I am requesting that nDPI be made available in ROS for the cloud core. I believe this is possible now due to being able to leverage the performance of the Cloud Core Platform. Thank You.
Personally I think Suricata is a better fit.
It will allow IDS/IPS functionality in addition to just DPI, will allow marking of packets rather than just reporting on them, and has had extensive testing on the Tilera platforms (they are a Tilera partner) see http://suricata-ids.org/2012/12/21/oisf-welcomes-tilera-as-a-gold-level-consortium-member/ for more info.
I have heard of them but haven’t looked in a while. I agree that being able to mark packets is a huge plus. Me personaly I want the same functionality that we get with our Meraki switches but having IDS/IPS ability is a definite plus. Does suricata have the same protocol detection support as nDPI? Link http://www.ntop.org/products/ndpi
Its better.
Look at emergingthreats.net
Do you have a more direct link? I’m having trouble finding a list of protocols for layer 7 visibility.
but it heavier.
sadly
Browse the et repository via http. its very comprehensive.
As long as I can see what traffic is on my network I will be happy. Suricata… nDPI… as long as there is going to be future support for DPI. That’s all I’m looking for for right now. I would like to hear from Mikrotik on whether/when it will be implemented.
I did parse through the library and yes there is an extensive list of IDS/IPS rulesets but not an extensive protocol detection support as nDPI. Maybe I’m missing something but I really don’t see them.
All I would really like to see is this http://meraki.cisco.com/technologies/layer-7-visibility implemented as a feature in ROS. I would like to know from someone at Mikrotik if there is work being done on this and or Suricata. Any feedback from Mikrotik would be much appreciated as this would add great value to your products for us and many others I’m sure.
Bump for goodness. Would like to see this also.
My opinion is that we will never see such features in ROS.
There are much more simple problems and features asked for years never done.
There is no reason to ask for these.
On the other hand, releasing an affordable platform for IPS/IDS functionality (with suricata perhaps) would be a very nice opportunity for Mikrotik to gain visibility, and thus boost sales.
Most of the other feature request I see here do not open a whole new market segment…
I do not (yet) have a CCR, but if suricata becomes available, that would change immediately.
I think I can convince others to do the same…