SlideShare une entreprise Scribd logo

Gigamon U - Eye Of The Fire, Network Malware Control System

G
Grant Swanson

FireEye, Inc. is the leader in network malware control, dedicated to eradicating malware from the world's networks. FireEye provides the world's only malware control system designed to secure networks from targeted malware. Our solutions bring advanced network security together with state-of-the-art virtualization technology to combat crimeware and protect customer data, intellectual property and company resources, solving critical business needs without taxing your IT administration. FireEye is based in Menlo Park, CA and backed by Sequoia Capital & Norwest Venture Partners.

Économie & financeTechnologie
1  sur  20
Télécharger pour lire hors ligne
FireEye Network Malware Control System Chad Harrington VP of Marketing FireEye, Inc. Proprietary
Overview Crimeware’s rise to prominence Traditional security barriers collapsing FireEye Network Malware Control System FireEye, Inc. Proprietary 2
Understanding Crimeware  Targeted malware for profit  Funded by criminal orgs & online markets  Allows remote control by external parties Computer-based crimes caused $14.2 billion in damages to businesses around the globe in 2005 Cybercrime now ranks among the FBI’s top priorities behind terrorism & espionage. FireEye, Inc. Proprietary 3
The Crimeware Economy FireEye, Inc. Proprietary 4
Impact of Crimeware Attacks  Bottom line losses 20% of notified  Product/service theft customers have  Intellectual property stolen ended business  PC & bandwidth exploited relationship due to breach  Liability & clean-up  Customer notifications & lawsuits  Data restoration & downtime  Brand erosion & loss of customers FireEye, Inc. Proprietary 5
How Does Targeted Malware Infiltrate? 1 Customized attack Common vectors  Mobile laptop  Employee home machine  3rd party, guest PC  Enterprise desktop FireEye, Inc. Proprietary 6
How Does Targeted Malware Infiltrate? 2 Command & control Customized attack Remote Control Established  Begin probing network  Identify high-value victims  Install additional malware  Steal data & information FireEye, Inc. Proprietary 7
How Does Targeted Malware Infiltrate? 3 Command & control Customized attack Targeted infiltration FireEye, Inc. Proprietary 8
How Does Targeted Malware Infiltrate? 4 Command Keyloggers & control Customized  Password crackers attack  Trojans  Spam/Phishbots FireEye, Inc. Proprietary 9
Traditional Security Barriers Collapsing “Botnet worm infections can occur even when the impacted organization has the very latest antivirus signatures and is automatically pushing out OS and application patches.” US-CERT whitepaper  Crimeware is designed to escape attention  Exploits bypass traditional security, such as  Firewalls – use open ports  Antivirus – be slightly new & different  Anomaly detectors – remain calm & look normal FireEye, Inc. Proprietary 10
Targeted Malware Simply Undetectable by Traditional Security Techniques Vulnerable Vulnerability Signature Software Discovered/ or Patch Released Disclosed Released Window of Exploitability Targeted malware has 2 to 6 year window FireEye, Inc. Proprietary 11
FireEye Network Malware Control System Fire  Stops botnet & malware infiltration others do not  Ensures only compliant PCs gain network access  Continuous network traffic analysis  Automatic prevention & enforcement FireEye, Inc. Proprietary 12
What is Network Malware Control? Ensure On-connect network access controls ensures only Compliance compliant machines gain network access Continuous Continuous analysis of network activities for botnet Analysis transmissions & infection attempts Automatic Automatically filter out malicious packets, botnet Enforcement transmissions, and block infected machines FireEye, Inc. Proprietary 13
Ensure Compliant Network Access Network access controls - Limit network access to machines with updated AV signatures & OS patches Remote & LAN users Wireless users WAN/VPN Internet Wireless FireEye, Inc. Proprietary 14
Continuous Analysis using the FireEye Attack Confirmation Technology (FACT) An infinite supply of virtual victim machines analyzes network traffic flows for targeted attacks Mirrored network traffic flows FireEye, Inc. Proprietary 15
Automated Prevention & Enforcement Mobility controllers MAC exclusion, VLAN re- assignment to block infected machines from network et Switches ern Close off / restrict network Int access to infected machines to protect customer data and company resources Packet filtering Productive traffic can continue to flow, but malicious traffic is blocked FireEye, Inc. Proprietary 16
Typical FireEye Deployments Eliminate Network Borne Crimeware from Wireless Users Eliminate Network Borne Crimeware From Remote Branch Offices and Stores WAN Data Center Protect Data Center Windows Eliminate Crimeware Servers from Crimeware From Infiltrating from Internet Backbone Internet FireEye, Inc. Proprietary 17
The FireEye Ecosystem Active collaboration with law enforcement, industry, & security researchers to root out crimeware  Law enforcement & Military  Research institutions  Industry participants  Enterprise customers  Internet Service Providers FireEye, Inc. Proprietary 18
About FireEye, Inc. Dedicated to eradicating malware from the world’s networks  Based in Menlo Park, CA  Led by an experienced team from Sun, Cisco, Aruba, Symantec, Check Point, & McAfee  Online at www.fireeye.com FireEye, Inc. Proprietary 19
www.fireeye.com FireEye, Inc. Proprietary 20

Recommandé

Modern Lessons in Security Monitoring
Modern Lessons in Security MonitoringModern Lessons in Security Monitoring
Modern Lessons in Security MonitoringAnton Goncharov
 
Pawaa OCC Presentation
Pawaa OCC PresentationPawaa OCC Presentation
Pawaa OCC PresentationCloudComputing
 
It's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar SantosIt's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar Santossantosomar
 
Vfm security with aruba wireless
Vfm security with aruba wirelessVfm security with aruba wireless
Vfm security with aruba wirelessvfmindia
 
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmėsRainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmėsTEO LT, AB
 
HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010Andris Soroka
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Securityneoma329
 
DSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGADSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGAAndris Soroka
 

Recommandé

Modern Lessons in Security Monitoring
Modern Lessons in Security MonitoringModern Lessons in Security Monitoring
Modern Lessons in Security MonitoringAnton Goncharov
 
Pawaa OCC Presentation
Pawaa OCC PresentationPawaa OCC Presentation
Pawaa OCC PresentationCloudComputing
 
It's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar SantosIt's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar Santossantosomar
 
Vfm security with aruba wireless
Vfm security with aruba wirelessVfm security with aruba wireless
Vfm security with aruba wirelessvfmindia
 
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmėsRainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmėsTEO LT, AB
 
HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010Andris Soroka
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Securityneoma329
 
DSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGADSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGAAndris Soroka
 
BYOD and Your Business
BYOD and Your BusinessBYOD and Your Business
BYOD and Your Businesscherienetclarity
 
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...Positive Hack Days
 
Keeping hackers out of your POS!
Keeping hackers out of your POS!Keeping hackers out of your POS!
Keeping hackers out of your POS!AVG Technologies AU
 
Ngfw overview
Ngfw overviewNgfw overview
Ngfw overviewMotty Ben Atia
 
Symantec Web Security Solutions
Symantec Web Security SolutionsSymantec Web Security Solutions
Symantec Web Security SolutionsSymantec
 
Refense Security Risk Briefing July 2009
Refense Security Risk Briefing July 2009Refense Security Risk Briefing July 2009
Refense Security Risk Briefing July 2009apompliano
 
AGILE SECURITY™ Security for the Real World
AGILE SECURITY™ Security for the Real WorldAGILE SECURITY™ Security for the Real World
AGILE SECURITY™ Security for the Real WorldCisco Russia
 
NAC Solution Taarak
NAC Solution TaarakNAC Solution Taarak
NAC Solution TaarakMohit8780
 
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniIntrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniLoay Elbasyouni
 
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYCYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYjmical
 
Introducing FileLocker, Secure Enterprise File Sharing, Syncing and Collabora...
Introducing FileLocker, Secure Enterprise File Sharing, Syncing and Collabora...Introducing FileLocker, Secure Enterprise File Sharing, Syncing and Collabora...
Introducing FileLocker, Secure Enterprise File Sharing, Syncing and Collabora...brianberlin
 
The New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP IrelandThe New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP IrelandTyler Shields
 
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital ForensicsSurvey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital ForensicsTyler Shields
 
Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012henkpieper
 
Paper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devicesPaper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devicesYOU SHENG CHEN
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...Community Protection Forum
 
Keynote fx try harder 2 be yourself
Keynote fx try harder 2 be yourselfKeynote fx try harder 2 be yourself
Keynote fx try harder 2 be yourselfDefconRussia
 
Requirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabRequirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabSyed Ubaid Ali Jafri
 
Introduction to Mobile Application Security - Techcity 2015 (Vilnius)
Introduction to Mobile Application Security - Techcity 2015 (Vilnius)Introduction to Mobile Application Security - Techcity 2015 (Vilnius)
Introduction to Mobile Application Security - Techcity 2015 (Vilnius)Luca Bongiorni
 
Security A to Z: Glossary of the most important terms
Security A to Z: Glossary of the most important termsSecurity A to Z: Glossary of the most important terms
Security A to Z: Glossary of the most important termsF-Secure Corporation
 
FireEye
FireEyeFireEye
FireEyegigamon
 
Vulnerability in Security Products
Vulnerability in Security ProductsVulnerability in Security Products
Vulnerability in Security ProductsDaveEdwards12
 

Contenu connexe

Tendances

Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...Positive Hack Days
 
Keeping hackers out of your POS!
Keeping hackers out of your POS!Keeping hackers out of your POS!
Keeping hackers out of your POS!AVG Technologies AU
 
Symantec Web Security Solutions
Symantec Web Security SolutionsSymantec Web Security Solutions
Symantec Web Security SolutionsSymantec
 
Refense Security Risk Briefing July 2009
Refense Security Risk Briefing July 2009Refense Security Risk Briefing July 2009
Refense Security Risk Briefing July 2009apompliano
 
AGILE SECURITY™ Security for the Real World
AGILE SECURITY™ Security for the Real WorldAGILE SECURITY™ Security for the Real World
AGILE SECURITY™ Security for the Real WorldCisco Russia
 
NAC Solution Taarak
NAC Solution TaarakNAC Solution Taarak
NAC Solution TaarakMohit8780
 
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniIntrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniLoay Elbasyouni
 
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYCYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYjmical
 
Introducing FileLocker, Secure Enterprise File Sharing, Syncing and Collabora...
Introducing FileLocker, Secure Enterprise File Sharing, Syncing and Collabora...Introducing FileLocker, Secure Enterprise File Sharing, Syncing and Collabora...
Introducing FileLocker, Secure Enterprise File Sharing, Syncing and Collabora...brianberlin
 
The New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP IrelandThe New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP IrelandTyler Shields
 
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital ForensicsSurvey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital ForensicsTyler Shields
 
Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012henkpieper
 
Paper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devicesPaper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devicesYOU SHENG CHEN
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...Community Protection Forum
 
Keynote fx try harder 2 be yourself
Keynote fx try harder 2 be yourselfKeynote fx try harder 2 be yourself
Keynote fx try harder 2 be yourselfDefconRussia
 
Requirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabRequirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabSyed Ubaid Ali Jafri
 
Introduction to Mobile Application Security - Techcity 2015 (Vilnius)
Introduction to Mobile Application Security - Techcity 2015 (Vilnius)Introduction to Mobile Application Security - Techcity 2015 (Vilnius)
Introduction to Mobile Application Security - Techcity 2015 (Vilnius)Luca Bongiorni
 
Security A to Z: Glossary of the most important terms
Security A to Z: Glossary of the most important termsSecurity A to Z: Glossary of the most important terms
Security A to Z: Glossary of the most important termsF-Secure Corporation
 

Tendances (20)

BYOD and Your Business
BYOD and Your BusinessBYOD and Your Business
BYOD and Your Business
 
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Det...
 
Keeping hackers out of your POS!
Keeping hackers out of your POS!Keeping hackers out of your POS!
Keeping hackers out of your POS!
 
Ngfw overview
Ngfw overviewNgfw overview
Ngfw overview
 
Symantec Web Security Solutions
Symantec Web Security SolutionsSymantec Web Security Solutions
Symantec Web Security Solutions
 
Refense Security Risk Briefing July 2009
Refense Security Risk Briefing July 2009Refense Security Risk Briefing July 2009
Refense Security Risk Briefing July 2009
 
AGILE SECURITY™ Security for the Real World
AGILE SECURITY™ Security for the Real WorldAGILE SECURITY™ Security for the Real World
AGILE SECURITY™ Security for the Real World
 
NAC Solution Taarak
NAC Solution TaarakNAC Solution Taarak
NAC Solution Taarak
 
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniIntrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouni
 
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYCYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
 
Introducing FileLocker, Secure Enterprise File Sharing, Syncing and Collabora...
Introducing FileLocker, Secure Enterprise File Sharing, Syncing and Collabora...Introducing FileLocker, Secure Enterprise File Sharing, Syncing and Collabora...
Introducing FileLocker, Secure Enterprise File Sharing, Syncing and Collabora...
 
The New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP IrelandThe New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP Ireland
 
Survey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital ForensicsSurvey of Rootkit Technologies and Their Impact on Digital Forensics
Survey of Rootkit Technologies and Their Impact on Digital Forensics
 
Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012
 
Paper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devicesPaper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devices
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
 
Keynote fx try harder 2 be yourself
Keynote fx try harder 2 be yourselfKeynote fx try harder 2 be yourself
Keynote fx try harder 2 be yourself
 
Requirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabRequirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing Lab
 
Introduction to Mobile Application Security - Techcity 2015 (Vilnius)
Introduction to Mobile Application Security - Techcity 2015 (Vilnius)Introduction to Mobile Application Security - Techcity 2015 (Vilnius)
Introduction to Mobile Application Security - Techcity 2015 (Vilnius)
 
Security A to Z: Glossary of the most important terms
Security A to Z: Glossary of the most important termsSecurity A to Z: Glossary of the most important terms
Security A to Z: Glossary of the most important terms
 

Similaire à Gigamon U - Eye Of The Fire, Network Malware Control System

Vulnerability in Security Products
Vulnerability in Security ProductsVulnerability in Security Products
Vulnerability in Security ProductsDaveEdwards12
 
8 Threats Your Anti-Virus Won't Stop
8 Threats Your Anti-Virus Won't Stop8 Threats Your Anti-Virus Won't Stop
8 Threats Your Anti-Virus Won't StopSophos
 
F5's IP Intelligence Service
F5's IP Intelligence ServiceF5's IP Intelligence Service
F5's IP Intelligence ServiceF5 Networks
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012Symantec
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec
 
Real-Time Protection From Every Malware Infection
Real-Time Protection From Every Malware InfectionReal-Time Protection From Every Malware Infection
Real-Time Protection From Every Malware InfectionWebroot
 
MBM's InterGuard Security Suite
MBM's InterGuard Security SuiteMBM's InterGuard Security Suite
MBM's InterGuard Security SuiteCharles McNeil
 
Spiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionSpiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionShane Rice
 
Crack the Code
Crack the CodeCrack the Code
Crack the CodeInnoTech
 
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceDSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceAndris Soroka
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksTripwire
 
Security Lifecycle Management Process
Security Lifecycle Management ProcessSecurity Lifecycle Management Process
Security Lifecycle Management ProcessBill Ross
 
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network SecurityHarish Chaudhary
 
13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...
13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...
13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...Aditya K Sood
 
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation ThreatsWeaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation ThreatsLumension
 
NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012Nicolai Henriksen
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityLumension
 

Similaire à Gigamon U - Eye Of The Fire, Network Malware Control System (20)

FireEye
FireEyeFireEye
FireEye
 
Vulnerability in Security Products
Vulnerability in Security ProductsVulnerability in Security Products
Vulnerability in Security Products
 
8 Threats Your Anti-Virus Won't Stop
8 Threats Your Anti-Virus Won't Stop8 Threats Your Anti-Virus Won't Stop
8 Threats Your Anti-Virus Won't Stop
 
Mobile Security
Mobile Security Mobile Security
Mobile Security
 
Mobile Security
Mobile Security Mobile Security
Mobile Security
 
F5's IP Intelligence Service
F5's IP Intelligence ServiceF5's IP Intelligence Service
F5's IP Intelligence Service
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
 
Real-Time Protection From Every Malware Infection
Real-Time Protection From Every Malware InfectionReal-Time Protection From Every Malware Infection
Real-Time Protection From Every Malware Infection
 
MBM's InterGuard Security Suite
MBM's InterGuard Security SuiteMBM's InterGuard Security Suite
MBM's InterGuard Security Suite
 
Spiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionSpiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout session
 
Crack the Code
Crack the CodeCrack the Code
Crack the Code
 
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems IntelligenceDSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
DSS ITSEC Conference 2012 - SIEM Q1 Labs IBM Security Systems Intelligence
 
Mitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security AttacksMitigating Risk from Cyber Security Attacks
Mitigating Risk from Cyber Security Attacks
 
Security Lifecycle Management Process
Security Lifecycle Management ProcessSecurity Lifecycle Management Process
Security Lifecycle Management Process
 
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
 
13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...
13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...
13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...
 
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation ThreatsWeaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
 
NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day Reality
 

Plus de Grant Swanson

Gigamon Ensures Privacy of Data in Multi-tenant Network and Enables Near Real...
Gigamon Ensures Privacy of Data in Multi-tenant Network and Enables Near Real...Gigamon Ensures Privacy of Data in Multi-tenant Network and Enables Near Real...
Gigamon Ensures Privacy of Data in Multi-tenant Network and Enables Near Real...Grant Swanson
 
Gigamon Enables Cost-effective Monitoring Solution for Large Diversified Company
Gigamon Enables Cost-effective Monitoring Solution for Large Diversified CompanyGigamon Enables Cost-effective Monitoring Solution for Large Diversified Company
Gigamon Enables Cost-effective Monitoring Solution for Large Diversified CompanyGrant Swanson
 
Gigamon U - Network Rules, Distributed Network Analysis Architecture
Gigamon U - Network Rules, Distributed Network Analysis ArchitectureGigamon U - Network Rules, Distributed Network Analysis Architecture
Gigamon U - Network Rules, Distributed Network Analysis ArchitectureGrant Swanson
 
Gigamon U - Net Scouts Honor, Integrated Performance Monitoring & Forensic An...
Gigamon U - Net Scouts Honor, Integrated Performance Monitoring & Forensic An...Gigamon U - Net Scouts Honor, Integrated Performance Monitoring & Forensic An...
Gigamon U - Net Scouts Honor, Integrated Performance Monitoring & Forensic An...Grant Swanson
 
Gigamon U - Web Performance Monitoring
Gigamon U - Web Performance MonitoringGigamon U - Web Performance Monitoring
Gigamon U - Web Performance MonitoringGrant Swanson
 
Gigamon U - Packets Gone Wild
Gigamon U - Packets Gone WildGigamon U - Packets Gone Wild
Gigamon U - Packets Gone WildGrant Swanson
 
Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...
Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...
Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...Grant Swanson
 
Gigamon U - Missing Link TAP Technology
Gigamon U - Missing Link TAP TechnologyGigamon U - Missing Link TAP Technology
Gigamon U - Missing Link TAP TechnologyGrant Swanson
 
Gigamon U - You Will See, Content Monitoring, Alerting, and Forensic Analysis
Gigamon U - You Will See, Content Monitoring, Alerting, and Forensic AnalysisGigamon U - You Will See, Content Monitoring, Alerting, and Forensic Analysis
Gigamon U - You Will See, Content Monitoring, Alerting, and Forensic AnalysisGrant Swanson
 
Gigamon U - Its Not The Network
Gigamon U - Its Not The NetworkGigamon U - Its Not The Network
Gigamon U - Its Not The NetworkGrant Swanson
 
GigamonU - Solera Blend Riches, Packet Record and Playback Appliances
GigamonU - Solera Blend Riches, Packet Record and Playback AppliancesGigamonU - Solera Blend Riches, Packet Record and Playback Appliances
GigamonU - Solera Blend Riches, Packet Record and Playback AppliancesGrant Swanson
 
Data Access Network for Monitoring and Troubleshooting
Data Access Network for Monitoring and TroubleshootingData Access Network for Monitoring and Troubleshooting
Data Access Network for Monitoring and TroubleshootingGrant Swanson
 

Plus de Grant Swanson (12)

Gigamon Ensures Privacy of Data in Multi-tenant Network and Enables Near Real...
Gigamon Ensures Privacy of Data in Multi-tenant Network and Enables Near Real...Gigamon Ensures Privacy of Data in Multi-tenant Network and Enables Near Real...
Gigamon Ensures Privacy of Data in Multi-tenant Network and Enables Near Real...
 
Gigamon Enables Cost-effective Monitoring Solution for Large Diversified Company
Gigamon Enables Cost-effective Monitoring Solution for Large Diversified CompanyGigamon Enables Cost-effective Monitoring Solution for Large Diversified Company
Gigamon Enables Cost-effective Monitoring Solution for Large Diversified Company
 
Gigamon U - Network Rules, Distributed Network Analysis Architecture
Gigamon U - Network Rules, Distributed Network Analysis ArchitectureGigamon U - Network Rules, Distributed Network Analysis Architecture
Gigamon U - Network Rules, Distributed Network Analysis Architecture
 
Gigamon U - Net Scouts Honor, Integrated Performance Monitoring & Forensic An...
Gigamon U - Net Scouts Honor, Integrated Performance Monitoring & Forensic An...Gigamon U - Net Scouts Honor, Integrated Performance Monitoring & Forensic An...
Gigamon U - Net Scouts Honor, Integrated Performance Monitoring & Forensic An...
 
Gigamon U - Web Performance Monitoring
Gigamon U - Web Performance MonitoringGigamon U - Web Performance Monitoring
Gigamon U - Web Performance Monitoring
 
Gigamon U - Packets Gone Wild
Gigamon U - Packets Gone WildGigamon U - Packets Gone Wild
Gigamon U - Packets Gone Wild
 
Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...
Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...
Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...
 
Gigamon U - Missing Link TAP Technology
Gigamon U - Missing Link TAP TechnologyGigamon U - Missing Link TAP Technology
Gigamon U - Missing Link TAP Technology
 
Gigamon U - You Will See, Content Monitoring, Alerting, and Forensic Analysis
Gigamon U - You Will See, Content Monitoring, Alerting, and Forensic AnalysisGigamon U - You Will See, Content Monitoring, Alerting, and Forensic Analysis
Gigamon U - You Will See, Content Monitoring, Alerting, and Forensic Analysis
 
Gigamon U - Its Not The Network
Gigamon U - Its Not The NetworkGigamon U - Its Not The Network
Gigamon U - Its Not The Network
 
GigamonU - Solera Blend Riches, Packet Record and Playback Appliances
GigamonU - Solera Blend Riches, Packet Record and Playback AppliancesGigamonU - Solera Blend Riches, Packet Record and Playback Appliances
GigamonU - Solera Blend Riches, Packet Record and Playback Appliances
 
Data Access Network for Monitoring and Troubleshooting
Data Access Network for Monitoring and TroubleshootingData Access Network for Monitoring and Troubleshooting
Data Access Network for Monitoring and Troubleshooting
 

Dernier

Economic Risk Factor Update: April 2024 [SlideShare]
Economic Risk Factor Update: April 2024 [SlideShare]Economic Risk Factor Update: April 2024 [SlideShare]
Economic Risk Factor Update: April 2024 [SlideShare]Commonwealth
 
Financial analysis on Risk and Return.ppt
Financial analysis on Risk and Return.pptFinancial analysis on Risk and Return.ppt
Financial analysis on Risk and Return.ppttadegebreyesus
 
Liquidity Decisions in Financial management
Liquidity Decisions in Financial managementLiquidity Decisions in Financial management
Liquidity Decisions in Financial managementshrutisingh143670
 
Uae-NO1 Kala Jadu specialist Expert in Pakistan kala ilam specialist Expert i...
Uae-NO1 Kala Jadu specialist Expert in Pakistan kala ilam specialist Expert i...Uae-NO1 Kala Jadu specialist Expert in Pakistan kala ilam specialist Expert i...
Uae-NO1 Kala Jadu specialist Expert in Pakistan kala ilam specialist Expert i...Amil baba
 
PMFBY , Pradhan Mantri Fasal bima yojna
PMFBY , Pradhan Mantri Fasal bima yojnaPMFBY , Pradhan Mantri Fasal bima yojna
PMFBY , Pradhan Mantri Fasal bima yojnaDharmendra Kumar
 
NO1 Certified Amil Baba In Lahore Kala Jadu In Lahore Best Amil In Lahore Ami...
NO1 Certified Amil Baba In Lahore Kala Jadu In Lahore Best Amil In Lahore Ami...NO1 Certified Amil Baba In Lahore Kala Jadu In Lahore Best Amil In Lahore Ami...
NO1 Certified Amil Baba In Lahore Kala Jadu In Lahore Best Amil In Lahore Ami...Amil baba
 
『澳洲文凭』买科廷大学毕业证书成绩单办理澳洲Curtin文凭学位证书
『澳洲文凭』买科廷大学毕业证书成绩单办理澳洲Curtin文凭学位证书『澳洲文凭』买科廷大学毕业证书成绩单办理澳洲Curtin文凭学位证书
『澳洲文凭』买科廷大学毕业证书成绩单办理澳洲Curtin文凭学位证书rnrncn29
 
Kempen ' UK DB Endgame Paper Apr 24 final3.pdf
Kempen ' UK DB Endgame Paper Apr 24 final3.pdfKempen ' UK DB Endgame Paper Apr 24 final3.pdf
Kempen ' UK DB Endgame Paper Apr 24 final3.pdfHenry Tapper
 
cost of capital questions financial management
cost of capital questions financial managementcost of capital questions financial management
cost of capital questions financial managementtanmayarora23
 
Banking: Commercial and Central Banking.pptx
Banking: Commercial and Central Banking.pptxBanking: Commercial and Central Banking.pptx
Banking: Commercial and Central Banking.pptxANTHONYAKINYOSOYE1
 
Unit 4.1 financial markets operations .pdf
Unit 4.1 financial markets operations .pdfUnit 4.1 financial markets operations .pdf
Unit 4.1 financial markets operations .pdfSatyamSinghParihar2
 
The Inspirational Story of Julio Herrera Velutini - Global Finance Leader
The Inspirational Story of Julio Herrera Velutini - Global Finance LeaderThe Inspirational Story of Julio Herrera Velutini - Global Finance Leader
The Inspirational Story of Julio Herrera Velutini - Global Finance LeaderArianna Varetto
 
《加拿大本地办假证-寻找办理Dalhousie毕业证和达尔豪斯大学毕业证书的中介代理》
《加拿大本地办假证-寻找办理Dalhousie毕业证和达尔豪斯大学毕业证书的中介代理》《加拿大本地办假证-寻找办理Dalhousie毕业证和达尔豪斯大学毕业证书的中介代理》
《加拿大本地办假证-寻找办理Dalhousie毕业证和达尔豪斯大学毕业证书的中介代理》rnrncn29
 
The AES Investment Code - the go-to counsel for the most well-informed, wise...
The AES Investment Code - the go-to counsel for the most well-informed, wise...The AES Investment Code - the go-to counsel for the most well-informed, wise...
The AES Investment Code - the go-to counsel for the most well-informed, wise...AES International
 
Money Forward Integrated Report “Forward Map” 2024
Money Forward Integrated Report “Forward Map” 2024Money Forward Integrated Report “Forward Map” 2024
Money Forward Integrated Report “Forward Map” 2024Money Forward
 
AnyConv.com__FSS Advance Retail & Distribution - 15.06.17.ppt
AnyConv.com__FSS Advance Retail & Distribution - 15.06.17.pptAnyConv.com__FSS Advance Retail & Distribution - 15.06.17.ppt
AnyConv.com__FSS Advance Retail & Distribution - 15.06.17.pptPriyankaSharma89719
 
Guard Your Investments- Corporate Defaults Alarm.pdf
Guard Your Investments- Corporate Defaults Alarm.pdfGuard Your Investments- Corporate Defaults Alarm.pdf
Guard Your Investments- Corporate Defaults Alarm.pdfJasper Colin
 
Overview of Inkel Unlisted Shares Price.
Overview of Inkel Unlisted Shares Price.Overview of Inkel Unlisted Shares Price.
Overview of Inkel Unlisted Shares Price.Precize Formely Leadoff
 
Stock Market Brief Deck FOR 4/17 video.pdf
Stock Market Brief Deck FOR 4/17 video.pdfStock Market Brief Deck FOR 4/17 video.pdf
Stock Market Brief Deck FOR 4/17 video.pdfMichael Silva
 

Dernier (20)

Economic Risk Factor Update: April 2024 [SlideShare]
Economic Risk Factor Update: April 2024 [SlideShare]Economic Risk Factor Update: April 2024 [SlideShare]
Economic Risk Factor Update: April 2024 [SlideShare]
 
Financial analysis on Risk and Return.ppt
Financial analysis on Risk and Return.pptFinancial analysis on Risk and Return.ppt
Financial analysis on Risk and Return.ppt
 
Liquidity Decisions in Financial management
Liquidity Decisions in Financial managementLiquidity Decisions in Financial management
Liquidity Decisions in Financial management
 
Uae-NO1 Kala Jadu specialist Expert in Pakistan kala ilam specialist Expert i...
Uae-NO1 Kala Jadu specialist Expert in Pakistan kala ilam specialist Expert i...Uae-NO1 Kala Jadu specialist Expert in Pakistan kala ilam specialist Expert i...
Uae-NO1 Kala Jadu specialist Expert in Pakistan kala ilam specialist Expert i...
 
PMFBY , Pradhan Mantri Fasal bima yojna
PMFBY , Pradhan Mantri Fasal bima yojnaPMFBY , Pradhan Mantri Fasal bima yojna
PMFBY , Pradhan Mantri Fasal bima yojna
 
NO1 Certified Amil Baba In Lahore Kala Jadu In Lahore Best Amil In Lahore Ami...
NO1 Certified Amil Baba In Lahore Kala Jadu In Lahore Best Amil In Lahore Ami...NO1 Certified Amil Baba In Lahore Kala Jadu In Lahore Best Amil In Lahore Ami...
NO1 Certified Amil Baba In Lahore Kala Jadu In Lahore Best Amil In Lahore Ami...
 
『澳洲文凭』买科廷大学毕业证书成绩单办理澳洲Curtin文凭学位证书
『澳洲文凭』买科廷大学毕业证书成绩单办理澳洲Curtin文凭学位证书『澳洲文凭』买科廷大学毕业证书成绩单办理澳洲Curtin文凭学位证书
『澳洲文凭』买科廷大学毕业证书成绩单办理澳洲Curtin文凭学位证书
 
Kempen ' UK DB Endgame Paper Apr 24 final3.pdf
Kempen ' UK DB Endgame Paper Apr 24 final3.pdfKempen ' UK DB Endgame Paper Apr 24 final3.pdf
Kempen ' UK DB Endgame Paper Apr 24 final3.pdf
 
cost of capital questions financial management
cost of capital questions financial managementcost of capital questions financial management
cost of capital questions financial management
 
Banking: Commercial and Central Banking.pptx
Banking: Commercial and Central Banking.pptxBanking: Commercial and Central Banking.pptx
Banking: Commercial and Central Banking.pptx
 
Unit 4.1 financial markets operations .pdf
Unit 4.1 financial markets operations .pdfUnit 4.1 financial markets operations .pdf
Unit 4.1 financial markets operations .pdf
 
The Inspirational Story of Julio Herrera Velutini - Global Finance Leader
The Inspirational Story of Julio Herrera Velutini - Global Finance LeaderThe Inspirational Story of Julio Herrera Velutini - Global Finance Leader
The Inspirational Story of Julio Herrera Velutini - Global Finance Leader
 
《加拿大本地办假证-寻找办理Dalhousie毕业证和达尔豪斯大学毕业证书的中介代理》
《加拿大本地办假证-寻找办理Dalhousie毕业证和达尔豪斯大学毕业证书的中介代理》《加拿大本地办假证-寻找办理Dalhousie毕业证和达尔豪斯大学毕业证书的中介代理》
《加拿大本地办假证-寻找办理Dalhousie毕业证和达尔豪斯大学毕业证书的中介代理》
 
Q1 2024 Newsletter | Financial Synergies Wealth Advisors
Q1 2024 Newsletter | Financial Synergies Wealth AdvisorsQ1 2024 Newsletter | Financial Synergies Wealth Advisors
Q1 2024 Newsletter | Financial Synergies Wealth Advisors
 
The AES Investment Code - the go-to counsel for the most well-informed, wise...
The AES Investment Code - the go-to counsel for the most well-informed, wise...The AES Investment Code - the go-to counsel for the most well-informed, wise...
The AES Investment Code - the go-to counsel for the most well-informed, wise...
 
Money Forward Integrated Report “Forward Map” 2024
Money Forward Integrated Report “Forward Map” 2024Money Forward Integrated Report “Forward Map” 2024
Money Forward Integrated Report “Forward Map” 2024
 
AnyConv.com__FSS Advance Retail & Distribution - 15.06.17.ppt
AnyConv.com__FSS Advance Retail & Distribution - 15.06.17.pptAnyConv.com__FSS Advance Retail & Distribution - 15.06.17.ppt
AnyConv.com__FSS Advance Retail & Distribution - 15.06.17.ppt
 
Guard Your Investments- Corporate Defaults Alarm.pdf
Guard Your Investments- Corporate Defaults Alarm.pdfGuard Your Investments- Corporate Defaults Alarm.pdf
Guard Your Investments- Corporate Defaults Alarm.pdf
 
Overview of Inkel Unlisted Shares Price.
Overview of Inkel Unlisted Shares Price.Overview of Inkel Unlisted Shares Price.
Overview of Inkel Unlisted Shares Price.
 
Stock Market Brief Deck FOR 4/17 video.pdf
Stock Market Brief Deck FOR 4/17 video.pdfStock Market Brief Deck FOR 4/17 video.pdf
Stock Market Brief Deck FOR 4/17 video.pdf
 

Gigamon U - Eye Of The Fire, Network Malware Control System

  • 1. FireEye Network Malware Control System Chad Harrington VP of Marketing FireEye, Inc. Proprietary
  • 2. Overview Crimeware’s rise to prominence Traditional security barriers collapsing FireEye Network Malware Control System FireEye, Inc. Proprietary 2
  • 3. Understanding Crimeware  Targeted malware for profit  Funded by criminal orgs & online markets  Allows remote control by external parties Computer-based crimes caused $14.2 billion in damages to businesses around the globe in 2005 Cybercrime now ranks among the FBI’s top priorities behind terrorism & espionage. FireEye, Inc. Proprietary 3
  • 4. The Crimeware Economy FireEye, Inc. Proprietary 4
  • 5. Impact of Crimeware Attacks  Bottom line losses 20% of notified  Product/service theft customers have  Intellectual property stolen ended business  PC & bandwidth exploited relationship due to breach  Liability & clean-up  Customer notifications & lawsuits  Data restoration & downtime  Brand erosion & loss of customers FireEye, Inc. Proprietary 5
  • 6. How Does Targeted Malware Infiltrate? 1 Customized attack Common vectors  Mobile laptop  Employee home machine  3rd party, guest PC  Enterprise desktop FireEye, Inc. Proprietary 6
  • 7. How Does Targeted Malware Infiltrate? 2 Command & control Customized attack Remote Control Established  Begin probing network  Identify high-value victims  Install additional malware  Steal data & information FireEye, Inc. Proprietary 7
  • 8. How Does Targeted Malware Infiltrate? 3 Command & control Customized attack Targeted infiltration FireEye, Inc. Proprietary 8
  • 9. How Does Targeted Malware Infiltrate? 4 Command Keyloggers & control Customized  Password crackers attack  Trojans  Spam/Phishbots FireEye, Inc. Proprietary 9
  • 10. Traditional Security Barriers Collapsing “Botnet worm infections can occur even when the impacted organization has the very latest antivirus signatures and is automatically pushing out OS and application patches.” US-CERT whitepaper  Crimeware is designed to escape attention  Exploits bypass traditional security, such as  Firewalls – use open ports  Antivirus – be slightly new & different  Anomaly detectors – remain calm & look normal FireEye, Inc. Proprietary 10
  • 11. Targeted Malware Simply Undetectable by Traditional Security Techniques Vulnerable Vulnerability Signature Software Discovered/ or Patch Released Disclosed Released Window of Exploitability Targeted malware has 2 to 6 year window FireEye, Inc. Proprietary 11
  • 12. FireEye Network Malware Control System Fire  Stops botnet & malware infiltration others do not  Ensures only compliant PCs gain network access  Continuous network traffic analysis  Automatic prevention & enforcement FireEye, Inc. Proprietary 12
  • 13. What is Network Malware Control? Ensure On-connect network access controls ensures only Compliance compliant machines gain network access Continuous Continuous analysis of network activities for botnet Analysis transmissions & infection attempts Automatic Automatically filter out malicious packets, botnet Enforcement transmissions, and block infected machines FireEye, Inc. Proprietary 13
  • 14. Ensure Compliant Network Access Network access controls - Limit network access to machines with updated AV signatures & OS patches Remote & LAN users Wireless users WAN/VPN Internet Wireless FireEye, Inc. Proprietary 14
  • 15. Continuous Analysis using the FireEye Attack Confirmation Technology (FACT) An infinite supply of virtual victim machines analyzes network traffic flows for targeted attacks Mirrored network traffic flows FireEye, Inc. Proprietary 15
  • 16. Automated Prevention & Enforcement Mobility controllers MAC exclusion, VLAN re- assignment to block infected machines from network et Switches ern Close off / restrict network Int access to infected machines to protect customer data and company resources Packet filtering Productive traffic can continue to flow, but malicious traffic is blocked FireEye, Inc. Proprietary 16
  • 17. Typical FireEye Deployments Eliminate Network Borne Crimeware from Wireless Users Eliminate Network Borne Crimeware From Remote Branch Offices and Stores WAN Data Center Protect Data Center Windows Eliminate Crimeware Servers from Crimeware From Infiltrating from Internet Backbone Internet FireEye, Inc. Proprietary 17
  • 18. The FireEye Ecosystem Active collaboration with law enforcement, industry, & security researchers to root out crimeware  Law enforcement & Military  Research institutions  Industry participants  Enterprise customers  Internet Service Providers FireEye, Inc. Proprietary 18
  • 19. About FireEye, Inc. Dedicated to eradicating malware from the world’s networks  Based in Menlo Park, CA  Led by an experienced team from Sun, Cisco, Aruba, Symantec, Check Point, & McAfee  Online at www.fireeye.com FireEye, Inc. Proprietary 19