FireEye Email Security (EX Series)

Adaptive, intelligent, scalable defense against email borne threats

FireEye Email Security (EX series) secures against advanced email attacks. A core component of the FireEye Global Threat Management Platform, it uses signature-less technology to analyze every email attachment and successfully quarantine spear-phishing emails used in advanced, targeted attacks.

With all the personal information available online, a cybercriminal can socially engineer almost any user into clicking a URL or opening an attachment. FireEye Email Security provides real-time threat prevention of spear-phishing, ransomware and credential-phishing attacks that evade traditional defenses. It also delivers a new level of threat prevention against blended attacks by working with FireEye Network Security (NX series) to quarantine emails with malicious URLs and to trace web-based attacks back to the original spear-phishing email.

 Adaptive, intelligent, scalable defense against email borne threats

On-premises email security highlights

  • Protects against spear-phishing email attack
  • Automatically detects and prevents credential phishing
  • Reduces credential phishing with detection of “like but not equal” domains (typosquatting)
  • Integrates with FireEye Network Security to stop blended attacks across multiple threat vectors
  • Identifies and stops hard-to-detect multi-stage malware campaigns
  • Analyzes emails for threats, such as zero-day exploits, attacks hidden in ZIP/RAR/TNEF archives, and malicious URLs

 

  • Protects against evasion techniques such as password protection and sandbox evasion
  • Deploys in active protection-mode as an MTA, or monitor-mode (SPAN/BCC)
  • Quarantines malicious emails with optional user notifications
  • Provides real-time and retroactive detection of threats
  • Associates alerts with actionable threat intelligence
  • Provides visibility, tracking and management of messages

With our industry under attack, my company and our stakeholders need the best protection available: With the FireEye EX series, this is exactly what we have.”

- Senior IT Security Manager, Insurance Industry Giant

Global Insurance Giant Adopts FireEye Email Security

One of the world’s largest insurance companies now protects its email accounts from spear phishing and malware with FireEye Email Security. Learn about their security selection process, deployment experience and next steps.

Read the Customer Story 

Real-time quarantine of malicious emails

To block spear-phishing emails, FireEye Email Security analyzes every attachment and URL using the purpose-built FireEye Multi-Vector Virtual Execution™ (MVX) engine that accurately identifies today’s advanced attacks. If an attack is confirmed, it quarantines the malicious email for further analysis or deletion.

Fights blended attacks across Web and email threat vectors

Advanced attacks use a spearphishing email as the opening salvo of a multi-vector attack strategy. In order to reveal the entire attack life cycle, FireEye Email Security is often deployed along with the FireEye Network Security and Central Management series to correlate malicious URLs with the originating emails and the intended targets. FireEye Central Management then locally distributes new malware intelligence to the entire FireEye deployment in real time.

YARA-based rules enables customization

FireEye Email Security supports custom YARA rules to enable security analysts to specify and test rules for analyzing email attachments containing threats targeting their organization.

Dynamic analysis of zero-day email attacks

FireEye Email Security uses the signature-less MVX engine which stops advanced attacks that exploit OS, browser and application vulnerabilities as well as malicious code embedded in common file and multimedia content. The MVX engine reports
forensic details of the threat, such as the vulnerability exploited in a buffer overflow and callback coordinates used to exfiltrate data.

Threat intelligence sharing across the enterprise

The resulting dynamically generated, real-time threat intelligence can help all FireEye products protect the local network through integration with the FireEye Central Management platform.

This intelligence can be shared globally through the FireEye Dynamic Threat Intelligence™ (DTI) cloud to notify all subscribers of emerging threats.


Spear-Phishing Attacks

A practical how-to guide for combating spear phishing threats.

Download White Paper 

Effective Ransomware Response Strategies

Learn more about ransomware and how to successfully combat it.

Download Now 

Technical Specifications

EX 3400 EX 5400 EX 8400 EX 8420
Performance* Performance* Up to 150,000 emails per dayUp to 150,000 emails per day Up to 300,000 emails per dayUp to 300,000 emails per day Up to 600,000 emails per dayUp to 600,000 emails per day Up to 600,000 emails per dayUp to 600,000 emails per day
Network Interface PortsNetwork Interface Ports 2x 10/100/1000BASE-T Ports 2x 10/100/1000BASE-T Ports 2x 10/100/1000BASE-T Ports 2x 10/100/1000BASE-T Ports 2x 10/100/1000BASE-T Ports 2x 10/100/1000BASE-T Ports 2x 1000BASE-SX Fiber Optic Ports (LC Multimode) 2x 1000BASE-SX Fiber Optic Ports (LC Multimode)
Management Ports Management Ports 1x 10/100/1000BASE-T Ports 1x 10/100/1000BASE-T Ports 1x 10/100/1000BASE-T Ports 1x 10/100/1000BASE-T Ports 1x 10/100/1000BASE-T Ports 1x 10/100/1000BASE-T Ports 1x 10/100/1000BASE-T Ports 1x 10/100/1000BASE-T Ports
IPMI Port (rear panel)IPMI Port (rear panel) Included Included IncludedIncluded IncludedIncluded IncludedIncluded)
Front Panel LCD & KeypadFront Panel LCD & Keypad Included Included IncludedIncluded IncludedIncluded IncludedIncluded
PS/2 Keyboard and Mouse, DB15 VGA ports (rear panel)PS/2 Keyboard and Mouse, DB15 VGA ports (rear panel) IncludedIncluded IncludedIncluded IncludedIncluded IncludedIncluded
USB Ports (rear panel) USB Ports (rear panel) 2x Type A USB Ports2x Type A USB Ports 2x Type A USB Ports2x Type A USB Ports 2x Type A USB Ports2x Type A USB Ports 2x Type A USB Ports2x Type A USB Ports
Serial Port (rear panel) Serial Port (rear panel) 115,200 bps, No Parity, 8 Bits, 1 Stop Bit115,200 bps, No Parity,8 Bits, 1 Stop Bit 115,200 bps, No Parity, 8 Bits, 1 Stop Bit115,200 bps, No Parity,8 Bits, 1 Stop Bit 115,200 bps, No Parity, 8 Bits, 1 Stop Bit115,200 bps, No Parity,8 Bits, 1 Stop Bit 115,200 bps, No Parity, 8 Bits, 1 Stop Bit115,200 bps, No Parity,8 Bits, 1 Stop Bit
Storage Capacity Storage Capacity 2x 600 GB HDD, RAID 1, 2.5 inch, FRU2x 600 GB HDD, RAID 1,2.5 inch, FRU 2x 600 GB HDD, RAID 1, 2.5 inch, FRU2x 600 GB HDD, RAID 1,2.5 inch, FRU 2x 600 GB HDD, RAID 1, 2.5 inch, FRU2x 600 GB HDD, RAID 1, 2.5 inch, FRU 2x 600 GB HDD, RAID 1, 2.5 inch, FRU2x 600 GB HDD, RAID 1,2.5 inch, FRU
Enclosure Enclosure 1RU, Fits 19 inch Rack1RU, Fits 19 inch Rack 1RU, Fits 19 inch Rack1RU, Fits 19 inch Rack 2RU, Fits 19 inch Rack2RU, Fits 19 inch Rack 2RU, Fits 19 inch Rack2RU, Fits 19 inch Rack
Chassis Dimensions (WxDxH)Chassis Dimensions(WxDxH) 17.2” x 27.8” x 1.70” (437 x 706 x 43.2 mm)17.2” x 27.8” x 1.70” (437 x 706 x 43.2 mm) 17.2” x 27.8” x 1.70” (437 x 706 x 43.2 mm)17.2” x 27.8” x 1.70” (437 x 706 x 43.2 mm) 17.2” x 28.0” x 3.41” (437 x 711 x 86.6 mm)17.2” x 28.0” x 3.41” (437 x 711 x 86.6 mm) 17.2” x 28.0” x 3.41” (437 x 711 x 86.6 mm)17.2” x 28.0” x 3.41” (437 x 711 x 86.6 mm)
AC Power SupplyAC Power Supply Redundant (1+1) 750 watt,100 - 240 VAC, 9 – 4.5A,50-60 Hz, IEC60320-C14 inlet, FRURedundant (1+1) 750 watt,100 - 240 VAC, 9 – 4.5A, 50-60 Hz, IEC60320-C14 inlet, FRU Redundant (1+1) 750 watt, 100 - 240 VAC, 9 – 4.5A, 50-60 Hz, IEC60320-C14 inlet, FRURedundant (1+1) 750 watt, 100 - 240 VAC, 9 – 4.5A, 50-60 Hz, IEC60320-C14 inlet, FRU Redundant (1+1) 750 watt,100 - 240 VAC, 9 – 4.5A,50-60 Hz, IEC60320-C14 inlet, FRU Redundant (1+1) 750 watt, 100 - 240 VAC, 9 – 4.5A, 50-60 Hz, IEC60320-C14 inlet, FRU Redundant (1+1) 750 watt, 100 - 240 VAC, 9 – 4.5A, 50-60 Hz, IEC60320-C14 inlet, FRU Redundant (1+1) 750 watt, 100 - 240 VAC, 9 – 4.5A, 50-60 Hz, IEC60320-C14 inlet, FRU
DC Power SupplyDC Power Supply Not AvailableNot Available Not AvailableNot Available Not AvailableNot Available Not AvailableNot Available
Power Consumption Maximum (watts)Power Consumption Maximum (watts) 296 watts 296 watts 468 watts468 watts 509 watts509 watts 509 watts509 watts
Thermal Dissipation Maximum (BTU/h) Thermal Dissipation Maximum (BTU/h) 1010 BTU/h1010 BTU/h 1597 BTU/h1597 BTU/h 1737 BTU/h1737 BTU/h 1737 BTU/h1737 BTU/h
MTBF (h)MTBF (h) 35,400 h35,400 h 34,600 h34,600 h 59,800 h59,800 h 59,800 h59,800 h
Appliance Alone / As Shipped Weight lb. (kg) Appliance Alone / As Shipped Weight lb. (kg) 31 lb. (14 kg) / 46 lb. (21 kg) 31 lb. (14 kg) / 46 lb. (21 kg) 32 lb. (15 kg) / 47 lb. (21 kg)32 lb. (15 kg) / 47 lb. (21 kg) 42 lb. (19 kg) / 58 lb. (26 kg) 42 lb. (19 kg) / 58 lb. (26 kg) 42 lb. (19 kg) / 58 lb. (26 kg)42 lb. (19 kg) / 58 lb. (26 kg)
Security CertificationsSecurity Certifications CC NDPP v1.1CC NDPP v1.1 CC NDPP v1.1CC NDPP v1.1 CC NDPP v1.1CC NDPP v1.1 CC NDPP v1.1CC NDPP v1.1
Operating TemperatureOperating Temperature 10° C to 35° C10° C to 35° C 10° C to 35° C10° C to 35° C 10° C to 35° C10° C to 35° C 10° C to 35° C10° C to 35° C
Operating Relative HumidityOperating Relative Humidity 10% to 85% (non-condensing)10% to 85% (non-condensing) 10% to 85% (non-condensing)10% to 85% (non-condensing) 10% to 85% (non-condensing)10% to 85% (non-condensing) 10% to 85% (non-condensing)10% to 85% (non-condensing)
Operating AltitudeOperating Altitude 5,000 ft.5,000 ft. 5,000 ft.5,000 ft. 5,000 ft.5,000 ft. 5,000 ft.5,000 ft.

Note: All performance values vary depending on the system configuration and traffic profile being processed.

Actionable Threat Intelligence

Alerts generated by the FireEye Email Security can be optionally combined with the FireEye Advanced Threat Intelligence (ATI) portal to understand the source, severity, risk, mitigation options and other contextual information about the attack. The portal provides rich visualization of statistics so that security teams can quickly see the context and trends that matter.


An additional option for gaining deeper insight into FireEye intelligence is ATI+. ATI+ subscribers get access to the FireEye Intelligence Center (FIC) and continuous monitoring.


FIC provides comprehensive dossiers, trends, news and analysis on advanced threat groups as well as profiles of targeted industries. Continuous monitoring provides 24/7/365 critical alert and detection efficacy monitoring by FireEye analysts.

Message Queue Management

FireEye Email Security provides a high degree of control over the email messages it scans. For active protection-mode deployments, messages can be tracked and managed as they move through the MTA queue; email attributes can be used to search and verify that messages were received, analyzed and delivered to the next hop and trends over time can be monitored through an intuitive dashboard. Explicit allow and block lists provide custom control over email processing.

About FireEye, Inc.

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence and worldrenowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent and respond to cyber attacks. FireEye has over 5,300 customers across 67 countries, including more than 825 of the Forbes Global 2000.