As the networking landscape rapidly shifts with data, applications, and infrastructure migrating to the cloud, Enea, a leader in telecom and cybersecurity, has launched its Qosmos Threat Detection SDK. This SDK addresses the limitations of conventional intrusion detection systems (IDS), which struggle to meet the evolving demands of cloud-based, multifunction security platforms.
Filling the Gap in Conventional IDS
Traditional IDS platforms have become increasingly important as traditional network perimeters disappear, but they often fall short in terms of scalability and performance in modern cloud environments. Enea’s Qosmos Threat Detection SDK offers a comprehensive approach to IDS that meets both technical and functional threat detection requirements. It combines Suricata’s industry-leading IDS functionalities with Enea’s Qosmos ixEngine, thereby eliminating the need for double packet processing and significantly accelerating parsing speed.
Performance and Scalability
The SDK doubles the performance by leveraging Enea’s Qosmos ixEngine for packet acquisition and parsing. By optimizing resources, it vastly expands traffic insights, providing significantly higher native throughput than traditional IDS systems.
Jean-Pierre Coury, Vice President of Enea Traffic Intelligence, added, “Faced with the performance and scale requirements of today’s cloud-centric, multifunction IT platforms, traditional IDS/IPS systems are falling behind. Enea Qosmos Threat Detection SDK meets these challenges with a threat detection engine delivered in the format of a software development kit capable of tight integration with third-party solutions, easy customization, and radically improved cybersecurity performance.”
Enhanced Accuracy and Customizability
One of the SDK’s key features is its full traffic visibility, even into encrypted communications. Coupled with enhanced parsing capabilities, this significantly reduces both false negatives and false positives. The SDK allows for the easy creation of custom rulesets, providing cybersecurity solution developers with more accurate and rapid threat detection capabilities.
Roy Chua, Founder and Principal at AvidThink, added, “Modern cybersecurity models rely heavily on DPI. A strong DPI engine not only enables better network traffic visibility but also provides the data needed to create custom rules specific to each environment.”
Simplified Integration and Deployment
Designed with cybersecurity software developers in mind, the Qosmos Threat Detection SDK allows for tight integration into various cybersecurity solutions while maintaining flexibility and scalability. It supports standard rulesets with Suricata syntax, making deployment easier. The SDK also makes Qosmos ixEngine metadata available in rule syntax, further improving threat detection and simplifying integration.
To learn more please visit: https://www.enea.com/solutions/dpi-traffic-intelligence/threat-detection-sdk/
