FireEye Network Security Review

A reliable and complete network protection solution that protects from signature-based and signature-less attacks and has powerful logging

What is our primary use case?

We implement this solution for our clients for the complete protection of their network.

What is most valuable?

It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye. 

I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went.

What needs improvement?

Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone.

They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules.

What do I think about the stability of the solution?

It is very reliable. Its hardware is also very robust. I have not heard anything about device failures. Its hardware can survive at 50-degree temperature.

What do I think about the scalability of the solution?

Its scalability is good, but it depends on the features you are using. If you are using all the features, you might have to upgrade the boxes. It can scale to a certain level. For example, if you have 100 users, it can cater to 120 or 150 users, but it cannot cater to over 200 users. A lot of time, because of money issues or some other issues, customers just buy the hardware for their current needs, and they don't consider the future requirements. It is not something that is related to the scalability of FireEye.

We do not use it in our company. We are a partner of FireEye, and we implement it for our customers. I have seen customers using it for maybe 4,000 or 5,000 users.

How are customer service and technical support?

Their tech support is based in India. They are very supportive.

How was the initial setup?

It is very user-friendly. You just plug in the serial console, and you'll just get all the options. You just type the question mark symbol in CLI, and it will show all available options. The setup was pretty straightforward. I was able to do the basic configuration within 30 minutes. Rules and policy optimization can take a long time, but the basic configuration is pretty smooth and quick.

What's my experience with pricing, setup cost, and licensing?

Its price is a bit high. A small customer cannot buy it. Its licensing is on a yearly basis.

What other advice do I have?

I would definitely recommend this solution. Anyone who is looking for a complete network protection solution and does not have any budget issues should definitely go for it.

I would rate FireEye Network Security a ten out of ten for technology and security.

Which deployment model are you using for this solution?

**Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
More FireEye Network Security reviews from users
...who work at a Financial Services Firm
...who compared it with Check Point SandBlast Network
Find out what your peers are saying about FireEye, Palo Alto Networks, Broadcom and others in Advanced Threat Protection (ATP). Updated: September 2021.
534,057 professionals have used our research since 2012.
Add a Comment
ITCS user