Enea Qosmos ixEngine – Performance Booster for Suricata IDS/IPS

Additional Info

Company size (employees)500 to 999
Headquarters RegionEurope
Type of solutionSoftware


Suricata is one of the most widely used Intrusion Detection and Prevention Systems (IDS/IPS). However, as an open-source solution, its visibility is limited making it blind to certain types of advanced threats. It also generates a large number of false positive alerts and consumes considerable hardware resources. This can severely reduce its effectiveness.
Enea’s Qosmos ixEngine® is a deep packet inspection (DPI) engine that uses advanced traffic identification and specially developed techniques to bring full traffic visibility to cybersecurity solutions while optimizing resources. It can now be integrated with Suricata to enhance accuracy and performance and significantly improve threat detection.
Recognizing more protocols and applications than any other commercial DPI engine, it provides granular insights into network activity and can even detect threats cloaked by evasive techniques such as tunneling, encryption, and spoofing. This highly detailed traffic classification combines with contextual traffic metadata to improve threat hunting and forensics and can also reduce the number of alerts by a factor of 10. Qosmos ixEngine’s expanded application and protocol recognition can be used to improve whitelists and blacklists, even for encrypted traffic.
Qosmos ixEngine integrates easily and seamlessly with Suricata, preserving the existing work environment, including rules and alert management, so that it has minimal impact on existing processes. It also optimizes use of system resources, dividing requirements for memory, CPU resources and data storage by a factor of 2.

How we are different

• Enea’s Qosmos ixEngine® is a DPI-based traffic intelligence engine that is unique in its ability to boost the performance of Suricata’s threat detection capabilities with minimal impact on existing processes while optimizing system resources.

• Qosmos ixEngine software uses advanced protocol recognition and flow classification to deliver granular traffic visibility that improves Suricata’s threat hunting and forensics, optimizes whitelists and reduces the number of false positives.

• Qosmos ixEngine uses innovative techniques such as machine learning to identify and classify encrypted traffic and reveal threats hiding behind tunneling and spoofing.