The artificial intelligence engine (AIE) is the intelligent threat detection function provided by the FW. It uses security detection algorithms based on machine learning and deep learning to detect threats.
In conventional threat detection mode, the FW periodically updates its signature databases to obtain the latest virus and intrusion features, and matches traffic with the extracted features to complete threat detection. This detection mode can defend against only known threats and cannot identify unknown threats, which cannot meet increasing network security detection requirements. To solve this problem, the AIE is introduced.
The flow probe is used to collect traffic information on the FW and sends the collected information to the AIE. The AIE then analyzes and evaluates the information to accurately identify unknown threats and attacks on the network, sends logs based on the analysis result, and generates reports as references for further processing.
With the AIE, the FW can detect unknown threats besides known threats.