FireEye provides the following solutions to detect malware in your network:
1) FireEye NX:
--> FireEye NX is used to detect unknown malware or zero-day attacks on web traffic.
--> NX only supports malware analysis on Nonencrypted traffic using MVX Engine.
--> Need to use SSLV or F5 SSLO solution to decrypt the encrypted traffic before sending to FireEye NX.
--> FireEye NX can be deployed in two modes:
i) Inline Mode ( Also known as block mode to detect and prevent zero-day attacks)
ii) Out-Of-Band ( Also known as Monitoring mode only can detect zero-day attacks)
2) FireEye EX:
--> FireEye EX is used to detect unknown malware or zero-day attacks on Email traffic.
--> EX only supports malware analysis on Email Attachments and URLs present in the email using MVX engine.
--> FireEye EX also provides Anti Virus and Anti Spam Feature support.
--> Basically it is configured in between Email Gateway and Exchange.
3) FireEye FX
--> FireEye FX is used to detect unknown malware or zero-day attacks on CIFS/NFS traffic.
--> FireEye FX is integrated with storage solutions to scan the malware on the files present in storage.
--> If it finds any file malicious then send the file to quarantine.
--> FireEye FX stops the spreading of malware through network storage (NAS)
4) FireEye AX:
--> FireEye AX provides forensic analysis capabilities using MVX Technology.
--> We can manually submit the files to the FireEye AX appliance for detection and scanning of malware.
5) FireEye HX:
--> FireEye HX is an endpoint security solution offered by FireEye.
--> FireEye HX validates the network traffic on the endpoint to identify suspicious activity.
6) FireEye PX:
--> FireEye PX is used to capture the packets on the network and to perform the analysis.
--> Basically it is an Incident Response tool.
Reference: Fireeye.com
7) FireEye CMS:
--> FireEye CMS is a central management appliance to manage all the FireEye appliances from a single glass pane.
--> All the FireEye Appliances can use the FireEye CMS as an update server to receive DTI Information as well as security updates.
--> Using FireEye CMS, We can upgrade the operating system as well as guest images running on FireEye Appliances.
--> It provides a single dashboard for all the appliances and correlates the activity received from all FireEye Appliances.
0 comments:
Post a Comment