 |
市場調查報告書
商品編碼
1435977
深層封包檢測與處理:市場佔有率分析、產業趨勢與統計、成長預測(2024-2029)Deep Packet Inspection and Processing - Market Share Analysis, Industry Trends & Statistics, Growth Forecasts (2024 - 2029) |
||||||
價格
※ 本網頁內容可能與最新版本有所差異。詳細情況請與我們聯繫。
簡介目錄
深層封包檢測和處理市場規模預計到 2024 年為 281.7 億美元,在預測期內(2024-2029 年)預計到 2029 年將達到 710.1 億美元,複合年成長率為 20.32%。
DPI 結合了簽章匹配技術和資料分析演算法來識別對通訊流的影響。基於硬體的中間盒在電腦網路中很普及,但它們的部署和管理成本通常很高。
主要亮點
- 在最近的趨勢中,研究人員提案了兩種實用的方法來實現雲端基礎的DPI 中間盒來解決這些問題。外包的 DPI 中間盒對加密流量執行有效負載檢查,同時維護通訊資料和檢查規則的隱私。
- 雲端採用、遠端工作、BYOD 和 SaaS 應用程式等技術的普及增加了可用於網路攻擊的途徑數量。應用程式已成為網路犯罪分子的有吸引力的目標,但確保、保護和控制連接它們的網路是網路安全供應商面臨的主要課題。
- 相較之下,歐盟的 DPI 的使用方式完全不同。它被用作打擊販毒和兒童色情製品系統的一部分。一旦歐盟明確了自己的意圖,它就迅速實施了管理資料使用的法律。這種考慮屬於一般資料保護規範 (GDPR),這是保護歐盟公民及其敏感資料的綜合法律。
- 隨著行動裝置帶來的全球 IP 流量的成長,物聯網 (IoT) 和雲端運算的出現需要仔細關注和強大的工具來確保企業網路的安全運作。據思科系統公司稱,到 2021 年,全球 IP資料流量預計將達到每月 278,108 Petabyte。
- 許多雲端服務都可以透過網際網路訪問,因此提高系統可存取性是雲端遷移的關鍵驅動力。然而,雲端伺服器和應用程式經常受到來自世界各地的各種方法的攻擊。深層封包檢測和處理對於阻止不良流量同時讓良好流量通過而不會造成太多中斷至關重要。超越這個基於邊界的防禦層也很重要。有多種方法可以在公共雲端環境中成功部署基於深層封包檢測的安全控制,包括使用為此目的而建置的供應商解決方案。另一個產品系列是基於在客戶端點上運行的代理程式。
- 此外,攻擊者開始利用資訊激增,提高公眾對 COVID 相關新聞的警惕。 網路釣魚、垃圾郵件活動和惡意網站/域顯著增加。 為了減少 VPN 上的負載並降低惡意軟體建立命令和控制 (C2) 通道的可能性,F-Secure 建議在 VPN 集中器和其他網路外圍設備上使用深度數據包檢測。 使用此類支架時,可能會阻止某些需要頻寬的在線服務,例如流媒體和各種遊戲服務。 此外,還建議您僅允許在已知和已批准的埠(如 HTTPS)上進行通信。 大流行導致採用率顯著提高。
深層封包檢測和處理市場趨勢
隨著企業網路流量的增加,軟體解決方案經歷了顯著成長
- 近年來,DPI(深層封包檢測)軟體已發展成為解決新網路課題的強大工具,並在當今的網路和網路基礎設施中發揮核心作用。由於大多數網路流量現在都已加密,因此可靠的 DPI 軟體引擎需要一個複雜的套件來對流量進行分類。
- DPI 是基於包含從資料包的資料部分提取的資訊的簽章資料庫來識別流量並對其進行分類,從而比僅基於標頭資訊的分類具有更多的控制權。P2P(P2P) 流量等應用程式為寬頻服務供應商帶來了越來越多的問題。
- P2P 流量通常由提供檔案共用的應用程式使用。 P2P 經常傳輸大型媒體文件,增加了流量負載並需要額外的網路容量。 DPI 允許通訊業者超額銷售可用頻寬,同時防止網路擁塞並將頻寬公平地分配給所有用戶。
- 網路必須能夠解析內容、組裝足夠的應用訊息並識別已知的流量使用情況和模式。 DPI 功能分為四類:通訊協定分析/應用程式感知、反惡意軟體/防毒、入侵偵測和防禦 (IDS/IPS) 以及 URL 過濾。
- 根據 Enea AB 的一項研究,70% 的受訪者(高科技產品經理)要求對企業和物聯網/工業網路中的連接設備進行分類。此外,加密的使用增加以及嚴格的 TLS 1.3 安全通訊協定(5G 的強制要求)的採用威脅到許多供應商的關鍵流量的可見性。這需要深層封包檢查和處理來支援未來的市場成長。
- 此外,大多數供應商表示擁有或正在開發雲端解決方案,其中一半計劃提供安全存取服務邊緣 (SASE) 解決方案,將安全性和網路整合到雲端基礎的服務中。隨著市場的成長,這就需要使用 DPI 軟體。
北美佔據主要市場佔有率
- 北美帳戶佔據了最大佔有率,因為該地區的成長是由網際網路普及不斷提高以及跨行業雲端基礎和物聯網應用程式的增加所推動的。此外,北美因 DPI 採用而發生的安全漏洞數量居世界首位。
- 網路犯罪分子擴大以企業和醫療保健組織為目標,以獲取受害者的資料。個人資料經常用於社交工程攻擊,與傳統的網路攻擊相比,社會工程攻擊更有可能欺騙受害者。美國記錄的資料外洩總合中有 79% 發生在商業和醫療保健領域(資料來源:身分盜竊資源中心)。
- HIPAA 隱私規則制定了保護受保護健康資訊 (PHI)、個人健康記錄和其他個人健康資訊的國家標準。這遵循了引入運行高級深層封包檢測(DPI) 邏輯的伺服器以從原始流量中識別和提取相關資料區段的趨勢。
- 以國家/地區來看,美國的資料外洩成本仍然高於其他國家。國內資料外洩造成的損失平均為 864 萬美元,幾乎是全球平均值的兩倍,而且這一金額在過去 14 年裡成長了 130% 以上。
- 此 DPI 技術可在 macOS 上使用,並內建於 Endpoint Protector 用戶端中,以攔截透過 Web 瀏覽器檔案傳輸。此類功能可以監控文件目標以及將特定 URL 列入白名單和黑名單。白名單僅允許將檔案傳輸到特定網域和 URL,而黑名單選項可讓您封鎖對特定網站的存取。
深層封包檢測和處理行業概述
隨著企業不斷創新新的硬體和軟體解決方案,深層封包檢測和處理市場變得支離破碎,並且新進入者不斷加入該市場以滿足激烈的競爭。深層封包檢測和處理市場正在出現多項創新,包括新一代防火牆 (NGFW) 的開發,該防火牆可以檢查 OSI 模型中多達七個應用層的網路封包。在這種情況下,參與者之間會展開激烈的競爭,以提供獨特的解決方案。主要公司包括諾基亞(阿爾卡特朗訊)、SolarWinds Worldwide, LLC、思科系統公司和華為技術有限公司。市場的最新發展包括:
2023 年 2 月,思科宣布計畫收購以色列雲端安全企業 Lightspin。思科和 Lightspin 將能夠實現他們的通用目標,即透過提供從建置到運行的端到端安全性和可觀察性,幫助客戶實現雲端基礎設施現代化。
2022 年 8 月,SafeRide Technologies 宣布發布新的入侵偵測和防禦軟體 (IDPS),以保護汽車乙太網路免受網路攻擊。新解決方案已整合到 SafeRide 的 vSentry Edge AI 軟體中。 vSentry Edge AI 監控來自多個域的 CAN 和乙太網路通訊,並執行深度資料包檢查和有效負載分析。
其他福利
- Excel 格式的市場預測 (ME) 表
- 3 個月分析師支持
目錄
第1章簡介
- 研究假設和市場定義
- 調查範圍
第2章調查方法
第3章執行摘要
第4章市場動態
- 市場概況
- 產業價值鏈分析
- 產業吸引力-波特五力分析
- 買方議價能力
- 供應商的議價能力
- 新進入者的威脅
- 替代產品的威脅
- 競爭公司之間的敵意強度
- 監管影響
- 評估 COVID-19 對市場的影響
- 市場促進因素
- 更多採用監管和資料保護法
- 先進採用雲端基礎的安全技術
- 市場限制因素
- DPI 讓現有防火牆和其他安全相關軟體變得更加複雜和笨重
第5章市場區隔
- 解決方案
- 硬體
- 軟體
- 介紹
- 本地
- 雲
- 最終用戶
- 通訊和資訊技術
- BFSI
- 衛生保健
- 零售
- 其他最終用戶
- 地區
- 北美洲
- 美國
- 加拿大
- 歐洲
- 德國
- 英國
- 法國
- 其他歐洲國家
- 亞太地區
- 中國
- 日本
- 澳洲
- 其他亞太地區
- 拉丁美洲
- 中東和非洲
- 北美洲
第6章 競爭形勢
- 公司簡介
- Nokia Corporation(Alcatel Lucent)
- Allot Ltd.
- Bivio Networks, Inc.
- Huawei Technologies Co., Ltd.
- Enea AB(Qosmos SA)
- WiseSpot Company Limited
- SolarWinds Worldwide, LLC.
- NetFort Technologies Limited(Rapid7)
- Netify
- AppNeta, Inc.
- ManageEngine(Zoho Corporation)
- Cisco Systems, Inc.
- ipoque GmbH
第7章 投資分析
第8章市場機會與未來趨勢
簡介目錄
Product Code: 71738
The Deep Packet Inspection and Processing Market size is estimated at USD 28.17 billion in 2024, and is expected to reach USD 71.01 billion by 2029, growing at a CAGR of 20.32% during the forecast period (2024-2029).
DPI combines signature matching technology with a data analysis algorithm to determine a communication stream impact. Hardware-based middleboxes are prevalent in computer networks, which usually incur high deployment and management expenses.
Key Highlights
- A recent trend addresses those problems where researchers propose two practical approaches to implement a cloud-based DPI middlebox. The outsourced DPI middlebox performs payload inspection over encrypted traffic while preserving the privacy of both communication data and inspection rules.
- The proliferation of technologies, such as cloud deployment, remote working, BYOD, SaaS applications, etc., are increasing the paths available to cyberattacks. Applications have become inviting targets for cybercriminals, but securing, protecting, and controlling the networks that connect them is a huge challenge for network security providers.
- In contrast, DPI in the European Union is used very differently. It is used as part of mechanisms to clamp down on drug trafficking and child pornography. When the EU established its intent, they were quick to enforce laws that controlled the use of data. The consideration falls under the General Data Protection Regulation (GDPR), a comprehensive set of laws protecting EU citizens and their sensitive data.
- With the growing global IP traffic augmented by mobile devices, the emergence of the Internet of Things (IoT) and cloud computing require close attention and powerful tools to ensure secure operations on an enterprise network. According to CISCO Systems, the global IP data traffic is expected to reach 278,108 petabytes per month by 2021.
- Many cloud services are accessible to the entire internet, which means improved system accessibility is an important driver for cloud migrations. However, cloud servers and applications are regularly attacked using various methods from anywhere globally. Deep packet inspection and processing are essential to keep the bad traffic out while letting the good traffic through without too much interruption. It is also important to look beyond this perimeter-based defense layer. There are several approaches to successfully deploying a security control based on Deep Packet Inspection within a public cloud environment, such as using the vendor solutions already built for this exact purpose, and another product range is based on agents running on customer endpoints.
- Moreover, attackers started exploiting the burst of information and heightened public alertness for COVID-19-related news. Phishing, spam campaigns, and malicious websites/domains significantly increased. To relieve the load on VPNs and mitigate the chances of successful command and control (C2) channels for malware to be established, F-Secure recommends using deep packet inspection on VPN concentrators and other network perimeter devices. Certain bandwidth-heavy online services, such as streaming and various gaming services, can be blocked with such a stand. It is also recommended to allow communication on only known and approved ports, such as HTTPS. The pandemic is significantly increasing the adoption rate.
Deep Packet Inspection and Processing Market Trends
Software Solution to Witness Significant Growth With Increasing Enterprise Internet Traffic
- In recent years, DPI (Deep Packet Inspection) software has evolved into a powerful tool to meet new network challenges, playing a central role in today's internet and network infrastructure. As most internet traffic is now encrypted, a reliable DPI software engine needs a tool kit of advanced techniques to classify traffic.
- DPI identifies and classifies traffic based on the signature database that includes information extracted from the data part of a packet, allowing finer control than classification based only on header information. Applications such as peer-to-peer (P2P) traffic provide increasing problems for broadband service providers.
- Typically, P2P traffic is used by applications providing file sharing. Due to its frequently large size of media files being transferred, P2P drives the increasing traffic loads, which requires additional network capacity. DPI allows operators to oversell their available bandwidth while ensuring equitable bandwidth distribution to all users by preventing network congestion.
- The network must be able to parse through content, assemble enough of an application message, and identify traffic usage and patterns based on the information. DPI functions fall into four categories: Protocol analysis/application recognition, Anti-malware/anti-virus, Intrusion Detection and Prevention (IDS/IPS), and URL filtering.
- According to the Enea AB survey, 70 percent of respondents (high-tech product managers) require the classification of connected devices in the enterprise and IoT/industrial networks. And also, the increased use of encryption and the adoption of the stringent TLS 1.3 security protocol (mandatory in 5G) threatens essential traffic visibility for many vendors. This requires Deep packet inspection and processing catering to future market growth.
- Further, most vendors report that they have or are developing cloud solutions, with half planning to offer a Secure Access Service Edge (SASE) solution that integrates security and networking in a cloud-based service. This requires the use of DPI software, which adheres to market growth.
North America Accounts for the Significant Market Share
- North American accounts hold a significant share as the region's growth is driven by the rising internet penetration and increasing adoption of cloud-based and IoT applications across verticals. Moreover, North America tops the world regarding security breach incidents, which caters to DPI adoption.
- Cybercriminals increasingly target businesses and medical institutions to gain the victim's data. The personal data is then often used for socially engineering their attacks, which are more likely to trick the victim when compared to traditional cyber attacks. 79% of the total data breaches recorded in the United States were reported in the business and medical sectors (source: Identity Theft Resource Center).
- The HIPAA Privacy Rule established national standards to safeguard Protected Health Information (PHI), individual medical records, and other personal health information. This is following the trend towards deploying servers executing sophisticated Deep Packet Inspection (DPI) logic to identify and extract relevant data segments from the raw traffic.
- By countries data breaches in the United States continued to be more expensive than those in other nations. Data breaches in the country, on average, cost USD 8.64 million, which is nearly double that of the global average, and this increased by over 130% over the last 14 years.
- This DPI technology, available for macOS and embedded into the Endpoint Protector client, intercepts all file transfers through web browsers. With such a feature now, it is possible to monitor a file's destination and whitelist and blacklist specific URLs. Whitelisting allows file transfers only to specific domains and URLs, while with the blacklisting option, access to specific websites can be blocked.
Deep Packet Inspection and Processing Industry Overview
The deep packet inspection and processing market is fragmented as the players are increasingly innovating new hardware and software solutions, and also new entrants are adding to this market that caters to the significant competition. Several innovations have been witnessed in the deep packet inspection and processing market, including developing Next-Generation Firewalls (NGFWs) that can investigate the network packets up to 7 application layers of the OSI model. Such instances provide intense rivalry among the players to provide unique solutions. Nokia (Alcatel Lucent), SolarWinds Worldwide, LLC, cisco systems, and Huawei Technologies are key players. Recent developments in the market are -
In February 2023, Cisco announced plans to purchase Lightspin, an Israeli cloud security business. Cisco and Lightspin will be able to achieve their mutual goal of assisting customers in modernizing their cloud infrastructures by providing end-to-end security and observability from construction to runtime.
In August 2022, SafeRide Technologies announced the release of new Intrusion Detection and Prevention Software (IDPS) to protect Automotive Ethernet networks against cyberattacks. The new solution was integrated into SafeRide's vSentry Edge AI software. vSentry Edge AI monitored the CAN and Ethernet communications from multiple domains, performing deep packet inspection and payload analysis.
Additional Benefits:
- The market estimate (ME) sheet in Excel format
- 3 months of analyst support
TABLE OF CONTENTS
1 INTRODUCTION
- 1.1 Study Assumptions and Market Definition
- 1.2 Scope of the Study
2 RESEARCH METHODOLOGY
3 EXECUTIVE SUMMARY
4 MARKET DYNAMICS
- 4.1 Market Overview
- 4.2 Industry Value Chain Analysis
- 4.3 Industry Attractiveness - Porter's Five Forces Analysis
- 4.3.1 Bargaining Power of Buyers/Consumers
- 4.3.2 Bargaining Power of Suppliers
- 4.3.3 Threat of New Entrants
- 4.3.4 Threat of Substitute Products
- 4.3.5 Intensity of Competitive Rivalry
- 4.4 Regulatory Implications
- 4.5 Assessment of COVID-19 Impact on the Market
- 4.6 Market Drivers
- 4.6.1 Increasing Adoption of Regulatory and Data Protection Laws
- 4.6.2 High Adoption of Cloud Based Security Technologies
- 4.7 Market Restraints
- 4.7.1 DPI Adds to the Complexity and Unwieldy Nature of Existing Firewalls and Other Security-Related Software
5 MARKET SEGMENTATION
- 5.1 Solution
- 5.1.1 Hardware
- 5.1.2 Software
- 5.2 Deployment
- 5.2.1 On-Premise
- 5.2.2 Cloud
- 5.3 End-User
- 5.3.1 Telecom and IT
- 5.3.2 BFSI
- 5.3.3 Healthcare
- 5.3.4 Retail
- 5.3.5 Other End-Users
- 5.4 Geography
- 5.4.1 North America
- 5.4.1.1 United States
- 5.4.1.2 Canada
- 5.4.2 Europe
- 5.4.2.1 Germany
- 5.4.2.2 United Kingdom
- 5.4.2.3 France
- 5.4.2.4 Rest of Europe
- 5.4.3 Asia-Pacific
- 5.4.3.1 China
- 5.4.3.2 Japan
- 5.4.3.3 Australia
- 5.4.3.4 Rest of Asia-Pacific
- 5.4.4 Latin America
- 5.4.5 Middle East and Africa
- 5.4.1 North America
6 COMPETITIVE LANDSCAPE
- 6.1 Company Profiles
- 6.1.1 Nokia Corporation (Alcatel Lucent)
- 6.1.2 Allot Ltd.
- 6.1.3 Bivio Networks, Inc.
- 6.1.4 Huawei Technologies Co., Ltd.
- 6.1.5 Enea AB (Qosmos SA)
- 6.1.6 WiseSpot Company Limited
- 6.1.7 SolarWinds Worldwide, LLC.
- 6.1.8 NetFort Technologies Limited (Rapid7
- 6.1.9 Netify
- 6.1.10 AppNeta, Inc.
- 6.1.11 ManageEngine (Zoho Corporation)
- 6.1.12 Cisco Systems, Inc.
- 6.1.13 ipoque GmbH
