• noride@lemm.ee
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Look up NBAR for the basic idea. Each vendor has their own ‘secret sauce’ implementation, Palo Alto only needs 9 bytes of payload for disambiguation, iirc.