FireEye SMARTVISION

FireEye SmartVision Edition is a network traffic analysis (NTA) solution that detects suspicious lateral traffic within an enterprise network. Unlike other network security solutions that sit at the perimeter to thwart malicious incoming attacks, FireEye SmartVision Edition can be deployed throughout the network — at the core, across network segments and in front of key server assets — to detect malicious internal traffic. With FireEye SmartVision Edition, security analysts and administrators gain new insight and visibility of suspicious lateral traffic that firewalls and other security gateways miss. By using easy to deploy, lightweight sensors working in conjunction with FireEye’s industry - leading Cloud MVX™ technology, customers can scale SmartVision Edition visibility across the entire network — from the data center to remote branch office locations. At the heart of SmartVision Edition is advanced threat detection software, which includes an advanced correlation and analytics engine and a machine learning module to detect attempted data exfiltration, bolstered by 120+ intrusion detection rules that identify weak indicators of compromise Benefits

• Detects formerly undetectable suspicious lateral traffic

• Decreases time to detect postbreach activities

• Provides flexibility to scale throughout the entire network

• Enables visibility into network segmentation initiatives

• Improves network forensics and incident response

• Reduces attacker dwell time

Components of SmartVision edition Three components are required to enable SmartVision Edition:

1. A minimum of one or more SmartVision Sensors (hardware or virtual)

2. Connection to a FireEye MVX engine (either on-premise, Smart Grid or via Cloud MVX*)

3. FireEye OS release 8.1.2 or greater with SmartVision activated