banniere_qosmonote_cybersec_oct11

YES: You Made the Right Decision When Partnering with Qosmos

Some of you probably saw the recent announcement of a large funding round for Qosmos. This investment of nearly €20 Million is one of the largest software deals in Europe this year!

So what does it mean for you as a current or potential partner?

1. Qosmos is now an even stronger company with stable investors who back the company in the long term

2. You will profit from increased Qosmos investments in products and technology

3. You will benefit from stronger Qosmos local presence and support

4. The deal validates your choice of Qosmos as a strategic partner and supplier of network intelligence technology

In other news, we just got the results of a major industry survey conducted by Heavy Reading, who concludes that there are very strong trends toward outsourcing of DPI capabilities to specialist suppliers such as Qosmos. While the survey researched the best to way to embed DPI capabilities into telecom solutions, the conclusions are pertinent to other domains, such as cyber security.

The survey was conducted in August 2011 and drew 258 responses from executives working for 122 different hardware and software vendors. In particular, almost all survey respondents say that it is getting more difficult to keep up with changes in protocols and applications. And for most, getting DPI-based products to market more quickly is increasingly important. To get all the details, you can view the webcast archive and request your own copy of the study.

I look forward to working with you to strengthen your solutions with best-in-class DPI and network intelligence!

Thibaut Bechetoille, Qosmos CEO

“Go Deep or Go Home” – Why DPI Is An Essential Component in Enterprise Cyber Security

In the quest to protect networks against threats, organizations of all sizes rely on cyber security products. Deep packet inspection (DPI) is a critical component of these solutions.

To help you choose the right approach to DPI integration into security products, check out the following webcast presented with IDC: “Go deep or go home: Why deep packet inspection is the must-have component for next-generation security solutions”

October 4th, 12 noon New York / 5:00 p.m. London

To find out more about DPI in cyber security solutions, click here

To register for the webinar, click here

Netresec_logo

Four questions to Erik Hjelmvik of Netresec

We recently sat down with Erik Hjelmvik of Netresec, the person behind the open source project SPID, which has recently been integrated with the Qosmos ixEngine SDK.

1. Qosmos: What is SPID?

Erik Hjelmvik: SPID stands for Statistical Protocol IDentification (SPID). I designed this algorithm to identify the application layer protocol in TCP sessions without relying on port numbers. The SPID algorithm performs protocol identification based on simple statistical measurements of various protocol attributes. These attributes can be defined by all sorts of packet and flow data, ranging from traditional statistical flow features to application level data measurements, such as byte frequencies and offsets for common byte-values.

2. So SPID is a behavioral detection library for protocols, where do you see SPID useful for cyber security?

SPID has been great at identifying protocols that are encrypted, without having to decrypt them. This is really interesting for classifying traffic that you probably won't spot easily any other way (BitTorrent, various SSL tunnels, Hamachi). The more unique the protocol, the more likely it can be spotted through SPID. For example, a firewall or an IPS which might have an explicit policy to block unauthorized outbound VPN connections can now find those connections on non-standard ports and block them, even if they are encrypted. Another approach is to look at the fingerprinted encrypted protocols as weights or white lists for what should be expected to be seen, and exceptions to that could raise a flag for someone to investigate the traffic.

3. That’s great; how are the protocols kept up to date, how can one add new protocols?

We've already included some sample classifications in the SPID library, but it’s quite easy to add new protocols. In most cases, SPID requires about 100 packets in order to come up with a fingerprint. This functionality can be handy in tools that are constantly looking at live streams of traffic. As the streams come in, it can even classify new protocols before it understands them, and next time the protocol shows up again on the network, it is identified based on the created fingerprint.

4. What's next for SPID?

SPID adds a valuable capability to the Qosmos ixEngine especially for encrypted traffic. I have another open source project called NetworkMiner which is a network forensics tool for Windows. I've created a commercial version called NetworkMiner Professional, which will now include SPID to identify encrypted protocols.

The Difference Between Content Inspection and Protocol Decoding

Deep Packet Inspection (DPI) is a widely used term in the cyber security area, but which can have a different meaning for different people: some use DPI to describe traffic content inspection, while others actually mean protocol decoding…

Jerome Tollet, CTO, explains the difference and why these technologies are complementary.

>> Read more on the Qosmos CTO blog

Qosmos and 6WIND Provide High-Performance Real-Time Network Intelligence Solutions

Qosmos and 6Wind have announced a partnership that will provide a high-performance integrated solution that accelerates time to market for advanced mobile, security and network applications.

Optimized packet processing software from 6WIND together with an advanced DPI engine from Qosmos create a tightly-integrated software environment that enables equipment suppliers to quickly deliver high-performance systems that meet today's requirements for LTE networks while providing the scalability necessary to address future demands for increasing bandwidth.

>> Read more

Find out more:
High-Performance Integrated Packet Processing and DPI:a whitepaper describing the benefits of a 6Wind-Qosmos integrated solution.

>> Download the whitepaper

>> 6Wind booth at 4GWorld in Chicago (24 – 27 October)

Webcasts

IDC_Logo

IDC: “Go deep or go home: Why deep packet inspection is the must-have component for next-generation security solutions”,
4th October 2011, 12 noon New York / 5:00 p.m. London.

>>Click here to register.


Heavy_reading_logo

Heavy Reading: “Embedded DPI & The New DPI Ecosystem”,

Discover the results of a major industry survey on the best to way to embed DPI capabilities into network solutions.

>>Click here to see the archived version of this webcast.

Events

smart_event_2011
11 - 13 October 2011-
London, UK
>> Request a meeting


smart_event_2011
11 - 13 October 2011- Washington DC, USA
>> Request a meeting


Broadband_world_forum_2011
9 - 10 November 2011 -Grand Copthorne Waterfront, Singapore
>> Request a meeting


CBroadband_traffic_management_forum_2011
15 - 17 November 2011,
London, UK
>> Request a meeting

New to View

Protocol and application support September 2011:

web_Protocol_and_application_support_September_2011

CTO Blog

The difference between content inspection and protocol decoding

>> Read more

Contact Us

You have received this e-mail because you are in contact with Qosmos as a valued customer or partner.
Click here to unsubscribe