Published on

FireEye, Inc. is the leader in network malware control, dedicated to eradicating malware from the world's networks. FireEye provides the world's only malware control system designed to secure networks from targeted malware. Our solutions bring advanced network security together with state-of-the-art virtualization technology to combat crimeware and protect customer data, intellectual property and company resources, solving critical business needs without taxing your IT administration. FireEye is based in Menlo Park, CA and backed by Sequoia Capital and Norwest Venture Partners. For more details, visit

Published in: Business, Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • FireEye

    1. 1. FireEye Network Malware Control System Chad Harrington VP of Marketing
    2. 2. Overview Crimeware’s rise to prominence Traditional security barriers collapsing FireEye Network Malware Control System
    3. 3. Understanding Crimeware <ul><li>Targeted malware for profit </li></ul><ul><li>Funded by criminal orgs & online markets </li></ul><ul><li>Allows remote control by external parties </li></ul>Cybercrime now ranks among the FBI’s top priorities behind terrorism & espionage. Computer-based crimes caused $14.2 billion in damages to businesses around the globe in 2005
    4. 4. The Crimeware Economy
    5. 5. Impact of Crimeware Attacks <ul><li>Bottom line losses </li></ul><ul><ul><li>Product/service theft </li></ul></ul><ul><ul><li>Intellectual property stolen </li></ul></ul><ul><ul><li>PC & bandwidth exploited </li></ul></ul><ul><li>Liability & clean-up </li></ul><ul><ul><li>Customer notifications & lawsuits </li></ul></ul><ul><ul><li>Data restoration & downtime </li></ul></ul><ul><li>Brand erosion & loss of customers </li></ul><ul><ul><li>20% of notified customers have ended business relationship due to breach </li></ul></ul>
    6. 6. How Does Targeted Malware Infiltrate? <ul><li>Common vectors </li></ul><ul><li>Mobile laptop </li></ul><ul><li>Employee home machine </li></ul><ul><li>3 rd party, guest PC </li></ul><ul><li>Enterprise desktop </li></ul>1 Customized attack
    7. 7. How Does Targeted Malware Infiltrate? 2 Customized attack Command & control <ul><li>Remote Control Established </li></ul><ul><li>Begin probing network </li></ul><ul><li>Identify high-value victims </li></ul><ul><li>Install additional malware </li></ul><ul><li>Steal data & information </li></ul>
    8. 8. How Does Targeted Malware Infiltrate? Targeted infiltration 3 Customized attack Command & control
    9. 9. How Does Targeted Malware Infiltrate? <ul><li>Keyloggers </li></ul><ul><li>Password crackers </li></ul><ul><li>Trojans </li></ul><ul><li>Spam/Phishbots </li></ul>4 Customized attack Command & control
    10. 10. Traditional Security Barriers Collapsing <ul><li>Crimeware is designed to escape attention </li></ul><ul><li>Exploits bypass traditional security, such as </li></ul><ul><ul><li>Firewalls – use open ports </li></ul></ul><ul><ul><li>Antivirus – be slightly new & different </li></ul></ul><ul><ul><li>Anomaly detectors – remain calm & look normal </li></ul></ul>“ Botnet worm infections can occur even when the impacted organization has the very latest antivirus signatures and is automatically pushing out OS and application patches .” US-CERT whitepaper
    11. 11. Targeted Malware Simply Undetectable by Traditional Security Techniques Targeted malware has 2 to 6 year window Window of Exploitability Signature or Patch Released Vulnerable Software Released Vulnerability Discovered/ Disclosed
    12. 12. Fire FireEye Network Malware Control System <ul><li>Stops botnet & malware infiltration others do not </li></ul><ul><li>Ensures only compliant PCs gain network access </li></ul><ul><li>Continuous network traffic analysis </li></ul><ul><li>Automatic prevention & enforcement </li></ul>
    13. 13. What is Network Malware Control? Ensure Compliance On-connect network access controls ensures only compliant machines gain network access Continuous Analysis Continuous analysis of network activities for botnet transmissions & infection attempts Automatic Enforcement Automatically filter out malicious packets, botnet transmissions, and block infected machines
    14. 14. Ensure Compliant Network Access Remote & Wireless users LAN users WAN/VPN Internet Wireless Network access controls - Limit network access to machines with updated AV signatures & OS patches
    15. 15. Continuous Analysis using the FireEye Attack Confirmation Technology (FACT) An infinite supply of virtual victim machines analyzes network traffic flows for targeted attacks Mirrored network traffic flows
    16. 16. Automated Prevention & Enforcement Switches Close off / restrict network access to infected machines to protect customer data and company resources Mobility controllers MAC exclusion, VLAN re-assignment to block infected machines from network Packet filtering Productive traffic can continue to flow, but malicious traffic is blocked Internet
    17. 17. Typical FireEye Deployments Backbone WAN Internet Data Center Eliminate Network Borne Crimeware from Wireless Users Protect Data Center Windows Servers from Crimeware Eliminate Crimeware From Infiltrating from Internet Eliminate Network Borne Crimeware From Remote Branch Offices and Stores
    18. 18. The FireEye Ecosystem <ul><li>Active collaboration with law enforcement, industry, & security researchers to root out crimeware </li></ul><ul><ul><li>Law enforcement & Military </li></ul></ul><ul><ul><li>Research institutions </li></ul></ul><ul><ul><li>Industry participants </li></ul></ul><ul><ul><li>Enterprise customers </li></ul></ul><ul><ul><li>Internet Service Providers </li></ul></ul>
    19. 19. About FireEye, Inc. <ul><li>Dedicated to eradicating malware from the world’s networks </li></ul><ul><li>Based in Menlo Park, CA </li></ul><ul><li>Led by an experienced team from Sun, Cisco, Aruba, Symantec, Check Point, & McAfee </li></ul><ul><li>Online at </li></ul>
    20. 20.