Enea Qosmos Probe 2.1 enables advanced cyber threat detection and forensics
Enea announced the availability of the Qosmos Probe 2.1, the award-winning Deep Packet Inspection (DPI) sensor that enables advanced cyber threat detection and forensics.
Integrated into open source and commercial cybersecurity solutions, the Qosmos Probe DPI sensor enables the deep traffic intelligence and global network visibility that is essential for successful Network Traffic Analysis (NTA).
NTA is an emerging behavioral approach to network monitoring that is building an impressive track record of detecting suspicious activities that existing tools miss, especially advanced persistent threats (APTs).
Accordingly, leading Systems Integrators, Managed Security Service Providers (MSSPs), and Managed Detection & Response (MDR) providers are actively seeking to enhance their cybersecurity offerings with NTA capabilities.
The Qosmos Probe is designed to help them succeed with NTA-enhanced solutions that are both highly differentiated and lower cost than conventional endpoint- and perimeter-only strategies. Now, the 2.1 product release makes it easier for solutions providers to deploy and manage the DPI sensors essential to successful NTA.
The Qosmos Probe 2.1 release provides a single, standards-based management agent – the Enea On-Device Management (ODM) software – for configuring, monitoring and controlling physical and virtual network functions across a cluster of probes.
In addition, the new release helps administrators tame the data deluge with powerful, granular control over which packets are captured from live streams, and which traffic data elements are stored – or flushed.
It’s an invaluable capability for controlling data storage requirements, eliminating low value or no-value data from the analytics lifecycle, and fully customizing the extraction of traffic information and KPIs for end-customer environments.
It is easy to do: input and output filtering is accomplished with the use of simple Boolean operators (and, or, not) and comparison functions (=, >, >=, <, <=, ~). The Qosmos Probe is powered by the embedded Qosmos ixEngine, the most powerful DPI engine on the market, to deliver best-in-class traffic intelligence:
- Complete visibility up to the application level (OSI layer 7)
- Classification of 3300+ protocols
- Extraction of 5000+ application metadata
- Profiling and classification of encrypted traffic
- Flexible management interfaces with support for NETCONF, REST, CLI
- Standard data format exports (CSV, IPFIX, JSON, etc.)
- Connectors for open source databases (Elasticsearch, InfluxDB, etc.)
- Cloud-native architecture suitable for virtualized environments (OpenStack, VMware) and cloud-based applications
“Cybersecurity solutions providers are looking for innovative NTA-based approaches that both deliver better protection for their clients and optimize costs,” said Jean-Philippe Lion, Senior Vice President of the DPI Business Unit at Enea.
“The network traffic analytics and deep packet intelligence enabled by the Qosmos Probe offer a perfect solution to these challenges.”