In addition to FlowTraq Client and the command line interface, FlowTraq offers a suite of network behavioral anomaly detection tools, which are referred to as the Network Behavioral Intelligence Toolkit.
The Toolkit consists of a number of configurable, purpose-built detectors that connect to a FlowTraq Server, detect certain kinds of behaviors, and log detected behaviors to syslog. In this respect, they are similar to the threshold-based Alerts that can be set via the Client. However, the Toolkit's detectors are not threshold-based; rather, each detector uses intelligent machine learning algorithms to pinpoint which traffic sessions on the network are unusual, interesting, or potentially malicious. The tools in the Toolkit study your traffic and generate a behavioral fingerprint of your network, which they then use to decide if communications are potentially anomalous.