to ensure, e.g., interoperability or applicability) and compliance with the publication is achieved when all of these mandatory provisions are met. Th
16、e words “shall“ or some other obligatory language such as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the publication is required of any party. INTELLECTUAL PROPERTY RIGHTSITU draws attention to the possibility tha
17、t the practice or implementation of this publication may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the publication de
18、velopment process. As of the date of approval of this publication, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this publication. However, implementers are cautioned that this may not represent the latest information and are therefore
19、 strongly urged to consult the TSB patent database at http:/www.itu.int/ITU-T/ipr/. ITU 2015 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. Y series Supplement 25 (05/2015) iii Table of Contents Page 1 Scope .
20、 1 2 References . 1 3 Definitions 1 4 Abbreviations and acronyms 2 5 Conventions 3 6 Policy enforcement architecture and common use cases of DPI 3 6.1 Background and policy enforcement architecture 3 6.2 Common use cases of DPI 6 6.3 DPI use case: Network-oriented versus link-oriented DPI . 8 7 Appl
21、ication scenarios in next generation networks 10 8 Application scenarios in enterprise networks . 11 8.1 Use DPI to guarantee the information security of the enterprise network . 12 8.2 Use DPI to improve internal resources utility of the enterprise network 13 8.3 Enterprise internal management opti
22、mization 13 9 Application scenario of deep packet inspection in SDN 14 9.1 SDN defined by ITU-T and ONF . 14 9.2 SDN defined by ONF . 14 10 Security considerations . 16 Bibliography. 17 Y series Supplement 25 (05/2015) 1 Supplement 25 to ITU-T Y-series Recommendations ITU-T Y.2770 series Supplement
23、on DPI use cases and application scenarios 1 Scope This Supplement specifies the use cases and application scenarios of deep packet inspection in support of service/application awareness in evolving networks. The DPI use cases include: application identification and traffic detection, application pe
24、rformance measurements, application specific energy measurements, application statistics reporting, diagnosis and analysis, application traffic optimization and application enrichment, provision of tiered services and parental control. The application scenarios include: DPI applications in NGN, EN a
25、nd SDN. 2 References ITU-T Y.1311 Recommendation ITU-T Y.1311 (2002), Network-based VPNs Generic architecture and service requirements. ITU-T Y.1314 Recommendation ITU-T Y.1314 (2005), Virtual private network functional decomposition. ITU-T Y.2111 Recommendation ITU-T Y.2111 (2011), Resource and adm
26、ission control functions in Next Generation Networks. ITU-T Y.2201 Recommendation ITU-T Y.2201 (2009), Requirements and capabilities for ITU-T NGN. ITU-T Y.2704 Recommendation ITU-T Y.2704 (2010), Security mechanisms and procedures for NGN. ITU-T Y.2770 Recommendation ITU-T Y.2770 (2012), Requiremen
27、ts for deep packet inspection in next generation networks. ITU-T Y.2771 Recommendation ITU-T Y.2771 (2014), Framework for deep packet inspection. ITU-T Y.3300 Recommendation ITU-T Y.3300 (2014), Framework of software-defined networking. ITU-T X.200 Recommendation ITU-T X.200 (1994) | ISO/IEC 7498-1:
28、1994, Information technology Open Systems Interconnection Basic Reference Model: The basic model. ETSI TS 123 203 ETSI TS 123 203 (2011), Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); LTE; Policy and charging control architecture (3GPP TS 2
29、3.203 version 100 Release 10). IETF RFC 2748 IETF RFC 2748 (2000), The COPS (Common Open Policy Service) Protocol. 3 Definitions 3.1 Terms defined elsewhere This Supplement uses the following term defined elsewhere: 3.1.1 deep packet inspection (DPI) ITU-T Y.2770: Analysis, according to the layered
30、protocol architecture OSI-BRM ITU-T X.200, of payload and/or packet properties (see list of potential properties in clause 3.2.11 of ITU-T Y.2770) deeper than protocol layer 2, 3 or 4 (L2/L3/L4) header information, and other packet properties in order to identify the application unambiguously. 2 Y s
31、eries Supplement 25 (05/2015) NOTE The output of the DPI function, along with some extra information such as the flow information, is typically used in subsequent functions such as reporting or actions on the packet. 3.2 Terms defined in this Supplement This Supplement defines the following terms: 3
32、.2.1 application scenario: The environment and context of a system. The application scenario of a system may include one or more use cases. 3.2.2 use case: A use case describes how a user uses a system to accomplish a particular goal. 4 Abbreviations and acronyms This Supplement uses the following a
33、bbreviations and acronyms: AAA Authentication, Authorization and Accounting COPS Common Open Policy Service DNS Domain Name System DPI Deep Packet Inspection DPI-FE DPI Functional Entity DPI-PDFE DPI Policy Decision Functional Entity DPI-PEF DPI Policy Enforcement Function EN Enterprise Networks GRE
34、 Generic Routing Encapsulation GPRS General Packet Radio Service ICT Information and Communication Technology IP Internet Protocol ISP Internet Service Provider L2-VPN Layer2 Virtual Private Network L3-VPN Layer3Virtual Private Network MPLS Multiple Protocol Label Switching NAT Network Address Trans
35、lation NGCN Next Generation Corporate Network NGN Next Generation Network OA Office Automation OMA Open Mobile Architecture ONF Open Network Foundation PCC Policy and Charging Control PCF Policy Control Framework PCI Protocol Control Information PDP Policy Decision Point PEEM Policy Evaluation, Enfo
36、rcement and Management PEP Policy Enforcement Point Y series Supplement 25 (05/2015) 3 QoE Quality of Experience QoS Quality of Service RACF Resource and Admission Control Function SDN Software-Defined Networking SLA Service Level Agreement VPN Virtual Private Network 5 Conventions None. 6 Policy en
37、forcement architecture and common use cases of DPI 6.1 Background and policy enforcement architecture 6.1.1 Background The network applications status data, e.g., bandwidth, delay, energy, is a Big Data for network management and control. Internet service providers (ISPs) need to measure the status
38、of network applications and manage the network traffic efficiently to ensure the quality of service (QoS) and quality of experience (QoE). In the past, “over provisioning“ of bandwidth was widely used to meet the transport capacity requirements of network applications. With the increase of new Inter
39、net applications, e.g., high-bandwidth video, ISPs found it very difficult to build a sustainable evolving network based on “over provisioning“. With the current Internet applications shifting their communication ports and protocols randomly, and an increasing number of applications evolving into we
40、b-based services. ISPs need to identify and manage network applications unambiguously through protocol, port and application signatures. This kind of fine-grained, long-term traffic management solution aid ISPs in contending with volumes of traffic rising at an exponential rate. This Supplement spec
41、ifies application scenarios to guide the deployment of deep packet inspection in support of measurement, reporting, analysis and optimization of network application traffic in evolving networks. These application scenarios should not be considered prescriptive for how to deploy DPI in real networks.
42、 6.1.2 The introduction of converging and evolving networks With the converging of telecommunication networks, cable TV networks, the Internet and the converging of fixed/mobile broadband networks, the evolving networks are now converging rapidly to IP packet networks (see Figure 6-1). The differenc
43、es between mobile phones and personal computers is blurring as mobile phones are increasingly being smart and are used to access the Internet freely. With the emerging of cloud computing and the increasing number of Internet users and applications, packet-based networks are not only used to access i
44、nformation on the World Wide Web and to send email, but also to view television, listen to radio programmes, play games, talk to each other, buy/sell goods and communicate with everyday objects. The Internet traffic is becoming more and more heavy and complex. There is an inevitable urgency for ISPs
45、 to work well for all the users and applications. A clear understanding of the current status of the Internet is essential to help diagnose and optimize the network. Since “over provisioning of bandwidth is not a sustainable solution for evolving networks, another kind of fine-grained, long-term net
46、work awareness and diagnosis solution is required to aid ISPs in contending with volumes of traffic rising at an exponential rate for the evolving intelligent network, e.g., smart pipe, network intelligence capabilities enhancement and smart ubiquitous networks. 4 Y series Supplement 25 (05/2015) Fi
47、gure 6-1 The converging and evolving networks Example common use cases include application identification and traffic detection, performance metrics measurement, energy metrics measurement, statistics reporting, diagnosis and analysis, traffic optimization and content enrichment, provision of tiered
48、 services, parental control, etc. Figure 6-2 illustrates a common use case where DPI policy enforcement points (PEPs) are distributed in the network as an Internet sensor to measure and perceive the network status and report to the policy decision point (PDP) (also known as Intelligence controller).
49、 After intelligent analysis of network status data, The PDP can schedule the network resource to optimize the network performance. Figure 6-2 Common policy enforcement architecture 6.1.3 DPI-PE deployment modes The DPI physical entity (DPI-PE) is a physical instance that represents an implementation of a DPI functional entity ITU-T Y.2770. There are multiple network scenarios according to clause 6.1 of ITU-T Y.2771. For instance, there are two realizations
