Home » Sectors » Enterprise
Next Generation Firewalls

The Challenge

Firewalls can no longer use ports to effectively classify traffic. Today’s firewalls must have full traffic visibility independently of ports, using Deep Packet Inspection (DPI). Firewall vendors risk spending considerable time and money developing technology such as DPI and keeping up with constantly changing protocols and applications that make networks vulnerable.

Qosmos Solution

  • Qosmos ixEngine is used to identify and extract information traveling over networks in real time, giving firewalls complete application visibility irrespective of port and protocol.
  • Continuously updated application classification and signature database.

Benefits for firewall vendors

1) Control

  • Non-intrusive Qosmos building-blocks provide total application visibility while keeping firewall vendors in control of security strategy and complete solutions

2) Flexibility

  • Ability to extract the exact traffic information needed
  • Qosmos ixEngine optimized for market leading processors (Intel x86, Cavium, Tilera, etc.)

3) Performance

  • Qosmos ixEngine software code enables firewalls to parse traffic with maximum accuracy and low latency, up to multi-Gbps throughputs
  • Recognition of hundreds of protocols and networked applications, and thousands of metadata
  • Qosmos technology, already deployed in carrier-class networks and in the most demanding government cyber security environments

Example of Implementation

Qosmos ixEngine for Next Generation Firewalls

Information Extracted

Recognized protocols and applications (sample)

  • Network protocols (IP, TCP, UDP, etc.)
  • Email (smtp, pop3, imap, Lotus Notes, etc.)
  • Webmails (gmail, yahoo mail, outlook web access, etc.)
  • Web applications (HTTP, web browsing, instant messaging, Skype, Google maps, etc.)
  • File transfer protocols (FTP, Jabber, AIM file transfer, etc.)
  • P2P applications (eDonkey, BitTorrent, Gnutella, etc.)
  • Streaming (VoIP, media streaming, etc.)
  • Business applications (CRM, ERP, appliance or web mode, etc.)
  • Database protocols (MySQL, Postgress, etc.) Online gaming

Extracted information (sample)

  • HTTP: visited URL, URI
  • Email, webmails and messaging: logging, sender, receiver(s), attached document (type, name, content) etc.
  • File transfer: login, file type, file name, file content, etc.