L2-L7 Classification and Threat Insights for SWG
Secure Web Gateways (SWG) are invaluable for keeping networks safe when employees use corporate devices to surf the web or access non-approved SaaS applications. Deployed on-premise or on the cloud (as in SASE or SSE solutions), they include a variety of security functions such as application control, antivirus screening, intrusion detection/protection (IDS/IPS), web application filtering (WAF), sandboxing, SSL inspection and data loss prevention (DLP). To successfully fulfil its role, every SWG must provide relevant traffic intelligence to each unique function. This requires inspection of all inbound Layer 7 HTTP/HTTPs traffic, whether encrypted or not, and the accurate identification and classification of applications.
Enea’s embedded next-generation Deep Packet Inspection engine (NG DPI), Qosmos ixEngine, provides advanced traffic intelligence that raises threat detection accuracy and improves policy enforcement. It is the only DPI engine that can provide the precision, granularity and extended performance required for today’s SWG requirements.
Next-Gen DPI for SWG
Enea’s Next-Gen DPI Engine, Qosmos ixEngine, allows Secure Web Gateways (SWG) vendors to:
- Develop granular policies based on actions within specific applications
- Improve reactivity by detecting potential threats from the first packet in a flow
- Protect privacy by using encrypted traffic classification to reduce the need for decryption
- Gain efficiency by meeting the inspection needs of multiple SWG functions with a single Enea Qosmos ixEngine instance
Raising SWG Performance with Enea Qosmos Next-Gen DPI Engine
4 of the 6 leading SWG vendors trust Enea’s NG DPI engine, Qosmos ixEngine®, to deliver the accurate application identification upon which their solutions depend, and to help them achieve differentiation via its unique next generation DPI capabilities.
Benefits
Enea Qosmos ixEngine for SWG
Maximum Visibility with Unique Insights
- Broadest and most accurate protocol & application coverage:
4300+ protocols & applications, 5900+ types of metadata, extraction of files and embedded links - Deepest coverage for Cloud/SaaS, M2M and IOT protocols. Includes ICS/SCADA and cryptocurrencies
- Continuously updated and expanded protocol library with optional custom signature support and device classification for edge access networks
- Encrypted Traffic Classification (ETC) to maintain essential visibility and detect threats without using decryption
- Detection of anomalous and evasive traffic that use techniques like complex tunneling, application & file spoofing, and domain fronting
- First Packet Advantage to enable outstanding performance by accurately classifying all traffic from the first packet
- Machine Learning Categorizer to boost first packet classification accuracy and preserve visibility in fully encrypted environments by categorizing flows by service type (e.g., streaming video, audio call)
- Cloud-scale engineering to meet even the most extreme performance throughput, speed and scaling requirements
Maximum Agility
- Ready-to-deploy commercial-grade DPI
- Flexible form factor options (C library, VNF, CNF, SW Sensor)
- Optional built-in rules engine
- Granular, well-structured ready-to-use service and transaction metadata
- Global presence delivering 24/7 professional services and support
DATASHEET
Enea Qosmos ixEngine: Next-Generation DPI for Maximum Traffic Visibility
Cloud Security
Latest Blogs and Articles
Four Pragmatic Ways AI is Already Improving Zero Trust Network Access
Read Article
How to Build Stronger SSE Solutions with Next Gen DPI
Read Article
Two ZTNA Weak Spots that Hackers can Exploit and How to Fix Them
Read Blog
Effective SSE = ZTNA + CASB + SWG + NG DPI
Read Blog
PRODUCT DEMO