If you were talking to someone whose organization is considering FireEye Network Security, what would you say?
How would you rate it and why? Any other tips or advice?
My advice to anybody who is implementing this solution is to fine-tune based on the use cases. Test the solution, monitor the alerts, and be proactive about anything that shows up. If there is any abnormal activity then be sure to take action quickly, and also, ensure that there is policy in place for other departments to act accordingly when malicious traffic is detected. I would rate this solution an eight out of ten.
This solution generally performs well. I have seen some emails it allowed, which should have been categorized as malicious, but apart from those, I haven't seen any other problems. I would definitely recommend this product because I have seen many cases where other solutions were not able to catch malware, but FireEye raised a red flag. I have seen it work effectively in a production environment, and even catch zero-day malware when there is no signature present. I would rate this solution seven and a half out of ten.
Having a product deployed that fills our needs keeps us from having to consider major changes in looking to other products on the market to resolve other issues. I would rate it a seven out of ten.
On a scale of one to 10, with one being the worst and 10 being the best, I would you rate this product an 8. From a security perspective, it's pretty decent. It's just that I have seen it miss some semi loads or triggers when it's integrated with other products. On the flexibility scale, I think that's where the improvement needs to be achieved.
I would rate this solution at seven out of ten. It works and it's relatively easy to monitor.
It is a good bare bones solution for what they are looking for. However, if they wanted a more a robust solution, then they would probably have to look somewhere else or get additional FireEye products. It was probably one of the earlier things that we did within the maturity of our security environment. So, it was sort of a starting point. We are still working to get some other things implemented.
It brings a tremendous amount of value to your network environment. In terms of what we asked them to do, which is to help us to identify malicious code and threats, their product has delivered. It is one thing to have an advanced security tool, like FireEye, but equally important to have a staff and security program which puts themselves in positions to leverage the tool properly. In terms of maturity of the organization that I work with, it has a very mature security posture, which is necessary in our space because we are part of the financial critical infrastructure. So, we've been doing security for a very long time.
I would rate it a 7.5 out of ten.
There may be other tools that do this, but FireEye is part of the defense in depth. What other products miss, FireEye tends to pick up. I would rate it an eight out of ten.
The main advice for such product is if you don't have any visibility regarding your application you need to deploy the FireEye solution. Otherwise, you don't have any visibility for the SSM, for the web traffic, and the application solution. If you need security with reasonable pricing, this is a good solution. I would rate it a seven out of ten.
I would rate this solution an eight out of ten. I would recommend implementing FireEye, it's a great tool.
The world is currently shifting to AI, Artificial Intelligence engines. FireEye, now has nothing in the road map to shifting to AI. Other companies do have a roadmap for AI integration. Now the hacker is more intelligent. The hacker is going to hack the laptop for example, and an AI engine could be an excellent prevention mechanism.