IronNet Products


IronDefense is our flagship Network Traffic Analysis (NTA) platform that delivers massively scalable behavioral analysis, integrated packet-level cyber hunt, and the application of tradecraft expertise to detect advanced threats often missed by existing commercial cybersecurity solutions.

irondefense enterprise dashboard

IronDefense Benefits

Identify advanced threats that are designed to evade even the best network and endpoint security products.
  • Advanced Behavioral Detection

    IronDefense’s advanced behavioral detection leverages advanced algorithms, machine learning (ML), artificial intelligence (AI), and other cutting-edge detection techniques to identify advanced threats designed to evade even the best endpoint and firewall tools.

  • High Precision Threat Detection

    Threat detection is not the same as anomaly detection. IronDefense’s Expert System takes decades of operational wisdom from the best cyber offensive and defensive operators and applies that tradecraft knowledge to prioritize identified anomalies based on their risk to the enterprises without the false-positives common to other behavioral analysis cybersecurity tools.

  • Unprecedented Scale

    IronDefense’s ability to analyze network flows at enterprise scale, and its integration with IronDome, provides unmatched visibility across an enterprise network and its industry sector.

  • Visibility Across Encrypted Traffic

    IronNet’s behavioral detection leverages network metadata, enabling the identification of threats within TLS traffic without needing to decrypt network flows. This future-proofs IronDefense’s detection capabilities as the majority of internet traffic moves towards end-to-end encryption.

IronDefense Features

IronDefense network traffic analysis detects threats across all segments of the cyber kill chain.
  • Advanced Behavioral

    Leverages behavioral analytics, artificial intelligence, and machine learning models developed by data scientists from Defense Advanced Research Projects Agency (DARPA) and the University of Chicago to identify threats at an unmatched speed and scale.

  • Expert

    Orchestrates the acquisition of contextual data and application of tradecraft cyber expertise to determine the risk of identified anomalies to the organization.

  • Integrated
    Cyber Hunt

    Enables seamless pivot from detection to investigation by providing packet-level visibility and integrated data enrichments to help investigate threats at the “speed of thought.”

  • IronDome
    Collective Defense

    Native integration with IronDome delivers industry-level threat insights and visibility, enabling the identification of threats that are difficult to identify by any single company working in isolation.

How It Works

IronDefense sensors are deployed at the requisite network terminal access points (TAP) within the enterprise network. The sensors collect full-packet capture (PCAP) from IronDefense integrated hunt and send network metadata, known as IronFlows, to the IronDefense back-end for analysis. The IronDefense back-end can be deployed as an on-premise hardware solution or delivered in the cloud through Amazon Web Services (AWS).

IronDefense ingests north-south traffic at your network perimeter and east-west traffic within your enterprise to provide full visibility.

Network Architecture

Get the Solution Sheet

Are you ready to experience IronDefense for yourself?
Fill out this form and we’ll send you a PDF to learn more about our product.