Fortinet largesse FortiOS 5.2 to Combat Advanced Persistent Threats
Fortinet – a source for high-performance network security – today presented a key update to the company’s FortiOS network security operating system that from its barrio powers the FortiGate platform.
This announcement from its quarter integrates several innovations that brace Fortinet’s Advanced Threat Protection Framework, making available to enterprises a consistent as well as synchronized way to be able to combat Advanced Persistent Threats (APTs), followed by zero-day attacks besides other advanced malware. This Framework exclusively pools Fortinet’s new-fangled and recognized technologies braced with FortiGuard’s threat research and response to be able to address increasingly complex cyber threats and lessen the peril of network breach as well as data loss.
The key elements entailing Fortinet’s Advanced Threat Protection Framework stand as, viz:
- Access control: Lessens the attack surface by way of only allowing authorized users to access the network through authorized ports
- Threat prevention: Proactively halts as many attacks as possible by means of inspecting code, followed by traffic, web sites as well as applications
- Threat detection: Endures seeking out indicators of compromise so as to identify previously unknown attacks that bypass traditional defenses
- Incident response: Validates as well as contains incidents with expert security services, as well as automated actions and updates
- Continuous Monitoring: Assesses and swells security posture against individual as well as industry baselines, while accommodating a rapidly evolving threat environment.
FortiOS 5.2: A Key Pillar to Fortinet’s ATP Framework
The threat landscape has witnessed an upsurge of highly targeted zero-day attacks plus APTs that are designed to steal intellectual property or other critical enterprise data. Researchers from their end back at Fortinet’s FortiGuard Labs have found out more than 140 new zero-day susceptibilities to date, together with 18 found in Fiscal 2013 alone.
Fortinet’s ATP framework supports Gartner’s recommendations on protection from advanced targeted attacks. Certainly, as stated in their February 12th, 2014 report, “Designing an Adaptive Security Architecture for Protection from Advanced Attacks,” authors Neil MacDonald and Peter Firstbrook wrote, “All organizations should now assume that they are in a state of continuous compromise.”
The report’s authors furthered, “Comprehensive protection requires an adaptive protection process integrating predictive, preventive, detective and response capabilities.”
In such framework, Fortinet has integrated significant new security features to its operating system for a more efficacious protection against APTs as well as other targeted attacks. FortiOS 5.2 – which will still be supported by current versions of FortiAnalyzer 5.0 and FortiManager 5.0 with a new patch release – braces Fortinet’s Advanced Threat Protection Framework at the following levels, viz:
- Access control:
A fresh graphical policy table manipulation feature allows easier as well as consistent configuration of firewall policies
- Threat prevention:
A new deep flow advanced malware engine that goes beyond traditional signatures and heuristics; coalescing the speed of flow-based analysis with the breadth of proactive detection technologies together with unpacking and emulation
- A new inline SSL engine leverages the company’s CP8 custom ASIC for as much as 5 times faster content inspection of encrypted traffic (varies by model as well as former version of FortiOS)
An enhanced explicit web proxy with support for https in addition to higher performance
An enhanced IPS engine protects against the latest exploit techniques braced with enhanced decoders, followed by dynamic analysis techniques and extra
- Threat detection:
Deeper integration between FortiGate and an enhanced FortiSandbox for faster deployment in addition to greater protection
- Enhanced client behavioral analysis with new indicators of compromise as well as severity rating for the threats to assist detect previously unknown attacks
More pre-defined reports, including botnet activity, pinpoint compromised systems
- Incident response:
New dashboard views- based on user devices, applications, websites in addition to threats- include severity ratings and drill down to speed response
- New role-based workflow modes to guide incident response among other activities
Direct policy table manipulation from those views to take mitigating action
- Continuous Monitoring:
New consolidated views with identity-based policy (combining users and devices) and log cross-referencing for a more complete picture
New access to FortiSandbox community powers community intelligence
Deep application control aimed at cloud visibility
“More than ever, enterprises require intelligent, integrated solutions to prevent data theft and network disruption caused by stealthy, targeted attacks. Despite what many vendors would have you believe, there is no one product or ‘silver bullet’ to solve this problem,” alleged John Maddison, vice president of marketing for Fortinet. Supplementing that- “Today, Fortinet has introduced important enhancements to its FortiOS operating system to help better protect against APTs. FortiOS 5.2 supports the broader, coordinated framework for Advanced Threat Protection that we have established to guide organizations through a structured approach of defense. Only such a framework can allow enterprises to effectively protect themselves against the new generation of threats they are facing.”
FortiOS 5.2 software, in addition to the patch releases for FortiAnalyzer 5.0 and FortiManager 5.0, are all estimated to be available in Q214.