Enterprise Forensics

Minimize impact of network attacks with high-performance packet capture and analysis

Organizations should focus on early detection and swift investigation of incidents to determine scope and impact, effectively contain threats and re-secure their network.

The FireEye Network Forensics Platform (PX series) and the Investigation Analysis system (IA series) pair the industry's fastest lossless network data capture and retrieval solution with centralized analysis and visualization. They accelerate the network forensics process with a single workbench that simplifies investigations and reduces risk with expanded visibility into lateral spread.

White paper

3 steps to creating an investigation-ready organization

The industry’s fastest cyber investigation solution

High-speed capture and querying

High-speed capture and querying

Pinpoint the data you need fast enough to make a difference.

  • Achieve continuous, lossless packet capture at up to 20 Gbps
  • Search for and retrieve packets in seconds with patent-pending indexing architecture
Easy integration with FireEye ecosystem

Easy integration with FireEye ecosystem

Work within a single system to collect and analyze system-wide data.

  • Centralize alerts from multiple FireEye products into a single dashboard
  • Accelerate investigations with integrated FireEye iSIGHT Intelligence and analytics modules derived from frontline Mandiant experience
Expanded visibility and knowledge

Expanded visibility and knowledge

Share detailed information across multiple systems for flexible analysis.

  • Get threat severity, type and context based on high-fidelity intelligence
  • Use open standards for maximum flexibility (RESTful API, PCAP, Netflow v9, IPFIX)

TESTIMONIAL

"Within weeks of deploying the FireEye Network Forensics Platform, the agency discovered a brute force login attempt."

Fast, detailed investigations for informed threat response

Effortless scalability

Effortless scalability

Capture lossless data timestamped in nanoseconds at up to 20Gbps.

Flexible storage options

Flexible storage options

Store PCAPs on the appliance, SAS-attached or SAN-attached storage.

Ultrafast analysis

Ultrafast analysis

Search and inspect massive amounts of packet, connection and decoded session data in seconds.

Screen consolidation

Screen consolidation

View data from multiple FireEye solutions on a single screen.

Shareable investigations

Shareable investigations

Build custom dashboards and take advantage of PCAP files for case management.

One-click reconstruction

One-click reconstruction

Reconstruct web pages, emails and suspect files with a single click for rapid analysis.

Related products and services

related-isight

 

FireEye iSIGHT Intelligence

Predict attacks, mitigate risk and enhance incident response.

related-malware

 

FireEye Malware Analysis

Safely execute and analyze malware in a secure environment.

related-helix

 

FireEye Helix

Simplify, integrate and automate security operations to stop threats faster.

Related resources

Ready to get started?

Ask about FireEye solutions, implementation or anything else. Our security experts are standing by, ready to answer your questions.

+1 888-227-2721 +61 281034308 +1 877-347-3393 +358 942451151 +33 170612726 +49 35185034500 +852 3975-1882 +91 80 6671 1241 +39 0294750535 +81 345888169 +03 77248276 +52 5585268207 +64 32880234 +48 223072296 +7 4954658084 +65 31585101 +27 105008408 +82 7076860238 +34 932203202 +94 788155851 +886 2-5551-1268 +27873392 +44 2036087538 +842444581914