We just raised a $30M Series A: Read our story

FireEye Network Security OverviewUNIXBusinessApplication

FireEye Network Security is #6 ranked solution in top Advanced Threat Protection (ATP) tools. IT Central Station users give FireEye Network Security an average rating of 8 out of 10. FireEye Network Security is most commonly compared to Palo Alto Networks WildFire:FireEye Network Security vs Palo Alto Networks WildFire. The top industry researching this solution are professionals from a computer software company, accounting for 26% of all views.
What is FireEye Network Security?

FireEye Network Security is an advanced threat protection and breach detection platform that provides industry leading threat visibility and protection against the world’s most sophisticated and damaging attacks. By leveraging FireEye’s unique technologies and threat intelligence, FireEye Network Security detects what other security solutions miss, providing holistic security from the perimeter to the network core.

FireEye Network Security was previously known as FireEye.

Buyer's Guide

Download the Advanced Threat Protection (ATP) Buyer's Guide including reviews and more. Updated: November 2021

FireEye Network Security Customers

FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems

FireEye Network Security Video

Pricing Advice

What users are saying about FireEye Network Security pricing:
  • "Its price is a bit high. A small customer cannot buy it. Its licensing is on a yearly basis."
  • "The user fee is not as high but the maintenance fee is expensive."
  • "It's an expensive solution."

FireEye Network Security Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Chandan-Singh
Sr Technical Consultant at a tech services company with 51-200 employees
Real User
Top 5
A reliable and complete network protection solution that protects from signature-based and signature-less attacks and has powerful logging

Pros and Cons

  • "It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
  • "I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went."
  • "Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."
  • "They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."

What is our primary use case?

We implement this solution for our clients for the complete protection of their network.

What is most valuable?

It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye. 

I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went.

What needs improvement?

Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone.

They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules.

What do I think about the stability of the solution?

It is very reliable. Its hardware is also very robust. I have not heard anything about device failures. Its hardware can survive at 50-degree temperature.

What do I think about the scalability of the solution?

Its scalability is good, but it depends on the features you are using. If you are using all the features, you might have to upgrade the boxes. It can scale to a certain level. For example, if you have 100 users, it can cater to 120 or 150 users, but it cannot cater to over 200 users. A lot of time, because of money issues or some other issues, customers just buy the hardware for their current needs, and they don't consider the future requirements. It is not something that is related to the scalability of FireEye.

We do not use it in our company. We are a partner of FireEye, and we implement it for our customers. I have seen customers using it for maybe 4,000 or 5,000 users.

How are customer service and technical support?

Their tech support is based in India. They are very supportive.

How was the initial setup?

It is very user-friendly. You just plug in the serial console, and you'll just get all the options. You just type the question mark symbol in CLI, and it will show all available options. The setup was pretty straightforward. I was able to do the basic configuration within 30 minutes. Rules and policy optimization can take a long time, but the basic configuration is pretty smooth and quick.

What's my experience with pricing, setup cost, and licensing?

Its price is a bit high. A small customer cannot buy it. Its licensing is on a yearly basis.

What other advice do I have?

I would definitely recommend this solution. Anyone who is looking for a complete network protection solution and does not have any budget issues should definitely go for it.

I would rate FireEye Network Security a ten out of ten for technology and security.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
ITCS user
Lead Program Manager at a computer software company with 10,001+ employees
Real User
Top 5Leaderboard
Stable, protective, easy to set up, and has a lot of features to scan vulnerabilities

Pros and Cons

  • "It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
  • "I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."

What is our primary use case?

We are using it from the perspective of data protection. We have two types of data that is coming. One is the actual data or the customer data that comes into our premises, and the second is the internet traffic that comes into our organization. FireEye devices scan all the traffic that comes through the tools on which we have configured FireEye, and they also analyze a lot of traffic.

What is most valuable?

It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities.

What needs improvement?

I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. 

They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet.

For how long have I used the solution?

We have been using FireEye for a couple of years.

What do I think about the stability of the solution?

It is stable.

How are customer service and technical support?

They are very good. They follow the SLA and have two types of support. Premium support is available 24/7, and it is more customized.

Which solution did I use previously and why did I switch?

We were using an IBM product.

How was the initial setup?

Its installation is quite easy. It is a straightforward installation unless you are using multiple technologies in your environment. If you are using Radware and other stuff, your FireEye needs to understand all the technologies. It needs to understand the data coming in from the switch and the data sent from the hardware devices and the load balancer. It tends to take a little time to understand the data traffic, but it is easy to implement. It takes about an hour.

What about the implementation team?

We had a consultant. Configuring the device takes about an hour, but we also have the backend configuration related to our environment, which takes a bit more time.

We work across the globe. From the data center perspective, we have about 13 locations across the globe where we have implemented this solution. Two to three people are enough for its implementation.

What other advice do I have?

I would recommend this solution to others. We plan to keep using this solution. We have just migrated to the latest FireEye devices.

I would rate FireEye Network Security an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Find out what your peers are saying about FireEye, Palo Alto Networks, Broadcom and others in Advanced Threat Protection (ATP). Updated: November 2021.
554,873 professionals have used our research since 2012.
Yaser Aljohani
OT/ICS Information Security Specialist at SANS
Real User
Top 10
Good support, easy to implement, and proactively tests incoming files for malicious behavior

Pros and Cons

  • "The most valuable feature is MVX, which tests all of the files that have been received in an email."
  • "It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto."

What is our primary use case?

We use FireEye to protect our web and email traffic.

What is most valuable?

The most valuable feature is MVX, which tests all of the files that have been received in an email. It uses virtual machines to test the behavior of the files and determine whether they are malicious in nature. If there is any abnormal activity then the file will be blocked. The corresponding hash value will then be recorded, submitted to the cloud, and added to the blacklist.

What needs improvement?

It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto. They should be sharing their threat database and information. For example, if something is discovered by FortiSandbox or the Palo Alto Sandbox, it should be announced to all of the vendors so that they can take action and block these files.

FireEye can be improved in terms of network visibility. Some minor enhancements are needed.

For how long have I used the solution?

I have been working with FireEye for about three years.

What do I think about the stability of the solution?

The stability is very good.

What do I think about the scalability of the solution?

Scalability has been okay until now. If there is a major expansion in the future then we will proceed with that as it comes.

How are customer service and technical support?

I have been in contact with technical support and I find them to be good.

How was the initial setup?

I found the initial setup straightforward.

What about the implementation team?

We had assistance with the implementation.

What other advice do I have?

My advice to anybody who is implementing this solution is to fine-tune based on the use cases. Test the solution, monitor the alerts, and be proactive about anything that shows up. If there is any abnormal activity then be sure to take action quickly, and also, ensure that there is policy in place for other departments to act accordingly when malicious traffic is detected.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PP
ciso at SDIS49
Real User
Top 5Leaderboard
Stable threat protection that is easy to set up, and the appliances are good

Pros and Cons

  • "The server appliance is good."
  • "Technical packaging could be improved."

What is most valuable?

The server appliance is good.

What needs improvement?

Technical packaging could be improved.

It would be helpful to receive access to the administration of the product.

For how long have I used the solution?

We have been working with FireEye Network Security for one year.

What do I think about the stability of the solution?

It's a stable solution.

What do I think about the scalability of the solution?

If you choose a good appliance, it could be scalable. 

You have a login to your applications.

We are 600 users who are on the payroll, but in total, we have 3,000 and 2,400 of which are volunteers.

How are customer service and technical support?

Technical support is rather good. But it's very restrictive, it's false of maintenance. 

If you're don't authenticate it each month, you have to ask for another password and it's a little bit repressive.

Which solution did I use previously and why did I switch?

Previously, we have not used another solution, because it's a compliment to TruePoint Securities.

The CheckPoint product is very strong, but we have found that some cases on CheckPoint lessons are not on the list.

How was the initial setup?

The initial setup was straightforward, you can do it by yourself. 

You don't have to find a partner or a FireEye expert.

What's my experience with pricing, setup cost, and licensing?

The pricing is not reasonable. The user fee is not as high but the maintenance fee is expensive.

What other advice do I have?

For the next project, we will be doing comparisons for massive attacks.

We have been customers for five years and we have a very good relationship with them.

It's not the first line of defense. It's for us to subline of defense itself. It depends on the analysis of the threat.

An alternative tool could be Endpoint security.

I think we will put in service for Endpoint Security, soon. But network security is aligned more in your defense unison.

I would rate FireEye Network Security an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
SB
Sr Manager - Information Security & Researcher at a tech services company with 1,001-5,000 employees
Real User
Top 5Leaderboard
Very functional with its own ecosystem of products integrated with an inbuilt SIEM

Pros and Cons

  • "Very functional and good for detecting malicious traffic."
  • "Technical support could be improved."

What is our primary use case?

The solution can be used for detecting malicious traffic based upon known IOCs and it's integrated with the artificial intelligent speed, so we're able to recognize which IOCs are matching and their threat attribution.

What is most valuable?

I think there are some very functional features in FireEye when you compare the solution to traditional SIEM solutions. Traditional SIEM solutions don't have their own IPS/IDS functionalities and they integrate with third party WANs. In contrast, FireEye has created an ecosystem of products integrated with their own SIEM, which is cloud-based and integrates with network security, email security, host security and the like. 

What needs improvement?

The support is somewhat lacking with long response times. The expectation is that when it comes to security response, technical support should be readily available.

For how long have I used the solution?

I've been using this solution for four years. 

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

The solution is scalable with different modules of NX appliance which is a passive IPS/IDs for different bandwidth capacities. It's a matter of using the appropriate ones. 

How was the initial setup?

The initial setup is straightforward. There is one template for location where we installed the virtual appliance and once that was up and running, it was fine. We had four or five people in the network team that set up the appliances.

What's my experience with pricing, setup cost, and licensing?

We pay an annual subscription fee. 

Which other solutions did I evaluate?

We evaluated three options and decided to go with FireEye.

What other advice do I have?

I would recommend this solution and rate it nine out of 10. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Sagi Zelinger
Professional Services Division Manager at 2Bsecure
Reseller
Top 5
Agile, easy to scale, and the network security module is good

What is our primary use case?

We are using this solution for sandboxing on all channels.

What is most valuable?

The most valuable feature is the network security module. It is better than other solutions and it can make and find electrical movement. Also, the attack vector is a feature that no one else offers. Overall, it's a great solution.

What needs improvement?

It is very expensive, the price could be better. 

For how long have I used the solution?

I have been using FireEye Network Security for a couple of years. We are using the latest version.

What do I think about the stability of the solution?

It's a stable solution. It's very agile.

What do I think about the scalability of the solution?

The scalability is great.  You don't have to purchase another…

What is our primary use case?

We are using this solution for sandboxing on all channels.

What is most valuable?

The most valuable feature is the network security module. It is better than other solutions and it can make and find electrical movement.

Also, the attack vector is a feature that no one else offers.

Overall, it's a great solution.

What needs improvement?

It is very expensive, the price could be better. 

For how long have I used the solution?

I have been using FireEye Network Security for a couple of years.

We are using the latest version.

What do I think about the stability of the solution?

It's a stable solution. It's very agile.

What do I think about the scalability of the solution?

The scalability is great. 

You don't have to purchase another machine, but if you want, you can add another one. It goes through the cluster very smoothly.

I am part of the professional services with multiple organizations and multiple users.

How are customer service and technical support?

Technical support is great.

How was the initial setup?

The initial setup was complex because there were some bugs, but the professional service of FireEye was able to resolve them.

It took a long time to deploy.

What about the implementation team?

We are a reseller and the professional services of FireEye.

What's my experience with pricing, setup cost, and licensing?

It's an expensive solution.

Which other solutions did I evaluate?

We evaluated other solutions before choosing FireEye.

What other advice do I have?

I would recommend this solution to others interested in using it.

I would rate FireEye Network Security a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Buyer's Guide
Download our free Advanced Threat Protection (ATP) Report and find out what your peers are saying about FireEye, Palo Alto Networks, Broadcom, and more!