FireEye Network Security Review
Alert Dashboard is easy to navigate, but detection, reporting, policy management need improvement


Valuable Features

Simplified Alert Dashboard is straightforward to navigate.

Room for Improvement

1. Granular reporting

Need more attributes for each alert; e.g. protocol, time, type of attack, etc. These attributes could be used for report generation or to aid as search criteria.

2. Rule base

Create an option to create/add/edit rules in the existing policy. Most importantly, create room to add exceptions to false positive alerts. 

3. Use one appliance for both Web detection and email detection to reduce the cost of shipping and delivery.

4. Detection of .zip and .rar files.

Use of Solution

One to three years.

Stability Issues

Stability issues manifested in terms of throughput maximization.

Scalability Issues

There were scalability issues for the appliance-based solution, but not for the cloud-based solution.

Customer Service and Technical Support

I rate it eight out of 10.

Previous Solutions

I was not using anything previously.

Initial Setup

 Straightforward.

Pricing, Setup Cost and Licensing

Use cloud solution; pricing is a bit high.

Other Solutions Considered

Palo Alto.

Other Advice

I rate this solution at six out of 10. There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management. It would be great if we could create granular reports based on the protocols, types of attacks, regions of attack, etc. Also we would like to easily be able to add exceptions to rules in cases of false positives.

Disclosure: My company has a business relationship with this vendor other than being a customer: Value-added reseller.

Add a Comment

Guest
Why do you like it?

Sign Up with Email