Fortinet Fortiguard Security Services
Applied Security Intelligence
New cyber threats emerge every moment of every day. Whether it’s ransomware, phishing campaign, or infrastructural vulnerability—organizations must constantly be prepared to defend against something new at all times. Extensive knowledge of the threat landscape, combined with the ability to respond quickly at multiple levels, is the foundation for providing effective security. That’s where the threat research and intelligence of FortiGuard Labs is critical to protect your network.
Applied Security Intelligence
FortiGuard's Certified & Proven Security Protection provides Comprehensive security updates and protection for the full range of Fortinet's Security Fabric solutions. FortiGuard Labs consists of hundreds of research specialists, with an average of over 16 years experience in threat research and response, providing cutting-edge protection to customers and enhancing their cyber security defense. Seemless integration into your SOC/NOC for actionable security operations against today's threats
Power of FortiGuard Labs
When dealing with an almost invisible adversary, it is important to understand everything that is observable about them. FortiGuard threat intelligence encompasses research performed by FortiGuard analysts in cooperation with extended security industry and law enforcement organizations. Hundreds of FortiGuard researchers scour the cyber landscape to discover emerging threats and develop effective countermeasures to protect organizations around the world. They are the reason FortiGuard is credited with over 528 zero-day discoveries – a record unmatched by any other security vendor. A unique combination of in-house research, information from industry sources, and machine learning, and artificial intelligence technologies is why Fortinet security solutions score so high in real-world security effectiveness tests at places like NSS Labs, Virus Bulletin, ICSA Labs, AV Comparatives, and more.
FortiGuard Labs uses data collected from sensors positioned around the globe to protect more than 300,000 customers every day
By leveraging global threat data, enterprise organizations will be able to outsmart highly complex attacks. It Is important to understand the capabilities, tactics and procedures of cyber threat actors. With possession of this kind of information, enterprises have enough “illumination” to understand how to better respond to threats that are targeting their organization. It is this information that would ultimately illuminate the path to a stronger cybersecurity posture within your organization.
By combining our threat intelligence feed with local data from your network, such as logs and security events from your infrastructure, you will be able to quickly remediate threats with a surgical precision, lessening the time to respond to threats and saving valuable security personnel time. Threats arise from everywhere on the globe, and a threat that has first appeared in Japan for instance, could be targeting a corporation in Europe tomorrow. By having information about what may happen tomorrow, your organization will be gaining pro-active, intelligent based protection to stay ahead of threats.
FortiGuard Security Services
Cyber threats and cyber crime are on the rise. Criminals are exploiting the complexity of our expanding networks to infect, steal data, and hold systems to ransom. Extensive research and knowledge of the threat landscape, combined with the ability to respond quickly at multiple levels, is imperative for providing effective security
FortiGuard security services are designed to optimize performance and maximize protection across Fortinet’s security platforms and are available as subscription feeds for the FortiGate Next-Generation Firewall / IPS platforms, the FortiMail secure email gateway, the FortiClient endpoint protection software, FortiSandbox, FortiCache, and the FortiWeb web application firewall. This includes IP reputation updates, intrusion prevention, web filtering, antivirus/anti-spyware, anti-spam, database security, , virus outbreak protection service, content disarm & reconstruction, security rating services, Threat Intelligence Service and network and web application control capabilities to enable unified protection against today’s threats.
Intrusion Prevention (IPS)
FortiGuards Automated updates provide latest defenses against network-based threats. You get the latest defenses against stealthy network-level threat, a comprehensive IPS Library with thousands of signatures, flexible policies that enable full control of attack detection methods to suit complex security applications, resistance to evasion techniques proved by NSS Labs and the IPS signature lookup service.
Content Disarm & Reconstruction (CDR)
strips active content from files in real-time, creating a sanitized file and active content is treated as suspect and removed. CDR processes incoming files, deconstructs them, and removes any possibility of malicious content in your files that do not match firewall policies, fortifying your zeroday protection strategy.
Virus Outbreak Protection Service (VOS)
closes the gap between antivirus updates with FortiCloud Sandbox analysis to detect and stop malware threats discovered between signature updates before they can spread throughout an organization, with real-time look-up to our Global Threat Intelligence database, providing you with the latest in malware protection.
Security Rating Service
Stay on track of your Security Roadmap and Target Security Maturity level with measurable and meaningful feedback in the form of actionable Configuration Recommendations, and Key Performance/Risk Indicators. Build Senior Management Confidence by demonstrating effective business asset protection and compliance with regulatory requirements.
Aggregates real-time threat data from Fortinet’s threat sensors, Cyber Threat Alliance, and other global resources. Provides protection against malicious web and botnet attacks, blocks large scale DDoS attacks from known infected sources and blocks access from anonymous and open proxies. Real-time IP reputation updates and analysis tools with Geo IP origin of attack.
Block and monitor web activities to assist customers with government regulations enforcement of corporate internet usage policies. FortiGuard’s massive web-content rating databases power one of the industry’s most accurate web-filtering services. Granular blocking and filtering provide web categories to allow, log, or block Comprehensive URL database provides rapid and comprehensive protection. Fortinet’s Credential Stuffing Defense identifies login attempts using credentials that have been compromised using an always up-to-date feed of stolen credentials.
Automated content updates & latest malware and heuristic detection engines, proactive threat library protects against all known threats and variants, Content Pattern Recognition Language and new patented code recognition software protects against unknown variants and guaranteed SLAs to address severe malware threats.
FortiGuard's App Control protects managed assets by controlling network application usage. The sophisticated detection signatures identify Apps, DB applications, web applications and protocols, both blacklist and white list approaches can allow or deny traffic. Traffic shaping can be used to prioritize applications and flexible policies enable full control of attack detection methods.
Vulnerability scan network assets for security weaknesses, with on demand or scheduled scans. Comprehensive reports on the security posture of your critical assets and automated scanning of remote location FortiGates for compliance requirements.
FortiGuard Indicators of Compromise (IOC)
The IOC service is an automated breach defense system that continuously monitors your network for attacks, vulnerabilities, and persistent threats. It provides protection against legitimate threats, guarding customer data and defending against fraudulent access, malware, and breaches. It also helps businesses detect and prevent fraud from compromised devices or accounts.
Web Application Firewall (WAF)
Protects against SQL injection, cross-site scripting and various other attacks, hundreds of vulnerability scan signatures, data-type and web robot patterns, and suspicious URLs, Automated updates of WAF signatures, Supports PCI DSS compliance by protecting against OWASP top-10 vulnerabilities and using WAF technology to block attacks.
Protects ICS and SCADA of OT organization better by blocking or restricting access to risky industrial protocols. Gives you visibility and control of hundreds of industrial applications and lets you add custom applications. Provides real-time threat intelligence updates to battle advanced cyber threats. Supports major ICS manufactures to provide vulnerability protection.
Dual-pass detection technology reduces spam at the network perimeter. Flexible configuration and no-hassle implementation. Allows anti-spam filtering policies. Advanced anti-spam detection capabilities provide greater protection than standard real-time blacklists.
Fully-automated updates protect against the latest threats targeting mobile platforms. Employs advanced virus, spyware, and heuristic detection techniques to thwart new and evolving mobile threats.
|APP. CTRL||WAF||WEB FILTERING||ANTI-SPAM||IPS||VULN. SCAN||ANTI-VIRUS||IP REP.||MOBILE SECURITY||IOC||VIRUS OUTBREAK PROTECTION SERVICE||CONTENT DISARM & RECONSTRUCT||SECURITY RATING UPDATE|
|FortiAP S Series|
Fortinet Developer Network (FNDN)
FNDN is a subscription-based community to help administrators and developers enhance and increase the effectiveness of Fortinet products. The Fortinet Developer Network provides official documentation and advanced tools for developing custom solutions using Fortinet products, like customer web portals, automated deployment and provisioning systems, and CLI scripting.
- Developer Toolbox - Exclusive access to advanced tools, scripts/utilities and example code
- Documentation and How-Tos - Latest API documentation and how-to content for customization and automation
- Connect with Experts - Communicate and collaborate with advanced users and interact directly with Fortinet experts
- Basic - Free access to documentation, Forums, and basic tools
- Personal Toolkit - Full access for single user, Premium tools and licenses
- Site Toolkit - Full access for up to 15 users, Premium tools and licenses, FortiGuard services
FortiGuard Premier Signature Lookup
The FNDN Site Toolkit includes a number of advanced FortiGuard services that allows you to access FortiGuard's comprehensive security resources. Organizations around the world use the FortiGuard IPS and application control capabilities in the FortiGate platform to block network intrusions and manage thousands of different applications. The FortiGuard Premier Signature Lookup Service provides viewing of IPS and application control signatures with source code. You can search for signatures by ID or name to look up information on released IPS and application control signatures.
FortiGuard Services and Bundles
FortiGuard Labs delivers a number of security intelligence services to augment your core security component. You can easily optimize the protection capabilities of your security solution by either selecting individual services or logical security and support service bundles, like our Enterprise Bundle, which offers greater flexibility and savings.
|Components/ Services||ADVANCED MALWARE PROTECTION||THREAT PROTECTION BUNDLE||UTM PROTECTION BUNDLE||ENTERPRISE PROTECTION BUNDLE||A-LA CARTE ONLY||FORTICARE CONTRACT|
|Application Control DB Internet Service / Internet Services DB Client ID DB IP Geography DB Malicious URL DB URL Whitelist DB|
|Botnet domain DB IP Reputation DB|
|AV Database (multiple) Flow AV DB Mobile AV DB|
|Content Disarm & Reconstruct Feature|
|Virus Outbreak Protection Query|
|Web Filtering Query Secure DNS Query|
|Security Rating DB|
|Industrial DB (IPS and Application Control) Signatures|