IT analytics vendor ExtraHop unveiled a cloud-based service that applies machine learning heuristics to the metadata that its appliances generate from packet stream analysis. The service should give users better visibility into IT service problems and security threats.
ExtraHop’s core solution is a series of appliances that specialize in real-time interpretation of packet flows with insight into application and business service activity. ExtraHop calls the metadata it generates “wire data.”
ExtraHop’s new machine learning-based service, called Addy, collects this wire data from all of a user’s ExtraHop appliances and establishes baselines of behavior for every device, application and network monitored by those appliances. The service then uses machine learning heuristics to detect and interpret problems that might otherwise go unnoticed by IT operations.
Addy’s initial service offering is anomaly detection, but the service can also leverage global analysis of wire data collected from all its users’ environments. This global analytics approach will ultimately allow Addy to provide insight into industry benchmarks, emerging security threats, and other use cases.
Nearly 50% of enterprise network infrastructure organizations apply advanced analytics technology like machine learning and big data techniques to their network data, according to my EMA research. Interpreted packet flows (wire data) are one of the most popular data types included in these initiatives. Enterprises have revealed to EMA that this type of analytics service can help them with network security monitoring, network optimization and business process optimization. ExtraHop customers should evaluate Addy for themselves to determine its utility to their operations.