Distinguishing potential threats from legitimate traffic requires granular visibility into data packets, implying the management and analysis of huge amounts of data, often complicated by the high number of false positives. Achieving the level of detail and speed of analysis to effectively detect and contain attacks before harm is done is a major challenge. Qosmos Deep Packet Inspection (DPI)-based software analyzes the data packets of traffic flows in real time, up to the application level. Embedded in cybersecurity solutions, it immediately detects suspicious activity and raises the alert to possible threats. This allows rapid containment and remediation of attacks, giving your solutions the edge in performance and reliability.
Enea’s Qosmos technology is supplied as a software development kit (Qosmos ixEngine®) or as a network probe (Qosmos Probe). Conceived with developers in mind, Qosmos technology integrates quickly and easily into existing or new products in physical, SDN and NFV architectures, improving functionality and reducing time to market.
Enea’s flagship DPI product, Qosmos ixEngine, recognizes over 3100 protocols and can extract over 5000 metadata, more than any other DPI library on the market, giving the most detailed view of network traffic available. It can analyze data flows in real time at n x 10 Gpbs with negligible impact on network resources. This granular visibility enables security solutions to accurately map traffic flows, understand network activity and immediately identify suspicious behaviour, raising the speed and effectiveness of malware detection. Qosmos ixEngine is composed of software libraries, modules and tools and can be fully configured to meet the specific needs of security solutions.
Based on Qosmos ixEngine, the Qosmos Probe has been developed to provide non-intrusive visibility into network infrastructures. It identifies the application behind each IP session and delivers detailed metadata from protocols and applications. Relevant classification information and metadata is available either in real time, via an API, or from a standard database with an open data model (the Qosmos Traffic Matrix).
Qosmos products provide different levels of visibility according to solution needs: