ENEA has announced its QosmosixEngine 5.3, a Deep Packet Inspection (DPI) library for software developers to embed detailed, real-time visibility into networking and security products.

The software modules consist of:

  • Custom signature module: enables developers to create their own signatures in data format - gives complete control for classification of local, specific or proprietary protocols or extensions
  • Transactional DPI module: provides description of user activity within an application especially interesting for security products protecting against malware or data loss
  • Automated DPI module: classifies unknown traffic according to probability, allows early detection of protocols and applications that reduces number of unknowns while maintaining acceptable accuracy
  • Rule engine module: makes it easier to implement and modify rules for traffic management and policy control – particularly relevant for Next Generation Firewall (NGFW), Data Loss Prevention (DLP) and malware protection products
  • Deep file inspection module: efficient detection of file type, file hashing and metadata extraction for file reconstruction - required for malware detection and data loss prevention

Enhanced software development kit:

  • Enriched classification: easy-to-use metadata such as “inner transport layer,” “L7 protocol,” “top application,” “content provider”
  • Improved flow manager, with multi-instance synchronization and fallback mechanisms – important for telecom applications which require robustness and high-availability
  • Additional industrial protocol signatures to support IoT and industrial automation applications (SCADA)
  • More frequent releases of protocol signatures that can be updated without restarting application
  • Binary compatibility - no need to re-compile customer application for upgrades