FireEye Endpoint Security (formerly FireEye HX) is a modern endpoint protection platform combining traditional anti-virus with advanced real-time indicator detection and prevention. This platform supports the UC Office of the President’s IS-3 policy, as well as UCLA’s Threat Detection and Identification (TDI) initiative, in the pursuit of the University's mission of teaching, research, and public service which necessitates that information assets and administrative data be safeguarded and maintained. The FireEye Endpoint Security (FES) agent can help:
- Control the installation, spread, and execution of malicious code with automated system analysis of abnormal activity
- Reduce security threats with automated policy-driven response and real-time threat intelligence capabilities
- Enable endpoint visibility for UCLA IT Security to respond to threats in a more informed and timely manner
The FireEye Endpoint Security agent unifies prevention, detection, and response in a single agent powered by machine learning and automation. Unit endpoints are protected from vulnerabilities and exploits, including:
- Executables – Trojans, worms, backdoors, and payload-based
- Memory-based malware
- Documents – Office documents, adobe files, macros
- Browser – Drive-by downloads, Flash, Java, Javascript, VBS, iFrame/HTML5 plugins
- Scripts – Powershell, WMI, Powersploit, VBS
The agent supports all modern versions of Windows, macOS, and most variants of Linux.
Pricing
This service is provided at no cost to campus.
Benefits
- Traditional anti-virus protection
- Real-time indicator of compromise (IoC) detection
- MalwareGuard machine learning engine to protect against advanced threat
- ExploitGuard behavioral analytics engine to stop real-time execution of malicious scripts
- Provided free of charge to all areas
Key Features
- Scanning via network-based authenticated and non-authenticated scanning
- Virtual private scanners can be deployed to scan non-public IP space.
- Qualys Cloud Agent can be deployed on systems for additional efficacy in vulnerability assessment and easier tracking.
Eligibility
All Campus Units are provided FES to deploy within their environment(s).
Requirements
All campus servers and university-owned systems are required to run the FES agent on their machine.
Getting Started
Contact security@ucla.edu to learn more about how to deploy FES in your environment