RAISE THE PERFORMANCE OF YOUR NETWORK SECURITY SOLUTIONS WITH DPI-BASED IP CLASSIFICATION, METADATA EXTRACTION AND CONTENT EXTRACTION
Distinguishing potential threats from legitimate traffic requires granular visibility into data packets, implying the management and analysis of huge amounts of data, often complicated by the high number of false positives. Achieving the level of detail and speed of analysis to effectively detect and contain attacks before harm is done is a major challenge. Qosmos Deep Packet Inspection (DPI)-based software analyzes the data packets of traffic flows in real time, up to the application level. Embedded in cyber security solutions, it immediately detects suspicious activity and raises the alert to possible threats. This allows rapid containment and remediation of attacks, giving your solutions the edge in performance and reliability.
HOW DOES IT WORK?
Enea's Qosmos technology is supplied as a software development kit (Qosmos ixEngine®) or as a network probe (Qosmos Probe). Conceived with developers in mind, Qosmos technology integrates quickly and easily into existing or new products in physical, SDN and NFV architectures, improving functionality and reducing time to market.
Enea's flagship DPI product, Qosmos ixEngine, recognizes over 3100 protocols and can extract over 5000 metadata, more than any other DPI library on the market, giving the most detailed view of network traffic available. It can analyze data flows in real time at n x 10 Gpbs with negligible impact on network resources. This granular visibility enables security solutions to accurately map traffic flows, understand network activity and immediately identify suspicious behaviour, raising the speed and effectiveness of malware detection. Qosmos ixEngine is composed of software libraries, modules and tools and can be fully configured to meet the specific needs of security solutions.
Based on Qosmos ixEngine, the Qosmos Probe has been developed to provide non-intrusive visibility into network infrastructures. It identifies the application behind each IP session and delivers detailed metadata from protocols and applications. Relevant classification information and metadata is available either in real time, via an API, or from a standard database with an open data model (the Qosmos Traffic Matrix).
QOSMOS' UNPARALLELED SECURITY CAPABILITIES
Qosmos products provide different levels of visibility according to solution needs:
- Active security policy enforcement (NGFW, UTM, etc.): traffic classification and metadata extraction
- Detailed content analysis (malware protection, DLP, etc.): extraction of file content and metadata
USE CASES FOR QOSMOS IXENGINE
THE BENEFITS OF QOSMOS TECHNOLOGY
- Go beyond protocol classification and bolster IT security with protocol metadata – the attributes of a session that show application behavior such as a Facebook user launching a video.
- Focus your development resources on building great security products, not reinventing DPI technology.
- Benefit from fully up-to-date protocol signatures. Our DPI library is the most extensive on the market and is constantly updated with new signatures.
- Hot-swap signature updates ensure there is no service interruption to your product.
- Qosmos tools let you develop custom, proprietary protocol signatures.
Demo of Qosmos DPI Engine for Cybersecurity Applications
Leveraging DPI in Cybersecurity Solutions (on-demand webinar by IHS Markit)