We use the solution in our servers and workstations for Endpoint Detection and Response. 

We use FireEye Network Security to secure the internet link. The solution works as an inline sandbox. Additionally, it can scan and monitor all uploads and downloads, and internet browsed links.

In my company, the solution is used for our endpoints.

It is mostly an NTAP tool. It is just blocking the CNC domains. That is the primary use case.

The solution has been in place for quite some time – three or four years. We've renewed it several times, and we upgraded from Gen 3 to Gen 4 hardware at one point as well.

Currently, it's integrated with our firewall and McAfee IPS. We also have network-based sandboxing deployed. It uses static and dynamic analysis engines, so we get alerts if malicious traffic is detected or harmful objects are downloaded.

We've been using their PX solution for packet capture, which is the core of their NDR functionality. But we haven't fully adopted the combined product – NX and PX  – yet because they are still separate. 

The storage requirements for raw packet capture, especially with our traffic levels, make it quite expensive.  And that's true for many security products. I feel like NDR is pretty expensive. 

However, this is especially true about raw packet capture for network telemetry – the storage requirements with RAID 0 become quite expensive, regardless of the solution.

We use the product because our customers want to fix a web gateway and NDR so that they can watch the incoming traffic.

We implement this solution for our clients for the complete protection of their network.

Our primary use of the solution is monitoring network security and intrusion detection.

The solution can be used for detecting malicious traffic based upon known IOCs and it's integrated with the artificial intelligent speed, so we're able to recognize which IOCs are matching and their threat attribution.

Our primary use case if for zero-day identifying anomalies and zero-day vulnerabilities without requiring signature recognition.

We are using the file security scanner. The solution is used to monitor network traffic for network-based malware.

We use FireEye to protect our web and email traffic.

Our primary use case is for endpoint protection. We need the solution to integrate with the firewall so that we could get some threat intel based on the kinds of malicious factors that we are getting on the internet at work. We are working to optimize it with the firewall and the other tools we are using for network protection.

Our primary use case is for application filtering and security. 

We are using this solution for sandboxing on all channels.

We are using it from the perspective of data protection. We have two types of data that is coming. One is the actual data or the customer data that comes into our premises, and the second is the internet traffic that comes into our organization. FireEye devices scan all the traffic that comes through the tools on which we have configured FireEye, and they also analyze a lot of traffic.

My primary use case for this solution is world gateway or an email gateway for forensic tools.

We use FireEye NX to monitor our networking traffic and FireEye EX to monitor our email traffic. So, it's mostly for blocking malicious traffic.

We implemented this solution for our customers. The primary use case is for Advanced Persistent Threat detection at a network level.

Implementing at customer sites. Conducting pre-sales and PoC demos for customers and providing technical support to customers on behalf of FireEye.

We use FireEye to prevent cyber attacks. 

This solution is our firewall protection.