With an ever increasing volume and complexity of incoming events, effective protection
requires security teams to quickly identify and validate events. Until now, these
teams had the choice between searching through system logs, NetFlow, or full packet
captures. DeepFlow DPI probes combine the essence of all 3 into a forensically accurate
flow, normalized such that it is easily consumed by SIEM/NBAD/Network Analytics tools
provided by security vendors and integrators.
Our Qosmos DeepFlow® probes are simple; plug 2/4/10 Gb/s of network traffic into
the probe, and watch it classify traffic into organized flows, describing the protocols
and relevant metadata in real time.
For SIEM vendors: Quickly integrate DeepFlow visibility into your SIEM and offer
better event correlation rules based on application behaviour from the network. Add
weight to alerting decisions when correlating between firewall and IDS events by
knowing how common a flow is compared to its peers over time.
For MSSPs: Provide a differentiating service to your customers, understand the behaviour
of customer networks, and respond quicker. Understand what is normal at your customer
site by quickly building an index of normal behaviour across time for each of your
For DDOS vendors: Detect nuances of application level denial of service attacks by
quickly distinguish characteristics of malicious traffic from good traffic. Then
use that information to build rules faster to block that traffic.
Our Qosmos DeepFlow® Application Component Suite (ACS) is a probe that identifies
applications behind each IP session and delivers detailed metadata embedded in protocol
and application flows. It can be configured to stream any data in any data structure.
DeepFlow ACS is the only configurable probe able to extract thousands of application
metadata attributes at core network speeds:
This fully customisable probe reveals the full capability of Qosmos L4-7 Network
Intelligence. It provides a variety of options and modules to personalise the information
and the format of data to be sent to the third party system consuming the data feeds.
This makes DeepFlow ACS a versatile, real-time source of information required by
solutions like QoE measurement, forensics or network analytics.
MarQuest Limited: 22 Trinity Lane, Station Square Beverley, East Yorkshire HU17 0DY Tel : +44 (0) 1482 886161 Fax: +44 (0) 1482 887060
Technical Support Centre: John Eccles House Robert Robinson Avenue Oxford, OX4 4GP