This is the main component of the ATA deployment. The ATA center does following:

• ATA gateway configuration
• Gathers parsed traffic from ATA gateways and ATA Lightweight Gateways
• Detects suspicious activities
• Runs ATA behavioral machine learning algorithms to detect abnormal behavior
• Runs various deterministic algorithms to detect advanced attacks based on the attack kill chain
• Web console to view the attack timeline, configuration settings, and notifications.
• Configures email notification settings

The ATA center is recommended to be installed on a separate server. One ATA center is recommended for one forest. Cross-forest configuration is not supported.