FireEye Network Security - NX Series
Effective protection against cyber breaches for midsize to large organizations
NX 2550, NX 3500, NX 5500, NX 10450 (not pictured NX 2500, NX 4500, NX10550)
FireEye Products
FireEye NX Series
Click here to jump to more pricing!
Overview:
Defend your network, data, and users with the fastest, most reliable cyber-attack protection available
FireEye Network Security is an effective cyber threat protection solution that helps organizations minimize the risk of costly breaches by accurately detecting and immediately stopping advanced, targeted and other evasive attacks hiding in Internet traffic. It facilitates efficient resolution of detected security incidents in minutes with concrete evidence, actionable intelligence and response workflow integration. With FireEye Network Security, organizations are effectively protected against today’s threats whether they exploit Microsoft Windows, Apple OS X operating systems, or application vulnerabilities; are directed at the headquarters or branch offices; or are hidden in a large volume of inbound Internet traffic that has to be inspected in real time.
At the core of FireEye Network Security are the Multi-Vector Virtual Execution (MVX) and Intelligence-Driven Analysis (IDA) technologies. MVX is a signature-less, dynamic analysis engine that inspects suspicious network traffic to identify attacks that evade traditional signature- and policybased defenses. IDA is a collection of contextual, dynamic rules engines that detects and blocks malicious activity in real-time and retroactively, based on the latest machine-, attacker- and victimintelligence. FireEye Network Security also includes intrusion prevention system (IPS) technology to detect common attacks using conventional signature matching.
FireEye Network Security is available in a variety of form factors, deployment and performance options. It is typically placed in the path of Internet traffic behind traditional network security appliances such as next-generation firewalls, IPS and secure web gateways (SWG). FireEye Network Security supplements these solutions by rapidly detecting both known and unknown attacks with high accuracy and a low rate of false positives, while facilitating an efficient response to each alert.
Typical configuration — Network Security solutions
Highlights:
FireEye Network Security is designed for high-performance, pervasive and consistent protection against threats across your organization with integrated security workflow and actionable contextual intelligence. It enables you to:
- Accurately detect and immediately stop attacks that evade other security devices, including file-based sandboxes
- Understand and prioritize critical alerts with reliable execution evidence and contextual insights
- Proactively defend and investigate threats with tactical intelligence from FireEye or a third party using the Structured Threat Information eXpression (STIX) format as well as contextual and strategic threat intelligence
- Deploy Network Security with integrated all-in-one hardware appliances or with a scalable and flexible on-premise or cloud-based distributed model
- Future-proof your investment with an extensible, modular architecture
- Provide your Microsoft Windows and Apple OS X users with the same level of threat protection
- Achieve quick protection with machine-, attacker- and victim-based intelligence applied as updates to your defenses every 60 minutes
- Shorten the solution payback period by eliminating the operational cost of triaging alerts manually
- Integrate and automate your security workflow to easily prioritize, investigate and respond to alerts across different threat vectors
Features and Benefits:
| Product Feature | Benefit | FireEye Network Security |
|---|---|---|
| Detect advanced, targeted and evasive threats traditional security solutions miss | ||
| Signature-less threat detection (MVX service) | Detects multi-flow, multi-stage, zero-day, polymorphic, ransomware and other advanced attacks | |
| Real-time and retroactive detection | Detects known and unknown threats in real time while also enabling back-in-time detection of threats | |
| Multi-vector correlation | Automates validation and blocking of attacks across multiple vectors | Email (on-premise or cloud), file and endpoint |
| Multi-OS, multi-file and multi-application Support | Supports heterogeneous endpoint environments for a wide range of applications | |
| Hardened hypervisor | Provides evasion proofing | |
| Rapidly respond and contain the impact of intrusions | ||
| Real-time inline blocking | Immediately stops attacks | |
| Signature-based IPS Detection | Automates and accelerates triaging of traditionally noisy alerts to eliminate overhead | |
| Riskware Detection | Categorizes critical and non-critical malware to prioritize response resources | |
| Integrated security workflows | Pivots from detection to investigation and response | Endpoint Forensics Enterprise Forensics |
| Actionable contextual intelligence | Accelerates containment of advanced threat with in-depth information about the attack and attacker | |
| High Availability (HA) | Provides resilient defense | |
| Continually adapt to the evolving threat landscape | ||
| Real-time threat intelligence sharing | Globally-shares real evidence to immediately block previously unknown attacks and accelerate response | |
| Custom and third-party threat intelligence (STIX)* | Allows ingestion of non-FireEye indicators into the intelligence-driven analytics engines | |
| Strategic threat intelligence | Enables a proactive assessment of threat landscape changes and empowers a lean-forward security posture | |
* Only supported on fourth-generation (NX x4xx) and newer appliances configured in the integrated mode.
| Capabilities | Benefit |
|---|---|
| Detection | |
| Accurate detection of advanced, targeted and other evasive cyber attacks | Minimizes risk of costly cyber breaches |
| Extensible, modular security architecture | Provides investment protection |
| Consistent level of protection for multi-OS environments and all Internet access points | Creates a strong defense across the entire organization for all types of devices |
| Integrated, distributed, physical, virtual, on-premise and cloud deployment options | Offers flexibility to align with organizational preferences and resources |
| Multi-vector correlation with Email and Content Security | Provides visibility across wider attack surface |
| Prevention | |
| Immediate blocking of attacks at line rates from 10 Mbps to 8 Gbps | Gives real-time protection against evasive attacks |
| Response | |
| Low rate of false alerts, riskware categorization and automated IPS alert validation | Globally-shares real evidence to immediately block previously unknown attacks and accelerate response |
| Pivot to investigation and alert validation, endpoint containment and incident response | Automates and simplifies security workflows |
| Execution evidence and actionable threat intelligence with contextual insight | Accelerates prioritization and resolution of detected security incidents |
| Scalability from one site to thousands of sites | Supports business growth |
Technical Advantages:
Accurate Threat Detection
FireEye Network Security uses multiple analysis techniques to detect attacks with high accuracy and a low rate of false alerts:
- Multi-Vector Virtual Execution (MVX) engine detects zero-day, multi-flow and other evasive attacks with dynamic, signature-less analysis in a safe, virtual environment. It stops infection and compromise phases of the cyber-attack kill chain by identifying never-before-seen exploits and malware.
- Intelligence-Driven Analysis (IDA) engines detect and block obfuscated, targeted and other customized attacks with contextual, rule-based analysis from real-time insights gathered on the front lines from millions of MVX verdicts, thousands of hours of incident response experience gathered by Mandiant, a FireEye company and hundreds of iSight threat researchers. It stops infection, compromise and intrusion phases of the cyber-attack kill chain by identifying malicious exploits, malware and command and control (CnC) callbacks. It also extracts and submits suspicious network traffic to the MVX engine for a definitive verdict analysis.
- Structured Threat Intelligence eXpression (STIX) allows the ingestion of third-party threat intelligence using an industry-standard format to add custom threat indicators into the IDA engines.
Immediate and Resilient Protection
FireEye Network Security offers flexible configuration modes including:
- Out-of-band monitoring via a TAP/SPAN, inline monitoring or inline active blocking. Inline blocking mode automatically blocks inbound exploits and malware and outbound multi-protocol callbacks. In inline monitoring mode, alerts are generated and organizations decide how to respond to them. In out-of-band prevention mode, FireEye Network Security issues TCP resets for out-of-band blocking of TCP, UDP or HTTP connections.
- Integration with the FireEye Active Fail Open (AFO) switch to ensure no network interruption.
- Selected models offer an active high availability (HA) option to provide resilience in case of network or device failures.
Wide Attack Surface Coverage
FireEye Network Security delivers a consistent level of protection for today’s diverse network environments:
- Support for most common Microsoft Windows and Apple Mac OS X operating systems
- Analysis of over 140 different file types, including portable executables (PEs), web content, archives, images, Java, Microsoft and Adobe applications and multimedia
- Execution of suspicious network traffic against thousands of operating system, service pack, application type and application version combinations
Validated and Prioritized Alerts
In addition to detecting genuine attacks, FireEye MVX technology is also used to determine the reliability of alerts detected by conventional signature-matching methods and to identify and prioritize critical threats:
- Intrusion prevention system (IPS) with MVX engine validation reduces the time required to triage signature-based detection that is traditionally prone to false alerts
- Riskware categorization separates genuine breach attempts from undesirable, but less malicious activity (such as adware and spyware) to prioritize alert response
Actionable Threat Insights
Alerts generated by FireEye Network Security include concrete evidence and contextual intelligence to quickly respond to, prioritize and contain a threat:
- Dynamic Threat Intelligence (DTI): concrete, real-time, globally-shared data to quickly and proactively stop targeted and newly discovered attacks
- Advanced Threat Intelligence (ATI): contextual insights about the attack to accelerate response and prescriptive guidance to contain the threat
Response Workflow Integration
FireEye Network Security can be augmented in several ways to automate alert response workflows:
- FireEye Central Management correlates alerts from both FireEye Network Security and FireEye Email Security for a broader view of an attack and to set blocking rules that prevent the attack from spreading further
- FireEye Network Forensics integrates with FireEye Network Security to provide detailed packet captures associated with an alert and enable in-depth investigations
- FireEye Endpoint Security identifies, validates and contains compromises detected by FireEye Network Security to simplify containment and remediation of affected endpoints
Flexible Deployment Options
FireEye Network Security offers various deployment options to match an organization’s needs and budget:
- Integrated Network Security: standalone, all-in-one hardware appliance with integrated MVX service to secure an Internet access point at a single site. FireEye Network Security is an easy-to-manage, clientless platform that deploys in under 60 minutes. It doesn’t require rules, policies or tuning.
- Distributed Network Security: extensible appliances with centrally shared MVX service to secure Internet access points within organizations
- Network Smart Node: physical or virtual appliances that analyze Internet traffic to detect and block malicious traffic and submit suspicious activity over an encrypted connection to the MVX service for definitive verdict analysis
- MVX Smart Grid: on-premise, centrally located, elastic MVX service that offers transparent scalability, built-in N+1 fault tolerance and automated load balancing
- FireEye Cloud MVX: FireEye-hosted MVX service subscription that ensures privacy by analyzing traffic on the Network Smart Node. Only suspicious objects are sent over an encrypted connection to the MVX service, where objects revealed as benign are discarded.
Distributed deployment models for Network Security
Modular components of FireEye Network Security
Extensible Architecture
FireEye Network Smart Nodes feature a modular and extensible software architecture and system design to deliver multiple threat protection capabilities as software modules.
High Performance and Scalability
FireEye Network Security protects Internet access points at line rate with performance options for a wide variety of branch and central office sizes:
The MVX Smart Grid and FireEye Cloud MVX scalable architecture allows the MVX service to support one Network Smart Node to thousands and scale seamlessly as needed.
| Form Factor | Performance |
|---|---|
| Integrated Network Security | 50 Mbps to 4 Gbps |
| Physical Network Smart Node | 50 Mbps to 10 Gbps |
| Virtual Network Smart Node | 50 Mbps to 1 Gbps |
Business Benefits
Designed to meet the needs of single-site and distributed multi-site organizations, FireEye Network Security delivers several benefits:
Minimizes Risk of Cyber Breaches
FireEye Network Security is a highly-effective cyber defense solution that:
- Prevents intruders from breaking into an organization to steal valuable assets or disrupt business by stopping advanced, targeted and other evasive attacks
- Stops attacks and contains intrusions faster with concrete evidence, actionable intelligence, inline blocking and response workflow automation
- Eliminates weak points from an organization’s cyber defenses with consistent protection for various operating systems, application types, branches and central sites
Short Payback Period
According to a recent Forrester Consulting study1 , FireEye Network Security customers can expect a 152% ROI savings over three years and payback on their initial investment in just 9.7 months. FireEye Network Security:
- Focuses security team resources on real attacks to reduce operational expenses
- Optimizes capital spend with a shared MVX service and a large variety of performance points to rightsize deployment to meet requirements
- Future-proofs security investment by scaling smoothly when the number of branches or the amount of Internet traffic grows
- Protects existing investments by allowing costfree migration from an integrated to a distributed deployment
- Reduces future capital outlay with modular and extensible architecture
Awards and Certifications
The FireEye Network Security product portfolio has been awarded a number of industry and government awards and certifications:
- In 2016, Frost & Sullivan recognized FireEye as the undisputed market leader with 56% market share, more than the next ten competitors combined2
- FireEye Network Security has been a recipient of numerous awards from SANS Institute, SC Magazine, CRN and others
- FireEye Network Security was the first security solution on the market to receive the US Department of Homeland Security SAFETY Act Certification
1 Forrester (May 2016). The Total Economic Impact of FireEye.
2 Frost & Sullivan (October 2016). Network Security Sandbox Market Analysis
Technical Specifications:
| Integrated Appliance | NX 2500 | NX 2550 | NX 3500 | NX 4500 | NX 5500 | NX 10450 | NX 10550 |
|---|---|---|---|---|---|---|---|
| Physical Specifications | |||||||
| OS Support | Microsoft Windows Mac OS X |
Microsoft Windows Mac OS X |
Microsoft Windows Mac OS X |
Microsoft Windows Mac OS X |
Microsoft Windows Mac OS X |
Microsoft Windows | Microsoft Windows Mac OS X |
| Performance* | Up to 50 Mbps or 100 Mbps | Up to 250 Mbps | Up to 500 Mbps | Up to 1 Gbps | Up to 2.5 Gbps | Up to 4Gbps | Up to 4Gbps |
| Network Monitoring Ports | 4x 10/100/1000 BASE-T Ports (in front panel) | 4x 10GigE SFP+ 4x 1GigE Bypass | 4x 10GigE SFP+ 4x 1GigE Bypass | 8x 10GigE SFP+ 4x 1GigE Bypass | 8x 10GigE SFP+ 4x 1GigE Bypass | 8 x SFP+ (4 x 1000base and 4 x 10Gbase), 1000baseSX/ 10GbaseSR (LC, MMF), 1000baseLX/ 10GbaseLR (LC SMF), 1000baseT (RJ45, UTP5), 10GbaseCu (5m direct-attached cable) | |
| Network Ports Mode of Operation | In-line Monitor, FailOpen, Fail- Close (HW Bypass) or TAP/SPAN | In-line Monitor, FailOpen, Fail- Close (HW Bypass) or TAP/SPAN | In-line Monitor, FailOpen, Fail- Close (HW Bypass) or TAP/SPAN | In-line Monitor, FailOpen, Fail- Close (HW Bypass) or TAP/SPAN | In-line Monitor, FailOpen, Fail- Close (HW Bypass) or TAP/SPAN | In-line Monitor, or Tap/Span | In-line Monitor, or Tap/Span |
| High Availability (HA) | Not Available | Not Available | Not Available | Not Available | Not Available | Active-Passive HA | Active-Passive HA |
| High Availability (HA) Ports (rear panel) | Not Available | Not Available | Not Available | Not Available | 2x 100/1000/10G Base-T Ports | 2x 100/1000/10G Base-T Ports | 2x 100/1000/10G Base-T Ports |
| Management Ports (rear panel) | 2x 10/100/1000 BASE- T Ports (in front panel) | 2x 10/100/1000 BASE- T Ports | 2x 10/100/1000 BASE- T Ports | 2x 10/100/1000 BASE- T Ports | 2x 10/100/1000 BASE- T Ports | 2x 10/100/1000 BASE- T Ports | 2x 10/100/1000 BASE- T Ports |
| IPMI Port (rear panel) | Included | Included | Included | Included | Included | Included | Included |
| Front LCD & Keypad | Not Available | Not Available | Not Available | Not Available | Not Available | Included | Included |
| VGA Port | No | Yes | Yes | Yes | Yes | Yes | Yes |
| USB Ports | 2x Type A USB Ports (front panel) | 4x Type A USB Ports 2 front, 2 rear | 4x Type A USB Ports 2 front, 2 rear | 4x Type A USB Ports 2 front, 2 rear | 4x Type A USB Ports 2 front, 2 rear | 2x Type A USB Ports | 2x Type A USB Ports |
| Serial Port (rear panel) | 115,200 bps, No Parity, 8 bits, 1 Stop Bit (RJ45 connector RJ45-to-Dsub adapter cable is included) | 115,200 bps, No Parity, 8 bits, 1 Stop Bit | 115,200 bps, No Parity, 8 bits, 1 Stop Bit | 115,200 bps, No Parity, 8 bits, 1 Stop Bit | 115,200 bps, No Parity, 8 bits, 1 Stop Bit | 115,200 bps, No Parity, 8 bits, 1 Stop Bit | 115,200 bps, No Parity, 8 bits, 1 Stop Bit |
| Drive Capacity | Single 1TB 3.5 inch, SATA HDD, internal, fixed | 2 x 4TB HDD, 3.5”, SAS3, 7.2krpm, FRU RAID1 | 2 x 4TB HDD, 3.5”, SAS3, 7.2krpm, FRU RAID1 | 2 x 4TB HDD, 3.5”, SAS3, 7.2krpm, FRU RAID1 | 2 x 4TB HDD, 3.5”, SAS3, 7.2krpm, FRU RAID1 | 4x 800 GB SSD, 2.5 inch, SATA, FRU RAID10 | 4x 960 GB SSD, 2.5 inch, SATA, FRU RAID10 |
| Enclosure | 1RU, Fits 19-inch Rack | 1RU, Fits 19-inch Rack | 2RU, Fits 19 inch Rack | 2RU, Fits 19 inch Rack | 2RU, Fits 19 inch Rack | 2RU, Fits 19 inch Rack | 2RU, Fits 19 inch Rack |
| Chassis Dimension WxDxH | 17.2in(437mm) x 19.7in(500mm) x 1.7in(43.2 mm) | 17.2in(437mm) x 25.6in(650mm) x 1.7in(43.2mm) | 17.24in(438mm) x 24.41in(620mm) x 3.48in (88.4mm) | 17.24in(438mm) x 24.41in(620mm) x 3.48in (88.4mm) | 17.24in(438mm) x 24.41in(620mm) x 3.48in (88.4mm) | 17.2in(437mm) x 27.9in(709mm) x 3.5in(89mm) | 17.2in(437mm) x 33.5in(851mm) x 3.5in(89mm) |
| AC Power Supply | Single 250 watt, 90-264 VAC, 3.5 - 1.5 A, 50-60 Hz, IEC60320-C14, inlet, Internal, Fixed | Redundant (1+1) 750 watt, 100 - 240 VAC 9.0 - 4.5A, 50-60 Hz IEC60320-C14 inlet, FRU | Redundant (1+1) 800 watt, 100 - 240 VAC 10.5 – 4.0A, 50-60 Hz IEC60320-C14 inlet, FRU | Redundant (1+1) 800 watt, 100 - 240 VAC 10.5 – 4.0A, 50-60 Hz IEC60320-C14 inlet, FRU | Redundant (1+1) 800 watt, 100 - 240 VAC 10.5 – 4.0A, 50-60 Hz IEC60320-C14 inlet, FRU | Redundant (1+1) 1200 watt, 100-140 VAC, 14.7 - 10.5 A 1400 watt, 180-240 VAC, 9.5 - 7.2 A, 50-60 Hz, FRU IEC60320-C14 inlet, FRU | Redundant (1+1) 800W: 100-127V, 9.8A-7A 1000W: 220-240V, 7-5A, 50-60Hz, FRU IEC60320-C14 inlet, (In Process) FRU |
| Power Consumption Maximum (watts) | 85 watts | 265 watts | 426 watts | 519 watts | 658 watts | 850 watts | 760 watts |
| Thermal Dissipation Maximum (BTU/h) | 290 BTU/h | 904 BTU/h | 1,454 BTU/hr | 1,771 BTU/h | 2,245 BTU/h | 2,908 BTU/h | 2,594 BTU/h |
| MTBF (h) | 56,400 h | 54,200 h | 65,466 h | 57,766 h | 52,802 h | 40,275 h | 36,101 h |
| Appliance Alone / As Shipped Weight lb. (kg) | 16.2 lb (7.3 kg) / 28.2 lb (2.95 kg) | 29.8 lbs (13.5 Kg) / 40.8 lbs (18.5 Kg) | 37.4 lbs (17.0 Kg) / 58.6 lbs (26.6 kg) | 42.4 lbs (19.2 Kg) / 63.5 lbs (28.8 kg) | 42.7 lbs (19.2 Kg) / 63.8 lbs (29.0 kg) | 51 lb. (23 kg) / 66 lb. (30 kg) | 46 lb (21 kg) / 90 lb (40.2 kg) |
| Regulatory Compliance Safety | IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
| Security Certifications | FIPS 140-2 Level 1 CC NDPP v1.1 |
FIPS 140-2 Level 1 CC NDPP v1.1 |
FIPS 140-2 Level 1 CC NDPP v1.1 |
FIPS 140-2 Level 1 CC NDPP v1.1 |
FIPS 140-2 Level 1 CC NDPP v1.1 |
FIPS 140-2 Level 1 CC NDPP v1.1 |
FIPS 140-2 Level 1 CC NDPP v1.1 (In Process) |
| Regulatory Compliance EMC | FCC Part 15, ICES-003 Class A, AS/NZS CISPR 22, CISPR 32, EN 55032, EN 55024, IEC/EN 61000-3-2, IEC/EN 61000-3-3, IEC/EN 61000-4-2, V-2/2015 &V-3/2015 | ||||||
| Environmental Compliance | RoHS Directive, 2011/65/EU, REACH, WEEE Directive, 2012/19/EU | ||||||
| Operating Temperature | 0 ~ 40°C 32 ~ 104°F |
0 ~ 35°C 32 ~ 95°F |
0 ~ 35°C 32 ~ 95°F |
0 ~ 35°C 32 ~ 95°F |
0 ~ 35°C 32 ~ 95°F |
10 ~ 35°C 50 ~ 95°F |
10 ~ 35°C 50 ~ 95°F |
| Non-Operating Temperature | -20 ~ 80°C -4 ~ 176°F |
-40 ~ 70°C -40 ~ 158°F |
-40 ~ 70°C -40 ~ 158°F |
-40 ~ 70°C -40 ~ 158°F |
-40 ~ 70°C -40 ~ 158°F |
-40 ~ 70°C -40 ~ 158°F |
-40 ~ 70°C -40 ~ 158°F |
| Operating Relative Humidity | 5% - 85% non-condensing | 10 ~ 95% @ 40° C, non-condensing | 10 ~ 95% @ 40° C, non-condensing | 10 ~ 95% @ 40° C, non-condensing | 10 ~ 95% @ 40° C, non-condensing | 10% - 85% non-condensing | 10% - 85% non-condensing |
| Non-Operating Relative Humidity | 5% - 95% non-condensing | 10 ~ 95% @ 60° C, non-condensing | 10 ~ 95% @ 60° C, non-condensing | 10 ~ 95% @ 60° C, non-condensing | 10 ~ 95% @ 60° C, non-condensing | 5% - 95% non-condensing | 5% - 95% non-condensing |
| Operating Altitude | 3,000 m 9,842 ft |
3,000 m 9,842 ft |
3,000 m 9,842 ft |
3,000 m 9,842 ft |
3,000 m 9,842 ft |
3,000 m 9,842 ft |
3,000 m 9,842 ft |
| IPS Performance | |||||||
| Max IPS Performance | Up to 50 Mbps or 100 Mbps | Up to 250 Mbps | Up to 500 Mbps | Up to 1 Gbps | Up to 2.5 Gbps | Up to 4 Gbps | Up to 4 Gbps |
| Max Concurrent Connections | 15K or 80K | 80K | 160K | 500K | 1M | 2M | 2M |
| New Connections Per Second | 750/Sec or 4K/Sec | 4K/Sec | 8K/Sec | 10K/Sec | 20K/Sec | 40K/Sec | 40K/Sec |
| Smart Node | NX 2500 | NX 2550 | NX 3500 | NX 4500 | NX 5500 | NX 10450 | NX 10550 |
| Physical Specifications | |||||||
| OS Support | Microsoft Windows Mac OS X |
Microsoft Windows Mac OS X |
Microsoft Windows Mac OS X |
Microsoft Windows Mac OS X |
Microsoft Windows Mac OS X |
Microsoft Windows | Microsoft Windows Mac OS X |
| Performance | Up to 100 Mbps or 250 Mbps | Up to 500 Mbps | Up to 1 Gbps | Up to 2 Gbps | Up to 5 Gbps | Up to 10 Gbps | Up to 10 Gbps |
| Network Monitoring Ports | 4x 10/100/1000 BASE-T Ports (in front panel) | 4x 10GigE SFP+ 4x 1GigE Bypass |
4x 10GigE SFP+ 4x 1GigE Bypass |
8x 10GigE SFP+ 4x 1GigE Bypass |
8x 10GigE SFP+ 4x 1GigE Bypass |
8 x SFP+ (4 x 1000base and 4 x 10Gbase), 1000baseSX/ 10GbaseSR (LC, MMF), 1000baseLX/ 10GbaseLR (LC SMF), 1000baseT (RJ45, UTP5), 10GbaseCu (5m direct-attached cable) | 8 x SFP+ (4 x 1000base and 4 x 10Gbase), 1000baseSX/ 10GbaseSR (LC, MMF), 1000baseLX/ 10GbaseLR (LC, SMF), 1000baseT (RJ45, UTP5), 10GbaseCu (5m direct-attached cable) |
| Network Ports Mode of Operation | In-line Monitor, FailOpen, Fail- Close (HW Bypass) or TAP/SPAN | In-line Monitor, FailOpen, Fail- Close (HW Bypass) or TAP/SPAN | In-line Monitor, FailOpen, Fail- Close (HW Bypass) or TAP/SPAN | In-line Monitor, FailOpen, Fail- Close (HW Bypass) or TAP/SPAN | In-line Monitor, FailOpen, Fail- Close (HW Bypass) or TAP/SPAN | In-line Monitor or TAP/SPAN | In-line Monitor or TAP/SPAN |
| High Availability (HA) | Not Available | Not Available | Not Available | Not Available | Not Available | Active-Passive HA | Active-Passive HA |
| High Availability (HA) Ports (rear panel) | Not Available | Not Available | Not Available | Not Available | Not Available | 2x 100/1000/10G Base-T Ports | 2x 100/1000/10G Base-T Ports |
| Management Ports (rear panel) | 4x 10/100/1000 BASE- T Ports (in front panel) | 2x 10/100/1000 BASE- T Ports | 2x 10/100/1000 BASE- T Ports | 2x 10/100/1000 BASE- T Ports | 2x 10/100/1000 BASE- T Ports | 2x 10/100/1000 BASE- T Ports | 2x 10/100/1000 BASE- T Ports |
| IPMI Port (rear panel) | Rear Panel | Included | Included | Included | Included | Included | Included |
| Front LCD & Keypad | Not Available | Not Available | Not Available | Not Available | Not Available | Included | Included |
| VGA Port | Not Available | Yes | Yes | Yes | Yes | Yes | Yes |
| USB Ports | 2x Type A USB Ports (front panel) | 4x Type A USB Ports 2 front, 2 rear | 4x Type A USB Ports 2 front, 2 rear | 4x Type A USB Ports 2 front, 2 rear | 4x Type A USB Ports 2 front, 2 rear | 4x Type A USB Ports 2 front, 2 rear | 4x Type A USB Ports 2 front, 2 rear |
| Serial Port (rear panel) | 115,200 bps, No Parity, 8 bits, 1 Stop Bit (RJ45 connector RJ45-to-Dsub adapter cable is included) | 115,200 bps, No Parity, 8 bits, 1 Stop Bit | 115,200 bps, No Parity, 8 bits, 1 Stop Bit | 115,200 bps, No Parity, 8 bits, 1 Stop Bit | 115,200 bps, No Parity, 8 bits, 1 Stop Bit | 115,200 bps, No Parity, 8 bits, 1 Stop Bit | 115,200 bps, No Parity, 8 bits, 1 Stop Bit |
| Drive Capacity | Single 1TB 3.5 inch SATA HDD, internal, fixed | 2 x 4TB HDD, 3.5”, SAS3, 7.2krpm, FRU RAID1 | 2 x 4TB HDD, 3.5”, SAS3, 7.2krpm, FRU RAID1 | 2 x 4TB HDD, 3.5”, SAS3, 7.2krpm, FRU RAID1 | 2 x 4TB HDD, 3.5”, SAS3, 7.2krpm, FRU RAID1 | 4x 800 GB SSD, 2.5 inch, SATA, FRU RAID10 | 4x 960 GB SSD, 2.5 inch, SATA, FRU RAID10 |
| Enclosure | 1RU, Fits 19 inch Rack | 1RU, Fits 19 inch Rack | 2RU, Fits 19 inch Rack | 2RU, Fits 19 inch Rack | 2RU, Fits 19 inch Rack | 2RU, Fits 19 inch Rack | 2RU, Fits 19 inch Rack |
| Chassis Dimension WxDxH | 17.2in(437mm) x 19.7in(500mm) x 1.7in(43.2mm) | 17.2in(437mm) x 25.6in(650mm) x 1.7in(43.2mm) | 17.24in(438mm) x 24.41in(620mm) x 3.48in (88.4mm) | 17.24in(438mm) x 24.41in(620mm) x 3.48in (88.4mm) | 17.24in(438mm) x 24.41in(620mm) x 3.48in (88.4mm) | 17.2in(437mm) x 27.9in(709mm) x 3.5in(89 mm) | 17.2in(437mm) x 33.5in(851mm) x 3.5in(89 mm) |
| AC Power Supply | Single 250 watt, 90-264 VAC, 3.5 - 1.5 A, 50-60 Hz, IEC60320-C14, inlet, Internal, Fixed | Redundant (1+1) 750 watt, 100 - 240 VAC 9 – 4.5A, 50-60 Hz IEC60320-C14 inlet, FRU | Redundant (1+1) 800 watt, 100 - 240 VAC 10.5 – 4.0A, 50-60 Hz IEC60320-C14 inlet, FRU | Redundant (1+1) 800 watt, 100 - 240 VAC 10.5 – 4.0A, 50-60 Hz IEC60320-C14 inlet, FRU | Redundant (1+1) 800 watt, 100 - 240 VAC 10.5 – 4.0A, 50-60 Hz IEC60320-C14 inlet, FRU | Redundant (1+1) 800W: 100-127V, 9.8A-7A 1000W: 220-240V, 7-5A, 50-60Hz, FRU IEC60320-C14 inlet, FRU | Redundant (1+1) 800W: 100-127V, 9.8A-7A 1000W: 220-240V, 7-5A, 50-60Hz, FRU IEC60320-C14 inlet, FRU |
| Power Consumption Maximum (watts) | 85 watts | 265 watts | 426 watts | 519 watts | 658 watts | 850 watts | 760 watts |
| Thermal Dissipation Maximum (BTU/h) | 290 BTU/h | 904 BTU/h | 1,454 BTU/hr | 1,771 BTU/h | 2,245 BTU/h | 2,908 BTU/h | 2,594 BTU/h |
| MTBF (h) | 56,400 h | 54,200 h | 65,466 h | 57,766 h | 52,802 h | 40,275 h | 36,101 h |
| Appliance Alone / As Shipped Weight lb. (kg) | 16.2 lb (7.3 kg) / 28.2 lb (2.95 kg) | 29.8 lbs (13.5 Kg) / 40.8 lbs (18.5 Kg) | 37.4 lbs (17.0 Kg) / 58.6 lbs (26.6 kg) | 42.4 lbs (19.2 Kg) / 63.5 lbs (28.8 kg) | 42.7 lbs (19.2 Kg) / 63.8 lbs (29.0 kg) | 51 lb. (23 kg) / 66 lb. (30 kg) | 46 lb (21 kg) / 90 lb (40.2 kg) |
| Regulatory Compliance Safety | IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
IEC 60950 EN 60950-1 UL 60950 CSA/CAN-C22.2 |
| Security Certifications | FIPS 140-2 Level 1 CC NDPP v1.1 |
FIPS 140-2 Level 1 CC NDPP v1.1 |
FIPS 140-2 Level 1 CC NDPP v1.1 |
FIPS 140-2 Level 1 CC NDPP v1.1 |
FIPS 140-2 Level 1 CC NDPP v1.1 |
FIPS 140-2 Level 1 CC NDPP v1.1 |
FIPS 140-2 Level 1 CC NDPP v1.1 (In Process) |
| Regulatory Compliance EMC | FCC Part 15, ICES-003 Class A, AS/NZS CISPR 22, CISPR 32, EN 55032, EN 55024, IEC/EN 61000-3-2, IEC/EN 61000-3-3, IEC/EN 61000-4-2, V-2/2015 &V-3/2015 | ||||||
| Environmental Compliance | RoHS Directive, 2011/65/EU, REACH, WEEE Directive, 2012/19/EU | ||||||
| Operating Temperature | 0 ~ 40°C 32 ~ 104°F |
0 ~ 35°C 32 ~ 95°F |
0 ~ 35°C 32 ~ 95°F |
0 ~ 35°C 32 ~ 95°F |
0 ~ 35°C 32 ~ 95°F |
10 ~ 35°C 50 ~ 95°F |
10 ~ 35°C 50 ~ 95°F |
| Non-Operating Temperature | -20 ~ 80°C -4 ~ 176°F |
-40 ~ 70°C -40 ~ 158°F |
-40 ~ 70°C -40 ~ 158°F |
-40 ~ 70°C -40 ~ 158°F |
-40 ~ 70°C -40 ~ 158°F |
-40 ~ 70°C -40 ~ 158°F |
-40 ~ 70°C -40 ~ 158°F |
| Operating Relative Humidity | 5% - 85% non-condensing | 10 ~ 95% @ 40° C, non-condensing | 10 ~ 95% @ 40° C, non-condensing | 10 ~ 95% @ 40° C, non-condensing | 10 ~ 95% @ 40° C, non-condensing | 10% - 85% non-condensing | 10% - 85% non-condensing |
| Non-Operating Relative Humidity | 5% - 95% non-condensing | 10 ~ 95% @ 60° C, non-condensing | 10 ~ 95% @ 60° C, non-condensing | 10 ~ 95% @ 60° C, non-condensing | 10 ~ 95% @ 60° C, non-condensing | 5% - 95% non-condensing | 5% - 95% non-condensing |
| Operating Altitude | 3,000 m 9,842 ft |
3,000 m 9,842 ft |
3,000 m 9,842 ft |
3,000 m 9,842 ft |
3,000 m 9,842 ft |
3,000 m 9,842 ft |
3,000 m 9,842 ft |
| IPS Performance | |||||||
| Max IPS Performance | Up to 100 /250 Mbps | Up to 500 Mbps | Up to 1 Gbps | Up to 2 Gbps | Up to 5 Gbps | Up to 8 Gbps | Up to 10 Gbps |
| Max Concurrent Connections | 80K | 160K | 500K | 1M | 2M | 4M | 4M |
| New Connections Per Second | 4K/Sec | 8K/Sec | 10K/Sec | 20K/Sec | 40K/Sec | 80K/Sec | 80K/Sec |
Note: All performance values vary depending on the system configuration and traffic profile being processed.
Documentation:
Download the FireEye Network Security - NX Series Datasheet (PDF).
Pricing Notes:
- Pricing and product availability subject to change without notice.
FireEye Products
FireEye NX Series