top of page



Wedge’s patented Cloud Network Defense™ platform is purpose-built to address the next generation of threats associated with mobility, cloud, social media and internet of things. It enables augmented capabilities of key security applications through technology designed to deliver security as a real-time, elastic, and transparent layer of the network fabric.

image-asset (1).jpeg

Powering Cloud Network Defense™ is the WedgeOS™, which utilizes both a Patented Deep Content Inspection (DCI) Engine and Deep Packet Inspection (DPI) Engine, either of which can be run separately from each other or in tandem. It allows all current and future network security functions to be implemented with high performance and robustness. WedgeOS™ is composed of a variety of technologies and is pre-bundled into Cloud Network Defense™ with a set of award winning security applications such as email security, web security, web application firewall, DLP, APT defense, content filtering and mobile data security; all enabled by the underlying DCI and DPI engines.

image-asset (2).jpeg
image-asset (3).jpeg

WedgeOS™ is a high performance platform developed by Wedge Networks™, Inc. As a software based Operating System, it can be installed on Common Off The Shelf (COTS) hardware appliances and servers, can be packaged as Virtual Machines, and can be deployed in a Cloud-based environment through Network Functions Virtualization for Security (NFV-S). To date, thousands of instances of WedgeOS™ have been deployed in service providers, enterprises, and SMBs worldwide, carrying out high performance DCI and DPI functions for these organizations.


  • Enhanced multi-CPU/multi-core support with real-time scheduling to deliver high performance and robustness for DCI and DPI functions;

  • Optimized transmission and receiving mechanisms to provide line speed Deep Content Inspection throughput; 

  • Lower Total Cost of Ownership (TCO) due to Stealth Routing based on Transparent Object Flow Inspection (TOFI) that enables plug-and-play network integration capability;

  • Rapid time-to-market with the Open Service Bus architecture enabling the implementation of new DCI and DPI applications; 

  • Patented optimization algorithms (USPTO 7,630,379) which deliver thirty times (30X) performance improvements over conventional approaches.


Deep Content Inspection (DCI) is an architectural abstraction through which MIME objects transmitted through the network are extracted and subjected to different content scanners (i.e. Anti-Malware, Anti-Spam, etc.). To provide for both accuracy and high performance, the DCI engine uses a massive threading framework with every network session mapped to a highly efficient lightweight OS level thread. Each of the session-based threads use a set of proprietary high performance technologies developed by Wedge Networks, including the patented SubSonic Engine™ and GreenStream™ technologies.

The key technical requirements of implementing a DCI application:

  • Performance requirements when conducting Deep Content Inspection at the network transport layer

  • Accuracy requirements when enforcing security protection or content accessing policies

  • Transparency requirements when deploying a network layer solution into an existing enterprise or service provider’s network

  • Manageability requirements so that the DCI application can be effectively managed as an IT/network asset

  • Reporting requirements providing visibility of application objects With a set of coherent building blocks, in the form of runtime components and adaptation frameworks, WedgeOS™ enables DCI applications to meet these technical requirements.


Compared with other Data in Motion inspection technologies, DCI technology in the
WedgeOS™ provides:

  • The ability to extract digital objects in real-time from the Data In Motion sessions leads to the complete comprehension of the intention of the sessions.

  • The ability to correlate the comprehension of the digital objects transmitted in many communication sessions leads to new ways of network performance optimization and intelligence.

  • The ability to support ICAP and WCCP for explicit proxy mode deployments reduces the cost of network reconfiguration.

  • The ability to support transparent proxy mode deployments eliminates the cost of network reconfiguration and supports unlimited VLANs.


The illustration outlines the typical process of how WedgeOS™ performs DCI for a
normal Web session.

image-asset (4).jpeg

If the DCI application is to prevent malicious content from being downloaded to a user’s browser, WedgeOS™ will execute:

  • Direct-In-Memory Traffic Object Flow Inspection of web traffic to the session based thread for DCI analysis

  • Interception of the packets that are carrying the payload in order to reconstruct a copy of the payload

  • Files are extracted from any archives, binders, packers or scramblers so that Deep Content Scanning can occur

  • Partial payloads are progressively scanned, intercepting specific objects, keywords, malware, etc. if found, while passing on clean content to its destination (i.e. GreenStreaming™). The payload can be subjected to multiple scanners (e.g., anti-malware signature-based scanner, anti-malware heuristic scanner, anti-spam scanner, etc.) simultaneously. 

  • If specific /flagged objects are detected, the transmission is interrupted and the content is replaced with a proper, customizable warning message.


Deep Packet Inspection integration in the WedgeOS™ provides the platform with Flow security. The integration of DPI allows the WedgeOS™ to inspect both packet header and body, with network traffic being compared against Flow Security signatures, enabling a wide range of services such as AV, Firewall and Server Protection, in addition to application control.

image-asset (5).jpeg


DPI integration enables Wedge to offer:

Detect and Bock BOT Command and Control - traffic from a regularly updated list of known botnet command and control servers.
Critical Infrastructure Protection - protect against the use of insecure data transfer methods and known vulnerabilities of various SCADA software packages, such as PcVue, Sunway ForceControl, Siemens FactoryLink, and more.
Recognize and Stop Denial of Service - with the ability to see traffic and DoS attacks on a variety of servers and network appliances.
Protect Against Server Exploits - including a variety of known exploits on many different software applicaions, including PDF readers, Microsoft RDP and Windows Media Player, VNC Server, Java-base programs, JavaScript, and many more.
SQL Injection Protection - including methods of compromising SQL-based RDBMSs, such as Oracle.



  • Wedge Hardware Appliance

  • Wedge Virtual Machine

  • Wedge Cloud / SaaS

  • Wedge Cloud Network Defense™ (as an NFV-S instance)



Mobility, cloud, consumerization of IT and Internet of things have completely redefined how we consume and access information while also introducing a new generation of threats. The result is a new connectivity paradigm where the cloud is now the center of the world’s connected networks and the security challenge is now how to secure this cloud-connected world, given that most of the current security solutions are either end-point or perimeter based.

image-asset (6).jpeg

The technology that defines a communications network is changing rapidly too. Major innovations enable new possibilities to deliver a network as a flexible, scalable and versatile service, free of vertically integrated hardware appliances and physical network routing.

Wedge’s Cloud Network Defense™ (CND) transforms how security is delivered today. It is an infinitely scalable Security-as-a-Service (SECaaS) platform run in the cloud. This platform leverages Software Defined Networks for Security (SDN-S) and Network Functions Virtualization for Security (NFV-S) technology to embed security as a scalable, high performance service in today’s cloud connected networks. By enforcing unified web, email and mobile security policy across all network traffic, all devices are protected - anytime, anywhere.

Most network security technologies rely on proprietary hardware such as ASIC. Wedge’s key value-adds are found in its software innovations. Current Cloud Security providers direct traffic to their 3rd party infrastructure for inspection, causing delays or latency. Together with its patented Deep Content Inspection (DCI) Engine and Deep Packet Inspection (DPI) Engine, Cloud Network Defense™ utilizes advanced software to direct and load-balance computing resource usage. This includes adding and removing instances as required, which is not easily carried out on hardware-based platforms. CND provides comprehensive security, in real-time, without requiring traffic to leave the network. The Wedge approach takes advantage of cloud computing architecture which offers scalability, elasticity (dynamic reallocation per demand), ubiquitous availability, and high capacity for the cloud centric networks of today and into the future.


  • Elastic Security Services Orchestration™ integrates SDN, NFV & cloud management capabilities to dynamically process high volumes of network traffic in real time without compromising the performance of the world’s largest networks

  • Embedded security inspects and applies policies without requiring traffic to leave the network

  • Exhaustive content inspection of all inbound and outbound traffic to defend devices, users, data and web applications

  • Open platform delivers interoperability with different identity management programs, OSS systems, cloud orchestration systems, SDN controllers and network components

  • Support for standards-based cloud management and virtualization technologies such as OpenStack and KVM

  • Intuitive user interface, a single-pane-of-glass for managing all elastic security services


image-asset (7).jpeg

Cloud Network Defense™ receives user policy and endpoint identification from a number of sources, depending on how it is deployed. Identity Management System, Telco OSS/BSS, or registration via a Portal are some examples of this.

The system then uses that information to control the network flow to inspect and enforce security policies to selected network traffic through its network function virtualization for security (NFV-S) compute stack.

The network function virtualization for security is the foundation of Wedge Cloud Network Defense’s™ Elastic Security Service Orchestration. Working as a pooled resource, it dynamically applies specific policy-based security inspection to specific user device traffic in response to network load. It is powered by Wedge Networks’ patented WedgeOS™, which is an embedded operating system that enables the delivery of a variety of security functions as an agnostic, open, and easily consumable service.

The Wedge Cloud Network Defense™ Cloud Conductor coordinates all the cloud operational aspects to dynamically monitor and maintain virtual instances and to effectively apply platform resources.


image-asset (8).jpeg

Wedge Cloud Network Defense™ containts a variety of Networking, Orchestration and Management Components. These include:

Wedge Security Virtual Network Functions (VNFs)

Wedge VNFs are components of Wedge Cloud Network Defense™ that handle specific network security functions such as Anti-Malware, Anti-Spam, DLP, and other functions such as Web Application Firewall.


WedgeIQ™ is a powerful platform where results and statistics that are generated by Wedge VNFs are reported, visualized, analyzed, and monitored. It provides reports on blocked web attacks, spam counts, traffic usage, blocked viruses, and many more categories. The dashboard displays a comprehensive and detailed visualization of the scanning results from Wedge VNFs. It also provides the latest technology in data science by featuring data management, data analysis, and forensics.

Cloud Controller

The Cloud Controller is based on OpenStack technology and provides the following:

• Repository of virtual instances and an API to query and control these instances in the virtualized solution. The virtual instances are WedgeOS™, Wedge Cloud Conductor™, Wedge SDN Terminus™, and Wedge Service Conductor™.

• Repository of virtual images required for Wedge Cloud Network Defense™ operation. Images can include WedgeOS™ and Ubuntu.

• Creation of multiple virtual networks with IP/subnet allocations for software-defined networking. 

Wedge Cloud Conductor™

The Cloud Conductor provides health monitoring of virtual instances, creates and destroys NFV-S instances based on the inspection load. It provides management of the VNF instances, SDN Terminus, and OpenFlow Switch configuration. It also co-ordinates cloud computing abilities with a single instance controlling all cloud computing operations.

Wedge Service Conductor™

The Service Conductor contains the following components:

• Service handlers distribute policies that contain subscriber information to the SDN Terminus to identify endpoint user traffic to be processed by VNFs.

• The REST API, which manages subscriber registration and policy management.

• The Security Intelligence update service, which manages user security policy configuration and identity management.

• The Policy database that contains registered subscribers and service policies for the subscribers.

• The centralized logging of security events from virtualized network function instances.

Wedge SDN Terminus™

The SDN Terminus receives subscriber policy and endpoint identification from the Service Conductor. It receives VNFinstance accounting from the Cloud Conductor and controls the data plane to flow network traffic to the appropriate VNF instance for security inspection.

VNF Elastic Service Chaining™

A feature of Wedge Cloud Network Defense™ where requests are logically sent to go through a “chain” of VNF services such as web application firewall or WedgeOS™.

Service Console

A reference self-service customer portal that can be used to register and enable security scanning services to protect endpoints that connects to Wedge Cloud Network Defense™.

Ops Console

The Cloud Conductor dashboard provides health monitoring of virtual instances and creates and destroys VNF instances based on the inspection load (i.e. Elastic Scaling). This console provides management of the VNF instances, SDN Terminus, and OpenFlow Switch configuration and co-ordinates cloud computing abilities.



Today’s advanced threats target organizations with zero-hour vulnerabilities, building upon traditional broad based attacks. In addition, organizations have a much larger attack surface to defend; with the adoption of cloud computing, social networking and mobility. Traditional security measures such as reputation, known signature detection, and out-of-band sandboxing are no longer effective in ensuring IT security. 

Wedge Networks’™ Anti-Malware Network App combine real-time sandboxing with the broadest threat intelligence and Deep Content Inspection (DCI) to secure against all malware attacks, persistent threats, network abuse, and blended attacks across all networked devices.

The Difference

Wedge brings together powerful Deep Content Anti-Malware with the high performance of the WedgeOS™ platform, providing unmatched accuracy and throughput, featuring: 

  • Most accurate and up-to-date detection and blocking of network attacks - with the industry’s most comprehensive best-of-breed signatures updated hourly, leveraging the combined knowledge within Wedge Threat Intelligence™.

  • The only solution with multiple full signature databases - industry-leading accuracy rates are achieved as a result of the multiple complete signature databases are used. 

  • Real-time sandboxed behavioural heuristics detect zero-hour attacks - the ability to see all content and discover the “intent” of malware within embedded sandboxes -zero-hour attacks can be stopped in their tracks.

  • Protecting all operating systems and all devices - with built-in cross-session learning, the WedgeOS™ can identify malware on one operating system and block it on all others.


  • Advanced Threats

  • Web Threats

  • Trojans

  • Worms

  • Zero Hour

  • Targeted Attacks

  • Malware • Key Loggers

  • Viruses

  • Rootkits

  • Spyware

  • Bots

  • Malicious Apps

  • Blended Attacks



  • Protects endpoints both on the network and while roaming.

  • Secures from blended attacks.

  • Enable and secure Mobile and BYOD. 

  • Most comprehensive malicious code protection for all communication channels.

  • Stop zero-hour attacks.

Service Providers

  • Eliminates bandwidth abuse.

  • Reduces network maintenance and infrastructures costs.

  • Solidify subscriber trust. 

  • Improve and enhance network quality. 

  • Stops outbound spam to prevent IP or domain blacklisting. 

  • Unified protection level for your network, mobile devices, website and Cloud.


Heading 1


Email and messaging are vital for today’s businesses. However, they are subject to spam, phishing, and botnet propogation; resulting in data loss, IP blacklisting, loss of productivity and wasted network capacity. In addition, organizations have a much larger attack surface to defend; with the adoption of cloud computing, social networking and mobility. Traditional security measures such as IP reputation, rule-based matching, and MTA deployments are no longer effective.

Wedge Networks’™ carrier-grade Anti-Spam Network App combines real-time intelligence of over 2 billion sensors worldwide with behavioural analysis and Deep Content Inspection (DCI) to secure against all messaging threats. Wedge Networks’™ Anti-Spam rapidly deploys into even the most complex of networks with transparent (non-MTA), two-way protection.



The Difference

Wedge brings together powerful Deep Content Anti-Spam with the high performance of the WedgeOS™ platform, providing unmatched accuracy and throughput, featuring:

  • Most accurate detection and blocking of spam and phishing attacks - with micro updates every 45 seconds, real-time spam identification through behavioural analysis, and the Wedge Threat Intelligence Network™.

  • World’s largest messaging intelligence network - over 2 Billion sensors in over 165 countries.

  • Stops blended, multi-channel messaging attacks - fully integrated solution over all web and email protocols. 

  • The only transparent (non-MTA) two-way messaging security - flexible carrier-grade solution rapidly deploying into the most complex of networks and data centers.


  • Advanced Threats

  • Phishing

  • Trojans

  • Worms

  • Zero Hour

  • Targeted Attacks


Mobile Users

• Stops messaging threats.
• Stops mobile malware.

  • Malware

  • Spam Botnets

  • IP Blacklisting

  • Blended Attacks

  • DDoS

  • Messaging Abuse


• Corporate network protection.
• Regional office protection.
• Data center security.
• Secure Cloud delivery.
• Secure Mobile and BYOD.
• Regional Office protection.
• Compliance enforcement.

Service Providers

• Value-added Security as a Service.
• Enterprise business services.
• Eliminate bandwidth abuse.
• Secure and solidify subscriber trust.
• Reduce network maintenance and
infrastructures costs.
• Stop IP or domain blacklisting.



With the widespread acceptance of Bring Your Own Device (BYOD) policies in organizations around the globe, along with easier access to social media, P2P file sharing, online messaging and gaming, ensuring productivity in the workplace becomes a top priority.

Wedge Networks’ Application Control Network App combine real-time network Flow security with the broadest threat intelligence and Deep Content Inspection (DCI) to enable the detection and blocking or controlling of traffic that are detrimental to an organization’s productivity and image.


Wedge brings together powerful Deep Content Application Control security with the high performance of the WedgeOS™ platform, providing unmatched accuracy and throughput, featuring:

  • The ability to detect and control online access to games - with the ability to detect Login, Downloader and data transfer behaviour of various online game servers such as: Steam,, WoW, Guild Wars, TrackMania, TeamSpeak2, Unreal, Nintendo Wii, and many more.

  • The power to recognize and control chat and messaging activities - monitoring chat client activities such as Facebook, GaduGadu, ICQ, Google Talk / Jabber, MSN, Yahoo IM, IRC and more.

  • Detection and control of peer to peer (P2P) traffic - recognizing behaviour of various P2P software clients such as: Ares, Azureus, BitTorrent, BearShare, Gnutella, eDonkey, Kaaza, LimeWire, Morpheus, Soulseek, Vuze, Tor, and many other. 

  • Scan, detect and control against Tor Endpoints - prevent anonymizing network traffic from a list of known Tor exit nodes / relays.

  • Detect and control usage of content services - limit access to media services such as YouTube, Vimeo, and more.


  • Advanced Threats

  • Web Threats

  • Trojans

  • Worms

  • Zero Hour

  • Targeted Attacks

  • Malware



  • Improves productivity.

  • Reduces bandwidth usage from social media and entertainment websites.

  • Enables controlled Mobile and BYOD policies for more efficient network usage.

  • Protects against unauthorized and unsafe website access.

  • Stops risky peer to peer file sharing.

  • Key Loggers

  • Viruses

  • Rootkits

  • Spyware

  • Bots 

  • Malicious Apps

  • Blended Attacks

Service Providers

  • Eliminates bandwidth abuse. 

  • Reduces network maintenance and infrastructures costs. 

  • Solidify subscriber trust. 

  • Improve and enhance network quality. 

  • Stops outbound spam and unauthorized file sharing to prevent IP or domain blacklisting.

  • Unified application control for your network, mobile devices, website and Cloud.


Turn-Key Security Solutions For Your Cloud Assets

With so much competition in the market, today’s service providers are now required to provide more offerings than simply access to the internet. Virtual servers, storage and security services are being demanded by end-customers. With exponentially increasing risk to the growing number of Cloud Assets, service providers must find a way of offering adequate protection of these assets for their customers. 

Wedge Networks’™ Cloud Application Firewall (CAF) solution is easily deployed, and turn-key; combining real-time sand-boxing with the broadest threat intelligence and Deep Content Inspection (DCI) features. It secures against all malware attacks, advanced persistent threats, network abuse, and blended attacks aimed at Cloud Assets. Wedge cost-effectively provides uncompromising protection for Cloud Assets, securing all data-in-motion from and to the cloud.



Wedge™ brings together multiple, easy to implement, security features into the WedgeOS™ platform. This platform provides unmatched high performance protection for all your Cloud Assets, offering the following advantages:

  • Most accurate and comprehensive coverage for all your Cloud Assets - with the industry’s most comprehensive best-of-breed signatures updated hourly, leveraging the combined knowledge within Wedge Threat Intelligence and providing extensive coverage of OWASP Top 10.

  • Best-of-breed security intelligence coverage for all segments of vulnerability - industry-leading accuracy rates are achieved as a result of the multiple complete signature databases used.

  • Real-time sand-boxed behavioural heuristics detect zero-hour attacks - the ability to see all content and discover the “intent” of malware within embedded sandboxes - zero-hour attacks can be stopped in their tracks.

  • Lower Total Cost of Ownership - protecting all Cloud Assets through one integrated and easy-to-deploy solution. Instead of requiring separate protection for each cloudbased server the WedgeOS™ platform provides a unified solution that can protect all Cloud Assets; reducing redundancy and cost.

Protection Against

  • L3 DDoS attacks.

  • SQL Injection and Cross-Site

  • Scripting for web servers.

  • Web content Data Loss.


  • DDoS for web servers.

  • DDoS for email servers.

Benefits for Cloud Services

  • Eliminates bandwidth abuse.

  • Reduces network maintenance and infrastructure costs. 

  • Solidifies subscriber trust. 

  • Improves and enhances network quality. 

  • Stops outbound spam to prevent IP or domain blacklisting.


  • Offers a unified protection level for your network, mobile devices, website and Cloud. 

  • Features built-in bug tracking systems. 

  • Incorporated Security Information and Event Management (SIEM). 

  • Provides Governance, Risk and Compliance (GRC) reporting. 

  • Advanced Web



With motivated, malicious agents rewarded handsomely for exfiltration of your intellectual property - the threat is real. It’s important to protect data and IP as the cost to remediate these breaches is high and there could be liability for non-compliance. In addition, the damage to your organization’s reputation is often permanent.

Wedge Networks’™ Data Leakage Prevention Network App detects and prevents the leakage of structured and unstructured data, effectively stopping confidential data escaping via web and email.

The Difference

Wedge brings together powerful Deep Content Data Loss Prevention with the high performance of the WedgeOS™ platform, providing unmatched accuracy and throughput, featuring:

  • The largest coverage of file formats and protocols for inspection - with coverage of over 400+ file types and multiple protocols, Wedge DLP can see and understand more than any other solution on the market. 

  • Highest accuracy with two staged scan - ability to rapidly scan streams and extract suspicious content for more comprehensive evaluation logic, all in real time. 

  • Lowest TCO for protecting unstructured data (e.g. corporate IP) - lower the cost of implementing your DLP solution as Wedge DLP does not rely on high cost reclassification of your data. 

  • Built-in compliance support - easily monitor and enforce compliance based on preloaded policies and reports.





  • Web

  • HTML5

  • Games

  • Email

  • Mobile Apps

  • Social Networking

  • SMS / MMS

  • Mobile Payments

  • App Stores

  • Content on Demand


Network Visibility

  • Deep Content Inspection of traffic for full access to all data

  • Largest coverage of file formats and protocols with 400+ file types, multiple protocols


  • Enforce industry regulations

  • Identify risky business process

  • Improve corporate data usage


Intellectual Property

  • Protect what is important to your organization

  • Secure unstructured data

Management & Reporting

  • Pre-loaded with compliance reports

  • Granular policies by users and groups

  • Centralized management and reporting

Heading 1




The Internet is an invaluable business tool, but in the dynamic web environment it poses significant productivity and security challenges. Organizations are faced with the problem of establishing an acceptable web usage policy, enforcing this policy, and reporting on its effectiveness.

Wedge Networks’™ Web Filter Network App uses the largest web classification database with the most comprehensive categories, augmented with human reviews producing industry-best accuracy. This enables organizations to understand, filter,
monitor and report on internet usage, allowing employees to take full advantage of the Web without compromising business goals.


Wedge brings together powerful Web Filtering with the high performance of the WedgeOS™ platform, providing unmatched accuracy and throughput, featuring: 

  • Most comprehensive web classification database - 280 million top-level domains spanning more than 95 categories. 

  • Leading Content Provider policy integration - seamless web application control for Google Safe Search, YouTube for Schools, etc.

  • The only zero false-positive human-reviewed database - multiple human reviewers instead of bots, provide extremely high quality internet filtering with a zero-false positive guarantee. 

  • Most versatile deployment options - fully integrated with all other Wedge Services such as Anti-Malware, Anti-Spam, Mobile Security and DLP to be deployed across web and email from a single appliance. 

  • traffic.Asymmetric Web Filtering - a new mode of operation for web filtering offering additional integration flexibility, lowered hardware footprint requirements, improved end-user browsing experience, and IP-based web filtering for https



  • Establish acceptable web usage policies while reporting on its effectiveness.

  • Empower your workers’ use of the internet while maximizing efficient use during work hours. 

  • Protect your organization’s reputation by stopping activities that are against company policy. 

  • Prevent data theft, keyloggers and call home viruses from sending out information by blocking outbound traffic from contacting malicious sites. 

  • Pro-actively and reliably block the latest web threats and malware before they can enter your organization’s network.

bottom of page