Enea®, a global supplier of innovative software components for telecommunications and cybersecurity, and genua GmbH, a German specialist for IT security and a member of Bundesdruckerei Group, announced that genua have selected the Enea Qosmos ixEngine as the embedded network traffic classification engine for its cognitive Threat Defender platform.
The cognitix Threat Defender is an innovative Network Threat Detection and Response (NDR) platform that combines the best known-threat protection capabilities of Intrusion Detection and Prevention Systems (IDS/IPS) with defense against unknown threats through unique Network Traffic Analysis (NTA) capabilities.
To identify unknown threats, like new malware, advanced persistent threats, and zero-day attacks, the cognitix Threat Defender performs inline, a real-time correlation that reveals hidden behaviors, patterns, and threats, by connecting security and network events across time and flows and analyzing them using models of user, device and threat behavior.
This combination of reactive and proactive capabilities, and its lightweight, programmable architecture, make it an integral component of genua’s Security Defined Network solution, which uses network segmentation, managed decentralization of rules definition and enforcement, and NTA to balance the demand for high application and data availability with the need for ultra-reliable protection of critical assets.
To ensure maximum performance for the IDS/IPS and NTA functions within the cognitix Threat Defender and the Security Defined Network framework it supports, genua needed an industrial-grade traffic classification and metadata engine that would provide the most comprehensive, accurate and reliable L2 to L7 packet and flow data available, along with essential insights into evasive and encrypted traffic, while transferred data remains encrypted and confidential.
As genua provide endpoint, perimeter, and network security for highly sensitive environments, including critical infrastructure, industrial plants, and classified public authority networks, genua undertook an evaluation of available commercial classification engines that was as rigorous as the development and testing methods applied to their own products.
At the end of this process, genua chose Enea’s Qosmos ixEngine. It provides the broadest and most reliable identification of protocols, applications, and services in traffic streams, and it features advanced, multi-layer analytics that boosts classification accuracy, deliver insights into a packet and flow behavior, and provide insights into evasive and encrypted traffic, while transferred data remains encrypted and confidential.
It further provides file reconstruction metadata that enables the reconstruction of suspicious files without mandatory full packet and file capture and storage. In summary, ixEngine met genua’s strict requirements and offered additional features that would compliment and enhance the capabilities of the cognitix Threat Defender.
“As networks have evolved, it has become critical to implement intelligent network security as a second line of defense to the existing endpoint- and perimeter-based threat detection and response systems. This is true for everyone, but especially so for our critical network customers, for whom the stakes of a breach are very high,” stated Arnold Krille, Head of Development for cognitix Threat Defender. “We are therefore very pleased to partner with Enea to ensure that our platform provides the most effective and reliable network defense possible. And we are happy to have found a partner whose focus, rigor, and commitment to quality match that of our own development team.”