Enterprise Forensics
Minimize impact of network attacks with high-performance packet capture and analysis
Organizations should focus on early detection and swift investigation of incidents to determine scope and impact, effectively contain threats and re-secure their network.
The FireEye Network Forensics Platform (PX series) and the Investigation Analysis system (IA series) pair the industry's fastest lossless network data capture and retrieval solution with centralized analysis and visualization. They accelerate the network forensics process with a single workbench that simplifies investigations and reduces risk with expanded visibility into lateral spread.
White paper
3 steps to creating an investigation-ready organization
The industry’s fastest cyber investigation solution
High-speed capture and querying
Pinpoint the data you need fast enough to make a difference.
- Achieve continuous, lossless packet capture at up to 20 Gbps
- Search for and retrieve packets in seconds with patent-pending indexing architecture
Easy integration with FireEye ecosystem
Work within a single system to collect and analyze system-wide data.
- Centralize alerts from multiple FireEye products into a single dashboard
- Accelerate investigations with integrated FireEye iSIGHT Intelligence and analytics modules derived from frontline Mandiant experience
Expanded visibility and knowledge
Share detailed information across multiple systems for flexible analysis.
- Get threat severity, type and context based on high-fidelity intelligence
- Use open standards for maximum flexibility (RESTful API, PCAP, Netflow v9, IPFIX)
TESTIMONIAL
"Within weeks of deploying the FireEye Network Forensics Platform, the agency discovered a brute force login attempt."
Fast, detailed investigations for informed threat response
Effortless scalability
Capture lossless data timestamped in nanoseconds at up to 20Gbps.
Flexible storage options
Store PCAPs on the appliance, SAS-attached or SAN-attached storage.
Ultrafast analysis
Search and inspect massive amounts of packet, connection and decoded session data in seconds.
Screen consolidation
View data from multiple FireEye solutions on a single screen.
Shareable investigations
Build custom dashboards and take advantage of PCAP files for case management.
One-click reconstruction
Reconstruct web pages, emails and suspect files with a single click for rapid analysis.
Related products and services
FireEye iSIGHT Intelligence
Predict attacks, mitigate risk and enhance incident response.
FireEye Malware Analysis
Safely execute and analyze malware in a secure environment.
FireEye Helix
Simplify, integrate and automate security operations to stop threats faster.
Related resources
Datasheet
Network Forensics Platform
Datasheet
Investigation Analysis System
White paper
4 things to consider when building a network forensics storage architecture
Webinar
Enhancing your security posture with network forensics
White paper
The business case for an advanced security solution
Report
Network forensics at the speed of business
Blog
Network Forensics: Use cases in the enterprise
ZIP file
Visio Stencils: Endpoint Security (HX Series)
Literature
FireEye international literature
Forensics Deployment & Integration
Rapid and effective integration into your security environment
Ready to get started?
Ask about FireEye solutions, implementation or anything else. Our security experts are standing by, ready to answer your questions.
