Technology Blog

Application Classification

Super Contributor II

Sean.jpg

 

In the past, the list of mobile applications was small and the impact they could have on a network was just as small. Checking email and light surfing would be the upper limit of what someone would do from a mobile application. Over the last few years the demand of mobile apps has exploded. Now, it seems there is an app for everything. This is wonderful news if you are a user.

 

With my phone I am able to do almost anything I would want to do on the Web. Skypeing friends, watching NFL Sunday Ticket, purchasing products, tweeting, and even texting is done via a phone on mobile carrier service or Wi-Fi. The reason I mention texting is that a lot of people are starting to use mobile apps instead of the phone’s native texting applications. Most carriers still charge for text messaging even if you have a data plan.

 

All these applications can drastically eat away at a user’s 2 GB data plan. Most people choose to connect to Wi-Fi when possible to save themselves from going over their data plan. Mobile apps are not just used for fun. Apps such as Cisco’s Jabber and Webex can be used to connect and collaborate wirelessly on most mobile devices. This is also great if you are the user. But let’s say (especially because you are reading this) you are the network administrator. How do you handle this new huge burden?

 

With so many requests for data, it is time to find a solution. Application classification will allow you to determine the applications that mobile devices use. This is accomplished in several ways. The device MAC address and DHCP fingerprinting can help classify the device. Once the device starts to transfer data, analysis can take place. Looking at what ports the data is using will help determine the type of data. Classification can be accomplished by looking at where the data is going and coming from. Having a large database of known mobile apps, their destinations, and type of data will help to easily classify them.

               

So, why would I want to have application classification? If you are able to classify the applications then you are able to fine tune your network with exactly what you want to allow your users to do. It would be possible to block application data as well as throttle it when required.

 

Let’s use an office employee network as an example:   I want my employees to be able to get to company assets to help them perform their jobs. I do not necessarily want them watching Netflix on their iPads. With application classification, I would be able to easily limit the use of unwanted apps.

               

A large amount of companies are starting to offer free guest wireless. This service is usually throttled at the AP or the controller, and the bandwidth limit is usually placed on a user or the group of users as a whole. With application classification features, it could be possible to throttle also on an application basis. This would give the network administrator even more fine tuning abilities.

               

Mobile apps are here to stay. Their bandwidth demand will keep growing. The need to classify, limit, or even prevent these applications is at an all-time high. Many vendors are hitting the market with this feature to help us with this problem. I am excited to see and will be looking forward at the capabilities they bring to the table.

               

What do you guys think is needed in application classification? What solutions are out there? What solutions are you using? Why would you like to see more in depth device and application classification?

               

 

Comments
Guest Blogger

Hi Sean,

 

Some great points regarding application classification. I do, however, believe that one very important point has been missed. Application classification has been around for quite some time now outside of the WLAN world. As someone who comes out of the infosec world, I can say that I've been doing this on the wired LAN quite effectively for awhile already with customers.

 

I think the really important thing to emphasize in this case, is that in the past the application intelligence has been sitting with the perimeter defenses. Now, we are starting to see that intelligence get pushed out to the access layer. This allows for the enforcement of filtering and traffic-shaping policies much sooner and closer to the client than before. Like you said, the need to classify, limit or even prevent applications is at an all-time high. I would say the need to enforce these application policies at the access layer, or as close to the access layer as possible, is also at an all-time high; especially with the speeds available with 802.11n and the up-coming 802.11ac standard. 

 

Again, really good post and I share you enthusiasm for application classification and how it can be used to help us handle the onslaught of mobile devices and the apps they bring with them.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Read all about it! If it’s happening now, it’s in the community.

Check out the latest blogs from your community team, the community experts and other industry sources.
Labels