Saturday, February 15, 2014

[fireeye] Endpoint Security (FireEye HX Series

The FireEye HX series is a threat prevention platform that helps drive faster, more accurate decisions about potential security incidents on endpoints. The HX series connects the dots between activity on the network and activity on the endpoints, improving the approach and reducing the time to remediate a security incident.
The endpoint threat prevention platform works with other FireEye threat prevention platforms to integrate network and endpoint security. The HX platform leverages indicators of compromise from other FireEye platforms (NX, EX, FX, AX) to rapidly validate if a compromise has affected the endpoint. By continuously monitoring all hosts, the HX series extends network alerts by finding matching activity on the endpoint.
Once an incident on the endpoint is confirmed, the HX series can immediately contain compromised endpoints and interrupt attacks in progress, while continuing to allow restricted access for forensic investigation.
In addition, to address the widespread use of mobile devices, the Agent Anywhere™ technology allows the FireEye HX to monitor endpoints outside the corporate network. This helps ensure that threat validation and containment applies equally to devices both inside and outside the corporate network.

Endpoint Security Solution Overview

Endpoint Security
The HX threat prevention platform for endpoint security provides:
Threat Monitoring and Validation
  • Validates network alerts by finding matching activity on endpoints
  • Monitors all hosts for threats seen on the perimeter or identified by other threat prevention platforms
  • Provides uninterrupted coverage for assets outside the corporate network by using the proven Agent Anywhere™ technology
Threat Containment
  • Contains compromised endpoints to immediately interrupt attacks in progress
  • Blocks all network communications at the host level through an approval workflow before any time-consuming analysis of the threat
  • Provides access to further investigate the system to ensure system security, while allowing the host to continue to communicate to approved IPs 

No comments:

Post a Comment