Cequence Sensor Overview
Cequence Sensor gathers network traffic provided by network tap or mirror and forwards normalized messaging information to the Cequence Unified API Protection platform with analysis services Cequence API Sentinel or Cequence Bot Defense. Cequence Sensor deployment is passive.
Cequence Sensor provides a way to monitor website traffic without disruption to the existing network topology. The Cequence Sensor organizes, filters, and normalizes network packet flow before forwarding network traffic to Cequence Unified API Protection (UAP) analysis components: API Sentinel and CQAI/Bot Defense.
Cequence Sensor is a consumer of network flow provided to it. In general, Cequence Sensor will receive this packet flow from sources such as a network 'tap' or promiscuous listener port, or mirroring mechanism. It can be deployed anywhere it can receive the captured network flow and where it can forward the normalized flow information to the Cequence analysis components.
Traffic flow can be in 'raw' form, or may be encapsulated. Cequence Sensor natively supports encapsulation protocols GRE, IP-IP, and VXLAN traffic mirroring.
In comparison to the Cequence Defender, it is not installed 'in-line' and can not inject or modify the client-server(s) traffic exchange.
Cequence Sensor can be used in connection with a Cequence SaaS service or in an 'on-premises' deployment.
Cequence Sensor works with both API Sentinel and Bot Defense. One or both of these Cequence analysis consumers should be installed prior to installing Cequence Sensor(s) as their 'sink' and authorization endpoints and credentials are required for Cequence Sensor configuration.
Communication uploaded from Cequence Sensor to the 'home' Cequence Unified API Protection service (SaaS or on-premises) is secured. TLS certificates are required for communication must be installed for communication between the Sensor and CQAI.
AWS VPC ENI Traffic Mirroring
In an AWS VPC environment, Cequence Sensor is configured as the destination of traffic mirrored from from a VPC Elastic Network Interface. Cequence Sensor itself is installed to a standard RHEL image.
Installation and step-by-step instructions are available on request.