Response Workflow Integration

FireEye Network Security can be integrated with other FireEye products to enhance response workflow. This diagram shows both cloud and on-premises deployment solutions using a full suite of FireEye products. In the on-premises integrated workflow the FireEye Network Security is connected to FireEye Packet Capture to provide networked forensic details within alerts for in-depth investigations. Network Security is also managed by FireEye Central Management as is FireEye Endpoint and Email Security. The benefits of FireEye Central Management is that a centralized is alerts appliance administration and updates for all connected appliances. This simplifies administration tasks and helps analysts gain an organization wide perspective of alerts by leveraging the intelligence collected by each appliance. Central management can correlate blended attacks such as a web infection initiated by a new URL within an email for a broader view of an attack to set. Blocking rules that prevent the attack from spreading further. Central Management connects to an internet enabled network to integrate with other fire appliances. This connection can be practically anywhere on the network via a endpoint security identifies validates and contains compromises detected by firing network security. To simplify containment and remediation of affected endpoints. Lastly FireEye malware analysis compliments the analysis capabilities of network security and email security by providing additional MVS engine analysis including the ability to manually submit suspicious files to the appliance for inspection to configure custom analysis options. Above the cloud deployment section of the diagram via a helix is included as well as cloud versions of FireEye endpoint and email security.

Helix is a cloud based solution that increases the overall visibility into the threat landscape with end to end action and response capabilities. Layers fire intelligence which includes insights into threat actors and behaviors with event and security logs to identify advanced threats in your network. When you’re Helix installation includes other fire products you can easily pivot from the Helix web UI to central management network security or endpoint security dashboards for an in-depth analysis of alerts.

Scroll to Top