product
- Line up
- File Security: Malware File Storage Scanning
- Integrated management solution: Central Management
- Email Security: Cloud Edition
- Endpoint Security: Endpoint
- File threat countermeasures on cloud services "FireEye Detection On Demand"
- Cloud governance enhancement "Cloudvisory"
- Network Security: Network Security
- Forensics: Malware File Scanning/Network Forensics
- Email Security: Server Edition
FireEye
FireEye
Industry's fastest network forensics platform "FireEye Network Forensics Platform & Investigation Analysis"
Combining FireEye's Network Forensics and Investigation Analysis systems creates the industry's fastest solution for lossless packet capture and retrieval, providing centralized analysis. and visualization capabilities. Combining this high-speed packet capture capability with analysis tools to aid in incident investigations further enhances FireEye's threat detection and prevention capabilities.
Reliable capture
Most of the conventional network forensics products have an upper limit of 1 Gbps for capturing speed per unit. Network forensics products need to capture and investigate not only communication between terminals and the Internet, but also communication between terminals and between terminals and between terminals and servers, so 1 Gbps is often not enough. Network Forensics is a network forensics product that can capture up to 20Gbps without packet loss.
High-speed search using patented technology
Network forensics requires trial and search, but some products take about a day to respond to a single query. Real-time research is not possible. Network Forensics delivers search speeds that surpass other forensics products with Real-time Indexing, a US patent-pending hierarchical indexing technique.
What is network forensics
A network forensics tool (NFT) is a product developed for the purpose of preserving evidence and investigating the cause of an incident such as an information leak caused by an internal or external attacker. It has a function to store and analyze communication information, generally called packets, and can be compared to a security video in a communication path. In recent years, along with the increase in advanced attacks such as targeted attacks, there has been an increase in information leaks using malware, etc., and the need for products in this area is increasing.
Network forensics products provided by FireEye consist of the following three lineups.
- Packet Capture, Investigation Analysis
| Usage |
Search by Layer 4 PCAP取得 File extraction Restful API |
Search byLayer7 Acquisition of PCAP File extraction Search across multipleRestful APIs Based on Layer7 information |
| Equipment configuration |
Network Forensics Only |
Network Forensics w/ Investigation Analysis  |
