Introduction to NDR Intel

The Check Point Infinity NDRClosed Network Detection and Response operational concept contains these flows:

  • Analyze network traffic with sensors, which generate analytical results in the form of logs.

  • Transmit logs to the NDR cloud for storage and analysis.

  • Behavioral Analytics AIClosed Artificial Intelligence engines process the logs and generate analytical conclusions.

  • Provide human analysts with event visualization tools for more data comprehension.

  • Identify data anomalies through correlation with ThreatCloud intelligence and application risk scoring.

  • Publish analytical conclusions in the shape of threat indicators and tags.

  • Receive threat indicators from third party threat intelligence sources.

  • Apply indicators by enforcement points and match to network traffic for DETECT or PREVENT action.

This guide focuses on the intelligence capabilities of the Infinity NDR application.