The endpoint threat prevention platform works with other FireEye threat prevention platforms to integrate network and endpoint security. The HX platform leverages indicators of compromise from other FireEye platforms (NX, EX, FX, AX) to rapidly validate if a compromise has affected the endpoint. By continuously monitoring all hosts, the HX series extends network alerts by finding matching activity on the endpoint.
Once an incident on the endpoint is confirmed, the HX series can immediately contain compromised endpoints and interrupt attacks in progress, while continuing to allow restricted access for forensic investigation.
In addition, to address the widespread use of mobile devices, the Agent Anywhere™ technology allows the FireEye HX to monitor endpoints outside the corporate network. This helps ensure that threat validation and containment applies equally to devices both inside and outside the corporate network.
Endpoint Security Solution Overview
Threat Monitoring and Validation
- Validates network alerts by finding matching activity on endpoints
- Monitors all hosts for threats seen on the perimeter or identified by other threat prevention platforms
- Provides uninterrupted coverage for assets outside the corporate network by using the proven Agent Anywhere™ technology
- Contains compromised endpoints to immediately interrupt attacks in progress
- Blocks all network communications at the host level through an approval workflow before any time-consuming analysis of the threat
- Provides access to further investigate the system to ensure system security, while allowing the host to continue to communicate to approved IPs
No comments:
Post a Comment