FireEye Endpoint Security Review

Detects malicious behavior across all common and controlled traffic throughputs


What is our primary use case?

FireEye Endpoint Security is positioned as an Endpoint Detection and Response (EDR) product. 

We are a distributor of the FireEye product. We offer a combination FireEye package. We offer the product in many sectors, like banking and government.

We use the latest version.

We offer it in a private cloud model for our customers who want to build a security operations centers in their environment.

What is most valuable?

The most valuable network security feature is the network sandbox solution. This sandbox feature works on traffic flow. Detects multi stages attacks based on MVX analytics engine which detects zero-day, multi-flow and other evasive attacks with dynamic, signature-less analysis in a safe, virtual environment. It stops infection and compromise phases of the cyber-attack kill chain by identifying never-before-seen exploits and malware.

It has capabilities like machine learning and endpoint protection as an antivirus.

The investigation and forensic analysis have been most helpful.

What needs improvement?

They could use a Host Intrusion Prevention System (HIPS) and application control module.

If you have another endpoint product running on the same machine, you have to fine tune functions from FireEye to avoid performance and user experience issues.

What do I think about the stability of the solution?

It is stable. There are zero false positive solutions, not like other solutions.

What do I think about the scalability of the solution?

We plan to increase our usage.

How are customer service and technical support?

They have a strong technical support.

If you previously used a different solution, which one did you use and why did you switch?

Before FireEye, we used McAfee Endpoint Protection and Trend Micro.

How was the initial setup?

The setup was straightforward.

Our deployment and implementation strategies have to remain agile. Every customer requirement is different. Some implementations require a direct connection and so it will take, for SMB customers, a day more or less. For larger enterprises according to the distribution and the need for more trenches with lots of internet gateways, it could take up to five days. E.g., the deployment could take two to three days with 500 users.

What about the implementation team?

Our technical team does the implementation.

We require two to three people for deployment and maintenance.

What's my experience with pricing, setup cost, and licensing?

The current pricing is much better than before because they now offer product-related promotions along with some changes in product licensing. The new pricing model is better than before.

It is a yearly subscription-based product, which includes the license and hardware. There is also a subscription for technical support up to five years.

It is inexpensive with a competitive price.

Which other solutions did I evaluate?

We also looked at Palo Alto Networks Traps and Trend Micro.

What other advice do I have?

It offers protection from the latest threats.

Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor.
Add a Comment
Guest
Sign Up with Email