Enterprise ForensicsPX and IA series
Enterprise forensics and investigation analysis minimize impact of network attacks
To reduce the impact of a security incident, organizations should focus on early detection and swift investigation. Enterprise forensics makes this possible. When attacked, an enterprise needs to be able to rapidly investigate and determine the scope and impact of the incident so they can effectively contain the threat and re-secure their network.
The FireEye Network Forensics Platform (PX series) and the Investigation Analysis system (IA series) are a powerful combination, pairing the industry's fastest lossless network data capture and retrieval solution with centralized analysis and visualization. Enterprise forensics combines high performance packet capture with analysis tools to aid investigation efforts. It complements several other FireEye threat prevention and detection capabilities.
Benefits of Enterprise Forensics
Investigate and respond immediately
- Enable packet search and retrieval in minutes, not hours, due to patent-pending real-time indexing method
- Ultrafast analysis of massive data sets, with drill-down web UI to search and inspect packets, connections, and sessions
- Pivot on a single-click from a FireEye Network Security or security information and event management (SIEM) alert to related packet details
- Capture packets continuously, without loss
- Timestamp in nanoseconds at recording speeds up to 20 Gbps
Analyze attacker tactics and assess impact
- Decode web, email, FTP, DNS, chat and SSL connection details and file attachments to assess entry points, lateral spread and supporting utilities
- Search packet payloads and file attachments to identify data stolen
Centralized visibility across the network
- Display network metadata and activity through custom dashboards that are easy to create and share
- Provide fast answers through centralized application-level wildcard queries and investigation across packet capture nodes
- Index metadata from protocols such as HTTP, SMTP, POP3, IMAP, SSL, TLS, FTP, and SMB
- Optimize workflow and collaboration through PCAP file sharing and integrated case management
Build a Business Case
- Datasheet: Network Forensics Platform
- Datasheet: Investigation Analysis System
- Webinar: Enhancing Your Security Posture with Network Forensics (Mar 12)
- White Paper: The Business Case for an Advanced Security Solution
- Report: Network Forensics at the Speed of Business
- Customer Story: Government Agency Reconstructs Attack LifeCycle Using the FireEye Network Forensics Platform
- Blog: Network Forensics: Use Cases In the Enterprise
- FireEye Corporate Brochure
- FireEye Visio Stencils
- International Literature
- Cyber Security Coalition
Learn why it's important to build and maintain a storage solution so network forensics data is readily available when needed.
The FireEye Adaptive Defense approach to cyber security delivers technology, expertise, and intelligence in a unified, nimble framework. Adapt your security architecture to prevent today’s cyber attacks and avert their worst effects.
Threat Research Blog
A technical discussion on threat research, cyber attacks, and threat intelligence topics from the FireEye Labs team.
Executive Perspectives Blog
Covers the latest news and trends in cyber threats and cyber security focusing on the impact to business.
24 Nov 2015FireEye Ranked First in Cybersecurity 500 List of Companies to Watch for Fourth Consecutive Quarter
19 Nov 2015FireEye Fastest Growing Cyber Security Company in North America on Deloitte’s 2015 Technology Fast 500™
18 Nov 2015Leading Analyst Firm Ranks FireEye as Market-Leading Provider Of Specialized Threat Analysis and Protection to Combat Advanced Threats