SL DC Engine | DPI Engine

Dissection and Classification Engine. Cross-platform and network independent DPI Engine. Integration solution which is written in modern C++.

SL DC Engine

Functionality

Protocol detection

Identifying network protocols, extracting fields, decoding values
Classification of Internet services

Classification of services and definition of the nature of the flow (audio/video/file transfer).
Integration into IT solutions

Integration into IT solutions (IPS/IDS, SIEM, DLP, etc.)
Data collection for AI

Collecting an array of data for use in AI systems
Network activity logging

Logging of network activity that can be used in the investigation of incidents
User control

Putting users under control (saving all or selected information for certain users)
Collecting information for billing

Accumulation of information on streams for use in billing
HotFix of new vulnerabilities

Prevention of exploitation of new vulnerabilities, before the release of official fixes (HotFix)

Read more in the brochure

Download brochure | pdf

Technical advantages

> Integration into other software solutions

SL DC Engine is a DPI Engine class solution and can be integrated into third-party products. DC Engine provides the ability to dissect packets, obtain protocol fields, collect statistics on network flows, and configure classification rules. DC Engine also makes it possible to expand the basic functionality through an extension mechanism that allows users to add their code to the traffic processing pipeline and use the results of its execution in classification rules.

> Detailed package analysis

Each processed packet is divided into layers which belong to a specific protocol. SL DC Engine parses each supported protocol and maps its fields, after which their values can be obtained via the API. In addition to, the DC Engine also maintains a hierarchy of fields to provide the ability to visualize a layer's structure in detail. After processing the packet, a user can obtain information about the state of each layer, and if errors occur during the dissection process, the DC Engine will report what exactly went wrong

> Many supported protocols

SL DC Engine is designed as a universal framework for processing network traffic, which does not depend on which network traffic is processed. DC Engine can process traffic from local, mobile, and industrial networks; the Internet network, and also supports protocols used by IoT devices.

> Logging system

One of the main elements when monitoring a network is activity logging. The DLog module is responsible for collecting logs and allows the user to configure what data should be included in each log journal. The log may include data received from custom extensions. DLog also provides the ability to set policies for log rotation. In addition, the user can configure the count of processing threads according to the characteristics of their hardware, which will increase performance.

> Traffic filtering opportunities

Traffic control allows you to solve problems such as load balancing in the network, restricting access to prohibited resources, preventing malicious network activity, and assigning quotas to individual network users. These problems are common to any type of network, from local to mobile. Solving such problems allows users to comply with regulatory requirements, ensure stable network operation, and respond in time to malicious network activity, preventing its further spread.

> Classification of network services and Internet services

Classification tasks are typical for such areas as information security, where data is classified as malicious or malicious, system administration, where incorrect network operation is diagnosed, and in the field of mobile operators and Internet providers, where network flows are classified as popular Internet services. SL DC Engine provides functionality to classify network activity through a tagging mechanism. This means that the user can independently create any tag and describe the rule for assigning it to a packet or flow (for example, tethering, fraud, etc.). This approach implies universality in matters of classification and allows users to create their tags for any purpose.

Read more in the brochure

Download brochure | pdf

Changelog

Roadmap

Documentation

Detailed documentation can be requested at: info@slinkin.tech

Yandex; Ecosystem; -; Yandex LLC is a Russian technology company that provides Internet-related products and services including a web browser, search engine, cloud computing, web mapping, online food ordering, streaming media, online shopping, and a ridesharing company. Yandex DNS; Ecosystem; -; Yandex DNS service. Yandex Cloud; Cloud; -; Yandex Cloud - a full-fledged cloud platform providing scalable infrastructure, storage, machine learning and development tools to build and enhance digital services and applications. Yandex CDN; CDN; -; Yandex Cloud CDN - a service for setting up Content Delivery Networks (CDN). Cloud CDN helps you streamline static content delivery for your web service, boost user loyalty, and improve your SEO ranking. Google; Ecosystem; -; Google LLC is an American multinational corporation and technology company focusing on online advertising, search engine technology, cloud computing, computer software, quantum computing, e-commerce, consumer electronics, and artificial intelligence (AI). Google Cloud; Cloud; -; Google Cloud is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for their own consumer products, such as Google Search, Gmail, and YouTube. Meta; Ecosystem; -; Meta Platforms, Inc. is an American multinational technology company which owns and operates Facebook, Instagram, Threads, and WhatsApp, among other products and services. Telegram; IM; -; Telegram is a cloud-based mobile and desktop messaging app with a focus on security and speed. Viber; IM; -; Viber is a cross-platform voice over IP (VoIP) and instant messaging (IM) software application owned by Japanese multinational company Rakuten, provided as freeware for the Google Android, iOS, Microsoft Windows, Apple macOS and Linux platforms. Discord; IM; -; Discord is a free communication app used by tens of millions of people to talk and hang out with their favorite creators, communities and friends. WhatsApp; IM; -; WhatsApp is an instant messaging (IM) and voice-over-IP (VoIP) service owned by technology conglomerate Meta. Microsoft 365; Ecosystem; -; Microsoft 365 is a cloud-powered productivity platform which provides the access to the following applications: Microsoft Teams, Word, Excel, PowerPoint, Outlook, OneDrive, and so much more. Microsoft Exchange; Ecosystem; -; Microsoft Exchange Service is Microsoft's email, calendaring, contact, scheduling and collaboration platform. Microsoft SharePoint; File storage; -; Microsoft SharePoint Online and OneDrive for Business. Teams; IM; -; Microsoft Teams is a team collaboration application developed by Microsoft as part of the Microsoft 365 family of products, offering workspace chat and video conferencing, file storage, and proprietary and third-party application integration. Vkontakte; Social network; -; VK (VKontakte) is a Russian online social media and social networking service based in Saint Petersburg. YouTube; Social Media; -; YouTube is an American social media and online video sharing platform owned by Google. APNS; Notification; -; Apple Push Notification service (APNs), previously known as Apple Push Service (APS), is a platform notification service created by Apple Inc. that enables third party application developers to send notification data to applications installed on Apple devices. DNSCrypt; Protocol; -; DNSCrypt is a protocol that authenticates communications between a DNS client and a DNS resolver. DNS over TLS; Protocol; -; DNS over TLS (DoT) is a network security protocol for encrypting and wrapping Domain Name System (DNS) queries and answers via the Transport Layer Security (TLS) protocol. ECH; Protocol; -; Encrypted Client Hello (ECH) is a TLS Extension which enhances the privacy of website connections by encrypting the TLS Client Hello with a public key fetched over DNS.

FAQ

User:

Which version of the C++ standard is used in the DC Engine?

Support:

C++20
User:

Where can I find a list of supported protocols?

Support:

Documentation is available upon request. The list of protocols, services, and built-in extensions can be found on the product description page.
User:

Is it possible to configure network flow tagging rules?

Support:

Creating your own rules for tagging is one of the key features of our product.
User:

Is DC Engine an exclusively C++ solution?

Support:

Currently yes.
User:

What if the protocol I need is not in the supported list?

Support:

You can independently implement the extraction of the required fields through the extension mechanism. If for some reason this is not enough, then you can write to us and we will discuss adding the protocol you requested.
User:

What platforms are supported?

Support:

Unix-like, MacOS, Windows.
User:

What about performance?

Support:

Performance tests are carried out after each release. Therefore, they can be found on the release descriptions page.