Sometimes life throws you a curve ball and you must change directions.
We have some nice color coded pie chart graphs that show customers percentages of their bandwidth by application. This feature is popular really catches their eye.
In an effort to improve our latest layer 7 reporting feature, we have been collecting data from some of our Beta users.
The accuracy of the Layer 7 data has always and continues to be an issue. Normally this is resolved by revising the layer 7 protocol patterns, which we use internally to identify the signatures of various applications. We had anticipated and planned to address accuracy in a second release. However when we start to look at the root cause as to what is causing the missed classifications, we start to see more cases of encrypted data. Encrypted data cannot be identified.
We then checked with one of our ISP customers in South Africa , who handles over a million residential users. It seems that some of their investment in Layer 7 classification is also being thwarted by increased encryption. And this is more than the traditional p2p traffic, encryption has spread to the common social services such as face book.
Admittedly some of this early data is anecdotal, but two independent observers reporting increased encryption is hard to ignore.
Evidently the increased encryption techniques now being used by common applications, is a back lash to all the security issues bogging down the Internet. There are workarounds for enterprises that must use layer 7 classification to prioritize traffic; however the workarounds require that all devices using the network must be retrofitted with special software to identify the traffic on the device ( iPad, iPhone). Such a workaround is impractical for an ISP.
The net side effect is, that if this trend continues traditional layer 7 packet shapers will become museum pieces right beside old Atari Games, and giant 3 pound cell phones.