Broad and Automated Security Coverage for your Expanding Attack Surface.

INTRODUCTION

SOPHISTICATED ATTACKS YIELD BIG REWARDS

Securing today’s enterprise is more challenging than ever. Whereas in the past there was a well-defined perimeter to secure, the rise of the Internet of Things (IoT) following mobility and BYOD, as well as the continued adoption of public following widespread adoption of private cloud services, results in a much more diverse and dynamic attack surface to be protected.

At the same time, the threat landscape continues to evolve in regard to both volume and sophistication as cyber crime has achieved big business status and maturity. Powered by a robust cyber crime ecosystem that includes a growing segment of “malware-as-a-service” providers, our FortiGuard Labs saw more than 700,000 intrusion attempts by the close of 2016, with 120,000 pieces of malware and 25,000 spam messages—every minute of every day. Further, in Verizon’s 2016 Data Breach Investigations Report, the malware at the heart of incidents lived for only 58 seconds or less and was seen only at the compromised organization in nearly all cases. Most importantly, regardless of whether the result of a volume-based or targeted attack, a recent Fortinet Threat Landscape publication reported that the average organization has been successfully compromised with more than six active bots communicating out to cyber criminals.

That’s why Fortinet is pioneering a new approach to security, our Fortinet Security Fabric, which includes specific components recommended to address today’s advanced threats.

THE FORTINET SECURITY FABRIC

With so many potential ways for cyber criminals to gain entry into the dynamic enterprise, it is important to design and implement a security architecture that is broad enough to cover the entire attack surface. Further, it is critical to have security components that are powerful enough to enable all the technologies appropriate at each protection point without slowing networks or employees. And finally, it must be automated and work as a single, cohesive system to keep pace with the changing and fast-moving threat landscape.

This type of approach is absolutely critical to effective advanced threat protection. While there are always new, innovative technologies to combat new, innovative cyber threats, none represents a “silver bullet” to protect organizations that don’t also handle all of “the basics” of security best practices.

Instead, the most effective defense is founded on a cohesive and extensible architecture that encompasses all the important basics, along with the latest emerging technologies, as they demonstrate their effectiveness, working together to stop attacks at multiple points of the organization and multiple phases of their life cycle. As such, the security components recommended as the basis for advanced threat protection span three primary phases:

• Prevention—blocking, as much as possible, typically known threats, often based on global intelligence
• Detection—continuing inspection, usually for unknown threats based on local analysis and intelligence
• Mitigation—responding with new detection to minimize incidents and their impact, primarily by sharing intelligence throughout the security architecture

Further, this approach must incorporate current security capabilities, emerging technologies, and customer-specific learning mechanisms to create and distribute actionable security intelligence from newly detected threats in real time. And it must coordinate among security components from multiple vendors, such that the entire infrastructure can act as a single entity to protect the organization.

BROAD COVERAGE ACROSS THE ATTACK SURFACE

POWERFUL PROCESSING TO ENABLE THE SECURITY YOU NEED

AUTOMATED TO ACT AS A SINGLE SYSTEM

INDEPENDENTLY TESTED

STAYING AHEAD OF THE THREAT CURVE WITH FORTINET FORTIGUARD LABS SYNERGY AND RESEARCH

One of the greatest Fortinet strengths is the synergy of its proprietary software, high-performance appliances, and FortiGuard Labs threat research teams. Most importantly, FortiGuard Labs research groups serve as the intelligence hub that ensures all three elements work seamlessly. They study previously unknown threats, develop comprehensive remediation strategies that are built from the ground up with high performance and efficient protection in mind, and deliver security intelligence to continually strengthen prevention and detection over time. As a result, organizations benefit from:

Comprehensive Security: FortiGuard Labs leverages real-time intelligence across 12 distinct disciplines within the threat landscape to deliver comprehensive security updates across the full range of Fortinet solutions and core technologies for synergistic protection.

Protection Ahead of the Threats: As a new threat emerges, certain detection and prevention products communicate directly for immediate, automated response. Additionally, FortiGuard Labs 24x7x365 global operations pushes up-to-date security intelligence in real time to Fortinet solutions, delivering instant protection against new and emerging threats. And many of the same automated threat analysis tools and techniques have been packaged up within FortiSandbox to bring this same real-time detection and intelligence distribution to the individual customer environment

Collaboration in the Industry: In addition to its proactive research, global honeypot infrastructure, and 3,000,000+ network security appliances also acting as sensors, FortiGuard Labs has established more than 200 threat information-sharing agreements with other recognized vendor research groups, ISACs, and industry groups like the Cyber Threat Alliance, with a mature process for the automated ingestion, deduplication, and validation to turn raw data into high-value threat intelligence.