WedgeAMB new.png

Wedge’s patented Cloud Network Defense™ platform is purpose-built to address the next generation of threats associated with mobility, cloud, social media and internet of things. It enables augmented capabilities of key security applications through technology designed to deliver security as a real-time, elastic, and transparent layer of the network fabric.

WEDGE OS 5.0

image-asset.jpeg
image-asset (1).jpeg
Powering Cloud Network Defense™ is the WedgeOS™, which utilizes both a Patented Deep Content Inspection (DCI) Engine and Deep Packet Inspection (DPI) Engine, either of which can be run separately from each other or in tandem. It allows all current and future network security functions to be implemented with high performance and robustness. WedgeOS™ is composed of a variety of technologies and is pre-bundled into Cloud Network Defense™ with a set of award winning security applications such as email security, web security, web application firewall, DLP, APT defense, content filtering and mobile data security; all enabled by the underlying DCI and DPI engines.
image-asset (2).jpeg
image-asset (3).jpeg
WedgeOS™ is a high performance platform developed by Wedge Networks™, Inc. As a software based Operating System, it can be installed on Common Off The Shelf (COTS) hardware appliances and servers, can be packaged as Virtual Machines, and can be deployed in a Cloud-based environment through Network Functions Virtualization for Security (NFV-S). To date, thousands of instances of WedgeOS™ have been deployed in service providers, enterprises, and SMBs worldwide, carrying out high performance DCI and DPI functions for these organizations.

FEATURES

  • Enhanced multi-CPU/multi-core support with real-time scheduling to deliver high performance and robustness for DCI and DPI functions;

  • Optimized transmission and receiving mechanisms to provide line speed Deep Content Inspection throughput; 

  • Lower Total Cost of Ownership (TCO) due to Stealth Routing based on Transparent Object Flow Inspection (TOFI) that enables plug-and-play network integration capability;

  • Rapid time-to-market with the Open Service Bus architecture enabling the implementation of new DCI and DPI applications; 

  • Patented optimization algorithms (USPTO 7,630,379) which deliver thirty times (30X) performance improvements over conventional approaches.

DEEP CONTENT INSPECTION (DCI)

Deep Content Inspection (DCI) is an architectural abstraction through which MIME objects transmitted through the network are extracted and subjected to different content scanners (i.e. Anti-Malware, Anti-Spam, etc.). To provide for both accuracy and high performance, the DCI engine uses a massive threading framework with every network session mapped to a highly efficient lightweight OS level thread. Each of the session-based threads use a set of proprietary high performance technologies developed by Wedge Networks, including the patented SubSonic Engine™ and GreenStream™ technologies.

The key technical requirements of implementing a DCI application:

  • Performance requirements when conducting Deep Content Inspection at the network transport layer

  • Accuracy requirements when enforcing security protection or content accessing policies

  • Transparency requirements when deploying a network layer solution into an existing enterprise or service provider’s network

  • Manageability requirements so that the DCI application can be effectively managed as an IT/network asset

  • Reporting requirements providing visibility of application objects With a set of coherent building blocks, in the form of runtime components and adaptation frameworks, WedgeOS™ enables DCI applications to meet these technical requirements.

BENEFITS

Compared with other Data in Motion inspection technologies, DCI technology in the
WedgeOS™ provides:

  • The ability to extract digital objects in real-time from the Data In Motion sessions leads to the complete comprehension of the intention of the sessions.

  • The ability to correlate the comprehension of the digital objects transmitted in many communication sessions leads to new ways of network performance optimization and intelligence.

  • The ability to support ICAP and WCCP for explicit proxy mode deployments reduces the cost of network reconfiguration.

  • The ability to support transparent proxy mode deployments eliminates the cost of network reconfiguration and supports unlimited VLANs.

DEEP CONTENT INSPECTION: HOW IT WORKS

The illustration outlines the typical process of how WedgeOS™ performs DCI for a
normal Web session.

image-asset (4).jpeg

If the DCI application is to prevent malicious content from being downloaded to a user’s browser, WedgeOS™ will execute:

  • Direct-In-Memory Traffic Object Flow Inspection of web traffic to the session based thread for DCI analysis

  • Interception of the packets that are carrying the payload in order to reconstruct a copy of the payload

  • Files are extracted from any archives, binders, packers or scramblers so that Deep Content Scanning can occur

  • Partial payloads are progressively scanned, intercepting specific objects, keywords, malware, etc. if found, while passing on clean content to its destination (i.e. GreenStreaming™). The payload can be subjected to multiple scanners (e.g., anti-malware signature-based scanner, anti-malware heuristic scanner, anti-spam scanner, etc.) simultaneously. 

  • If specific /flagged objects are detected, the transmission is interrupted and the content is replaced with a proper, customizable warning message.

image-asset (5).jpeg

BENEFITS


DPI integration enables Wedge to offer:

Detect and Bock BOT Command and Control - traffic from a regularly updated list of known botnet command and control servers.
Critical Infrastructure Protection - protect against the use of insecure data transfer methods and known vulnerabilities of various SCADA software packages, such as PcVue, Sunway ForceControl, Siemens FactoryLink, and more.
Recognize and Stop Denial of Service - with the ability to see traffic and DoS attacks on a variety of servers and network appliances.
Protect Against Server Exploits - including a variety of known exploits on many different software applicaions, including PDF readers, Microsoft RDP and Windows Media Player, VNC Server, Java-base programs, JavaScript, and many more.
SQL Injection Protection - including methods of compromising SQL-based RDBMSs, such as Oracle.
 

WEDGEOS™ FORM FACTORS

  • Wedge Hardware Appliance

  • Wedge Virtual Machine

  • Wedge Cloud / SaaS

  • Wedge Cloud Network Defense™ (as an NFV-S instance)

WEDGE ANTI-MALWARE NETWORK APP

STOP ATTACKS BEFORE THEY REACH VULNERABLE AND INFORMATION-LADEN ENDPOINTS

Today’s advanced threats target organizations with zero-hour vulnerabilities, building upon traditional broad based attacks. In addition, organizations have a much larger attack surface to defend; with the adoption of cloud computing, social networking and mobility. Traditional security measures such as reputation, known signature detection, and out-of-band sandboxing are no longer effective in ensuring IT security. 

Wedge Networks’™ Anti-Malware Network App combine real-time sandboxing with the broadest threat intelligence and Deep Content Inspection (DCI) to secure against all malware attacks, persistent threats, network abuse, and blended attacks across all networked devices.

The Difference

Wedge brings together powerful Deep Content Anti-Malware with the high performance of the WedgeOS™ platform, providing unmatched accuracy and throughput, featuring: 

  • Most accurate and up-to-date detection and blocking of network attacks - with the industry’s most comprehensive best-of-breed signatures updated hourly, leveraging the combined knowledge within Wedge Threat Intelligence™.

  • The only solution with multiple full signature databases - industry-leading accuracy rates are achieved as a result of the multiple complete signature databases are used. 

  • Real-time sandboxed behavioural heuristics detect zero-hour attacks - the ability to see all content and discover the “intent” of malware within embedded sandboxes -zero-hour attacks can be stopped in their tracks.

  • Protecting all operating systems and all devices - with built-in cross-session learning, the WedgeOS™ can identify malware on one operating system and block it on all others.

THREAT PROTECTION

  • Advanced Threats

  • Web Threats

  • Trojans

  • Worms

  • Zero Hour

  • Targeted Attacks

  • Malware • Key Loggers

  • Viruses

  • Rootkits

  • Spyware

  • Bots

  • Malicious Apps

  • Blended Attacks

SOLUTIONS

Enterprises

  • Protects endpoints both on the network and while roaming.

  • Secures from blended attacks.

  • Enable and secure Mobile and BYOD. 

  • Most comprehensive malicious code protection for all communication channels.

  • Stop zero-hour attacks.

Service Providers

  • Eliminates bandwidth abuse.

  • Reduces network maintenance and infrastructures costs.

  • Solidify subscriber trust. 

  • Improve and enhance network quality. 

  • Stops outbound spam to prevent IP or domain blacklisting. 

  • Unified protection level for your network, mobile devices, website and Cloud.

      WEDGE ANTI-SPAM NETWORK APP

STOP MESSAGING ABUSE AND THREATS

Email and messaging are vital for today’s businesses. However, they are subject to spam, phishing, and botnet propogation; resulting in data loss, IP blacklisting, loss of productivity and wasted network capacity. In addition, organizations have a much larger attack surface to defend; with the adoption of cloud computing, social networking and mobility. Traditional security measures such as IP reputation, rule-based matching, and MTA deployments are no longer effective.

Wedge Networks’™ carrier-grade Anti-Spam Network App combines real-time intelligence of over 2 billion sensors worldwide with behavioural analysis and Deep Content Inspection (DCI) to secure against all messaging threats. Wedge Networks’™ Anti-Spam rapidly deploys into even the most complex of networks with transparent (non-MTA), two-way protection.

The Difference

Wedge brings together powerful Deep Content Anti-Spam with the high performance of the WedgeOS™ platform, providing unmatched accuracy and throughput, featuring:

  • Most accurate detection and blocking of spam and phishing attacks - with micro updates every 45 seconds, real-time spam identification through behavioural analysis, and the Wedge Threat Intelligence Network™.

  • World’s largest messaging intelligence network - over 2 Billion sensors in over 165 countries.

  • Stops blended, multi-channel messaging attacks - fully integrated solution over all web and email protocols. 

  • The only transparent (non-MTA) two-way messaging security - flexible carrier-grade solution rapidly deploying into the most complex of networks and data centers.

THREAT PROTECTION

  • Advanced Threats

  • Phishing

  • Trojans

  • Worms

  • Zero Hour

  • Targeted Attacks

  • Malware

  • Spam Botnets

  • IP Blacklisting

  • Blended Attacks

  • DDoS

  • Messaging Abuse

Enterprises


• Corporate network protection.
• Regional office protection.
• Data center security.
• Secure Cloud delivery.
• Secure Mobile and BYOD.
• Regional Office protection.
• Compliance enforcement.

WEDGE APPLICATION CONTROL NETWORK APP

DETECT AND BLOCK OR CONTROL TRAFFIC BASED ON APPLICATION

With the widespread acceptance of Bring Your Own Device (BYOD) policies in organizations around the globe, along with easier access to social media, P2P file sharing, online messaging and gaming, ensuring productivity in the workplace becomes a top priority.

Wedge Networks’ Application Control Network App combine real-time network Flow security with the broadest threat intelligence and Deep Content Inspection (DCI) to enable the detection and blocking or controlling of traffic that are detrimental to an organization’s productivity and image.

THE DIFFERENCE

Wedge brings together powerful Deep Content Application Control security with the high performance of the WedgeOS™ platform, providing unmatched accuracy and throughput, featuring:

  • The ability to detect and control online access to games - with the ability to detect Login, Downloader and data transfer behaviour of various online game servers such as: Steam, Battle.net, WoW, Guild Wars, TrackMania, TeamSpeak2, Unreal, Nintendo Wii, and many more.

  • The power to recognize and control chat and messaging activities - monitoring chat client activities such as Facebook, GaduGadu, ICQ, Google Talk / Jabber, MSN, Yahoo IM, IRC and more.

  • Detection and control of peer to peer (P2P) traffic - recognizing behaviour of various P2P software clients such as: Ares, Azureus, BitTorrent, BearShare, Gnutella, eDonkey, Kaaza, LimeWire, Morpheus, Soulseek, Vuze, Tor, and many other. 

  • Scan, detect and control against Tor Endpoints - prevent anonymizing network traffic from a list of known Tor exit nodes / relays.

  • Detect and control usage of content services - limit access to media services such as YouTube, Vimeo, and more.

THREAT PROTECTION

THREAT PROTECTION

  • Advanced Threats

  • Web Threats

  • Trojans

  • Worms

  • Zero Hour

  • Targeted Attacks

  • Malware

  • Key Loggers

  • Viruses

  • Rootkits

  • Spyware

  • Bots 

  • Malicious Apps

  • Blended Attacks

SOLUTIONS

Enterprises

  • Improves productivity.

  • Reduces bandwidth usage from social media and entertainment websites.

  • Enables controlled Mobile and BYOD policies for more efficient network usage.

  • Protects against unauthorized and unsafe website access.

  • Stops risky peer to peer file sharing.

Service Providers

  • Eliminates bandwidth abuse. 

  • Reduces network maintenance and infrastructures costs. 

  • Solidify subscriber trust. 

  • Improve and enhance network quality. 

  • Stops outbound spam and unauthorized file sharing to prevent IP or domain blacklisting.

  • Unified application control for your network, mobile devices, website and Cloud.

WEDGE DATA LOSS PREVENTION NETWORK APP

DETECT AND PREVENT LEAKAGE OF STRUCTURED AND UNSTRUCTURED DATA

With motivated, malicious agents rewarded handsomely for exfiltration of your intellectual property - the threat is real. It’s important to protect data and IP as the cost to remediate these breaches is high and there could be liability for non-compliance. In addition, the damage to your organization’s reputation is often permanent.

Wedge Networks’™ Data Leakage Prevention Network App detects and prevents the leakage of structured and unstructured data, effectively stopping confidential data escaping via web and email.

SECURES DATA IN ALL APPLICATIONS

  • Web

  • HTML5

  • Games

  • Email

  • Mobile Apps

SOLUTIONS

Network Visibility

  • Deep Content Inspection of traffic for full access to all data

  • Largest coverage of file formats and protocols with 400+ file types, multiple protocols

  • Social Networking

  • SMS / MMS

  • Mobile Payments

  • App Stores

  • Content on Demand

Intellectual Property

  • Protect what is important to your organization

  • Secure unstructured data

Compliance

  • Enforce industry regulations

  • Identify risky business process

  • Improve corporate data usage

Management & Reporting

  • Pre-loaded with compliance reports

  • Granular policies by users and groups

  • Centralized management and reporting

THE DIFFERENCE


Wedge brings together powerful Web Filtering with the high performance of the WedgeOS™ platform, providing unmatched accuracy and throughput, featuring: 

  • Most comprehensive web classification database - 280 million top-level domains spanning more than 95 categories. 

  • Leading Content Provider policy integration - seamless web application control for Google Safe Search, YouTube for Schools, etc.

  • The only zero false-positive human-reviewed database - multiple human reviewers instead of bots, provide extremely high quality internet filtering with a zero-false positive guarantee. 

  • Most versatile deployment options - fully integrated with all other Wedge Services such as Anti-Malware, Anti-Spam, Mobile Security and DLP to be deployed across web and email from a single appliance. 

  • traffic.Asymmetric Web Filtering - a new mode of operation for web filtering offering additional integration flexibility, lowered hardware footprint requirements, improved end-user browsing experience, and IP-based web filtering for https

SOLUTIONS

  • Establish acceptable web usage policies while reporting on its effectiveness.

  • Empower your workers’ use of the internet while maximizing efficient use during work hours. 

  • Protect your organization’s reputation by stopping activities that are against company policy. 

  • Prevent data theft, keyloggers and call home viruses from sending out information by blocking outbound traffic from contacting malicious sites. 

  • Pro-actively and reliably block the latest web threats and malware before they can enter your organization’s network.

SOLUTIONS

Mobile Users


• Stops messaging threats.
• Stops mobile malware.

Service Providers


• Value-added Security as a Service.
• Enterprise business services.
• Eliminate bandwidth abuse.
• Secure and solidify subscriber trust.
• Reduce network maintenance and
infrastructures costs.
• Stop IP or domain blacklisting.

The Difference

Wedge brings together powerful Deep Content Data Loss Prevention with the high performance of the WedgeOS™ platform, providing unmatched accuracy and throughput, featuring:

  • The largest coverage of file formats and protocols for inspection - with coverage of over 400+ file types and multiple protocols, Wedge DLP can see and understand more than any other solution on the market. 

  • Highest accuracy with two staged scan - ability to rapidly scan streams and extract suspicious content for more comprehensive evaluation logic, all in real time. 

  • Lowest TCO for protecting unstructured data (e.g. corporate IP) - lower the cost of implementing your DLP solution as Wedge DLP does not rely on high cost reclassification of your data. 

  • Built-in compliance support - easily monitor and enforce compliance based on preloaded policies and reports.

WEDGE WEB FILTER NETWORK APP

MONITOR, FILTER, AND REPORT ON WEB USAGE AT THE NETWORK

 


The Internet is an invaluable business tool, but in the dynamic web environment it poses significant productivity and security challenges. Organizations are faced with the problem of establishing an acceptable web usage policy, enforcing this policy, and reporting on its effectiveness.

Wedge Networks’™ Web Filter Network App uses the largest web classification database with the most comprehensive categories, augmented with human reviews producing industry-best accuracy. This enables organizations to understand, filter,
monitor and report on internet usage, allowing employees to take full advantage of the Web without compromising business goals.

  • Facebook
  • LinkedIn
  • Twitter