Fortinet FortiSandbox
HomePartnersFortinet — Fortinet FortiSandbox

With the increasing volume and sophistication of cyber-attacks, it takes only one threat to slip through security for a data breach to occur. CISOs have adopted sandboxing as an essential component of their security strategies to help combat previously unknown threats. While attack surfaces are becoming more dynamic due to the rise of IoT and cloud-based services, a continuing shortage of cyber security talent is driving organizations to integrate sandboxing with greater controls and a high degree of automation. Fortinet FortiSandbox achieves this by integrating with Fortinet and non-Fortinet security products via the Fortinet Security Fabric to automate the disruption of zero-day threats. Fortinet FortiSandbox includes critical protection against advanced and emerging threats. Broad integration with Fortinet and third-party security solutions to help protect an organization’s dynamic attack surface.

Automated sharing of threat intelligence in real-time to disrupt attacks early in the cycle without human intervention. Flexible form factors to help support various industry requirements. Proactive threat detection hosted on the campus or in the data center. Today’s threats are increasingly sophisticated and often bypass traditional malware security by masking their malicious activity. A sandbox augments your security architecture by validating threats in a separate, secure environment. Fortinet FortiSandbox offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. It’s also a key component of Fortinet Advanced Threat Protection solution. Fortinet FortiSandbox integrates with Fortinet and non-Fortinet security products via Fortinet Security Fabric to automate the disruption of zero-day threats.

Fortinet FortiSandbox

FortiSandbox includes independently top-rated: NSS Labs “Recommended” for breach detection and ICSA labs certified for advanced threat defense. Broad integration — extends advanced threat protection to your next-generation firewall, web application firewall, secure email gateway, and endpoint protection platform. Intelligent automation: speeds mitigation by sharing real-time updates to disrupt threats at the origin and subsequent immunization across the entire organization and the global community. All-in-one — simplifies deployment and reduces complexity by covering all protocols in a single common sandbox platform. Flexible deployment — available as a physical or virtual appliance on premises, as well as a cloud-based or managed service. Open extensibility — flexible APIs for easy third-party integration and available day-zero integration with Fabric Alliance partners.

Fortinet FortiSandbox Appliances And FortiSandbox Cloud

Fortinet’s top-rated FortiSandbox is at the core of the Advanced Threat Protection (ATP) solution that integrates with Fortinet’s Security Fabric to address the fast-moving and more targeted threats across a broad attack surface. Specifically, it delivers real-time actionable intelligence through the automation of zero-day, advanced malware detection and mitigation. Effective defense against advanced targeted attacks through a cohesive and extensible architecture working to protect network, application layers and endpoint devices. Native integration and open APIs automate the submission of objects from Fortinet and third-party vendor protection points, and the sharing of threat intelligence in real-time for immediate threat response. Constantly undergoes rigorous, real-world independent testing and consistently earns top marks. Complement your established defenses with a two-step sandboxing approach.

Fortinet FortiSandbox VM00

Suspicious and at-risk files are subjected to the first stage of analysis with Fortinet’s award-winning AV engine, FortiGuard global intelligence query, and code emulation. Second stage analysis is done in a contained environment to uncover the full attack lifecycle using system activity and callback detection. In addition to supporting FortiGate, FortiMail, FortiWeb, and FortiClient (ATP Agent) file submission, third-party security vendor offerings are supported through a well-defined open API set. Reports with captured packets, original file, tracer log, and screenshot provide rich threat intelligence and actionable insight after files are examined. This is to speed up remediation. Fortinet’s ability to uniquely integrate various products with FortiSandbox offers automatic protection with incredibly simple setup. FortiSandbox supports inspection of many protocols in one unified solution, thus simplifies network infrastructure and operations.
Fortinet FortiSandbox

Application Security

Web applications and email systems have long been favorite targets of hackers because they have access to valuable information and they are relatively easy to exploit. A successful attack can result in a variety of devastating consequences including financial loss, damage to brand reputation, and loss of customer trust. Most organizations do not recover from a major security breach, making it absolutely critical to protect your users and customers from threats that target applications and email systems.

Fortinet Data Center Application Security solution consists of a robust and integrated set of products to protect against these attacks. We are the only company that delivers a complete single-vendor solution with the proven performance and security effectiveness to meet the increasing demands of today’s data centers. In addition, our application security solutions can be integrated with Fortinet FortiGate next-generation firewalls and Fortinet FortiSandbox sandbox for extra defenses against Advanced Persistent Threats (APTs).

Benefits

The enterprise data center is evolving rapidly with technologies such as virtualization, software-defined networking, and public cloud computing. Trying to apply traditional security to new technologies generally will not be effective. Enterprises need to evaluate their data center initiatives and how they will impact network security to ensure all areas of the data center remain protected. Today’s data centers are dynamic and complex. Security solutions need to be flexible, effective, and easy to manage so they bring order to the chaos instead of adding to it. Fortinet can protect your physical, virtual, and cloud servers with one solution — whether data center, private cloud, or public cloud deployments.

Under constant attack, organizations cannot afford to choose between security and maintaining a high-performance business infrastructure. Your extended enterprise needs proven security that won't compromise performance: from deep within internal segments, to physical and virtual data centers, to dynamic cloud environments. Deploying network security solutions from multiple vendors causes unnecessary complexity and introduces security gaps. The Fortinet Enterprise Firewall Solution delivers industry-leading security effectiveness with unmatched performance capabilities — through one operating system managed within a single pane of glass.

Cloud Security

Cloud computing is becoming increasingly popular among enterprises looking to take advantage of the quick deployment, unprecedented scalability, and cost savings. Private cloud infrastructure, including virtualization and software-defined networking (SDN), are rapidly transforming data centers worldwide. At the same time, organizations are rapidly embracing public clouds, both migrating workloads to Infrastructure-as-a-Service (IaaS) clouds like AWS and Azure, and adopting Software-as-a-Service (SaaS) applications. This results in a hybrid cloud and increasingly multi-cloud environment that is truly borderless for your enterprise users, data, and applications.

Evolving your infrastructure means your security must evolve as well, to protect your enterprise regardless of where your infrastructure and applications are running. If your security can’t keep up with the agile public, private, and hybrid cloud environments of today, gaps in protection will occur. There are a number of deployment methods being used today that require scalable security capable of keeping up with elastic workloads. Fortinet provides comprehensive security for private, public, and hybrid deployments before, during, and after migration — with one solution.

Features

At the heart of Fortinet data center security are the FortiGate data center firewalls which are purpose-built FortiASIC processors that enable this extremely high level of performance. These custom content and network processors provide near-wire speed switching, routing, and stateful firewalling. The network processors eliminate the need for legacy Layer-2 switches and routers within the data center. Instead, FortiGate takes over and performs network segmentation, switching, routing, and network security, all while reducing network complexity.

Furthermore, our integrated architecture provides extremely high throughput and exceptionally low latency, minimizing packet processing while accurately scanning the data for threats. Custom FortiASIC processors deliver content inspection at multi-gigabit speeds. The only way for a network security platform to scale is via purpose-built ASICs to accelerate specific parts of the packet processing and content scanning function. FortiGate technology utilizes Optimum Path Processing (OPP) to optimize the different resources available in packet flow. The FortiASIC can scale to 500 Gbps of firewall throughput independent of packet size while maintaining a high number of sessions and extremely low latency.

Fortinet FortiWeb

FortiWeb provides integration with leading third-party vulnerability scanners including Acunetix, HP WebInspect, IBM AppScan, Qualys and WhiteHat to provide dynamic virtual patches to security issues in application environments. Vulnerabilities found by the scanner are quickly and automatically turned into security rules by FortiWeb to protect the application until developers can address them in the application code. Quarantined IPs HTTP Traffic service protects you from known attack sources like botnets, spammers, anonymous proxies, and sources known to be infected with malicious software.

FortiWeb Security Service is designed just for FortiWeb including items such as application layer signatures, malicious robots, suspicious URL patterns and web vulnerability scanner updates. Finally, FortiWeb offers FortiGuard’s top-rated antivirus engine that scans all file uploads for threats that can infect your servers or other network elements. FortiWeb provides maximum flexibility in supporting your virtual and hybrid environments. The virtual versions of FortiWeb support all the same features as Fortinet hardware-based devices and work with all the top hypervisors.