FireEye - SFP+ transceiver module - 10 GigE is rated 4.8 out of 5 by 9.
Rated 4 out of 5 by CEO8280 from It has significantly decreased our mean time in being able to identify and detect malicious threatsWhat is our primary use case?We are using the file security scanner. The solution is used to monitor network traffic for network-based malware.How has it helped my organization?It is very difficult for any organization to identify malicious software and code. With the FireEye product through its deep analysis, it is possible for malicious software to be identified across the network regardless of what the internal systems are. It gives you the ability to monitor the ingress and egress, then identify threats which are otherwise difficult to identify.The increase in productivity has been about the same. One of the things that the FireEye product does is providing deep analysis. This gives you the detailed analytics about what it has detected. Whereas in a traditional environment with traditional tools, there is a tremendous amount of recovery and research involved to identify the details of the source and the indicators of the compromise. The FireEye product provides 80 to 90 percent of that information from a single pane of glass.What is most valuable?The most valuable features of the FireEye solution is the deep analysis for malicious software.What needs improvement?Many organizations industry-wide are moving more workloads to cloud providers, whether it is AWS, Azure, or Google. We don't yet see the same type of malware analysis in the cloud in terms of being able to identify malicious code or taking place. We would like to see FireEye begin to provide the same type of service in a parameterless environment, very similar to what they are currently doing in their traditional parameter-based network.What do I think about the stability of the solution?FireEye has been one of the market leaders in the stability space from what we have seen over the several years that we've been working with the vendor and the product. They continue to be leaders in this space.What do I think about the scalability of the solution?The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks.How are customer service and technical support?The technical support personnel for the FireEye platform has been very responsive, which is a critical factor when you're dealing with malicious software. They have also been very responsive when it comes to configuration and troubleshooting issues specific to the product.If you previously used a different solution, which one did you use and why did you switch?It wasn't a case where we switched from another solution because we had been a long time customer. It wasn't a case of switching, as the company that I work for is a very mature organization with a staff of over 100 in information security with most of them as dedicated encryption service analysts.Malicious actors have begun to identify when their code is being run in a simulator and are placing weights in their code so some of their malicious triggers don't take place immediately. This makes it more difficult to detect. An improvement that we would like to see is that the vendor continue to escalate their techniques and methods to match those that we are seeing as emerging threats.How was the initial setup?The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right.What was our ROI?We have seen ROI.Because of what the FireEye product does, it has significantly decreased our meantime in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the mean time to analysis decrease by at least tenfold.What's my experience with pricing, setup cost, and licensing?There are some additional services that I understand the vendor provides, but our approach was to package all of the features that we were looking to use into the product.Which other solutions did I evaluate?FireEye was actually the only product that was doing what they were doing.We did have other vendors on our shortlist.What other advice do I have?It brings a tremendous amount of value to your network environment. In terms of what we asked them to do, which is to help us to identify malicious code and threats, their product has delivered.It is one thing to have an advanced security tool, like FireEye, but equally important to have a staff and security program which puts themselves in positions to leverage the tool properly.In terms of maturity of the organization that I work with, it has a very mature security posture, which is necessary in our space because we are part of the financial critical infrastructure. So, we've been doing security for a very long time.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2019-03-27
Rated 5 out of 5 by ITSecurityMngr23 from Provides a target response time of one minute for both hardware and software issues— and immediate escalation to level-two advanced support for high-severity issues.After the release of our first product we had a lot more exposure with the public and we knew we would attract some unwanted attention. We started looking at solutions for network hardening and intrusion protection.We engaged The Herjavec Group to perform a network penetration test. THG offers a comprehensive suite of security and network services to organizations around the world, supported by Canada’s largest group of certified security professionals. Although the initial findings from the test showed the existing network to be robust, through practical experience with other similar clients, THG recommended implementing a FireEye Network Threat Prevention Platform. We felt comfortable after seeing the early results of the penetration test but decided to do an in-house demo of the FireEye Network Threat Prevention Platform to see how it would add to the protection of our internal systems and R&D network. As part of the overall evaluation of similar technologies, along with THG’s recommendation to evaluate FireEye, we also looked at several other competitive offerings. Once we had a chance to do our own due diligence, it was clear that there is really nothing else that compares with the FireEye appliance. After the proof of concept, I really didn’t have to do much to justify the investment. We immediately purchased the FireEye Network Threat Prevention Platform.With any new solution the deployment effort and ongoing management overhead is always a consideration. We’ve been really pleased with how straightforward the FireEye solution is to manage. Installation was very simple, and the solution requires little-to-no ongoing maintenance. Because threat protection is a mission-critical function, we opted for the FireEye Platinum Support program. This level of support provides a target response time of one minute for both hardware and software issues— and immediate escalation to level-two advanced support engineering for any high-severity issues encountered. Our board of directors are very conscious about the value of the intellectual property that we are constantly creating and very sensitive to security concerns—especially cyber-based threats. You can’t put a price on an attack, especially when it’s your company’s underlying IP at risk. FireEye gives us leading edge protection.Disclaimer: IT Central Station has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.
Date published: 2015-05-12
Rated 4 out of 5 by SrSecAnalyst392 from Provides us with better malware, intrusion and incident detection.Valuable Features:* Ability to edit the Yara rules* Malware analysis toolImprovements to My Organization:It has provided us with better malware, intrusion and incident detection.Room for Improvement:A lot of false positives.Use of Solution:I've been using FireEye NX with web, email, and the malware analysis sandbox tool for two years.Stability Issues:No issues encountered.Scalability Issues:No issues encountered.Customer Service:8/10.Technical Support:8/10.Previous Solutions:No previous solution was used.Initial Setup:It wasn't bad, the technical support team walked us through it.Implementation Team:We used a vendor who was 8/10.Other Advice:Get training with editing Yara rules.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2015-04-27
Rated 5 out of 5 by Adnan Ahmad from I like how it detects zero day attacks, APT’s, and other types of malware.Valuable Features:I like the ability to detect zero day attacks, APT’s, and other types of malware which almost every other security device in the world is unable to detect.Improvements to My Organization:One of the projects where we were deploying was a POC. When it was tested, it detected one of the world’s most dangerous APTs, like KABA, that was specially designed to target the telecommunication industry. This was one of the many thousands of findings that we were proud of.Room for Improvement:Almost every feature of the product is on a high level.Use of Solution:I have worked on these products from FireEye for three different projects, and I found them wonderful.Deployment Issues:No issues encountered.Stability Issues:No issues encountered.Scalability Issues:No issues encountered.Customer Service:9/10.Technical Support:10/10.Previous Solutions:Our clients have used almost all of the best solutions available but most of them were unable to detect about 90% of the threats that FireEye NX can detect.Initial Setup:The initial setup was quite straightforward and easy.Implementation Team:We had implemented it in-house and in fact, I deployed the NX 2400 and NX 7400 devices myself.ROI:Both for our clients and for ourselves, ROI was almost 200% more than we expected. We were satisfied.Cost and Licensing Advice:The initial setup and day-to-day cost is almost the same as other security devices available. However, others fail about 90% of the time to detect threats, APT’s & most importantly zero day attacks, while FireEye can detect them.Other Solutions Considered:Of course, we had to check all other products available in the market, research their features, and then we had to compare these products based on benefits to our clients, and the expected ROI.Other Advice:It's one of the best products around based on its features like detection of almost all types of malware, APT’s, virus and zero day attacks, reporting, and its integration with other FireEye products like CMS, IPS etc.Disclaimer: My company has a business relationship with this vendor other than being a customer:The company I previously worked for iwas the only partner of FireEye for almost one and half years in our country
Date published: 2015-04-26
Rated 5 out of 5 by Wade Jones from We needed a solution which would allow us to proactively address threats.We previously relied on a firewall for application-level blocking, an email gateway, and an anti-virus solution to protect our infrastructure. The existing combination was capable of identifying certain malware activity but we found we were always reactively responding to attacks. We were never in a position to proactively address the threats.Following a recommendation by an independent security consultant, we performed a detailed evaluation of the FireEye platform. The inherent intelligence of FireEye’s solution was immediately evident and we felt that our purchase of the FireEye Network Threat Prevention Platform represented the final piece in the puzzle to lock down our infrastructure. The FireEye Network Threat Prevention Platform is deployed inline between the firewall and Internet gateway; preventing malicious multi-protocol callbacks and blocking inbound Web exploits that elude our other security measures. As an integral component of the FireEye Network Threat Prevention Platform, the FireEye Multi-Vector Virtual Execution engine confirms zero-day attacks and captures callback destinations to dynamically prevent users from accessing a malicious channel. The signature-less FireEye MVX engine executes suspicious binaries and Web objects against a broad range of browsers, plug-ins, applications, and operating environments to determine the true intent of the malicious code.The FireEye Network Threat Prevention Platform not only protects our users when they visit websites but also when they receive email with malicious attachments or links: having both levels of protection is absolutely critical to us. The whole banking industry is subjected to a huge variety of very sophisticated attacks that exploit both Web and email weaknesses. We see many spear phishing attacks in which malicious emails disguise themselves as coming from legitimate business partners. If users click on a bad link or attachment that initiates a callback, the FireEye Network Threat Prevention Platform blocks it every time.Several of our employees recently received an email that appeared to come from a trusted business partner. Five users tried to open an apparently innocuous attachment but the FireEye Network Threat Prevention Platform detected that it included embedded malware and immediately started blocking the approximately 200 callbacks each machine tried to generate. If any of these reached their intended target they could have severely compromised the bank’s systems but the FireEye solution just doesn’t allow this type of data to leave our network. FireEye has placed us in the position to proactively counter malicious threats; we now don’t have to take a user offline in order to rebuild their PC following an attack. We’re better protected and more productive! Cybercriminals grow smarter all the time, that’s why our use of the FireEye next-generation security platform is now mandatory throughout the bank’s infrastructure.Disclaimer: IT Central Station has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.
Date published: 2015-04-12
Rated 5 out of 5 by Vladislav Ryaboy from I was desperately looking to automate whatever layers of security we had in place. Our existing infrastructure left my team blind to a constant stream of attacks.The old approach to security—assigning lots of people to the problem—was no longer feasible. It was very time intensive and employee intensive. It took up so much of our time that it became very unproductive. I was desperately looking to automate whatever layers of security we had in place. The issue came to a head when I spotted suspicious network activity but could not get to the bottom of the problem with legacy signature-based security tools. My staff spent hours manually blocking suspicious connections. We were a sitting duck. Our existing infrastructure left my team blind to a constant stream of attacks. We tested several IPS/IDS type of solutions, including Symantec, Palo Alto Networks, and Cisco—and found them all inadequate for the security challenge we faced.I decided to try the FireEye Network Threat Prevention Platform. We piloted a proof-of-concept trial. Installation took less than an hour, and almost immediately, the FireEye Network Threat Prevention Platform began providing valuable insight into what was going on in the network —no heavy administration required. We had planned to test the FireEye Network Threat Prevention Platform for 15 days; I knew within the first 24 hours that the solution delivered on its promise. I realized that I can’t get any better bang for the buck.Used in-line, the FireEye Network Threat Prevention Platform provides the insight we need to stay ahead of advanced threats. The platform monitors Web traffic, by far the most common threat vector used in malware attacks. We are alerted to zero-day exploits and fast-morphing malware to keep sensitive data and systems safe. At the same time, the Network Threat Prevention Platform is capable of shutting down communications with malicious URLs used in targeted attacks. Thanks to the FireEye Multi-Vector Virtual Execution architecture, our security team can spot malware hidden in malicious images, PDFs, Flash, and ZIP/RAR/TNEF archives. Easy-to-digest email alerts validate true threats and help guide our incident response. And a browser-based dashboard cuts through the clutter with clear, actionable information about malware activity.By every measure, the FireEye Network Threat Prevention Platform has exceeded our expectations. The platform requires little ongoing administration and does not waste the security team’s time with false positives. Instead of chasing down every ambiguous alert, I can spend more time on long-term preparedness and nurturing the security staff. For us, that means better service at a lower cost. FireEye is one of my few “go-to” products when I start my day. The business benefits are far reaching.Disclaimer: IT Central Station has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.
Date published: 2015-04-12
Rated 5 out of 5 by Martin Littmann from We were looking to find a way to stop malware from getting through. Our overall threat environment is well managed.To fend off a growing wave of cyber attacks, the clinic had built up a multilayered defense-in-depth security infrastructure. We went as far as blocking out traffic from entire countries known for a high volume of attacks—a step we could take because of our exclusively local customer base.Still, malware was getting through. Clinic employees would sometimes visit malicious or compromised websites. Malware on these sites sidestepped the clinic’s security measures, leading to several infections and concerns that accounts could be compromised. I signed on to a proof-of-value trial of the FireEye Network Threat Prevention Platform for Web security. The trial soon uncovered malware that our existing security tools had not detected. And later during the test, someone at our clinic clicked on a malicious link—which FireEye immediately detected and blocked. At that point, justifying the purchase was easy. We looked for competitive products, and none were found. I don’t think anybody else had anything anywhere close to where FireEye is. Installation was a breeze, the FireEye platform integrated seamlessly with our legacy security tools. Those tools included a firewall, intrusion prevention system, and Web gateway.Today, FireEye plays a central role in our security infrastructure. Powered by the FireEye Multi-Vector Virtual Execution engine, the Network Threat Prevention Platform blocks inbound Web exploits and outbound multi-protocol callbacks to stop Web-based attacks.The FireEye platform does not rely on malware binary signatures, so it identifies attacks that traditional defenses miss. In a typical month, FireEye generated 23 alerts—malware that had slipped past our other defenses. Out of those, 17 required no action because FireEye blocked them automatically. The remaining six were easily thwarted, thanks to clear, actionable alerts from the FireEye platform. We came into this with our eyes wide open. And this solution is really doing what we expected it to do.FireEye is so effective at blocking attacks that we were even able to defer an upgrade of our IPS solution, saving a significant amount of money. One of the largest benefits of the FireEye platform is less tangible: reputation enhancement. The product works; our overall threat environment is well managed.Disclaimer: IT Central Station has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.
Date published: 2015-04-12
Rated 5 out of 5 by reviewer221835 from POV discovered a number of previously undetected threats enabling system administrators to take action and make the system even more secure.At the core of the bank’s ability to meet our mandate is a substantial IT infrastructure that not only needs to run optimally, but must be protected. We have long embraced best practices when it came to cybersecurity, but recognized that advanced threats evolve over time and need to be well handled.We selected FireEye for a POV conducted over a period of three months. The POV soon discovered a number of previously undetected threats enabling system administrators to take action and make the system even more secure. As a result of the findings, we implemented FireEye to strengthen our IT infrastructure. The POV was up and running in less than a day and used actual traffic analysis to investigate what was occurring in our IT environment.This solution consists of FireEye Network Threat Prevention platform and FireEye Email Threat Prevention platform in operation alongside FireEye Central Management to coordinate intelligence gathering from the Web and email appliances in addition to the intelligence gathered by the FireEye Threat Intelligence. The POC quickly revealed areas for improvement and potential threats that the traditional defenses had utterly missed.The FireEye team remained in close contact with our key personnel throughout the process. FireEye proved very supportive both of the technical and business aspects of the POV and ultimately our implementation of their technology both in terms of cost and underscoring the difference between traditional defenses and the next-generation defense system. We are continually strengthening our IT infrastructure together with reinforcing policy and process on IT Security to achieve the highest productivity and lowest risks.Disclaimer: IT Central Station has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.