Enterprise ForensicsPX and IA series
Network forensics and investigation analysis at enterprise scale
As recent cyber security breach headlines reveal, the key to minimizing the impact of a security incident is early detection and swift investigation, which requires powerful forensics capabilities. When attacked, an enterprise needs to be able to rapidly investigate and determine the scope and impact of the incident so they can effectively contain the threat and re-secure their network.
The FireEye Network Forensics Platform (PX series) and the Investigation Analysis system (IA series) are a powerful combination, pairing the industry's fastest, lossless network data capture and retrieval solution with centralized analysis and visualization. High performance packet capture with analysis tools to aid investigation efforts complement other FireEye threat prevention and detection capabilities.
Benefits of Enterprise Forensics
Investigate and respond immediately
- Enable packet search and retrieval in minutes, not hours, due to patent-pending real-time indexing method
- Ultrafast analysis of massive data sets, with drill-down web UI to search and inspect packets, connections, and sessions
- Pivot on a single-click from a FireEye Network Security or SIEM alert to related packet details
- Capture packets continuously, without loss
- Timestamp in nanoseconds at recording speeds up to 20 Gbps
Analyze attacker tactics and assess impact
- Decode web, email, FTP, DNS, chat, SSL connection details and file attachments to assess entry points, lateral spread, supporting utilities
- Search packet payloads and file attachments to identify data stolen
Centralized visibility across the network
- Display network metadata and activity through custom dashboards that are easy to create and share
- Provide fast answers through centralized application-level wildcard queries and investigation across packet capture nodes
- Index metadata from protocols such as HTTP, SMTP, POP3, IMAP, SSL, TLS, FTP, and SMB
- Optimize workflow and collaboration through PCAP file sharing and integrated case management
Build a Business Case
- Datasheet: Network Forensics Platform
- Datasheet: Investigation Analysis System
- Webinar: Enhancing Your Security Posture with Network Forensics (Mar 12)
- White Paper: The Business Case for an Advanced Security Solution
- Report: Network Forensics at the Speed of Business
- Customer Story: Government Agency Reconstructs Attack LifeCycle Using the FireEye Network Forensics Platform
- Blog: Network Forensics: Use Cases In the Enterprise
- Advanced Threat Solutions Recommendation Guide
- FireEye Corporate Brochure
- FireEye Visio Stencils
- International Literature
- Cyber Security Coalition
The FireEye Adaptive Defense approach to cyber security delivers technology, expertise, and intelligence in a unified, nimble framework. Adapt your security architecture to prevent today’s cyber attacks and avert their worst effects.
Threat Research Blog
A technical discussion on threat research, cyber attacks, and threat intelligence topics from the FireEye Labs team.
Executive Perspectives Blog
Covers the latest news and trends in cyber threats and cyber security focusing on the impact to business.