Advertise on ITWeb         Sat, 25 Jun, 21:29:35 PM

Fortinet unveils FortiOS 5.2 to fight advanced persistent threats

The latest version of the operating system underpins Fortinet's advanced threat protection framework.

Fortinet – a world leader in high-performance network security – unveiled a major update to the company's FortiOS Network Security operating system that powers the FortiGate platform.

This release incorporates numerous innovations that strengthen Fortinet's Advanced Threat Protection Framework, providing enterprises with a cohesive and coordinated way to combat Advanced Persistent Threats (APTs), zero-day attacks and other sophisticated malware.

This Framework uniquely combines Fortinet's new and established technologies with FortiGuard's threat research and response to address increasingly complex cyber threats and reduce the risk of network breach and data loss.

The key elements of Fortinet's Advanced Threat Protection Framework are:

* Access control: Reduces the attack surface by only allowing authorised users to access the network via authorised ports
* Threat prevention: Proactively stops as many attacks as possible by inspecting code, traffic, Web sites and applications
* Threat detection: Continues seeking out indicators of compromise in order to identify previously unknown attacks that bypass traditional defences
* Incident response: Validates and contains incidents with expert security services, as well as automated actions and updates
* Continuous monitoring: Assesses and improves security posture against individual and industry baselines, while accommodating a rapidly evolving threat environment.

FortiOS 5.2: A key pillar to Fortinet's ATP Framework

The threat landscape has seen a proliferation of highly targeted zero-day attacks and APTs that are designed to steal intellectual property or other critical enterprise data. Researchers at Fortinet's FortiGuard Labs have discovered more than 140 new zero-day vulnerabilities to date, including 18 found in 2013 alone. Fortinet's ATP framework supports the recommendation of Gartner on protection from advanced targeted attacks. Indeed, according to their 12 February 2014 report, "Designing an Adaptive Security Architecture for Protection from Advanced Attacks", authors Neil MacDonald and Peter Firstbrook wrote: "All organisations should now assume that they are in a state of continuous compromise". The report's authors added, "Comprehensive protection requires an adaptive protection process integrating predictive, preventive, detective and response capabilities. In such context, Fortinet has integrated significant new security features to its operating system for a more effective protection against APTs and other targeted attacks. FortiOS 5.2 – which will still be supported by current versions of FortiAnalyzer 5.0 and FortiManager 5.0 with a new patch release – strengthens Fortinet's Advanced Threat Protection Framework at the following levels:

* Access control:
A new graphical policy table manipulation feature allows easier and consistent configuration of firewall policies
* Threat prevention:
* A new deep flow advanced malware engine that goes beyond traditional signatures and heuristics; combining the speed of flow-based analysis with the breadth of proactive detection technologies including unpacking and emulation
* A new inline SSL engine leverages the company's CP8 custom ASIC for as much as five times faster content inspection of encrypted traffic (varies by model and previous version of FortiOS)
* An enhanced explicit Web proxy with support for https and higher performance
* An enhanced IPS engine protects against the latest exploit techniques with enhanced decoders, dynamic analysis techniques and more
* Threat detection:
* Deeper integration between FortiGate and an enhanced FortiSandbox for faster deployment and greater protection
* Enhanced client behavioural analysis with new indicators of compromise and severity rating for the threats to help detect previously unknown attacks
* More pre-defined reports, including botnet activity, pinpoint compromised systems
* Incident response:
* New dashboard views – based on user devices, applications, Web sites and threats – include severity ratings and drill down to speed response
* New role-based workflow modes to guide incident response among other activities
* Direct policy table manipulation from those views to take mitigating action
* Continuous monitoring:
* New consolidated views with identity-based policy (combining users and devices) and log cross-referencing for a more complete picture
* New access to FortiSandbox community leverages community intelligence
* Deep application control for cloud visibility

A full list of new features in FortiOS 5.2, which complement existing capabilities, can be found here: http://www.fortinet.com/technology/network-os-fortios.html "More than ever, enterprises require intelligent, integrated solutions to prevent data theft and network disruption caused by stealthy, targeted attacks. Despite what many vendors would have you believe, there is no one product or ‘silver bullet' to solve this problem," said John Maddison, vice president of marketing for Fortinet. "Today, Fortinet has introduced important enhancements to its FortiOS operating system to help better protect against ATPs. FortiOS 5.2 supports the broader, co-ordinated framework for Advanced Threat Protection that we have established to guide organisations through a structured approach of defense. Only such a framework can allow enterprises to effectively protect themselves against the new generation of threats they are facing." AvailabilityFortiOS 5.2 software, as well as the patch releases for FortiAnalyzer 5.0 and FortiManager 5.0, are all expected to be available in 2Q14. A release candidate of FortiOS 5.2 is available now for download and testing by registering at http://forti.net/beta.

Enjoyed this story? Subscribe to ITWeb's Security News newsletter.

Fortinet

Fortinet (NASDAQ: FTNT) helps protect networks, users and data from continually evolving threats. As a global leader in high-performance network security, the company enables businesses and governments to consolidate and integrate stand-alone technologies without suffering performance penalties. Unlike costly, inflexible and low-performance alternatives, Fortinet solutions empower customers to embrace new technologies and business opportunities while protecting essential systems and content. Learn more at www.fortinet.com.

Networks Unlimited

Networks Unlimited is a value added distributor based in South Africa, with a focus on only the world's best, most future-proof solutions for networking, security and storage. With a presence in 19 sub-Saharan African countries and a 20-year track record of sourcing and distributing best of breed solutions through a select channel, Networks Unlimited has brought to the region some of the most innovative solutions found in all major local enterprises today. Backed by a team of 35+ staff, Networks Unlimited differentiates itself from other market players by delivering advanced, market-leading products and solutions that are "the key to networking communications". Networks Unlimited can be reached at: 011 202 8400, info@nu.co.za or http://www.nu.co.za/.

 

Editorial contacts

Networks Unlimited
Anton Jacobsz
Managing Director
(012) 809 4102
This e-mail address is being protected from spambots, you need JavaScript enabled to view it

Red Ribbon Communications
Annalé van Rensburg
(012) 809 1481
This e-mail address is being protected from spambots, you need JavaScript enabled to view it

 

Our comments policy does not allow anonymous postings. Read the policy here



 

 

 

Sponsors Message