What do you like most about FireEye Network Security?
Thanks for sharing your thoughts with the community!
The most valuable feature is MVX, which tests all of the files that have been received in an email.
If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution.
The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money.
Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams.
The most valuable feature is the view into the application.
It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us.
The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks.
Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser.
We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up.
Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities.
Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening.
The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security.