ENEA’s QosmosixEngine 5.3 DPI library aims to embed detailed, real-time visibility into networking and security products.
ENEA has announced its QosmosixEngine 5.3, a Deep Packet Inspection (DPI) library for software developers to embed detailed, real-time visibility into networking and security products.
The software modules consist of:
Custom signature module: enables developers to create their own signatures in data format – gives complete control for classification of local, specific or proprietary protocols or extensions
Transactional DPI module: provides description of user activity within an application especially interesting for security products protecting against malware or data loss
Automated DPI module: classifies unknown traffic according to probability, allows early detection of protocols and applications that reduces number of unknowns while maintaining acceptable accuracy
Rule engine module: makes it easier to implement and modify rules for traffic management and policy control – particularly relevant for Next Generation Firewall (NGFW), Data Loss Prevention (DLP) and malware protection products
Deep file inspection module: efficient detection of file type, file hashing and metadata extraction for file reconstruction – required for malware detection and data loss prevention
Enriched classification: easy-to-use metadata such as “inner transport layer,” “L7 protocol,” “top application,” “content provider”
Improved flow manager, with multi-instance synchronization and fallback mechanisms – important for telecom applications which require robustness and high-availability
Additional industrial protocol signatures to support IoT and industrial automation applications (SCADA)
More frequent releases of protocol signatures that can be updated without restarting application
Binary compatibility – no need to re-compile customer application for upgrades