FireEye Endpoint Security (Antivirus)

FireEye Endpoint Security (formerly FireEye HX) is a modern endpoint protection platform combining traditional anti-virus with advanced real-time indicator detection and prevention. This platform supports the UC Office of the President’s IS-3 policy, as well as UCLA’s Threat Detection and Identification (TDI) initiative, in the pursuit of the University's mission of teaching, research, and public service which necessitates that information assets and administrative data be safeguarded and maintained. The FireEye Endpoint Security (FES) agent can help: 

  • Control the installation, spread, and execution of malicious code with automated system analysis of abnormal activity
  •  Reduce security threats with automated policy-driven response and real-time threat intelligence capabilities
  • Enable endpoint visibility for UCLA IT Security to respond to threats in a more informed and timely manner

The FireEye Endpoint Security agent unifies prevention, detection, and response in a single agent powered by machine learning and automation. Unit endpoints are protected from vulnerabilities and exploits, including: 

  • Executables – Trojans, worms, backdoors, and payload-based
  • Memory-based malware
  • Documents – Office documents, adobe files, macros
  • Browser – Drive-by downloads, Flash, Java, Javascript, VBS, iFrame/HTML5 plugins
    • Scripts – Powershell, WMI, Powersploit, VBS

The agent supports all modern versions of Windows, macOS, and most variants of Linux.

Pricing

This service is provided at no cost to campus.

Benefits

  • Traditional anti-virus protection
  • Real-time indicator of compromise (IoC) detection
  • MalwareGuard machine learning engine to protect against advanced threat
  • ExploitGuard behavioral analytics engine to stop real-time execution of malicious scripts
  • Provided free of charge to all areas

Key Features

  • Scanning via network-based authenticated and non-authenticated scanning
  • Virtual private scanners can be deployed to scan non-public IP space.
  • Qualys Cloud Agent can be deployed on systems for additional efficacy in vulnerability assessment and easier tracking.

Eligibility

All Campus Units are provided FES to deploy within their environment(s).

Requirements

All campus servers and university-owned systems are required to run the FES agent on their machine.

Getting Started

Contact [email protected] to learn more about how to deploy FES in your environment