ENEA’s QosmosixEngine 5.3 DPI library aims to embed detailed, real-time visibility into networking and security products.
ENEA has announced its QosmosixEngine 5.3, a Deep Packet Inspection (DPI) library for software developers to embed detailed, real-time visibility into networking and security products.
The software modules consist of:
- Custom signature module: enables developers to create their own signatures in data format - gives complete control for classification of local, specific or proprietary protocols or extensions
- Transactional DPI module: provides description of user activity within an application especially interesting for security products protecting against malware or data loss
- Automated DPI module: classifies unknown traffic according to probability, allows early detection of protocols and applications that reduces number of unknowns while maintaining acceptable accuracy
- Rule engine module: makes it easier to implement and modify rules for traffic management and policy control – particularly relevant for Next Generation Firewall (NGFW), Data Loss Prevention (DLP) and malware protection products
- Deep file inspection module: efficient detection of file type, file hashing and metadata extraction for file reconstruction - required for malware detection and data loss prevention
Enhanced software development kit:
- Enriched classification: easy-to-use metadata such as “inner transport layer,” “L7 protocol,” “top application,” “content provider”
- Improved flow manager, with multi-instance synchronization and fallback mechanisms – important for telecom applications which require robustness and high-availability
- Additional industrial protocol signatures to support IoT and industrial automation applications (SCADA)
- More frequent releases of protocol signatures that can be updated without restarting application
- Binary compatibility - no need to re-compile customer application for upgrades