FireEye, Inc. is the leader in network malware control, dedicated to eradicating malware from the world's networks. FireEye provides the world's only malware control system designed to secure networks from targeted malware. Our solutions bring advanced network security together with state-of-the-art virtualization technology to combat crimeware and protect customer data, intellectual property and company resources, solving critical business needs without taxing your IT administration. FireEye is based in Menlo Park, CA and backed by Sequoia Capital & Norwest Venture Partners.
Uae-NO1 Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
Gigamon U - Eye Of The Fire, Network Malware Control System
1. FireEye
Network Malware
Control System
Chad Harrington
VP of Marketing
FireEye, Inc. Proprietary
2. Overview
Crimeware’s rise to prominence
Traditional security barriers collapsing
FireEye Network Malware Control System
FireEye, Inc. Proprietary 2
3. Understanding Crimeware
Targeted malware for profit
Funded by criminal orgs & online markets
Allows remote control by external parties
Computer-based crimes caused $14.2
billion in damages to businesses
around the globe in 2005
Cybercrime now ranks among the
FBI’s top priorities behind
terrorism & espionage.
FireEye, Inc. Proprietary 3
5. Impact of Crimeware Attacks
Bottom line losses 20% of notified
Product/service theft customers have
Intellectual property stolen ended business
PC & bandwidth exploited relationship due
to breach
Liability & clean-up
Customer notifications & lawsuits
Data restoration & downtime
Brand erosion & loss of customers
FireEye, Inc. Proprietary 5
6. How Does Targeted Malware Infiltrate?
1
Customized
attack
Common vectors
Mobile laptop
Employee home machine
3rd party, guest PC
Enterprise desktop
FireEye, Inc. Proprietary 6
7. How Does Targeted Malware Infiltrate?
2
Command
& control
Customized
attack
Remote Control Established
Begin probing network
Identify high-value victims
Install additional malware
Steal data & information
FireEye, Inc. Proprietary 7
8. How Does Targeted Malware Infiltrate?
3
Command
& control
Customized
attack
Targeted
infiltration
FireEye, Inc. Proprietary 8
9. How Does Targeted Malware Infiltrate?
4
Command Keyloggers
& control
Customized Password crackers
attack
Trojans
Spam/Phishbots
FireEye, Inc. Proprietary 9
10. Traditional Security Barriers Collapsing
“Botnet worm infections can occur even when the
impacted organization has the very latest antivirus
signatures and is automatically pushing out OS and
application patches.” US-CERT whitepaper
Crimeware is designed to escape attention
Exploits bypass traditional security, such as
Firewalls – use open ports
Antivirus – be slightly new & different
Anomaly detectors – remain calm & look normal
FireEye, Inc. Proprietary 10
11. Targeted Malware Simply Undetectable by
Traditional Security Techniques
Vulnerable Vulnerability Signature
Software Discovered/ or Patch
Released Disclosed Released
Window of
Exploitability
Targeted malware has 2 to 6 year window
FireEye, Inc. Proprietary 11
12. FireEye Network Malware Control System
Fire
Stops botnet & malware infiltration others do not
Ensures only compliant PCs gain network access
Continuous network traffic analysis
Automatic prevention & enforcement
FireEye, Inc. Proprietary 12
13. What is Network Malware Control?
Ensure On-connect network access controls ensures only
Compliance compliant machines gain network access
Continuous Continuous analysis of network activities for botnet
Analysis transmissions & infection attempts
Automatic Automatically filter out malicious packets, botnet
Enforcement transmissions, and block infected machines
FireEye, Inc. Proprietary 13
14. Ensure Compliant Network Access
Network access controls - Limit network access to
machines with updated AV signatures & OS patches
Remote & LAN users
Wireless users
WAN/VPN
Internet
Wireless
FireEye, Inc. Proprietary 14
15. Continuous Analysis using the
FireEye Attack Confirmation Technology (FACT)
An infinite supply of virtual victim machines
analyzes network traffic flows for targeted attacks
Mirrored network
traffic flows
FireEye, Inc. Proprietary 15
16. Automated Prevention & Enforcement
Mobility
controllers
MAC exclusion, VLAN re-
assignment to block infected
machines from network
et
Switches
ern
Close off / restrict network
Int
access to infected machines
to protect customer data and
company resources
Packet filtering
Productive traffic can
continue to flow, but
malicious traffic is blocked
FireEye, Inc. Proprietary 16
17. Typical FireEye Deployments
Eliminate Network Borne
Crimeware from Wireless Users
Eliminate Network Borne
Crimeware From Remote
Branch Offices and Stores
WAN
Data Center
Protect Data Center Windows Eliminate Crimeware
Servers from Crimeware From Infiltrating
from Internet
Backbone
Internet
FireEye, Inc. Proprietary 17
18. The FireEye Ecosystem
Active collaboration with law enforcement, industry,
& security researchers to root out crimeware
Law enforcement & Military
Research institutions
Industry participants
Enterprise customers
Internet Service Providers
FireEye, Inc. Proprietary 18
19. About FireEye, Inc.
Dedicated to eradicating malware
from the world’s networks
Based in Menlo Park, CA
Led by an experienced team from Sun, Cisco,
Aruba, Symantec, Check Point, & McAfee
Online at www.fireeye.com
FireEye, Inc. Proprietary 19