This is the main component of the ATA deployment. The ATA center does following:
- ATA gateway configuration
- Gathers parsed traffic from ATA gateways and ATA Lightweight Gateways
- Detects suspicious activities
- Runs ATA behavioral machine learning algorithms to detect abnormal behavior
- Runs various deterministic algorithms to detect advanced attacks based on the attack kill chain
- Web console to view the attack timeline, configuration settings, and notifications.
- Configures email notification settings
The ATA center is recommended to be installed on a separate server. One ATA center is recommended for one forest. Cross-forest configuration is not supported.