Protecting Networks of Tomorrow with FireEye Today

Threat actors never stop innovating – neither should your network security. FireEye has unveiled four new models of its Network Security (NX) product family to address the ever-growing dynamics of today’s threat landscape.

And today’s threat landscape couldn’t be more challenging or demanding. Without question, 2017 should be known as the year of ransomware. FireEye intelligence alone noted the introduction of more than 60 new ransomware families in each quarter of 2017. More so, the sophistication of ransomware continues to evolve. For example, Petya ransomware self-propagates like a worm, moving laterally in a network to spread and infect connected endpoints.

Furthermore, types of attacks are changing too. Today we see more sophisticated threat actors going from "smash and grab" tactics to developing attacks that are geared for the long haul by maintaining persistence and removing forensic artifacts. As part of this, we see attackers becoming more adept at gaining credentials and escalating privileges.

Compounding this, network architectures continue to become more complex, making the asymmetric battle to protect them more challenging than ever. Visibility, or lack thereof, is rewriting the need for more flexible, innovative and capable solutions to address issues of encrypted traffic inspection, malware that targets Mac OS as well as Windows-based endpoints, and detecting suspicious lateral (East-West) movement. As network traffic grows, so too does the demand for increasing metadata collection and storage for alerts.

To address today’s changing threat landscape and dynamic enterprise networks, FireEye has unveiled four new models of its fifth generation Network Security (NX) appliances: the NX 2550, NX 3500, NX 4500 and NX 5500.

These new models sport a variety of new features, most notably twice the onboard storage for metadata and alert collection, as well as double port density, including 10Gbit/s SFP+ ports to meet the needs of advanced enterprise networks. 

These new fifth generation appliances offer superior price/performance when compared to third and fourth generation NX series, thus making the NX 2550 and NX 3500 ideal for midsize and fast-growing enterprises. Further adding value for tomorrow’s security needs, the NX 3500, NX 4500 and NX 5500 offer integrated hardware SSL acceleration to set the foundation for increased visibility and inspection of encrypted traffic.

Model

Integrated Appliance Throughput (Mbps)

Sensor Throughput (Mbps)

Effective Storage (w/ RAID 1)

NX 2550

250

500

4 TB

NX 3500

500

1,000

4 TB

NX 4500

1,000

2,000

4 TB

NX 5500

2,500

5,000

4 TB

In concert with the launch of the new FireEye NX appliances, the company also unveiled its latest OS, FEOS 8.0, which includes a bevy of new features and capabilities.

Top of the list for FEOS 8.0 is a completely new capability, SmartVision, which detects suspicious lateral (East-West) traffic. With SmartVision in place, security professionals gain a breakthrough tool in detecting stealthy attacks, and more so, when used in conjunction with NX at the perimeter, enterprises gain a holistic North-South and East-West security posture.

Additional FEOS 8.0 features include, but are not limited to:

• Stronger IPS – Additional IPS capabilities, which further enhances NX IPS functionality
• Multi-OS Support – Now, Mac OS is fully supported in addition to Windows
• Bursting to MVX Smart Grid – This new feature gives peace of mind to administrators when traffic exceeds on premise appliance capabilities.
• Advanced sensing – Here, FireEye extended its L7 meta data collection capabilities, further increasing network traffic visibility

Bottom line: threat actors never stop innovating, and neither does FireEye. The launch of our fifth generation NX appliances and FireEye OS 8.0 embody the commitment to deliver unparalleled capabilities to protect networks of tomorrow with FireEye today.