1 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

FireEye Platforms Sizing Guide

Dec 2014

4 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

NX Series

5 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

10 Mbps 50 User

900

1000Base-T (2)

SATA (1)

Single

20 Mbps 100 User

1400

1000Base-T (2)

SATA (1)

Single

50 Mbps 500 User

2400

1000Base-T (4)

SATA (1)

Single

NX sizing considerations:

Size based on size of pipe (i.e. Internet)

* Throughput/users was determined from replay of real customer traffic with profile of 60% HTTP traffic

Positioning: Remote Office SMB Mid Market

NX Series (Release 7.2)

6 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

NX sizing considerations:

Size based on size of pipe (i.e. Internet)

250 Mbps 2500 User

4400, 4420

1000Base-SX (4)

1000Base-T (4)

SAS (2) – RAID 1

Dual

1 Gbps 10K User

7500, 7400, 7420

1000Base-SX (4)

1000Base-T (4)

SAS (2) – RAID 1

Dual

10000

10G Base-SR/SW (2)

SAS (2) – RAID 1

Dual

4 Gbps 40K User

Positioning: Enterprise Large Enterprise Large Enterprise

* Throughput/users was determined from replay of real customer traffic with profile of 60% HTTP traffic

NX Sizing Cont’d (Release 7.2)

7 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

NX Series Hardware Specifications

Note: All performance values vary depending on the

system of configuration and traffic profile being

processed

Click here for the full NX Datasheet

8 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

₪ show web-analysis stats

Summary Statistics Statistic Total Rate/minute Confirmed Incidents: 1 0.000 Incidents: 1 0.000 Workorders: 1 0.000 Sources: 1 0.000 Flows: 38 0.014 URLs: 38 0.014 Webpcap Packet Loss: 0.0 Internal Packet Loss: 0.0 Total Packet Loss: 0.0 Asymmetric Flows: 0.0 Missing Packet Flows: 0.0 Data Loss: 0.0

Typically < 10%. Higher number may indicate a deployment issue

Typically < 10%. Higher number may indicate a sizing issue

Incident:workorder ratio should be around 1:2 or less

What to Look at on the Platform

9 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

NX10000 Throughput: 4 Gbps Users: 40,000 Sessions: 2M Incidents (Rate/Minute): <=20 Work orders (Rate/Minute) <= 40

NX 7xxx Throughput: 1 Gbps Users: 10,000 Sessions: 500K Incidents (Rate/Minute): <= 4 Work orders (Rate/Minute) <= 7

NX 4xxx Throughput: 250 Mbps Users: 2,500 Sessions: 80K Incidents (Rate/Minute): <= 2.2 Work orders (Rate/Minute) <= 2.3

NX 2xxx Throughput: 50 Mbps Users: 500 Sessions: 15K Incidents (Rate/Minute): <= 1 Work orders (Rate/Minute) <= 2

NX 14xx Throughput: 20 Mbps Users: 100 Sessions: 7,500 Incidents (Rate/Minute): <= 0.3 Work orders (Rate/Minute) <= 0.7

NX 900 Throughput: 10 Mbps Users: 50 Sessions: 4,000 Incidents (Rate/Minute): <= 0.3 Work orders (Rate/Minute) <= 0.7

NX + IPS Platform (7.2 Release) Sizing

10 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

EX Series

11 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

EX 8400

Effective S/W Release 7.1

EX Platform Emails/Day

3400 150K

5400 300K

8400 600K

Large Enterprise Small Enterprise

Perf

orm

an

ce/P

rice

EX 3400

EX 5400

EX sizing considerations:

Size based on rate of emails coming into organization with attachments and/or URL in email. Size based on post-SPAM filter results

EX Series Sizing (Release 7.1)

12 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

Note: All performance values vary

depending on the system of

configuration and traffic profile

being processed

Click here for the full EX

Datasheet

EX Series Hardware Specifications

13 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

8400 5400 3400

Average Messages/Day 600K 300K 150K

Peak Messages/Hour 30K 15K 6K

Peak Unique Attachment/Hour 3000 1500 600

Peak URL/Hour 50K 25K 10K

Traffic mix for above test results:

• Percentage of email message with unique attachments: 10%

• Percentage of email messages with URLs: 30%

• Number of URLs per message: 5

Use this number for conservative EX sizing*

EX Performance

* Datasheet provides peak performance numbers under ideal conditions

14 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

Multiple parameters affecting sizing

– File types, distribution, and percentage of attachments in mail

stream

– May be difficult to obtain these parameters without deploying an

EX

– Size higher if uncertain

All statistics required to do sizing can be obtained by

running EX report

EX Sizing Considerations

15 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

FX Series

16 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

Large Enterprise Small Enterprise

Perf

orm

an

ce/P

rice

FX 5400

FX 8400

S/W Release 7.1

FX Platform # of Files/Day

5400 Up to 80,000

8400 Up to 160,000

FX Series Sizing (Release 7.1)

FX sizing considerations:

Size based on file types in the share and percentage that are supported (scannable) by FX

17 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

Note: All performance values vary

depending on the system of

configuration and traffic profile

being processed

Click here for the full FX

Datasheet

FX Series Hardware Specifications

18 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

% analyzable

24K 80K 44K 160K Graph based on local CIFS share with 100K

files and file types of PDF, ZIP, and Excel

100% 20%

20% 100%

% analyzable

Files/Day

FX 5400

FX 8400

Scan performance can vary based on % of analyzable files

Scan Performance Can Vary

19 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

Determine from

pre-scan or from

customer input

Number of VM

Executions

File Type Distribution

File Associations

Recommend

default settings

Factors Affecting Scan Performance

Network

Latency

20 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

Scan-id is determined

from Web UI

Useful Command for File Scan Performance

24 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

CM Series

25 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

Large Enterprise Small Enterprise

Perf

orm

an

ce/P

rice

CM 4400

CM 7400

CM 9400 CM sizing considerations:

Size based on number and type of devices connected behind it

CM Series Sizing

26 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

CMS 4400 CMS 7400 CMS 9400 CMS 7400HA CMS 9400HA

# NX only 20 70 210 40 100

# EX only 4 35 105 20 50

NX / EX / AX (11/2/1) 14 (40/20/1) 61 (125/60/1) 186 (24/12/1) 37 (50/25/1) 76

Number of EX / NX / Combinations supported by one CMS Based on Release 7.1

Sample Number of Devices One CM Supports

27 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

Note: All performance values vary

depending on the system of

configuration and traffic profile

being processed

Click here for the full CM

Datasheet

CM Series Hardware Specifications

32 Copyright © 2014, FireEye, Inc. All rights reserved. | CONFIDENTIAL

Thank You