Risk
1/31/2014
08:55 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

New FireEye Release Adds More Layers Of Security, Management

FireEye OS 7.1 simplifies virtual machine-based security management as well as extends VM analysis to IPv6 traffic

Milpitas, CA - Jan 30, 2014 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, today announced FireEye OS 7.1, a major update to the FireEye OS that offers more scalable management capabilities to the CM series, IPv6 network security support to the NX series, and enhanced email threat analysis capabilities to the EX series. FireEye OS 7.1 will be generally available by the end of February 2014.

With FireEye OS 7.1, organizations can scale central management to deployments of hundreds of FireEye appliances and automate enterprise-wide alert notifications and responses using new Web services APIs. The new version also introduces security enhancements across the board, including security analysis of IPv6 network traffic within the NX series and enhanced email analysis of malicious files delivered through HTTP in the EX series. This broad update further enhances the FireEye comprehensive solution to protecting enterprises' most critical assets from advanced malware and targeted attacks.

To combat the increasing number of email-based attacks that take advantage of weaknesses in traditional anti-virus solutions, the new release introduces dynamic scanning of URLs sent via email that link to malicious files. FireEye EX now analyzes emails not only for malicious attachments, but also performs email header analysis and analyzes the URLs linking to suspicious files. Email header analysis enables FireEye to apply email specific threat intelligence to enhance detection and identification of advanced persistent threats (APTs).

"Over the course of our beta test we caught attacks that got through other layers of security," said Dimitri Limanovski, principal security engineer at Ellucian. "It wasn't the number of attacks that got through; it was the nature of what was attacking our network." We need to stop the most potent zero-day attacks and the new dynamic URL scanning from FireEye kept these from hitting our network."

According to Gartner, targeted attacks remain a significant weakness for companies that rely on traditional security solutions.

"The rise of the targeted attack is shredding what is left of the anti-malware market's stubborn commitment to reactive protection techniques. Improving the malware signature distribution system, or adapting behavior detection to account for the latest attack styles, will not improve the effectiveness rates against targeted attacks. When 35% of reference customers for Endpoint Protection Platform solutions have been successfully compromised, it is clear that the industry is failing in its primary goal of keeping malicious code off PCs." (Source, Gartner, Magic Quadrant for Endpoint Protection Platforms, P. Firstbrook, J. Girard, N. MacDonald, January 8, 2014).

"Organizations of all sizes are experiencing higher volume and more sophisticated attacks as cybercriminals take advantage of weaknesses in traditional email security solutions and use the scale of the internet to their advantage," said Manish Gupta, senior vice president of products at FireEye. "With the latest version of FireEye OS we've added more capabilities to our threat protection platform to augment email security and simplified the management of virtual machine threat protection, making it easier to scale their FireEye deployment and take back the advantages of technology and scale from cybercriminals."

New in FireEye OS 7.1

Comprehensive Management Capabilities

FireEye OS 7.1 updates the CM management platform to scale to hundreds of FireEye appliances and provides a central management system that scales as organizations deploy the complete FireEye protection architecture with NX, EX, FX, and AX platforms. The FireEye CM platform organizes the real-time advanced threat intelligence sent from each appliance and correlates the threat intelligence. Also on the CM series, the 7.1 release introduces new Web services APIs so customers can programmatically query or submit data to automate forensics analysis and IR workflows. The CM series serves as the distribution hub ensuring the entire FireEye deployment has the same dynamic protections against advanced targeted attacks.

In addition, the release updates the local management within the NX, EX, and CM series with new role-based access controls, audit logging, complex passwords, and improved appliance health monitoring (SNMP).

Secure IPv6-enabled Networks Against Web-based Advanced Attacks

New to FireEye OS 7.1 are capabilities to secure IPv6 traffic. The FireEye NX series protects networks ranging from 10 Mbps to 4 Gbps. Organizations of all sizes can consolidate IT resources and lower the total cost of threat protection while choosing a solution that can scale as IPv6 adoption gains momentum throughout networks worldwide. The new release also enhances the FireEye NX platform with a new enterprise dashboard.

Enhanced Email Security

The new release updates the EX platform with dynamic scanning of URLs sent via email that link to malicious files, email header analysis, and congestion management. FireEye EX analyzes emails not only for malicious attachments but also the email header and URLs linking to suspicious objects that can be analyzed within the FireEye® Multi-Vector Virtual Execution&trade (MVX) engine. The update also includes "bypass control" congestion management enhancements to provide a way to ensure scanning of all emails regardless of volume. The graceful mechanism to 'flow control' oncoming traffic provides a robust way to ensure that each and every attachment in every email gets analyzed by the MVX engine. This enhances overall email security with a single appliance and integrates with the FireEye NX series for advanced Web attack analysis and correlation. This allows organizations to move beyond traditional signature or reputation-based protections which are ineffective against today's fast-moving, constantly changing threats.

About FireEye, Inc.

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 1,500 customers across more than 40 countries, including over 100 of the Fortune 500.

Forward-Looking Statements

This press release contains forward-looking statements, including statements related to general availability, expected capabilities and expected benefits of FireEye OS 7.1. These forward-looking statements involve risks and uncertainties, as well as assumptions which, if they do not fully materialize or prove incorrect, could cause FireEye's results to differ materially from those expressed or implied by such forward-looking statements. The risks and uncertainties that could cause our results to differ materially from those expressed or implied by such forward-looking statements include FireEye's limited operating history and limited experience with developing and releasing new products and services; real or perceived defects, errors or vulnerabilities in the FireEye platform; rapidly evolving technological developments in a market that is characterized by rapid changes in technology, customer requirements, industry standards, and frequent new product introductions and improvements; and general market, political, economic, and business conditions; as well as those risks and uncertainties included under the captions "Risk Factors" and "Management's Discussion and Analysis of Financial Condition and Results of Operations," in FireEye's Form 10-Q filed with the Securities and Exchange Commission on November 14, 2013 for the quarter ended September 30, 2013, which is available on the Investor Relations section of the company's website at investors.FireEye.com and on the SEC website at www.sec.gov. All forward-looking statements in this press release are based on information available to the company as of the date hereof, and FireEye does not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made. Any future product, feature or related specification that may be referenced in this release are for information purposes only and are not commitments to deliver any technology or enhancement. FireEye reserves the right to modify future product plans at any time.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3352
Published: 2014-08-30
Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3_SP9 and earlier does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, related to an "iFrame vulnerability," aka Bug ID CSCuh...

CVE-2014-3908
Published: 2014-08-30
The Amazon.com Kindle application before 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2010-5110
Published: 2014-08-29
DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.

CVE-2012-1503
Published: 2014-08-29
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote attackers to inject arbitrary web script or HTML via the comment section.

CVE-2013-5467
Published: 2014-08-29
Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Monitoring Server (ms) and Shared Libraries (ax) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP08, 6.2.3 through FP01, and 6.3.0 through FP01 in IBM Tivoli Monitoring (ITM)...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.