Stronger Cloud Firewalls and WAF with Application-Level Visibility
As firewalling functions and services are moving to the cloud, Cloud Firewalls (Cloud FW) and Web Application Firewalls (WAF) need the same application awareness and Deep Packet Inspection (DPI) capabilities as on-premise Next-Generation Firewalls (NGFW). Therefore, cloud firewall functions also benefit from embedded Next-Generation Deep Packet Inspection (NG DPI).
NG Cloud FW Functions
Supported by NG DPI
Boosting Cloud Firewalls and WAF with Enea Qosmos NG DPI Engine
- Enea’s Qosmos ixEngine® is an embedded NG DPI engine that delivers the detail and quality of traffic intelligence that enables application-level visibility, strengthening your firewall solutions and providing the differentiation to set you apart from competition.
- Qosmos ixEngine provides real-time contextual information about applications, users, data, devices, files and flows. This information also supports the development of extended firewall services, such as DDoS protection, email security, and malware detection. Offering such services can increase your revenue and boost customer satisfaction and loyalty.
The Role of Enea Qosmos Technology in Web Application Firewalls
Examples of Enhanced WAF Functions Enabled by Qosmos ixEngine
- Reveal applications (e.g., eProxy, HTTP Injector) that combine techniques such as protocol header customization, proxies, tunneling & domain fronting, to evade detection.
- Detect executables concealed in HTTP requests, such as code used in injection attacks (SQL, ORM, EL, LDAP, etc.).
- Detect domain fronting used to evade URL filtering.Use metadata and metrics related to traffic flows, applications, services, data, users, and devices for heuristics-based detection of DDoS attacks.
- Use metadata and metrics related to traffic flows, applications, services, data, users, and devices for heuristics-based detection of DDoS attacks.
Benefits for Web Application Firewalls
- Improve detection of advanced Layer 7 attacks.
- Enhance log-based monitoring with ultra-reliable telemetry data.
- Expand whitelists and blacklists.
- Improve detection of malicious traffic using spoofing techniques to avoid detection.
The Advantages of Enea Qosmos Technology in Cloud Firewalls
Examples of NG Cloud FW Functions Enabled by Qosmos ixEngine
- Detect a mismatch between a file type and MIME announcement.
- Extract and analyze a URL in an email body.
- Block access to a database if the source [email protected] is not valid.
- Incorporate custom signatures into rulesets.
- Use file reconstruction capability to provide objects to anti-virus / malware detection.
- Detect tunneling or obfuscation (protocols such as iodine, openvpn, psiphon, tor, etc.)…
Benefits for Cloud Firewalls
- Gain roadmap control by transforming a Cloud FW into a NG Cloud FW.
- Accelerate time-to-market by outsourcing a high-maintenance technology.
- Enable smart security steering from the 1st packet.
- Maximize functions that can be executed without decryption.