Enea, a global supplier of innovative software components for telecommunications and cybersecurity, and genua GmbH, a German specialist for IT security and a member of Bundesdruckerei Group, has selected the Enea Qosmos ixEngine as the embedded network traffic classification engine for its cognitix Threat Defender platform.
The cognitix Threat Defender is an innovative Network Threat Detection and Response (NDR) platform that combines the best known-threat protection capabilities of Intrusion Detection and Prevention Systems (IDS/IPS) with defense against unknown threats through unique Network Traffic Analysis (NTA) capabilities.
To identify unknown threats, like new malware, advanced persistent threats and zero day attacks, the cognitix Threat Defender performs inline, real‐time correlation that reveals hidden behaviors, patterns and threats, by connecting security and network events across time and flows and analyzing them using models of user, device and threat behavior.
This combination of reactive and proactive capabilities, and its lightweight, programmable architecture, make it an integral component of genua’s Security Defined Network solution, which uses network segmentation, managed decentralization of rules definition and enforcement, and NTA to balance the demand for high application and data availability with the need for ultra-reliable protection of critical assets.
To ensure maximum performance for the IDS/IPS and NTA functions within the cognitix Threat Defender and the Security Defined Network framework it supports, genua needed an industrial-grade traffic classification and metadata engine that would provide the most comprehensive, accurate and reliable L2 to L7 packet and flow data available, along with essential insights into evasive and encrypted traffic, while transferred data remains encrypted and confidential.
As genua provides endpoint, perimeter and network security for highly sensitive environments, including critical infrastructure, industrial plants and classified public authority networks, genua undertook an evaluation of available commercial classification engines that was as rigorous as the development and testing methods applied to their own products.
At the end of this process, genua chose Enea’s Qosmos ixEngine. It provides the broadest and most reliable identification of protocols, applications and services in traffic streams, and it features advanced, multi-layer analytics that boost classification accuracy, deliver insights into packet and flow behavior, and provide insights into evasive and encrypted traffic, while transferred data remains encrypted and confidential.
It further provides file reconstruction metadata that enables reconstruction of suspicious files without mandatory full packet and file capture and storage. In summary, ixEngine met genua’s strict requirements and offered additional features that would complement and enhance the capabilities of the cognitix Threat Defender.
“As networks have evolved, it has become critical to implement intelligent network security as a second line of defense to existing endpoint- and perimeter-based threat detection and response systems. This is true for everyone, but especially so for our critical network customers, for whom the stakes of a breach are very high,” stated Arnold Krille, Head of Development for cognitix Threat Defender. “We are therefore very pleased to partner with Enea to ensure that our platform provides the most effective and reliable network defense possible. And we are happy to have found a partner whose focus, rigor and commitment to quality matches that of our own development team.”
Jean-Philippe Lion, Senior Vice President of the DPI Business Unit at Enea, similarly appreciates the shared values of the teams, and is looking forward to evolving together to meet future challenges: “For the past twenty years, we have dedicated ourselves exclusively to delivering the most accurate, comprehensive traffic visibility possible so that our telecommunications, networking and cybersecurity vendors could continuously innovate and thrive in competitive, constantly-evolving markets. We look forward to supporting genua through its innovation journey as it continues to develop the unique blend of data analytics, threat intelligence and artificial intelligence that makes cognitix Threat Defender such an exceptional product.”
TelecomDrive is an effort to create a unique content focused platform for the telecoms and communications segment.