The Latest FireEye News
Product and Solution Information, Press Releases, Announcements
|FireEye Scales Threat Protection Management with New Release; Bolsters Email Threat Protection and Operational Readiness|
|Posted: Thu Jan 30, 2014 02:45:41 PM|
New FireEye OS 7.1 Simplifies Virtual Machine-based Security Management as Well as Extends VM Analysis to IPv6 Traffic.
Milpitas, CA -- January 30, 2014 -- FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, today announced FireEye OS 7.1, a major update to the FireEye OS that offers more scalable management capabilities to the CM series, IPv6 network security support to the NX series, and enhanced email threat analysis capabilities to the EX series. FireEye OS 7.1 will be generally available by the end of February 2014.
With FireEye OS 7.1, organizations can scale central management to deployments of hundreds of FireEye appliances and automate enterprise-wide alert notifications and responses using new Web services APIs. The new version also introduces security enhancements across the board, including security analysis of IPv6 network traffic within the NX series and enhanced email analysis of malicious files delivered through HTTP in the EX series. This broad update further enhances the FireEye comprehensive solution to protecting enterprises' most critical assets from advanced malware and targeted attacks.
To combat the increasing number of email-based attacks that take advantage of weaknesses in traditional anti-virus solutions, the new release introduces dynamic scanning of URLs sent via email that link to malicious files. FireEye EX now analyzes emails not only for malicious attachments, but also performs email header analysis and analyzes the URLs linking to suspicious files. Email header analysis enables FireEye to apply email specific threat intelligence to enhance detection and identification of advanced persistent threats (APTs).
"Over the course of our beta test we caught attacks that got through other layers of security," said Dimitri Limanovski, principal security engineer at Ellucian. "It wasn't the number of attacks that got through; it was the nature of what was attacking our network. We need to stop the most potent zero-day attacks and the new dynamic URL scanning from FireEye kept these from hitting our network."
According to Gartner, targeted attacks remain a significant weakness for companies that rely on traditional security solutions.
"The rise of the targeted attack is shredding what is left of the anti-malware market's stubborn commitment to reactive protection techniques. Improving the malware signature distribution system, or adapting behavior detection to account for the latest attack styles, will not improve the effectiveness rates against targeted attacks. When 35 percent of reference customers for Endpoint Protection Platform solutions have been successfully compromised, it is clear that the industry is failing in its primary goal of keeping malicious code off PCs." (Source, Gartner, Magic Quadrant for Endpoint Protection Platforms, P. Firstbrook, J. Girard, N. MacDonald, January 8, 2014).
"Organizations of all sizes are experiencing higher volume and more sophisticated attacks as cybercriminals take advantage of weaknesses in traditional email security solutions and use the scale of the internet to their advantage," said Manish Gupta, senior vice president of products at FireEye. "With the latest version of FireEye OS we've added more capabilities to our threat protection platform to augment email security and simplified the management of virtual machine threat protection, making it easier to scale their FireEye deployment and take back the advantages of technology and scale from cybercriminals."
New in FireEye OS 7.1
Comprehensive Management Capabilities
FireEye OS 7.1 updates the CM management platform to scale to hundreds of FireEye appliances and provides a central management system that scales as organizations deploy the complete FireEye protection architecture with NX, EX, FX, and AX platforms. The FireEye CM platform organizes the real-time advanced threat intelligence sent from each appliance and correlates the threat intelligence. Also on the CM series, the 7.1 release introduces new Web services APIs so customers can programmatically query or submit data to automate forensics analysis and IR workflows. The CM series serves as the distribution hub ensuring the entire FireEye deployment has the same dynamic protections against advanced targeted attacks.
In addition, the release updates the local management within the NX, EX, and CM series with new role-based access controls, audit logging, complex passwords, and improved appliance health monitoring (SNMP).
Secure IPv6-enabled Networks Against Web-based Advanced Attacks
New to FireEye OS 7.1 are capabilities to secure IPv6 traffic. The FireEye NX series protects networks ranging from 10 Mbps to 4 Gbps. Organizations of all sizes can consolidate IT resources and lower the total cost of threat protection while choosing a solution that can scale as IPv6 adoption gains momentum throughout networks worldwide. The new release also enhances the FireEye NX platform with a new enterprise dashboard.
Enhanced Email Security
The new release updates the EX platform with dynamic scanning of URLs sent via email that link to malicious files, email header analysis, and congestion management. FireEye EX analyzes emails not only for malicious attachments but also the email header and URLs linking to suspicious objects that can be analyzed within the FireEye Multi-Vector Virtual Execution (MVX) engine. The update also includes "bypass control" congestion management enhancements to provide a way to ensure scanning of all emails regardless of volume. The graceful mechanism to 'flow control' oncoming traffic provides a robust way to ensure that each and every attachment in every email gets analyzed by the MVX engine. This enhances overall email security with a single appliance and integrates with the FireEye NX series for advanced Web attack analysis and correlation. This allows organizations to move beyond traditional signature or reputation-based protections which are ineffective against today's fast-moving, constantly changing threats.