Probe, on the basis of received data, helps to detect suspicious or dangerous behaviors in the network and at the same time helps to identify source of the problem. Network Probe provides analysis capabilities in the security context to automatically detect unauthorized transactions and communications. By comparing data with the IoC databases provided by the Energy Logserver, containing information on signatures, IP addresses, hashes of infected files, or domain and URL names, it is able to significantly accelerate security analysis. Based on behavioral analysis, Network Probe is able to recognize zero-day attacks and identify unusual network user behavior.

Analysis of traffic copies of layers L2-L7 also enables network performance testing, providing information about the proper operation of DNS services, DHCP, (SRT) Server Response Time and (RTT) Round Trip Time. Probe also provide information about the applications in use on the network and their usage by users, and therefore support the process of potential performance problems identification.