Network Intelligence is an AIOps solution for Network Forensics that enables analysts to better identify anomalous behavior and performance bottlenecks on their networks. As networks increase in speed and become more dynamic, it is also more challenging to determine a stable baseline from which to assess network performance. Traditional flow and connection logs are not sufficiently detailed to allow analysts to rapidly focus on the true bottlenecks and anomalies in the network.
ThreatEye® provides an in-depth data platform with details about low-level connections and intra-flow packet dynamics to support analysts in their forensic mission. These data provide a rich environment for an AI system that responds and improves along with changes in network activity. Here, ThreatEye® uses detailed flow information, learned statistics, and machine learning models to identify anomalies and performance bottlenecks. These problem areas often cannot be identified using traditional thresholds and rules alone.