It's very well suited for geographically dispersed organizations, where deploying and managing remote firewalls and other network security functions aren't practical. Once deployed, and the deployment isn't difficult after planning and understanding the data flows of the IoT devices, the system is easily managed and flexible. You're able to allow front line operations people to add devices into a role without sacrificing the integrity of the security model.
It’s a dedicated Network Advanced Threat Detection and Prevention solution. Easy maintenance and low operating costs fit perfectly for SMEs. Variety of appliance selection makes NX the perfect choice for large enterprises. As it’s a dedicated solution with its own appliance, price is higher compared to NGTP add on solutions. FireEye is an ecosystem therefore when you’ve the EX or HX vice versa, you should be looking to NX. Otherwise, you’re missing the threat intel exchange on the network side reverse is the true. Sizing is important before the purchase, if you select a low end model for a busy network you lose your initial investment. For multiple NX deployments I highly recommend CMS. Without CMS you’ll lose the threat intel exchange and this will negatively reduce the risk scores.
It's pretty darned good for a new company. We had to hash through a couple of instances that no one had ever run into, but once we got to the right person on the engineering team, they were able to work through the solution pretty quickly. The nice thing is, unlike Cisco, once you fix something, you don't find three new things that have to be changed.
The cost and complexity vs. ISE is as different as Uber and Lift are from trying to take a taxi in Duluth, Minnesota. The complexity of Cisco's IoT security is a joke. It was going to take us over a year just to deploy all the Cisco equipment, and that was if we could have gotten it all working together. We got the entire project deployed in just under 3 months, and that includes working out all the bugs and logistics. Honestly, I don't think all the Cisco parts would have ever been running like Cisco promised it would. It's just way too complicated.
FireEye NX is a solid product. It gives you sustainable security throughout the organization. NX detection engines are more capable compared to others. Its catch rate is higher, FP rate is lower, [and] speed is awesome. NX can work for highly regulated environments with 1 way solution. Operation costs are much lower. Software quality is very good. It may have bugs, but these bugs do not compromise the security in general. SOC team loves the FireEye NX for its pinpoint detection capabilities. Local and partner support is exceptional.
As [a] financial company on the digital markets, we need to be safeguard for 0days and targeted attacks. FireEye NX provides the best updated protection with its enhanced capabilities.
Security score based on detection/prevention metrics [is] very high ensuring the highest level of security.
APTs in our region successfully detected and mitigated by the NX.
For the ROI, in a six month period FireEye is paying off its [investment].
One negative thing, especially with increasing network bandwidths, [is that] you need to make [the] investment every two or three years.
