Using Investigation Analysis and Network Forensics for enterprise protection

Highly-advanced forensics features prove indispensable when it comes to detecting and analysing security risks in time. Gaps in security can have fatal consequences, particularly at an enterprise level. In serious cases it is essential to determine the security incident and its scope as quickly as possible, to defuse the threat situation and restore the safety of your network.

The PX series Network Forensics platform and the IA series Investigation Analysis system from FireEye provide you with effective all-round protection. Here the tool for analysing security weaknesses combined with functional packet capture is an ideal supplement to other FireEye security solutions. With this powerful combination you can be sure you are choosing the most effective and fastest option in the field of network data interrogation and capture which is currently offered on the market.

Contact us

Do you have questions about our FireEye products and would like some advice? Give us a call or send us an e-mail.

Advantages of  Enterprise Forensics

The capability to investigate immediately and take action quickly

Searching packages only takes a few minutes with the real-time indexing methods of Enterprise Forensics. Furthermore, you can switch between SIEM Message and FireEye Network Security with just a single click. A sophisticated web interface, including a drilldown feature, accelerates the searching and testing of packets, sessions and connections. Expressed in figures, the scanning speeds are up to 20 Gbit/s, while the time stamp is in the region of nanoseconds.

Rapid evaluation and assessment of threat strategies

The Enterprise Forensics solution from FireEye also decodes connection data from file attachments, chat, DNS, e-mail, FTP and web connections. The aim is to track down malware and potential defects in security early on. In addition, as part of the analysis, file attachments and packet contents are checked in detail for stolen data.

Clear overview of the whole network

The detailed network overview includes the indexed metadata coming from protocols, such as SSL, POP3, HTTP, FTP, SMTP, SMB and TLS. Central queries are answered rapidly. Data and network activities can be displayed and forwarded quickly and simply via user-defined dashboards. In turn, together with integrated case management, PCAP file sharing guarantees optimised cooperation.

We give you telephone support!

Simply get in touch. Stefan Winklhofer from the Green IT Solution sales team is available on +49 89 215 48 07 90. If you would prefer to write to us, please use our contact form.