Gigamon U - Eye Of The Fire, Network Malware Control System

33 %
67 %
Information about Gigamon U - Eye Of The Fire, Network Malware Control System

Published on June 6, 2008

Author: gigamonster



FireEye, Inc. is the leader in network malware control, dedicated to eradicating malware from the world's networks. FireEye provides the world's only malware control system designed to secure networks from targeted malware. Our solutions bring advanced network security together with state-of-the-art virtualization technology to combat crimeware and protect customer data, intellectual property and company resources, solving critical business needs without taxing your IT administration. FireEye is based in Menlo Park, CA and backed by Sequoia Capital & Norwest Venture Partners.

FireEye Network Malware Control System Chad Harrington VP of Marketing FireEye, Inc. Proprietary

Overview Crimeware’s rise to prominence Traditional security barriers collapsing FireEye Network Malware Control System FireEye, Inc. Proprietary 2

Understanding Crimeware  Targeted malware for profit  Funded by criminal orgs & online markets  Allows remote control by external parties Computer-based crimes caused $14.2 billion in damages to businesses around the globe in 2005 Cybercrime now ranks among the FBI’s top priorities behind terrorism & espionage. FireEye, Inc. Proprietary 3

The Crimeware Economy FireEye, Inc. Proprietary 4

Impact of Crimeware Attacks  Bottom line losses 20% of notified  Product/service theft customers have  Intellectual property stolen ended business  PC & bandwidth exploited relationship due to breach  Liability & clean-up  Customer notifications & lawsuits  Data restoration & downtime  Brand erosion & loss of customers FireEye, Inc. Proprietary 5

How Does Targeted Malware Infiltrate? 1 Customized attack Common vectors  Mobile laptop  Employee home machine  3rd party, guest PC  Enterprise desktop FireEye, Inc. Proprietary 6

How Does Targeted Malware Infiltrate? 2 Command & control Customized attack Remote Control Established  Begin probing network  Identify high-value victims  Install additional malware  Steal data & information FireEye, Inc. Proprietary 7

How Does Targeted Malware Infiltrate? 3 Command & control Customized attack Targeted infiltration FireEye, Inc. Proprietary 8

How Does Targeted Malware Infiltrate? 4 Command Keyloggers & control Customized  Password crackers attack  Trojans  Spam/Phishbots FireEye, Inc. Proprietary 9

Traditional Security Barriers Collapsing “Botnet worm infections can occur even when the impacted organization has the very latest antivirus signatures and is automatically pushing out OS and application patches.” US-CERT whitepaper  Crimeware is designed to escape attention  Exploits bypass traditional security, such as  Firewalls – use open ports  Antivirus – be slightly new & different  Anomaly detectors – remain calm & look normal FireEye, Inc. Proprietary 10

Targeted Malware Simply Undetectable by Traditional Security Techniques Vulnerable Vulnerability Signature Software Discovered/ or Patch Released Disclosed Released Window of Exploitability Targeted malware has 2 to 6 year window FireEye, Inc. Proprietary 11

FireEye Network Malware Control System Fire  Stops botnet & malware infiltration others do not  Ensures only compliant PCs gain network access  Continuous network traffic analysis  Automatic prevention & enforcement FireEye, Inc. Proprietary 12

What is Network Malware Control? Ensure On-connect network access controls ensures only Compliance compliant machines gain network access Continuous Continuous analysis of network activities for botnet Analysis transmissions & infection attempts Automatic Automatically filter out malicious packets, botnet Enforcement transmissions, and block infected machines FireEye, Inc. Proprietary 13

Ensure Compliant Network Access Network access controls - Limit network access to machines with updated AV signatures & OS patches Remote & LAN users Wireless users WAN/VPN Internet Wireless FireEye, Inc. Proprietary 14

Continuous Analysis using the FireEye Attack Confirmation Technology (FACT) An infinite supply of virtual victim machines analyzes network traffic flows for targeted attacks Mirrored network traffic flows FireEye, Inc. Proprietary 15

Automated Prevention & Enforcement Mobility controllers MAC exclusion, VLAN re- assignment to block infected machines from network et Switches ern Close off / restrict network Int access to infected machines to protect customer data and company resources Packet filtering Productive traffic can continue to flow, but malicious traffic is blocked FireEye, Inc. Proprietary 16

Typical FireEye Deployments Eliminate Network Borne Crimeware from Wireless Users Eliminate Network Borne Crimeware From Remote Branch Offices and Stores WAN Data Center Protect Data Center Windows Eliminate Crimeware Servers from Crimeware From Infiltrating from Internet Backbone Internet FireEye, Inc. Proprietary 17

The FireEye Ecosystem Active collaboration with law enforcement, industry, & security researchers to root out crimeware  Law enforcement & Military  Research institutions  Industry participants  Enterprise customers  Internet Service Providers FireEye, Inc. Proprietary 18

About FireEye, Inc. Dedicated to eradicating malware from the world’s networks  Based in Menlo Park, CA  Led by an experienced team from Sun, Cisco, Aruba, Symantec, Check Point, & McAfee  Online at FireEye, Inc. Proprietary 19 FireEye, Inc. Proprietary 20

Add a comment

Related pages

Cyber Security & Malware Protection | FireEye

FireEye (FEYE) is a leader in cyber security, protecting organizations from advanced malware, ... Network. Network Security NX Series;
Read more

Fire eye email_mps_ds - Documents -

Fire eye spearphishing ... Eye Of The Fire, Network Malware Control System FireEye, Inc. is the leader in network malware control, ...
Read more

UC Berkeley on FireEye - LoveMyTool

U, Robot (by Paul W. Smith) By ... The FireEye 4200 is a self-sufficient system performing continuous threat analysis ... FireEye network malware control ...
Read more

Network security tap for use with intrusion detection system

The system and method ... intrusion detection device analyzes the information in the communication line for indicia of attempts to compromise the network.
Read more

Gigamon Ecosystem Partner Program

Our Ecosystem Partners solve customer ... of the physical and virtual network. Gigamon and its ... Fire Eye-Stealth Malware Security ...
Read more

Resources | Gigamon

Gigamon > Resources . ... Automating Visibility inside the Cisco Live Network with Gigamon and JDSU. ... intrusion detection system, out-of-band malware, ...
Read more

Contact FireEye | FireEye

Contact FireEye for a security assessment, ... Network. Network Security NX Series; ... File System and Storage.
Read more

ICYMI: FireEye details Cisco router malware in report

Network Access Control; Network Security Best ... FireEye details Cisco router malware in ... Cisco said the system's components can be deployed ...
Read more