Network Intelligence enables analysts to better identify anomalous behavior and performance bottlenecks on their networks. As networks increase in speed and become more dynamic, it is more challenging to determine a stable baseline from which to assess network performance. Traditional flow and connection logs are not sufficiently detailed to allow analysts to rapidly focus fault detection and anomalies in the network.
ThreatEye is a cloud-native platform that delivers details about low-level connections and intra-flow packet dynamics to support analysts’ forensic mission. They provide a rich environment for an AI system that responds and improves along with changes in network activity. Here, ThreatEye uses detailed flow information, learned statistics, and machine learning models to identify anomalies and performance bottlenecks. These problem areas often cannot be identified using traditional thresholds and rules alone.