FireEye Network Security - ThreatProtectWorks

2y ago
48 Views
2 Downloads
909.41 KB
12 Pages
Last View : 2d ago
Last Download : 2m ago
Upload by : Aydin Oneil
Transcription

1DATA SHEET FIREEYE NETWORK SECURITYdata sheetFireEye Network SecurityEffective protection against cyber breachesfor midsize to large organizationsOverviewFireEye Network Security is an effective cyberthreat protection solution that helps organizationsminimize the risk of costly breaches by accuratelydetecting and immediately stopping advanced,targeted and other evasive attacks hiding inInternet traffic. It facilitates efficient resolution ofdetected security incidents in minutes with concreteevidence, actionable intelligence and responseworkflow integration. With FireEye Network Security,organizations are effectively protected against today’sthreats whether they exploit Microsoft Windows,Apple OS X operating systems, or applicationvulnerabilities; are directed at the headquarters orbranch offices; or are hidden in a large volume ofinbound Internet traffic that has to be inspected inreal time.At the core of FireEye Network Security arethe Multi-Vector Virtual Execution (MVX) andIntelligence-Driven Analysis (IDA) technologies.MVX is a signature-less, dynamic analysis enginethat inspects suspicious network traffic to identifyattacks that evade traditional signature- and policybased defenses. IDA is a collection of contextual,dynamic rules engines that detects and blocksmalicious activity in real-time and retroactively,based on the latest machine-, attacker- and victimintelligence. FireEye Network Security also includesintrusion prevention system (IPS) technology todetect common attacks using conventional signaturematching.FireEye Network Security is available in a variety ofform factors, deployment and performance options.It is typically placed in the path of Internet trafficbehind traditional network security appliancessuch as next-generation firewalls, IPS and secureweb gateways (SWG). FireEye Network Securitysupplements these solutions by rapidly detectingboth known and unknown attacks with high accuracyand a low rate of false positives, while facilitating anefficient response to each alert.Figure 1. Typical configuration — Network Security solutions.UsersFireEye Network SecurityFirewall, IPS, SWGInternet

DATA SHEET FIREEYE NETWORK SECURITY2CapabilitiesBenefitsDetectionAccurate detection ofadvanced, targeted andother evasive cyber attacksMinimizes risk of costly cyberbreachesExtensible, modular securityarchitectureProvides investmentprotectionConsistent level ofprotection for multi-OSenvironments and allInternet access pointsCreates a strong defenseacross the entire organizationfor all types of devicesIntegrated, distributed,physical, virtual, on-premiseand cloud deploymentoptionsOffers flexibility to align withorganizational preferencesand resourcesMulti-vector correlationwith Email and ContentSecurityProvides visibility across widerattack surfacePreventionImmediate blocking ofattacks at line rates from 10Mbps to 8 GbpsGives real-time protectionagainst evasive attacksResponseLow rate of false alerts,riskware categorizationand automated IPS alertvalidationReduces operational cost oftriaging unreliable alertsPivot to investigation andalert validation, endpointcontainment and incidentresponseAutomates and simplifiessecurity workflowsExecution evidenceand actionable threatintelligence with contextualinsightAccelerates prioritizationand resolution of detectedsecurity incidentsScalability from one site tothousands of sitesSupports business growthTechnical AdvantagesAccurate Threat DetectionFireEye Network Security uses multiple analysistechniques to detect attacks with high accuracy and alow rate of false alerts: Multi-Vector Virtual Execution (MVX) enginedetects zero-day, multi-flow and other evasiveattacks with dynamic, signature-less analysis ina safe, virtual environment. It stops infection andcompromise phases of the cyber-attack kill chainby identifying never-before-seen exploits andmalware. Intelligence-Driven Analysis (IDA) enginesdetect and block obfuscated, targeted andother customized attacks with contextual,rule-based analysis from real-time insightsgathered on the front lines from millions ofMVX verdicts, thousands of hours of incidentresponse experience gathered by Mandiant, aFireEye company and hundreds of iSight threatresearchers. It stops infection, compromise andintrusion phases of the cyber-attack kill chainby identifying malicious exploits, malware andcommand and control (CnC) callbacks. It alsoextracts and submits suspicious network traffic tothe MVX engine for a definitive verdict analysis. Structured Threat Intelligence eXpression(STIX) allows the ingestion of third-party threatintelligence using an industry-standard formatto add custom threat indicators into the IDAengines.Immediate and Resilient ProtectionFireEye Network Security offers flexible configurationmodes including: Out-of-band monitoring via a TAP/SPAN,inline monitoring or inline active blocking.Inline blocking mode automatically blocksinbound exploits and malware and outboundmulti-protocol callbacks. In inline monitoringmode, alerts are generated and organizationsdecide how to respond to them. In out-of-bandprevention mode, FireEye Network Securityissues TCP resets for out-of-band blocking ofTCP, UDP or HTTP connections. Integration with the FireEye Active Fail Open(AFO) switch to ensure no network interruption. Selected models offer an active high availability(HA) option to provide resilience in case of networkor device failures.Wide Attack Surface CoverageFireEye Network Security delivers a consistent level ofprotection for today’s diverse network environments: Support for most common Microsoft Windowsand Apple Mac OS X operating systems Analysis of over 140 different file types, includingportable executables (PEs), web content,archives, images, Java, Microsoft and Adobeapplications and multimedia Execution of suspicious network traffic againstthousands of operating system, service pack,application type and application versioncombinationsValidated and Prioritized AlertsIn addition to detecting genuine attacks, FireEye MVXtechnology is also used to determine the reliability ofalerts detected by conventional signature-matchingmethods and to identify and prioritize critical threats: Intrusion prevention system (IPS) with MVXengine validation reduces the time requiredto triage signature-based detection that istraditionally prone to false alerts Riskware categorization separates genuine breachattempts from undesirable, but less maliciousactivity (such as adware and spyware) toprioritize alert response

DATA SHEET FIREEYE NETWORK SECURITYActionable Threat Insights Distributed Network Security: extensibleAlerts generated by FireEye Network Security includeconcrete evidence and contextual intelligence toquickly respond to, prioritize and contain a threat:appliances with centrally shared MVX serviceto secure Internet access points withinorganizations Dynamic Threat Intelligence (DTI): concrete,–– Network Smart Node: physical or virtualreal-time, globally-shared data to quickly andproactively stop targeted and newly discoveredattacks Advanced Threat Intelligence (ATI): contextualinsights about the attack to accelerate responseand prescriptive guidance to contain the threatResponse Workflow IntegrationFireEye Network Security can be augmented inseveral ways to automate alert response workflows: FireEye Central Management correlates alertsfrom both FireEye Network Security and FireEyeEmail Security for a broader view of an attackand to set blocking rules that prevent the attackfrom spreading further FireEye Network Forensics integrates withappliances that analyze Internet trafficto detect and block malicious traffic andsubmit suspicious activity over an encryptedconnection to the MVX service for definitiveverdict analysis–– MVX Smart Grid: on-premise, centrally located,elastic MVX service that offers transparentscalability, built-in N 1 fault tolerance andautomated load balancing–– FireEye Cloud MVX: FireEye-hosted MVXservice subscription that ensures privacyby analyzing traffic on the Network SmartNode. Only suspicious objects are sent overan encrypted connection to the MVX service,where objects revealed as benign are discarded.FireEye Network Security to provide detailedpacket captures associated with an alert andenable in-depth investigations FireEye Endpoint Security identifies, validatesand contains compromises detected by FireEyeNetwork Security to simplify containment andremediation of affected endpointsFlexible Deployment OptionsFireEye Network Security offers various deploymentoptions to match an organization’s needs and budget:Figure 2. Examples of Integrated Network Securityinclude NX 2550, NX 3500, NX 5500, NX 10450.Network Smart NodeRemote sitePhysical ApplianceCentral SiteNetwork Smart NodeMVX Smart GridPhysical ApplianceRemote site Integrated Network Security: standalone,all-in-one hardware appliance with integratedMVX service to secure an Internet access pointat a single site. FireEye Network Security is aneasy-to-manage, clientless platform that deploysin under 60 minutes. It doesn’t require rules,policies or tuning.Network Smart NodeVirtual ApplianceFigure 3. Distributed deployment models for Network Security.FireEyeCloud MVX3

4DATA SHEET FIREEYE NETWORK SECURITYMVXIDASignature-less dynamicanalysis engineIPS and RiskwareIntelligence-driven,rule-based analysis enginesSignature-based and noncritical malware enginesThreat IntelligenceCorrelation with FireEye and3rd party threat dataSmartVisionAdvanced engines thatdetect lateral trafficFigure 4. Modular components of FireEye Network Security.Extensible ArchitectureMinimizes Risk of Cyber BreachesFireEye Network Smart Nodes feature a modular andextensible software architecture and system designto deliver multiple threat protection capabilities assoftware modules.FireEye Network Security is a highly-effective cyberdefense solution that:High Performance and ScalabilityFireEye Network Security protects Internet accesspoints at line rate with performance options for a widevariety of branch and central office sizes:The MVX Smart Grid and FireEye Cloud MVX scalablearchitecture allows the MVX service to supportone Network Smart Node to thousands and scaleseamlessly as needed.Form FactorPerformanceIntegrated Network Security50 Mbps to 4 GbpsPhysical Network Smart Node50 Mbps to 10 GbpsVirtual Network Smart Node50 Mbps to 1 GbpsBusiness BenefitsDesigned to meet the needs of single-site anddistributed multi-site organizations, FireEye NetworkSecurity delivers several benefits:1 Forrester (May 2016). The Total Economic Impact of FireEye.2 Frost & Sullivan (October 2016). Network Security Sandbox Market Analysis Prevents intruders from breaking into anorganization to steal valuable assets or disruptbusiness by stopping advanced, targeted andother evasive attacks Stops attacks and contains intrusions faster withconcrete evidence, actionable intelligence, inlineblocking and response workflow automation Eliminates weak points from an organization’scyber defenses with consistent protection forvarious operating systems, application types,branches and central sitesShort Payback PeriodAccording to a recent Forrester Consulting study1,FireEye Network Security customers can expect a152% ROI savings over three years and payback ontheir initial investment in just 9.7 months. FireEyeNetwork Security: Focuses security team resources on real attacksto reduce operational expenses Optimizes capital spend with a shared MVXservice and a large variety of performance pointsto rightsize deployment to meet requirements Future-proofs security investment by scalingsmoothly when the number of branches or theamount of Internet traffic grows Protects existing investments by allowing cost-free migration from an integrated to a distributeddeployment Reduces future capital outlay with modular andextensible architectureAwards and CertificationsThe FireEye Network Security product portfoliohas been awarded a number of industry andgovernment awards and certifications: In 2016, Frost & Sullivan recognized FireEye asthe undisputed market leader with 56% marketshare, more than the next ten competitorscombined2 FireEye Network Security has been a recipientof numerous awards from SANS Institute, SCMagazine, CRN and others FireEye Network Securitywas the first securitysolution on the market toreceive the US Departmentof Homeland SecuritySAFETY Act Certification

DATA SHEET FIREEYE NETWORK SECURITYTable 1. FireEye Network Security specifications, integrated appliance.NX 2500NX 2550NX 3500NX 4500NX 5500NX 10450NX10550OS SupportMicrosoft WindowsMac OS XMicrosoft WindowsMac OS XMicrosoft WindowsMac OS XMicrosoft WindowsMac OS XMicrosoft WindowsMac OS XMicrosoft WindowsMicrosoft WindowsMac OS XPerformance *Up to 50 Mbps or 100MbpsUp to 250 MbpsUp to 500 MbpsUp to 1 GbpsUp to 2.5 GbpsUp to 4 GbpsUp to 4GbpsNetwork MonitoringPorts4x 10/100/1000BASE-T Ports (in frontpanel)4x 10GigE SFP 4x 1GigE Bypass4x 10GigE SFP 4x 1GigE Bypass8x 10GigE SFP 4x 1GigE Bypass8x 10GigE SFP 4x 1GigE Bypass8 x SFP (4 x1000base and 4 x10Gbase),1000baseSX/10GbaseSR (LC, MMF),1000baseLX/10GbaseLR (LC SMF),1000baseT (RJ45,UTP5),10GbaseCu (5mdirect-attached cable)8 x SFP (4 x1000base and 4 x10Gbase),1000baseSX/10GbaseSR (LC, MMF),1000baseLX/10GbaseLR (LC, SMF),1000baseT (RJ45,UTP5),10GbaseCu (5mdirect-attached cable)Network Ports Modeof OperationIn-line Monitor, FailOpen, Fail- Close (HWBypass) or TAP/SPANIn-line Monitor, FailOpen, Fail- Close (HWBypass) or TAP/SPANIn-line Monitor, FailOpen, Fail- Close (HWBypass) or TAP/SPANIn-line Monitor, FailOpen, Fail- Close (HWBypass) or TAP/SPANIn-line Monitor, FailOpen, Fail- Close (HWBypass) or TAP/SPANIn-line Monitor, orTap/SpanIn-line Monitor orTap/SpanHigh Availability (HA)Not AvailableNot AvailableNot AvailableNot AvailableNot AvailableActive-Passive HAActive-Passive HAHigh Availability (HA)Ports (rear panel)Not AvailableNot AvailableNot AvailableNot Available2x 100/1000/10GBase-T Ports2x 100/1000/10GBase-T Ports2x 100/1000/10GBase-T PortsManagement Ports(rear panel)2x 10/100/1000BASE- T Ports(in front panel)2x 10/100/1000BASE- T Ports2x 10/100/1000BASE- T Ports2x 10/100/1000BASE- T Ports2x 10/100/1000BASE- T Ports2x 10/100/1000BASE- T Ports2x 10/100/1000Base-T PortsIPMI Port (rear udedIncludedFront LCD & KeypadNot AvailableNot AvailableNot AvailableNot AvailableNot AvailableIncludedIncludedVGA PortNoYesYesYesYesYesYesUSB Ports2x Type A USB Ports(front panel)4x Type A USB Ports2 front, 2 rear4x Type A USB Ports2 front, 2 rear4x Type A USB Ports2 front, 2 rear4x Type A USB Ports2 front, 2 rear2x Type A USB Ports2x Type A USB PortsSerial Port (rearpanel)115,200 bps, NoParity, 8 bits, 1 StopBit (RJ45 connectorRJ45-to-Dsub adaptercable is included)115,200 bps, No Parity,8 Bits, 1 Stop Bit115,200 bps, No Parity,8 Bits, 1 Stop Bit115,200 bps, No Parity,8 Bits, 1 Stop Bit115,200 bps, No Parity,8 Bits, 1 Stop Bit115,200 bps, NoParity, 8 Bits, 1 StopBit115,200 bps, NoParity, 8 bits, 1 Stop BitDrive CapacitySingle 1TB 3.5 inch,SATA HDD, internal,fixed2 x 4TB HDD, 3.5”,SAS3, 7.2krpm,FRU RAID12 x 4TB HDD, 3.5”,SAS3, 7.2krpm,FRU RAID12 x 4TB HDD, 3.5”,SAS3, 7.2krpm,FRU RAID12 x 4TB HDD, 3.5”,SAS3, 7.2krpm,FRU RAID14x 800 GB SSD,2.5 inch, SATA,FRU RAID104x 960 GB SSD,2.5 inch, SATA,FRU RAID10Enclosure1RU, Fits 19 inch Rack1RU, Fits 19-inch Rack2RU, Fits 19-inch Rack2RU, Fits 19-inch Rack2RU, Fits 19-inch Rack2RU, Fits 19 inch Rack2RU, Fits 19 inch RackChassis DimensionWxDxH17.2in(437mm) x19.7in(500mm) x1.7in(43.2 mm)17.2in(437mm) x25.6in(650mm) x1.7in(43.2mm)17.24in(438mm) x24.41in(620mm) x3.48in (88.4mm)17.24in(438mm) x24.41in(620mm) x3.48in(88.4mm)17.24in(438mm) x24.41in(620mm) x3.48in(88.4mm)17.2in(437mm) x27.9in(709mm) x3.5in(89mm)17.2in(437mm) x33.5in(851mm) x3.5in(89mm)5

DATA SHEET FIREEYE NETWORK SECURITY6Table 1. FireEye Network Security specifications, integrated appliance. (continued)NX 2500NX 2550NX 3500NX 4500NX 5500NX 10450NX10550AC Power SupplySingle 250 watt,90-264 VAC,3.5 - 1.5 A, 50-60 Hz,IEC60320-C14, inlet,Internal, FixedRedundant (1 1) 750watt, 100 - 240 VAC9.0 - 4.5A, 50-60 HzIEC60320-C14 inlet,FRURedundant (1 1) 800watt, 100 - 240 VAC10.5 – 4.0A, 50-60 HzIEC60320-C14 inlet,FRURedundant (1 1) 800watt, 100 - 240 VAC10.5 – 4.0A, 50-60 HzIEC60320-C14 inlet,FRURedundant (1 1) 800watt, 100 - 240 VAC10.5 – 4.0A, 50-60 HzIEC60320-C14 inlet,FRURedundant (1 1) 1200watt, 100-140 VAC,14.7 - 10.5 A 1400watt, 180-240 VAC,9.5 - 7.2 A, 50-60 Hz,FRU IEC60320-C14inlet, FRURedundant (1 1)800W: 100-127V,9.8A-7A 1000W:220-240V, 7-5A,50-60Hz, FRUIEC60320-C14 inlet,(In Process) FRUPower ConsumptionMaximum (watts)85 watts265 watts426 watts519 watts658 watts850 watts760 wattsThermal DissipationMaximum (BTU/h)290 BTU/h904 BTU/h1,454 BTU/hr1,771 BTU/h2,245 BTU/h2,908 BTU/h2,594 BTU/hMTBF (h)56,400 h54,200 h65,466 h57,766 h52,802 h40,275 h36,101 hAppliance Alone/ As Shipped Weightlb. (kg)16.2 lb (7.3 kg) /28.2 lb (2.95 kg)29.8 lbs (13.5 Kg) /40.8 lbs (18.5 Kg)37.4 lbs (17.0 Kg) /58.6 lbs (26.6 kg)42.4 lbs (19.2 Kg) /63.5 lbs (28.8 kg)42.7 lbs (19.2 Kg) /63.8 lbs (29.0 kg)51 lb. (23 kg) /66 lb. (30 kg)46 lb (21 kg) /90 lb (40.2 kg)RegulatoryCompliance SafetyIEC 60950EN 60950-1UL 60950CSA/CAN-C22.2IEC 60950EN 60950-1UL 60950CSA/CAN-C22.2IEC 60950EN 60950-1UL 60950CSA/CAN-C22.2IEC 60950EN 60950-1UL 60950CSA/CAN-C22.2IEC 60950EN 60950-1UL 60950CSA/CAN-C22.2IEC 60950EN 60950-1UL 60950CSA/CAN-C22.2IEC 60950EN 60950-1UL 60950CSA/CAN-C22.2Security CertificationsFIPS 140-2 Level 1CC NDPP v1.1FIPS 140-2 Level 1CC NDPP v1.1FIPS 140-2 Level 1CC NDPP v1.1FIPS 140-2 Level 1CC NDPP v1.1FIPS 140-2 Level 1CC NDPP v1.1FIPS 140-2 Level 1CC NDPP v1.1FIPS 140-2 Level 1CC NDPP v1.1(In Process)RegulatoryCompliance EMCFCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015FCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015FCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015FCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015FCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015FCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015FCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015EnvironmentalComplianceRoHS Directive2011/65/EUREACHWEEE Directive2012/19/EURoHS Directive2011/65/EUREACHWEEE Directive2012/19/EURoHS Directive2011/65/EUREACHWEEE Directive2012/19/EURoHS Directive2011/65/EUREACHWEEE Directive2012/19/EURoHS Directive2011/65/EUREACHWEEE Directive2012/19/EURoHS Directive2011/65/EUREACHWEEE Directive2012/19/EURoHS Directive2011/65/EUREACHWEEE Directive2012/19/EUOperatingTemperature0 40 C32 104 F0 35 C32 95 F0 35 C32 95 F0 35 C32 95 F0 35 C32 95 F10 35 C50 95 F10 35 C50 95 FNon-OperatingTemperature-20 80 C-4 176 F-40 70 C-40 158 F-40 70 C-40 158 F-40 70 C-40 158 F-40 70 C-40 158 F-40 70 C-40 158 F-40 70 C-40 158 FOperating RelativeHumidity5% - 85%non-condensing10 95% @ 40 C,non-condensing10 95% @ 40 C,non-condensing10 95% @ 40 C,non-condensing10 95% @ 40 C,non-condensing10% - 85%non-condensing10% - 85%non-condensingNon-OperatingRelative Humidity5% - 95%non-condensing10 95% @ 60 C,non-condensing10 95% @ 60 C,non-condensing10 95% @ 60 C,non-condensing10 95% @ 60 C,non-condensing5% - 95%non-condensing5% - 95%non-condensingOperating Altitude3,000 m9,842 ft3,000 m9,842 ft3,000 m9,842 ft3,000 m9,842 ft3,000 m9,842 ft3,000 m9,842 ft3,000 m9,842 ft

DATA SHEET FIREEYE NETWORK SECURITYTable 2. FireEye Network Security IPS performance, integrated appliance.NX 2500NX 2550NX 3500NX 4500NX 5500NX 10450NX10550Max IPSPerformanceUp to 50 Mbpsor 100 MbpsUp to 250 MbpsUp to 500 MbpsUp to 1 GbpsUp to 2.5 GbpsUp to 4 GbpsUp to 4 GbpsMax ConcurrentConnections15K or 80K80K160K500K1M2M2MNew ConnectionsPer Second750/Sec or e 3. FireEye Network Security smart node, physical specifications.NX 1500NX 2500NX 2550NX 3500NX 4500NX 5500NX 10450NX10550OS SupportMicrosoft WindowsMac OS XMicrosoft WindowsMac OS XMicrosoft WindowsMac OS XMicrosoft WindowsMac OS XMicrosoft WindowsMac OS XMicrosoft WindowsMac OS XMicrosoft WindowsMicrosoft WindowsMac OS XPerformanceUp to 50 MbpsUp to 100 Mbps or250 MbpsUp to 500 MbpsUp to 1 GbpsUp to 2 GbpsUp to 5 GbpsUp to 8 GbpsUp to 10 GbpsNetworkMonitoring Ports4x 10/100/1000BASE-T Ports4x 10/100/1000BASE-T Ports (infront panel)4x 10GigE SFP 4x 1GigE Bypass4x 10GigE SFP 4x 1GigE Bypass8x 10GigE SFP 4x 1GigE Bypass8x 10GigE SFP 4x 1GigE Bypass8 x SFP (4 x1000base and 4 x10Gbase),1000baseSX/10GbaseSR (LC,MMF),1000baseLX/10GbaseLR (LCSMF), 1000baseT(RJ45, UTP5),10GbaseCu (5mdirect-attachedcable)8 x SFP (4 x1000base and 4 x10Gbase),1000baseSX/10GbaseSR (LC,MMF),1000baseLX/10GbaseLR (LC,SMF), 1000baseT(RJ45, UTP5),10GbaseCu (5mdirect-attachedcable)Network PortsMode of OperationIn-line Monitor, FailClose or TapIn-line Monitor, FailOpen, Fail- Close(HW Bypass) orTAP/SPANIn-line Monitor, FailOpen, Fail- Close(HW Bypass) orTAP/SPANIn-line Monitor, FailOpen, Fail- Close(HW Bypass) orTAP/SPANIn-line Monitor, FailOpen, Fail- Close(HW Bypass) orTAP/SPANIn-line Monitor, FailOpen, Fail- Close(HW Bypass) orTAP/SPANIn-line Monitor;TAP; or SPANIn-line Monitor orTAP/SPANHigh Availability(HA)Not AvailableNot AvailableNot AvailableNot AvailableNot AvailableNot AvailableActive-Passive HAActive-Passive HAHigh Availability(HA) Ports (rearpanel)Not AvailableNot AvailableNot AvailableNot AvailableNot AvailableNot Available2x 100/1000/10GBase-T Ports2x 100/1000/10GBase-T PortsManagement Ports(rear panel)2x 10/100/1000BASE- T Ports4x 10/100/1000BASE- T Ports (infront panel)2x 10/100/1000BASE- T Ports2x 10/100/1000BASE- T Ports2x 10/100/1000BASE- T Ports2x 10/100/1000BASE- T Ports2x 10/100/1000BASE- T Ports2x 10/100/1000Base-T PortsIPMI Port (rearpanel)Not AvailableRear dedFront LCD &KeypadNot AvailableNot AvailableNot AvailableNot AvailableNot AvailableNot AvailableIncludedIncluded7

DATA SHEET FIREEYE NETWORK SECURITY8Table 3. FireEye Network Security smart node, physical specifications. (continued)NX 1500NX 2500NX 2550NX 3500NX 4500NX 5500NX 10450NX10550VGA PortNot AvailableNot AvailableYesYesYesYesYesYesUSB Ports2x Type A USBPorts2x Type A USBPorts (front panel)4x Type A USBPorts2 front, 2 rear4x Type A USBPorts2 front, 2 rear4x Type A USBPorts2 front, 2 rear4x Type A USBPorts2 front, 2 rear4x Type A USBPorts2 front, 2 rear4x Type A USBPorts2 front, 2 rearSerial Port (rearpanel)115,200 bps, NoParity, 8 bits, 1Stop Bit (RJ45connector; RJ45to-Dsub adaptercable is included)115,200 bps, NoParity, 8 bits, 1 StopBit (RJ45 connectorRJ45-to-Dsubadapter cable isincluded)115,200 bps, NoParity, 8 Bits, 1 StopBit115,200 bps, NoParity, 8 Bits, 1 StopBit115,200 bps, NoParity, 8 Bits, 1 StopBit115,200 bps, NoParity, 8 Bits, 1 StopBit115,200 bps, NoParity, 8 Bits, 1 StopBit115,200 bps, NoParity, 8 bits, 1 StopBitDrive CapacitySingle 500GB 2.5inch SATA HDD,internal, fixedSingle 1TB 3.5 inchSATA HDD, internal,fixed2 x 4TB HDD, 3.5”,SAS3, 7.2krpm,FRU RAID12 x 4TB HDD, 3.5”,SAS3, 7.2krpm,FRU RAID12 x 4TB HDD, 3.5”,SAS3, 7.2krpm,FRU RAID12 x 4TB HDD, 3.5”,SAS3, 7.2krpm,FRU RAID14x 800 GB SSD,2.5 inch, SATA,FRU RAID104x 960 GB SSD,2.5 inch, SATA,FRU RAID10EnclosureDesktop formfactor1RU, Fits 19 inchRack1RU, Fits 19 inchRack2RU, Fits 19 inchRack2RU, Fits 19 inchRack2RU, Fits 19 inchRack2RU, Fits 19 inchRack2RU, Fits 19 inchRackChassis DimensionWxDxH11in(280mm) x6.9in(175mm) x1.8in(45.7mm)17.2in(437mm) x19.7in(500mm) x1.7in(43.2mm)17.2in(437mm) x25.6in(650mm) x1.7in(43.2mm)17.24in(438mm) x24.41in(620mm) x3.48in (88.4mm)17.24in(438mm) x24.41in(620mm) x3.48in(88.4mm)17.24in(438mm) x24.41in(620mm) x3.48in(88.4mm)17.2in(437mm) x27.9in(709mm) x3.5in(89 mm)17.2in(437mm) x33.5in(851mm) x3.5in(89 mm)AC Power SupplyExternal 60 Watt12V@5A Ouput ACAdapter, 90-264VAC, 50-60 Hz,IEC60320-C14,inlet, FRUSingle 250 watt,90-264 VAC,3.5 - 1.5 A, 50-60Hz, IEC60320-C14,inlet, Internal, FixedRedundant (1 1)750 watt, 100- 240 VAC 9 –4.5A, 50-60 HzIEC60320-C14inlet, FRURedundant (1 1)800 watt,100 - 240 VAC9 – 4.5A, 50-60 HzIEC60320-C14inlet, FRURedundant (1 1)800 watt,100 - 240 VAC9 – 4.5A, 50-60 HzIEC60320-C14inlet, FRURedundant (1 1)800 watt, 100- 240 VAC 10.5 –4.0A, 50-60 HzIEC60320-C14 inlet,FRURedundant (1 1)1200 watt, 100-140VAC, 14.7 - 10.5 A1400 watt, 180-240VAC, 9.5 - 7.2 A,50-60 Hz, FRUIEC60320-C14 inlet,FRURedundant (1 1)800W: 100-127V,9.8A-7A 1000W:220-240V, 7-5A,50-60Hz, FRUIEC60320-C14inlet, FRUPowerConsumptionMaximum (watts)27 watts85 watts265 watts426 watts519 watts658 watts850 watts760 wattsThermal DissipationMaximum (BTU/h)92 BTU/h290 BTU/h904 BTU/h1,454 BTU/h1,771 BTU/h2,245 BTU/h2,908 BTU/h2,594 BTU/hMTBF (h)95,400 h56,400 h54,200 h65,466 h57,766 h52,802 h40,275 h36,101 hAppliance Alone /As Shipped Weightlb. (kg)3.75 lb (1.7 kg) /6.5 lb (2.95 kg)16.2 lb (7.3 kg) /28.2 lb (2.95 kg)29.8 lbs (13.5 kg) /40.8 lbs (18.5 Kg)37.4 lbs (17.0 kg) /58.6 lbs (26.6 kg42.4 lbs (19.2 kg) /63.5 lbs (28.8 kg)42.7 lbs (19.2 kg) /63.8 lbs (29.0 kg)51 lb. (23 kg) /66 lb. (30 kg)46 lb (21 kg) /90 lb (40.2 kg)RegulatoryCompliance SafetyIEC 60950EN 60950-1UL 60950CSA/CAN-C22.2IEC 60950EN 60950-1UL 60950CSA/CAN-C22.2IEC 60950EN 60950-1UL 60950CSA/CAN-C22.2IEC 60950EN 60950-1UL 60950CSA/CAN-C22.2IEC 60950EN 60950-1UL 60950CSA/CAN-C22.2IEC 60950EN 60950-1UL 60950CSA/CAN-C22.2IEC 60950EN 60950-1UL 60950CSA/CAN-C22.2IEC 60950EN 60950-1UL 60950CSA/CAN-C22.2SecurityCertificationsFIPS 140-2 Level 1CC NDPP v1.1FIPS 140-2 Level 1CC NDPP v1.1FIPS 140-2 Level 1CC NDPP v1.1FIPS 140-2 Level 1CC NDPP v1.1FIPS 140-2 Level 1CC NDPP v1.1FIPS 140-2 Level 1CC NDPP v1.1FIPS 140-2 Level 1CC NDPP v1.1

DATA SHEET FIREEYE NETWORK SECURITYTable 3. FireEye Network Security smart node, physical specifications. (continued)NX 1500NX 2500NX 2550NX 3500NX 4500NX 5500NX 10450NX10550RegulatoryCompliance EMCFCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015FCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015FCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015FCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015FCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015FCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015FCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V-3/2015FCC Part 15ICES-003 Class AAS/NZS CISPR 22CISPR 32EN 55032EN 55024IEC/EN 61000-3-2IEC/EN 61000-3-3IEC/EN 61000-4-2V-2/2015 &V3/2015EnvironmentalComplianceRoHS Directive2011/65/EUREACHWEEE Directive2012/19/EURoHS Directive2011/65/EUREACHWEEE Directive2012/19/EURoHS Directive2011/65/EUREACHWEEE Directive2012/19/EURoHS Directive2011/65/EUREACHWEEE Directive2012/19/EURoHS Directive2011/65/EUREACHWEEE Directive2012/19/EURoHS Directive2011/65/EUREACHWEEE Directive2012/19/EURoHS Directive2011/65/EUREACHWEEE Directive2012/19/EURoHS Directive2011/65/EUREACHWEEE Directive2012/19/EUOperatingTemperature0 40 C32 104 F0 40 C32 104 F0 35 C32 95 F0 35 C32 95 F0 35 C32 95 F0 35 C32 95 F10 35 C50 95 F10 35 C50 95 FNon-OperatingTemperature-20 80 C-4 176 F-20 80 C-4 176 F-40 70 C-40 158 F-40 70 C-40 158 F-40 70 C-40 158 F-40 70 C-40 158 F-40 70 C-40 158 F-40 70 C-40 158 FOperating RelativeHumidity5% - 85%non-condensing5% - 85%non-condensing10 95% @ 40 C,non-condensing10 95% @ 40 C,non-condensing10 95% @ 40 C,non-condensing10 95% @ 40 C,non-condensing10% - 85%non-condensing10% - 85%non-condensingNon-OperatingRelative Humidity5% - 95%non-condensing5% - 95%non-condensing10 95% @ 60 C,non-condensing10 95% @ 60 C,non-condensing10 95% @ 60 Cnon-condensing10 95% @ 60 Cnon-condensing5% - 95%non-condensing5% - 95%non-condensingOperating Altitude3,000 m9,842 ft3,000 m9,842 ft3,000 m9,842 ft3,000 m9,842 ft3,000 m9,842 ft3,000 m9,842 ft3,000 m9,842 ft3,000 m9,842 ftTable 4. FireEye Network smart node IPS, physical specifications.NX 1500NX 2500NX 2550NX 3500NX 4500NX 5500NX 10450NX10550Max IPSPerformanceUp to 50 MbpsUp to100 /250 MbpsUp to 500 MbpsUp to 1 GbpsUp to 2 GbpsUp to 5 GbpsUp to 8 GbpsUp to 10 GbpsMax ConcurrentConnections15K80K160K500K1M2M4M4MNew ConnectionsPer Sec80K/Sec9

10DATA SHEET FIREEYE NETWORK SECURITYTa b l e 5 . F i re Eye N e t wo r k s m a r t n o d e , v i r t u a l s p e c i f i c a t i o n s .VA-NXS 1500VA-NXS 2500VA-NXS 2550VA-NXS 4500VA-NXS 6500OS SupportMicrosoft WindowsMac OS XMicrosoft WindowsMac OS XMicrosoft WindowsMac OS XMicrosoft WindowsMac OS XMicrosoft WindowsMac OS XPerformance *Up to 50 MbpsUp to 100 MbpsUp to 250 MbpsUp to 500 MbpsUp to 1 GbpsNetwork Monitoring Ports1-81-81-81-81-8Network Management Ports1 or 21 or 21 or 21 or 21 or 2Network Ports Mode of OperationInline, SPANInline, SPANInline, SPANInline, SPANInline, SPANCPU Cores368816Memory10GB16GB

FireEye Network Security specifications, integrated appliance. NX 2500 NX 2550 NX 3500 NX 4500 NX 5500 NX 10450 NX10550 OS Support Microsoft Windows Mac OS X Microsoft Windows Mac OS X Microsoft Windows Mac OS X Microsoft Windows Mac OS X Microsoft Windows Mac OS X Microsoft Windows Microsoft Windows Mac OS X Performance * Up to 50 Mbps or 100

Related Documents:

Figure 5: FireEye NX 4420 Figure 6: FireEye NX 7400 Figure 7: FireEye NX 7420 . FIPS 140-2 Security Policy v0.2 8 Figure 8: FireEye NX 7500 Figure 9: FireEye NX 9450 Figure 10: FireEye NX 10000 . FIPS 140-2 Security Policy v0.2 9 Figure 11: FireEye NX 10450 .

FireEye Email Security—Server Edition Administration and Diagnostics x x x x x FireEye Endpoint Security Administration and Diagnostics x x x x x FireEye Helix x x x x x Fundamentals of Network Traffic Analysis using FireEye Network Forensics x x x x x Helix Threat Analytics x x x x x Investigations with FireEye Endpoint Security x x x x x

GigaVUE-HC2 and FireEye NX 2400, a inline tool group solution through the FireEye GUI and Gigamon-OS H-VUE. The procedures are organized as follows: FireEye NX 2400 Configuration: Inline Tools Gigamon GigaVUE-HC2 Configuration: Inline Network and Inline Tool Groups. The FireEye GUI procedures focus on FireEye inline block operational mode.File Size: 1MBPage Count: 30

FireEye Network Security is an effective cyber threat protection solution that . 2550, NX 3500, NX 5500, NX 10550. Flexible Deployment Options FireEye Network Security offers various deployment options to match an organization’s needs and budget: . FireEye Network Security datasheet .

Configuring FireEye NX 2400 for Inline Block Operation Mode The FireEye GUI procedures focus on FireEye inline block operational mode. The configuration procedures in the later section will configure the GigaVUE -HC2 to send live traffic to the FireEye inline tool group, which will allow the use of FireEye's on-system deployment testing tools.

The FireEye CM series is a group of management platforms that consolidates the administration, reporting, and data sharing of the FireEye NX, EX, and FX series in one easy-to-deploy, network-based platform. Within the FireEye deployment, the FireEye CM enables real-time sharing of the auto-

The FireEye CM Series: CM-4400, CM-7400, CM-9400 (the module) is a multi-chip standalone . administration, reporting, and data sharing of the FireEye NX, EX, FX and AX series in one easy-to-deploy, network-based platform. Within the FireEye deployment, the FireEye CM enables

Anatomy 2-5 Indications 5 Contra-indications 5 General preparation 6 Landmarks 6-7 Performing the block 7-8 Complications 8 Trouble shooting 9 Summary 9 References 10 Appendix 1 11. 6/10/2016 Fascia Iliaca Compartment Block: Landmark Approach 2 FASCIA ILIACA COMPARTMENT BLOCK: LANDMARK APPROACH INTRODUCTION Neck of femur fracture affect an estimated 65,000 patients per annum in England in .