ThreatEye’s Enhanced Traffic Analysis combines DragonFly Probe flow records with streaming machine learning (ML) for real-time analysis of network traffic. Unphased by encryption protocols, ThreatEye’s ML Engine ingests the packet dynamic data from DragonFly Probe for line-rate analysis of both encrypted and unencrypted traffic. The ThreatEye platform integrates easily with third-party applications such as Splunk, ElasticSearch, InfluxDB, DatadogHQ, for visualization and further study. ThreatEye Analytics deploys multiple analyzers in parallel to provide a wide range of traffic insights. ETA examples:

  • Encrypted Traffic Analysis
    • Phishing site discovery
    • Encrypted DNS
    • DNS, HTTPS, SSL, SSH
  • Fault Detections
  • Policy Violations
  • Threat Intelligence Integration