Over the past years, the use of protocols such as SSL, TLS, SSH, PGP and IPsec in encrypted applications saw a steady rise. “Encryption has benefited organizations in terms of end-to-end secure communications. However, from the perspective of traffic management, it has created large visibility gaps in the network,” said Dr. Martin Mieth, VP Engineering at ipoque. “A rising number of encrypted attacks on today’s networks indicates the need for traffic monitoring and inspection technologies that are more advanced to detect threats hidden in those encrypted flows.”
R&S®PACE 2 deploys encrypted traffic intelligence (ETI), a methodology that combines machine learning (ML), deep learning (DL) and high-dimensional data analysis with conventional DPI methods to inspect traffic that is encrypted, anonymized and obfuscated. ETI involves the use of advanced ML algorithms for traffic detection and DL-powered layered processing of data to extract AI features upon which such algorithms are built. These algorithms are applied to data flows in the network to deliver traffic awareness, revealing not only encrypted traffic but also traffic through VPNs/proxies and obfuscated traffic based on methods like randomization, tunneling and mimicry. It combines more than 1,000 features including statistical and time-series features in addition to packet level features, resulting in a very high classification accuracy and overall precision.
Apart from ML and DL, ETI also deploys other advanced DPI methods including statistical/behavioral analysis and heuristics for fine-grained traffic analysis. This enables R&S®PACE 2 to equip network management and cybersecurity solutions such as next-gen firewalls, DDoS prevention systems, SASE, CASBs and NAC with granular insights on malicious and anomalous traffic patterns, identifying source applications and protocols in real time.
“With the introduction of the latest encryption techniques such as TLS 1.3, TLS 1.3 0-RTT, ESNI, ECH, DNS over TLS and DNS over HTTPS, threats are expected to become more evasive, opening up new vulnerabilities across networks which are still reliant on legacy tools,” Dr. Mieth said. “R&S®PACE 2 addresses such susceptibilities via a future-proof DPI technology that boasts the highest detection accuracy rates with fast performance and high-capacity processing, making it the perfect solution for networks that are continuously evolving and expanding.”
R&S®PACE 2 is an advanced OEM protocol and application classification engine based on DPI technology. The DPI engine can be easily integrated into networking and cybersecurity solutions to gain full IP network traffic visibility up to layer 7 and beyond. Weekly signature updates combined with continuous performance and reliability testing ensure that R&S®PACE 2 offers the highest traffic detection rate on the market. By embedding R&S®PACE 2, networking and cybersecurity solution providers can keep up with the rapid growth of IP traffic rates, accelerate time to market, save development costs and concentrate on their core competencies.
The AI-powered DPI engine R&S®PACE 2 will be on display at the RSA Conference taking place on June 6-9 at Moscone Center, North Expo at the Rohde & Schwarz booth 6379. A virtual product demo is also available upon request.
More information on ipoque’s encrypted traffic intelligence: https://www.ipoque.com/news-media/resources/brochures/encrypted-traffic-intelligence-for-network-traffic-analysis?utm_source=PR&utm_medium=mailing&utm_campaign=PACE2&utm_content=brochure_ETI