High Performance Traffic Visibility for Cloud Security and SSE
Gartner’s Security Service Edge (SSE) concept offers a highly-scalable and convenient model for providing users everywhere with safe access to the Internet, Web, XaaS services, and private apps. SSE uses edge clouds to deliver security services via three primary components:
- A Secure Web Gateway (SWG) for managed device access to the Internet, Web and non-Corporate SaaS,
- A Cloud Access Security Broker (CASB) for access by managed and unmanaged devices to SaaS and cloud apps, and
- A Zero Trust Network Access (ZTNA) framework for secure access to private apps and data assets (on premise or in the cloud) by managed and unmanaged devices.
Each of these core functions requires detailed visibility into global network traffic for each enterprise customer. This visibility, provided by next-generation Deep Packet Inspection (NG DPI), includes accurate identification of applications and services in both encrypted and clear flows, and granular insights into evasive and anomalous traffic to support threat detection. An accurate detailed view of traffic is also essential to all other SSE components, such as Data Loss Prevention (DLP), a Next Generation Cloud Firewall (NG CFW), a Web Application Firewall (WAF), and an Intrusion Detection/Prevention System (IDS/IPS), and Extended Threat Detection and Response (XDR).
SSE Architecture:
All Functions Can Embed or Use Enea Qosmos ixEngine Output
Next-Gen DPI for SSE
Enea Qosmos NG DPI Engine Benefits for Security Service Edge (SSE) Core Functions:
ZTNA (Zero Trust Network Access)
- Detect subtle authentication red flags
- Safely and instantly breakout trustworthy traffic
- Achieve fine-grained micro-segmentation
- Rapidly detect and respond to sophisticated breaches of trust
SWG (Secure Web Gateways)
- Develop granular policies based on actions within specific applications
- Improve reactivity by detecting potential threats from the first packet in a flow
- Protect privacy by using encrypted traffic classification to reduce the need for decryption
- Gain efficiency by meeting the inspection needs of multiple SWG functions with a single NG DPI instance
CASB (Cloud Access Security Broker)
- Enhance CASB with shadow IT discovery
- Create more accurate – and more compact – audit trails
- Create accurate behavioral profiles for effective anomaly detection
- Boost performance for high-volume, multi-tenant deployments without sacrificing granular visibility
WHITE PAPER
How SSE Vendors Use Next-Generation DPI for Market Success
Benefits
Enea Qosmos ixEngine for SSE
Fast Ramp Up
- Reduces technical complexity of SEE solutions
- Enables innovation, including ML- & AI-based enhancements
- Enables a better customer experience
- Accelerates time-to-market
Maximum Visibility with Unique Insights
- Accurate classification of 4500+ protocols
- Classification of encrypted and evasive traffic
- Extraction of 1000s of types of application, service, user, device, transaction and flow metadata
- First Packet Advantage (industry-leading 1st packet classification)
- Network (and containerized cloud) function virtualization to support single-pass DPI architectures
- Modules for custom signatures and file inspection, and a customizable rules engine and device classification engine
DATASHEET
Enea Qosmos ixEngine: Next-Generation DPI Engine for Maximum Traffic Visibility
Cloud Security
Latest Blogs and Articles
The Future of SASE: Nothing is Certain Except Death, Taxes… and SASE. Read Article
5 Actionable Takeaways for Cybersecurity Vendor Roadmaps. Read Article
Four Pragmatic Ways AI is Already Improving Zero Trust Network Access. Read Article
How to Build Stronger SSE Solutions with Next Gen DPI. Read Article
