WIXLIB

FIREEYE NETWORKSECURITY ESSENTIALSEFFECTIVE PROTECTION AGAINST CYBER BREACHESFOR SMALL TO MIDSIZE ORGANIZATIONSHIGHLIGHTS Detects advanced, targeted andother evasive attacks with thepatented, signature-less MVX engineand rule-based IDA engines.NX 4400 (not pictured: NX 1500, NX 2500, NX 4420, NX 7500)OV E R V I E WFireEye Network Security Essentials is a cost-effective cyber threat protection solutionthat helps small to midsize organizations minimize the risk of costly breaches byaccurately detecting and immediately stopping advanced, targeted and other evasiveattacks hiding in Internet traffic. At the core of FireEye Network Security Essentialsare the Multi-Vector Virtual Execution (MVX) and Intelligence-Driven Analysis(IDA) technologies. MVX is a signature-less, dynamic engine that inspects suspiciousnetwork traffic to identify attacks that evade traditional signature- and policy-baseddefenses. IDA is a collection of contextual, rule-based engines that detect and blockmalicious activity based on the latest machine-, attacker- and victim- intelligence.FireEye Network Security Essentials is available in a variety of form factor,deployment and performance options. It is typically placed in the path ofInternet traffic behind traditional network security appliances such as nextgeneration firewalls, IPS and secure web gateways (SWG). FireEye NetworkSecurity Essentials supplements these solutions by rapidly detecting bothknown and unknown attacks with high accuracy and a low rate of false alerts.Network Security Essentials gives small to midsize organizations the abilityto deploy advanced threat defenses and stop attacks with real-time protection.A high degree of automation enables organizations to simplify deployment andday-to-day management.Accurate Threat DetectionNetwork Security Essentials uses the signature-less MVX engine to execute suspiciousbinaries and web objects against a range of browsers, plug-ins, applications andoperating environments that track vulnerability exploitation, memory corruption andother malicious actions. The MVX engine automatically detects known and neverbefore-seen exploits and malware introduced into heterogeneous networks withmany types of endpoints. As an attack plays out, the rule-based IDA engines capturecallback channels, dynamically creates blocking rules and shares information aboutthe attack with other nodes connected to Network Security Essentials through theFireEye Dynamic Threat Intelligence (DTI) cloud. This shared information enablesproactive sharing and blocking of unknown attacks.DATA S H E E T Identifies common and knownattacks with traditional, signaturebased IPS technology andintelligence-based detection. Disrupts attacks in real time within-line blocking at up to 2 Gbpsthroughput for up to 20,000 users. Improves operational effectivenesswith a low, false-positive rate andalert categorization. Simplifies management withlow-touch deployment and ahigh degree of automation. Provides deployment flexibility withan all-in-one hardware appliance orFireEye-hosted Cloud MVX option. Reduces total cost of ownership(TCO) with affordable pricing andoperational cost savings.

DTI disseminates the latest front-line intelligence gatheredfrom incident-response activities conducted by Mandiant, aFireEye company and iSIGHT threat intelligence analysts toFireEye Network Security Essentials.IPS alert validation and riskware categorization enablessecurity teams to focus on genuine threats and remediation,minimizing business risk and operational overhead.Immediate ProtectionFireEye Network Security Essentials offers flexibledeployment and configuration modes including: out-of-bandvia a TAP/SPAN, inline monitoring or inline active blocking.It can be configured to work inline at Internet egress pointsto automatically block inbound exploits and malware andoutbound multi-protocol callbacks. In inline monitoringmode, alerts are generated and organizations decide how torespond to them. In out-of-band prevention mode, FireEyeNetwork Security Essentials issues TCP resets for out-ofband blocking of TCP, UDP or HTTP connections.Defense Against Known and Unknown AttacksBy consolidating advanced threat prevention for advanced,targeted and other evasive attacks with conventional IPStechnology for known attacks, FireEye Network SecurityEssentials provides comprehensive protection against alltypes of known and unknown threats. The combinationof signature-less protection provided by the MVX enginewith the signature-based protection of traditional IPStechnology simplifies management, improves operationalefficiency and enables regulatory or policy compliance foradvanced threat defense.Automated Alert ValidationFireEye Network Security Essentials automates validationof IPS alerts, minimizing the manual evaluation needed tofilter false positives.Indicators that trigger IPS alerts are automatically passedto the MVX engine for replay and analysis. Alerts that proveto be malicious are highlighted. This validation processreduces false alerts and drives down operating costs byprioritizing true alerts hidden among the high volume offalse and duplicate IPS alerts.FireEye Network Security Essentials also categorizes riskware,a family of undesirable objects such as adware and spywarethat doesn’t necessarily lead to a breach. Together, FireEyeCentral SiteRemote siteFlexible Deployment OptionsNetwork Security Essentials is available as an all-in-onehardware appliance with integrated MVX and IDA enginesto secure Internet access points at a single site. It is alsoavailable as one or more distributed Network Smart Nodephysical or virtual appliances that run the IDA engines andare connected to the FireEye Cloud MVX service (Figure 1).The distributed deployment option can be used to secureInternet access points for cloud-friendly organizations.Privacy is protected in a distributed deployment by analyzingtraffic on the Network Smart Node and sending onlysuspicious objects over an encrypted connection to the MVXservice, where objects revealed as benign are discarded.Network Smart Nodes are available both in physical andvirtual form factors. Various deployment and performanceoptions from 10 Mbps to 2 Gbps provide flexibility andrightsize the deployment of FireEye Network SecurityEssentials, aligning security with organizational preferencesand resources.Low Cost and Ease of ManagementFireEye Network Security Essentials is an easy-to-manage,clientless platform that deploys in under 60 minutes. It doesn’trequire rules, policies or tuning. FireEye Network SecurityEssentials offers affordable enterprise-grade advancedthreat protection and a range of operational cost savings.Automated alert noise reduction and a low false-positive ratereduce staffing needs and overall cost of ownership.Awards and CertificationsThe FireEye Network SecurityEssentials product portfoliohas been awarded a number ofindustry and government awardsand certifications including the USDepartment of Homeland SecuritySafety Act certification and islisted as a must-have in the Frost& Sullivan Advanced MalwareSandbox Market Analysis.Network Smart NodePhysical ApplianceFireEye Cloud MVXNetwork Smart NodePhysical ApplianceRemote siteNetwork Smart NodeVirtual ApplianceF I G U R E 1 . D I S T R I B U T E D C L O U D D E P L OY M E N TDATA S H E E T / F I R E E Y E N E T W O R K S E C U R I T Y E S S E N T I A L S2

TA B L E 1 . F I R E E Y E N E T WO R K S E C U R I T Y E S S E N T I A L S S P E C I F I C AT I O N S , I N T E G R AT E D A P P L I A N C E .NX 2500NX 4400/4420NX 7500User Count500 or 1,0001,000 or 2,50010,000OS SupportMicrosoft WindowsMac OS XMicrosoft WindowsMicrosoft Windows Mac OS XPerformance *Up to 50 Mbps or 100 MbpsUp to 100 Mbps or 250 MbpsUp to 1 GbpsNetwork Monitoring Ports4x 10/100/1000 BASE-T Ports (in frontpanel)4400: 4x 10/100/1000 BASE- TPorts4420: 4x 1000BASE-SX Fiber Optic Ports (LCMultimode)4x 10/100/1000BASE- T PortsHigh Availability (HA)Not AvailableNot AvailableNot AvailableNetwork Ports Mode of OperationIn-line Monitor, Fail-Open, Fail- Close orTap/ Span, HW BypassIn-line Monitor, Fail-Open, Fail- Close orTap/ Span, HW BypassIn-line Monitor, Fail-Open, Fail- Close orTap/ Span, HWHigh Availability (HA) Ports (rear panel)Not AvailableNot AvailableNot AvailableManagement Ports (rear panel)2x 10/100/1000BASE- T Ports (in front panel)2x 10/100/1000BASE- T Ports2x 10/100/1000BASE- T PortsIPMI Port (rear panel)IncludedIncludedIncludedFront LCD & KeypadNot AvailableIncludedIncludedPS/2 Keyboard and Mouse, DB15 VGAPorts (rear panel)Not AvailableIncludedIncluded (no PS/2 Keyboard and Mouse)USB Ports (rear panel)2x Type A USB Ports (front panel)2x Type A USB Ports4x Type A USB PortsSerial Port (rear panel)115,200 bps, NoParity, 8 bits, 1 Stop Bit (RJ45 connectorRJ45-to-Dsub adapter cable is included)115,200 bps, NoParity, 8 Bits, 1 Stop Bit115,200 bps, NoParity, 8 Bits, 1 StopDrive CapacitySingle 1TB 3.5 SATA HDD, internal, fixed2x 600 GB HDD, RAID 1, 2.5 inch, FRU4x 900 GB HDD, RAID 10, 2.5 inch, FRUEnclosure1RU, Fits 19 inch Rack1RU, Fits 19 inch Rack2RU, Fits 19 inch RackChassis Dimension WxDxH17. 2x19.7x1.7(437 x 500 x 43.2mm)17.2 x 27.8 x1.70 (437 x 706 x43.2 mm)17.2 x 28 x3.41 (437 x 711 x86.6mm)DC Power SupplyNot AvailableNot AvailableNot AvailableAC Power SupplySingle 250 watt,90-264 VAC,3.5 - 1.5 A, 50-60 Hz, IEC60320-C14,inlet, Internal, FixedRedundant (1 1)750 watt, 100 - 240 VAC 9 – 4.5A, 50-60Hz IEC60320-C14 inlet, FRURedundant (1 1)750 watt, 100 - 240 VAC 9 – 4.5A, 50-60Hz IEC60320-C14inlet, FRUPower Consumption Maximum (watts)85 watts305 watts479 wattsThermal Dissipation Maximum (BTU/h)290 BTU/h1041 BTU/h1634 BTU/hMTBF (h)56,400 h37,000 h58,900 hDATA S H E E T / F I R E E Y E N E T W O R K S E C U R I T Y E S S E N T I A L S3

TA B L E 1 . F I R E E Y E N E T WO R K S E C U R I T Y E S S E N T I A L S S P E C I F I C AT I O N S , I N T E G R AT E D A P P L I A N C E .NX 2500NX 4400/4420NX 7500Appliance Alone / As Shipped Weightlb. (kg)16.2 lb (7.3 kg) /28.2 lb (2.95 kg)31 lb. (14 kg) /46 lb. (21 kg)43 lb. (19.5 kg) /59 lb. (27kg)Regulatory Compliance SafetyEN 60950-1, 1:2006 A11:2009 A1:2010 A12:2011 A2:2013; IEC 60950-1:2005 Am 1:2009 Am 2:2013IEC 60950 EN60950 CSA60950-00CE MarkingIEC 60950 EN60950 CSA60950-00CE MarkingRegulatory Compliance EMCFCC Part 15 SubPart B Class A; ICES-003Class A; EN55022 Class A; VCCI V-3Class A; EN 55024, EN 61000-3-2 ClassA; EN 61000-3-3; CNS 13438 (2006)Class A; CISPR22Class A; AS/NZS CISPR 22 Class A; KN32; KN 35FCC (Part 15 Class-A),CE (Class-A), CNS, AS/NZS, VCCI (ClassA)FCC (Part 15 Class-A),CE (Class-A), CNS, AS/NZS, VCCI (ClassA)CC NDPP v1.1CC NDPP v1.1Security Certifications–Environmental ComplianceRoHS; REACH; WEEERoHS, REACH, WEEERoHS, REACH, WEEEOperating Temperature0 C to 40 C10 C to 35 CTested from 0 C to 40 C foradditional margin10 C to 35 CTested from 0 C to 40 C foradditional marginNon-Operating Temperature-20 C to 80 C-40 C to 70 C-40 C to 70 COperating Relative Humidity5% - 85% (noncondensing)8% - 90% (noncondensing)8% - 90% (noncondensing)Non-Operating Relative Humidity5% - 95% (noncondensing)5% - 95% (noncondensing)5% - 95% (noncondensing)Operating Altitude5,000 ft5,000 ft5,000 ftTA B L E 2 . F I R E E Y E N E T WO R K S E C U R I T Y E S S E N T I A L S I P S S P E C I F I C AT I O N S , I N T E G R AT E D A P P L I A N C E .NX 2500NX 4400/4420NX 7500Max IPS PerformanceUp to 50 Mbps or 100 MbpsUp to 100 Mbps or 250 Mbps1 GbpsMax Concurrent Connections15K or 80K80K500KNew ConnectionsPer Second750/Sec or 4K/Sec4K/Sec10K/SecDATA S H E E T / F I R E E Y E N E T W O R K S E C U R I T Y E S S E N T I A L S4