Packet analysis is used in the real world in many forms. One example is the Department of Homeland Security (DHS) EINSTEIN system, which has an active role in federal government cybersecurity. The United States government is constantly at risk of many types of attacks, including DoS attacks, malware, unauthorized access, and active scanning and probing.

The EINSTEIN system actively monitors the traffic for threats. The two main functions are as follows:

• To observe and report possible cyberthreats
• To detect and block attacks from compromising federal agencies

The EINSTEIN system provides the situational awareness necessary to take a proactive approach against an active attack. The intelligence gathered helps agencies to defend against ongoing threats. 

As illustrated, packet analysis is effective in many locations. The following section provides guidance on what circumstances packet analysis will reap the most benefits under.