Network Forensic Solutions
FireEye PX (Packet Capture)
FireEye PX appliance has the ability of continuous, lossless packet capture with time stamping at recording speeds up to 20 Gbps. It can do real-time indexing of all captured packets using time stamp and connection attributes; ultrafast search and retrieval of target connections and packets using patented indexing architecture; web-based, drill-down GUI for search and inspection of packets, connections and sessions. It also supports session decoder to view and search web, email, FTP, DNS, chat, SSL connection details and file attachments. Selective filtering of captured traffic to eliminate streaming video, large file transfers, encrypted payloads, etc. Automated processes to identify data theft, using proprietary algorithms to diagnose potentially anomalous network behavior.
FireEye IA (Investigation Analysis)
The FireEye Investigation Analysis System reveals hidden threats and accelerates incident response by adding a centralized workbench with an easy-to-use analytical interface to FireEye Network Forensics, the industry’s fastest, lossless network data capture and retrieval solution. The combination of high-performance packet capture and in-depth analytics provides a powerful complement to comprehensive FireEye threat prevention and detection capabilities.