Deep Packet Inspection Market Bolstered by US-CERT Einstein Programs
The U.S. Government Deep Packet Inspection market has been bolstered in the recent years by deployment of Einstein, an intrusion detection system that monitors the network gateways of government departments and agencies in the United States for unauthorized traffic. According to a new market study “Deep Packet Inspection (DPI): U.S. Government Market Forecast 2010-2015“, the DPI technology is in a very favorable position to emerge as a major line of cyber defense for years to come as the only technology that can deliver the goods. The U.S. Government Deep Packet Inspection market is projected to grow at a CAGR of 36% from 2010 to around US$ 1.8 Billion by 2015.
Howard Schmidt, Special Assistant to the President and the Cybersecurity Coordinator, has unveiled previously classified details of the Comprehensive National Cybersecurity Initiative (CNCI), a program called to unify agencies’ fragmented approach to cyber security within the federal government. Two initiatives within CNCI, Einstein 2 and Einstein 3, imply wide implementation of Deep Packet Inspection technology to protect federal networks:
“Deploy an intrusion detection system of sensors across the Federal enterprise. Intrusion Detection Systems using passive sensors form a vital part of U.S. Government network defenses by identifying when unauthorized users attempt to gain access to those networks. DHS is deploying, as part of its EINSTEIN 2 activities, signature-based sensors capable of inspecting Internet traffic entering Federal systems for unauthorized accesses and malicious content. The EINSTEIN 2 capability enables analysis of network flow information to identify potential malicious activity while conducting automatic full packet inspection of traffic entering or exiting U.S. Government networks for malicious activity using signature-based intrusion detection technology.”
“The goal of EINSTEIN 3 is to identify and characterize malicious network traffic to enhance cybersecurity analysis, situational awareness and security response. It will have the ability to automatically detect and respond appropriately to cyber threats before harm is done, providing an intrusion prevention system supporting dynamic defense.”
It was an open secret that the U.S. Government is bolstering a program to detect and respond to cyber attacks on government systems and DPI technology was rather obvious choice. A flurry of activity around DPI technology vendors is in the air. A few weeks ago Science Applications International Corporation (SAIC)
announced the acquisition of CloudShield Technologies Inc, a cybersecurity and DPI technology provider. CloudShield’s deep packet inspection (DPI) capabilities are expected to enhance SAIC’s cybersecurity offering in the US Federal Government and commercial markets. Small DPI technology vendors may find it difficult to enter the world of federal contracts other than through established federal IT security contractors.
The Deep Packet Inspection market is undergoing a strong revival – it will see explosive growth, more mergers and acquisitions, more fighting with privacy advocates and a whole lot of new applications in cyber defense, signal intelligence, IP traffic monitoring and management.
