1. Home
  2. >
  3. Security
  4. >
  5. SSE (Security Service Edge)

SSE

HIGH PERFORMANCE TRAFFIC VISIBILITY FOR SSE

Gartner’s Security Service Edge (SSE) concept offers a highly-scalable and convenient model for providing users everywhere with safe access to the Internet, Web, XaaS services, and private apps. SSE uses edge clouds to deliver security services via three primary components:

  • A Secure Web Gateway (SWG) for managed device access to the Internet, Web and non-Corporate SaaS,
  • A Cloud Access Security Broker (CASB) for access by managed and unmanaged devices to SaaS and cloud apps, and
  • A Zero Trust Network Access (ZTNA) framework for secure access to private apps and data assets (on premise or in the cloud) by managed and unmanaged devices.

Each of these core functions requires detailed visibility into global network traffic for each enterprise customer. This visibility includes accurate identification of applications and services in both encrypted and clear flows, and granular insights into evasive and anomalous traffic to support threat detection. An accurate detailed view of traffic is also essential to all other SSE components, such as Data Loss Prevention (DLP), a Next Generation Cloud Firewall (NG CFW), a Web Application Firewall (WAF), and an Intrusion Detection/Prevention System (IDS/IPS), and Extended Threat Detection and Response (XDR).

SSE Architecture: All Functions Can Embed or Use Qosmos ixEngine Output

SSE Architecture: All Functions Can Embed or Use Qosmos ixEngine Output

QOSMOS IXENGINE BENEFITS

ZTNA (ZERO TRUST NETWORK ACCESS)

  • Detect subtle authentication red flags
  • Safely and instantly breakout trustworthy traffic
  • Achieve fine-grained micro-segmentation
  • Rapidly detect and respond to sophisticated breaches of trust

SWG (SECURE WEB GATEWAYS)

  • Develop granular policies based on actions within specific applications
  • Improve reactivity by detecting potential threats from the first packet in a flow
  • Protect privacy by using encrypted traffic classification to reduce the need for decryption
  • Gain efficiency by meeting the inspection needs of multiple SWG functions with a single NG DPI instance

CASB (CLOUD ACCESS SECURITY BROKER)

  • Enhance CASB with shadow IT discovery
  • Create more accurate – and more compact – audit trails
  • Create accurate behavioral profiles for effective anomaly detection
  • Boost performance for high-volume, multi-tenant deployments without sacrificing granular visibility

MAXIMUM VISIBILITY WITH UNIQUE INSIGHTS

  • Accurate classification of 3700+ protocols
  • Classification of encrypted and evasive traffic
  • Extraction of 1000s of types of application, service, user, device, transaction and flow metadata
  • First Packet Advantage (industry-leading 1st packet classification)
  • Network (and containerized cloud) function virtualization to support single-pass DPI architectures
  • Modules for custom signatures and file inspection, and a customizable rules engine and device classification engine

FAST RAMP UP

  • Reduces technical complexity of SEE solutions
  • Enables innovation, including ML- & AI-based enhancements
  • Enables a better customer experience
  • Accelerates time-to-market
Qosmos ixEngine: Next-Generation Deep Packet Inspection (DPI) for Maximum Traffic Visibility
First Packet Processing: Boost the Performance of SD-WAN and SASE
Improve Suricata’s Ability to Detect Threats in Evolving Networks with Enea Qosmos Traffic Intelligence
DPI & Traffic Classification for SASE