Product Id: 30309224
Description: FireEye FX 8400 - Security appliance - GigE - 2U - rack-mountable
Mfr Part #: 8400FX-HW
The FireEye FX series is a group of threat prevention platforms that protect content against attacks originating in a wide range of file types. Web mail, online file transfer tools, the cloud, and portable file storage devices can introduce malware that can spread to file shares and content repositories. The FireEye FX platform analyzes network file shares and enterprise content management stores to detect and quarantine malware brought in by employees and others that bypass next-generation firewalls, IPS, AV, and gateways.
- Finds latent malware undetected by traditional AV engines
- Deploys in active quarantine (protection mode) or analysis only (monitor mode)
- Provides recursive, scheduled, and on-demand scans of CIFSand NFScompatible file shares
- Provides proactive Sharepoint protection by leveraging WebDAV protocol
- Includes analysis of a wide range of file types such as PDFs, Microsoft Office documents, and multimedia files
- Integrates with the FireEye AV-Suite to streamline incident response prioritization and naming conventions
- Shares threat data with the FireEye platforms through the FireEye CM and the FireEye DTI cloud
- The problem of malware resident on file shares
Today's advanced cyber-attacks use sophisticated malware and advanced persistent threat (APT) tactics to penetrate defenses and spread laterally through file shares and content repositories. This enables the malware to establish a long-term foothold in the network and infect multiple systems, even those offline. Many corporate data centers remain especially vulnerable to advanced, content-based malware because traditional defenses are ineffective against these attacks, which often enter the network through legitimate means. Cybercriminals leverage this vulnerability to spread malware into network file shares and embed malicious code in vast data stores, resulting in a persistent threat even after remediation.
- Content protection critical to halt advanced attack life cycle
Without a way to detect resting malware in content, APTs can exploit network assets to extract proprietary information and cause significant damage. The FireEye FX series analyzes file shares and enterprise content repositories using the patented FireEye Multi-Vector Virtual Execution (MVX) engine that detects zeroday malicious code embedded in common file types and multimedia content. The FireEye FX series performs recursive, scheduled, and on-demand scanning of accessible network file shares and content stores to identify and quarantine resident malware. This halts a key stage of the advanced attack life cycle.
- The FireEye MVX engine reveals unknown, zero-day threats
The FX series uses the purpose-built FireEye MVX engine which inspects each file and confirms if zero-day exploits or malicious code exist. The FireEye MVX engine detonates against a range of browsers, plug-ins, applications, and operating environments looking for malicious activities.
- Proactive SharePoint content scanning and quarantine
The FireEye FX series continuously scans content to alert and permanently quarantine malware discovered in Sharepoint repositories. The platform leverages WebDAV protocol to securely integrate with Sharepoint services to protect enterprise business workflows utilizing Sharepoint repositories.
- YARA-based rules enables customization
The FireEye FX series supports custom YARA rules to analyze large quantities of file threats specific to the organization.
- Streamlined incident prioritization
With the FireEye AV-Suite, each malicious object can be further analyzed to determine if anti-virus vendors were able to detect the malware stopped by the FireEye FX platform. This enables organizations to efficiently prioritize incident response follow-ups and utilize common naming conventions for known malware.
- Malware intelligence sharing
The resulting dynamically generated, real-time threat intelligence can help all FireEye products protect the local network through integration with the FireEye CM platform. This intelligence can be shared globally through the FireEye Dynamic Threat Intelligence (DTI) cloud to notify all subscribers of emerging threats.
- No rules tuning and near-zero false positives
The FX series is a group of easy-to-manage, client-less platforms that deploy in under 60 minutes and require absolutely no tuning. Flexible deployment modes include analysis-only monitoring and active quarantining. This enables companies to learn how much malware is resident on file shares and to actively stop the lateral spread of malware.