Antivirus vendors realized early on that to stay competitive, they had to develop techniques to enable their products to identify suspicious traffic, even if they hadn't seen that particular activity before. The answer was heuristics and behavioral analysis methods that detect files and processes that behave in ways deemed threatening. In the network security realm, researchers and vendors such as Lancope and Mazu Networks developed systems that use behavioral analysis rather than signatures. Over the past few years, this category has matured from a niche market that was tagged with several unfortunate acronyms, including NBAD (network behavior analysis and detection) and NADS (network anomaly detection systems), before settling on NBA, or network behavior analysis.
In essence, these vendors provide the missing piece--behavioral detection--to the IDS world that antivirus vendors discovered was a necessity more than a decade ago.
Most enterprises can benefit from NBA, since most are missing security events of interest because of overwhelming bandwidth or a lack of pervasive visibility. But as with any product that interacts closely with your network and impacts security--and especially one that costs as much as most NBA systems--a proper fit is crucial.