Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document.
Note: Even the most advanced machine translation cannot match the quality of professional translators.
Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
SA
SA can be used for application identification. SA performs in-depth packet analysis and accurately identifies common applications based on the signatures in application payloads.
SA identifies applications through the predefined SA signature database or in customized mode. Generally, the built-in SA signature database of the system contains signatures of common SA applications, which can be used to identify various SA applications. The built-in SA applications in the system are called predefined SA applications and can be updated only through upgrades. You can also define an SA application that does not exist in the system based on its signatures, which is called a user-defined SA application.
Implementation
- Predefined SA applications are identified based on the SA signature database. In the SD-WAN scenario, Huawei provides the SA_H30071000 and SA_H30071002 signature databases, which are called signature databases 0 and 2, respectively. Signature database 0 contains more than 6000 applications, while signature database 2 contains more than 500 applications. The SA signature database needs to be updated in a timely manner because applications on the live network change rapidly. If the SA signature database is not updated in a timely manner, some applications may fail to be identified.
- User-defined SA applications are identified based on the 3-tuple and keywords. On the CPE, rules can be created based on the 3-tuple, keyword, or a combination of them. The 3-tuple refers to the server IP address, protocol type, and port number. The keywords are signatures of a data packet or a data flow corresponding to an application and uniquely identify the application.