Typical Stakeholders

  • Network Operations
  • Sales & Marketing Teams
  • Senior Management
  • Strategic Management
  • Industry & Regulatory Bodies

Monitoring Support Includes:

  • xDSL (ADSL, SDSL, ADSL2+)
  • FTTx (FTTH, FTTC, FTTN, HFC)
  • Wireless (3G HSxPA, WiFi, CDMA, EDGE, GPRS, WiMAX)
  • Corporate LAN & WAN

Features & Benefits:

  • Provides detailed comparative performance data about your Competitior's 'traffic shaping'' implementations, including policy violations, through on-going active traffic analysis
  • Analyses Key P2P protocols including:
    • BitTorrent
    • e-Donkey/e-Mule
    • Kontiki
    • BBC iPlayer
    • Kazaa
    • Gnutella
    and provides comparative control reporting (HTTP / rawTCP)
  • Provides detailed data about P2P bandwidth performance. ISP-I(P2P) is the only technology platform on the market today that provides controllable P2P traffic replication with definitive comparative performance & Customer experience reporting including real-time TCP & UDP throughput data, packet loss, jitter and latency between peers
  • Easy to install/configure new P2P signatures with immediate real-time results
  • Flexible and configurable - customers can choose what signatures they want to analyse and work with, and decide what is done with the data
  • Modular and highly scalable to support multiple high-capacity links and networks

Traffic Management Monitoring and Competitive Analysis

Peer-to-Peer applications on the Internet have evolved rapidly, making identification of P2P traffic challenging. Accurate knowledge of P2P traffic is desirable for several reasons, including traffic engineering and network capacity planning. ISP-I(P2P) is the only managed service-based technology platform in the market today that provides controllable signature-based P2P traffic replication with definitive performance-based benchmarking and reporting metrics including real-time throughput data and packet loss data between peers.

Peer-to-peer overview
A peer-to-peer application is different from the traditional client/server model because the applications involved act as both clients and servers - while they are able to request information from other servers, they also have the ability to act as a server and respond to requests for information from other clients at the same time. A typical peer-to-peer application has the following key features that help define it:

  • Ability to discover other peers in the P2P network
  • Ability to query those peers for content
  • Ability to share content with those peers

Discovering other peers
The application must be able to find other applications that are willing to share information. Historically, the application finds these peers by registering with a central server that maintains a list of all peers currently willing to share and giving that list to any new peers as they connect to the network.

Querying peers for content
Once these peers have been discovered, the application can ask them for the content that is desired by the application.

Sharing content with other peers
In the same way that the peer can ask others for content, it can also share content after it has been discovered.

Current P2P identification technology
When it comes to identifying P2P users, currently there are a number of accepted choices: port based analysis, protocol analysis and Traffic behavior. Whilst there is no one-fit-all solution for P2P identification work - the following are currently the most important and commonly used techniques:

Port based analysis
Port based analysis is the most basic and straightforward method to detect P2P users in network traffic. It is based on the concept that many P2P applications have default ports on which they function. When these applications are run, they use these ports to communicate with outside. To perform port based analysis, Service Providers need to observe the network traffic and check whether there are connection records using these ports. If a match is found, it may indicate a P2P activity. Port matching is very simple in practice, but its limitations are obvious. Most P2P applications allow users to change the default port numbers by manually selecting whatever port(s) they like. Additionally, many newer P2P applications are more inclined to use random ports, thus making the ports unpredictable. Also there is a trend for P2P applications to masquerade their function ports within well-known application ports such as port 80 (HTTP) or 443 (HTTPS).

Application layer (L7) protocol analysis (Packet Inspection)
With this approach, Network Operators monitor the IP packets passing through the network and inspect the data payload of the packets according to some previously defined P2P application signatures. They each do their detection work by doing regular expression matches on the application layer data, in order to determine whether a special P2P application is being used.

Because protocol analysis focuses on the packet payload and raises alerts only on a definite match, any client-side tricks that use non-default or dynamic ports to avoid detection by P2P applications will fail. Using this approach, the result is normally more accurate. However P2P applications are evolving continuously, and therefore signatures can change. Static signature based matching requires new signatures to be effective when these changes occur.

Comparing P2P traffic performance to standard traffic types across a controlled network path
To compare P2P to HTTP throughput in this controlled environment the ISP-I network is capable of generating comparative performance data for P2P versus standard traffic types (i.e. HTTP) across the same network path. By initially running a P2P TCP-based transfer from a peer immediately followed by a HTTP transfer we can compare and contrast the effects of any P2P 'traffic shaping' evident in any Service Provider's network.



P2P Overview - 2 Screens
Fig 1.ISP-I Snapshot view of performance (kbps) of BitTorrent Traffic across multiple ISPs
Fig 2. Snapshot view of single ISP P2P performance (kbps) of multiple protocols (and a HTTP Control)