The Web Malware Protection System (MPS) stops Web-based attacks that traditional and next-generation firewalls, IPS, AV, and Web gateways miss. It protects against zero-day Web exploits and multi-protocol callbacks to keep sensitive data and systems safe. Advanced targeted attacks use the Web as a primary threat vector to compromise key systems, perform reconnaissance on existing defenses, establish long-term control and access to networked systems, and exfiltrate data.
FireEye Web MPS appliances are a turnkey system that can be deployed inline at Internet egress points to block inbound Web exploits and outbound multi-protocol callbacks. They employ the most sophisticated Multi-Vector Virtual Execution (MVX) engine in the world to accurately confirm zero-day attacks, create real-time protections, and capture dynamic callback destinations. Dynamic analysis of zero-day attacks within a full-featured virtual analysis environment yields real-time malware security content to protect the local network and share with subscribers of the FireEye Dynamic Threat Intelligence (DTI) cloud. In addition, the Web MPS can signal into incident response mechanisms, such as SIEM, and also offers TCP resets for out-of-band blocking of TCP, UDP, or HTTP connections.
As part of the Malware Protection System platform, the Web MPS works with other MPS appliances to protect against blended, advanced targeted attacks that use Web-based attacks, spear phishing, and zero-day exploits. When the Web MPS is deployed along with the Email MPS and Central Management System (CMS), customers not only get real-time protection against malicious URLs, but also the ability to connect the dots of a blended attack, for instance identifying other targeted individuals who received the same malicious URL in spear phishing emails. This is the actionable intelligence necessary to protect organizations against advanced targeted attacks.
- Installs within 30 minutes – Deploys as an appliance inline (block/monitor-mode) or out-of-band (monitor-only) behind traditional gateway defenses to catch what they miss
- Protects against zero-day, advanced targeted attacks – Using the VX engine, it detects and stops advanced targeted attacks using malicious images, PDFs, Flash, or ZIP/RAR/TNEF archives
- Cuts off outbound malware transmissions across multiple protocols – Whether deployed inline or out-of-band, it thwarts data exfiltration, botnet activities, and advanced persistent threats communicating across HTTP, FTP, IRC, and many other protocols
- Integrates with Email MPS to stop blended attacks – Works with FireEye Email MPS protection to shut down communications with malicious URLs used in targeted attacks
- Dynamically generates malware intelligence – Captures details such as callback coordinates and communication characteristics to protect locally and share globally through the cloud
- Supports YARA-based rules – Enables information security analysts to specify byte-level rules and quickly analyze Web objects for threats specific to the organization
- Supports AV-Suite integration – Malicious objects that anti-virus can also identify can be linked to the deeper forensic information provided in the Web MPS for more efficient incident response prioritization
- Ends time-wasting false positive analysis – Directs administrators to the confirmed infections and compromised hosts that need remediation