Protect against zero day signature-less attacks and targeted APT attacks, malicious attachments and spear phishing.

Overview

FireEye threat protection appliances include a Web Malware Protection System, an Email Malware Protection System, and a Malware Analysis System.

The three components are managed by a common Central Management System which can also connect into the Malware Protection Cloud for shared knowledge of threats.

FireEye is designed to block the advanced threats that conventional defences miss - and also provides near-zero false positive rates for a rapid security ROI.

FireEye protects both inbound and outbound traffic - and a signature-less analysis engine that uses a sophisticated virtual execution environment to stop advanced threats introduced by either web traffic or email content and attachments.

The FireEye MPS is the industry's first solution that accurately detects advanced malware - stopping zero-day and targeted APT attacks as well as their outbound callbacks.

FireEye MPS appliances feature the Virtual Execution (VX) engine and Callback filter to detect and block zero-day attacks and stop APT transmissions.

The FireEye Malware Protection Cloud network provides customers with the latest global security intelligence. FireEye eliminates the headache of false positives and tuning associated with some other network defence solutions.

FireEye offers a new generation of network security threat protection that blocks attempts to breach IT security, steal/alter/destroy sensitive data, and exploit network resources.

Web malware threats

FireEye protects against advanced malware, zero-day and targeted APT attacks that compromise many corporate networks. These coordinated attacks often enter the network as Web traffic, evading signature and policy-based defences such as traditional and next-generation firewalls, IPS, AV, and Web gateways. Once inside, they hijack network resources, perform reconnaissance on security defences, and establish ongoing control over endpoint systems.

FireEye Web MPS Appliances integrate inbound and outbound protection in a turnkey system that deploys in minutes for rapid security ROI. They employ the most sophisticated virtual execution engine in the world to detect and block advanced, unknown malware as well as block known malware and its outbound transmissions. Dynamic analysis of zero-day attacks within a full-featured virtual analysis environment yields real-time malware security content to protect the local network and share with subscribers of the FireEye Malware Protection Cloud.

Email malware threats

Targeted email attacks known as spear phishing have soared in popularity with the availability of user-specific information on social networks and other Internet resources. With a name, a title, and a few personal details about travel or business activities, a criminal can craft a convincing email that an unsuspecting user will click. Add a bogus URL or a PDF attachment with zero-day malware, and the criminal quickly collects control of a privileged system and user accounts.

To combat spear phishing, the FireEye Email Malware Protection System provides zero-day analysis of each email and accurate quarantine of malicious attachments. It goes beyond known signatures and blacklisted URLs to detonate suspicious attachments in a full-featured virtual execution environment. Used with the FireEye Web Malware Protection System, organizations can dynamically analyze links in email and block threats that blend Web and email techniques.

Malware analysis

The FireEye Malware Analysis System (MAS) gives threat analysts hands-on control over a powerful pre-configured test environment where they can deeply inspect advanced malware, zero-day, and targeted APT attacks embedded in common file formats, email attachments, and Web objects. With deep instrumentation, the FireEye system is uniquely able to trace the full execution path of zero-day and known attacks as well as provide forensic details on custom malware communication protocols.

When threat analysts need help testing, replaying, characterizing, and documenting very customized malicious activities, they can simply load a suspicious file or set of files into the FireEye MAS' Virtual Execution engine. As it analyzes files such as phishing email attachments, PDF documents, or Web objects via a URL, the Malware Analysis System reports a full 360-degree view of the attack, from the initial exploit and malware execution path to the callback destinations and follow-on malware download attempts.

*************************

The FireEye product is just one of many Phoenix Datacom network security products used on enterprise networks in both the private and public sectors.

To find out more about the FireEye range, call Phoenix Datacom on 01296 397711, send an email to info@phoenixdatacom.com or use the Request More Info form.

For a full list of Phoenix Datacom products and applications, click here.