What is "Deep Packet Inspection" (DPI) used for in FortiGate?

Deep Packet Inspection (DPI) in FortiGate is primarily utilized to analyze the content of packets beyond just the header information. This capability allows FortiGate devices to identify, classify, and understand the nature of the traffic traversing the network. By examining the payload of each packet, DPI can detect various application protocols, identify malware, enforce security policies, and ensure compliance with organizational guidelines.

This in-depth analysis is critical for many security functions, including threat detection and prevention, application control, and traffic management, which all rely on a comprehensive understanding of the data being transmitted. DPI enables more granular policy enforcement, as it can recognize and apply specific firewall rules to various types of traffic based on its content.

In contrast, merely inspecting header information restricts visibility and does not provide the depth needed for informed decision-making regarding traffic management or security enforcement. Monitoring bandwidth usage also requires a focus on total packet flow rather than strictly the payload, making it a separate function that does not utilize the same capabilities as DPI. Therefore, the breadth and depth of inspection offered by DPI position it as a vital feature in FortiGate products.