1. Home
  2. >
  3. Products
  4. >
  5. Traffic Intelligence Expertise



Qosmos Deep Packet Inspection (DPI)-based technology identifies data traveling over networks in real time, providing a true picture of the traffic by identifying protocols, types of application, and extracting additional information in the form of metadata. Qosmos DPI engine recognizes over 3600 protocols – more than any other on the market. Equipment makers, telco and enterprise software vendors use the technology to gain application visibility, accelerate time to market and benefit from continuous signature updates.

Enea’s Qosmos technology typically recognizes over 97% of network traffic including regional applications. Each Qosmos signature is augmented with specific characteristics (such as family and tags) to enhance service awareness and enable highly accurate processing.

Qosmos advanced techniques also mean that our technology can classify most types of encrypted traffic.

Qosmos network traffic classification:

  • Full support for more than 3600 protocol signatures, without counting specific workflows and application variants
  • Identification of service types within applications, e.g. chat, video, voice, file transfer
  • Recognition rate of fully encrypted protocols based on new statistical algorithms with self-learning capabilities. Applications like Vuze®, uTorrent®, BitTorrent® are correctly identified 95% of the time
  • Custom Signature Module to create customized signatures for any category of application including URLs, HTTP based applications, binary applications, etc.


Qosmos Labs has accumulated more than 10 years of expertise in identifying IP protocols and applications and detecting their changes. This enables us to remain one step ahead of the competition and provide our customers with the most complete and reliable DPI and classification engine.

Our international team of protocol experts and developers work around-the-clock gathering traffic samples and reverse engineering new protocols. Our long experience ensures a solid software supply chain based on robust processes and in-house tools, such as the Protocol Development Language (PDL) and protocol signatures in data format, that we have developed to speed up protocol plugin development and make our technology more accurate while ensuring the highest standards of quality.

Qosmos can also provide the tools for customers who want to develop specific signatures themselves.

Continuous Protocol and Application Updates


Beyond complex protocols which have to be tested in different configurations (e.g. throttling and blocking workflows), Qosmos also performs a series of automated tests to ensure that classification is free from false positives.

In order to handle more complex applications and increasing encryption, Qosmos Labs has added new approaches to identify protocols, based on a combination of advanced techniques: e.g. behavioral recognition, regexp, statistical analysis, flow correlation, and DNS matching.

Qosmos ixEngine: Next-Generation Deep Packet Inspection (DPI) for Maximum Traffic Visibility
Classification for Encrypted & Evasive Traffic
Using Cyber Sensors to Detect Advanced Threats – Case Study: Sunburst Attack via Solarwinds
First Packet Processing: Boost the Performance of SD-WAN and SASE