FortiGuard Security Services Data Sheet - BOLL

Transcription

DATA SHEETFortiGuard Security ServicesNew cyber threats emerge every moment of everyday. Whether it’s ransomware, phishing campaign, orinfrastructural vulnerability—organizations mustconstantly be prepared to defend against somethingnew at all times. Extensive knowledge of the threatlandscape, combined with the ability to respondquickly at multiple levels, is the foundation forproviding effective security. That’s where the threatresearch and intelligence of FortiGuard Labs is criticalto protect your network.FortiAnalyzerCentralized Loggingand ReportingFortiGuardGlobal ThreatIntelligenceFortiGuard’s certified & proven security protection providescomprehensive security updates and protection for the full rangeof Fortinet’s Security Fabric solutions. FortiGuard Labs consistsof hundreds of research specialists, with an average of over 16years experience in threat research and response, providingcutting-edge protection to customers and enhancing their cybersecurity defense. Seemless integration into your SOC/NOC foractionable security operations against today’s threats.Power of FortiGuard LabsWhen dealing with an almost invisible adversary, it is importantto understand everything that is observable about them.FortiGuard threat intelligence encompasses research performedby FortiGuard analysts in cooperation with extended securityindustry and law enforcement organizations. Hundreds ofFortiGuard researchers scour the cyber landscape to discoveremerging threats and develop effective countermeasures toprotect organizations around the world. They are the reasonFortiGuard is credited with over 650 zero-day discoveries – arecord unmatched by any other security vendor. A uniquecombination of in-house research, information from industrysources, and machine learning, and artificial intelligencetechnologies is why Fortinet security solutions score so high inreal-world security effectiveness tests at places like NSS Labs,Virus Bulletin, ICSA Labs, AV Comparatives, and more.ieslicFortiGatePhysical or virtualApplied Security IntelligenceFortiGuard Labs uses data collected from sensors positionedaround the globe to protect more than 300,000 customersevery day.HeadquartersData CenterRemote Office/Branch OfficeCloudPoFortiManagerCentralized Device andPolicy ManagementRemote Office/Branch OfficeFortiGatePhysical or virtualFortiGuard Minutefrom Q4 2018580,000140,000Hours of Threat ResearchMalicious Website AccessesGlobally Per Yearblocked per minute10,000,00065,000Network IntrusionBotnet C&CAttempts resisted perattemptsminute35,00022,000Malware ProgramsIntrusion Prevention Rules,Neutralized Per Minute63 Rules per Week860681Terabytes ofZero Day ThreatsThreat SamplesDiscovered

DATA SHEET FortiGuardIntelligence IlluminationFortiGuard Security ServicesBy leveraging global threat data, enterprise organizations willCyber threats and cyber crime are on the rise. Criminalsbe able to outsmart highly complex attacks. It Is important toare exploiting the complexity of our expanding networks tounderstand the capabilities, tactics and procedures of cyberinfect, steal data, and hold systems to ransom. Extensivethreat actors. With possession of this kind of information,research and knowledge of the threat landscape,enterprises have enough “illumination” to understand how tocombined with the ability to respond quickly at multiple levels,better respond to threats that are targeting their organization.is imperative for providing effective security.It is this information that would ultimately illuminate the path toa stronger cybersecurity posture within your organization.Powered by AIFortiGuard security services are designed to optimizeCombat Threatsperformance and maximize protection across Fortinet’sBy combining our threat intelligence feed with local data fromsecurity platforms and are available as subscription feedsyour network, such as logs and security events from yourfor the FortiGate Next-Generation Firewall / IPS platforms,infrastructure, you will be able to quickly remediate threatsthe FortiMail secure email gateway, the FortiClient endpointwith a surgical precision, lessening the time to respond toprotection software, FortiSandbox, FortiCache, and thethreats and saving valuable security personnel time. ThreatsFortiWeb web application firewall. This includes IP reputationarise from everywhere on the globe, and a threat that hasupdates, intrusion prevention, web filtering, antivirus/anti-first appeared in Japan for instance, could be targeting aspyware, anti-spam, database security, , virus outbreakcorporation in Europe tomorrow. By having information aboutprotection service, content disarm & reconstruction, securitywhat may happen tomorrow, your organization will be gainingrating services and network and web application controlpro-active, intelligent based protection to stay ahead ofcapabilities to enable unified protection against today’sthreats.threats. Anti-Malware App ControlCertifications Intrusion PreventionFortiGuard technologies earned its certifications throughrigorous testing across a broad spectrum of performanceindicators, conducted by independent organizations withindustry-wide standards, including: NSS Labs, ICSA Labs,Common Criteria, Virus Bulletin, Virus Bulletin Spam, Mitre, Web Filtering Web App SecurityFortiGuardServices Content Disarm &Reconstruction Malicious Artifacts Security Research Botnet Research FortiWeb FortiMailConsolidatedIntelligenceCyber Threat Alliance,DHS, Telcoms, CERTS, 200 partnerships2 FortiClient FortiSandboxFortiGuardLabs Mobile Researchsupport.fortinet.com FortiGate FortiManager Web Threat Researchwww.fortiguard.com Cloud Sandbox FortiGuard SecurityRating Service Virus OutbreakProtection ServiceFortiGuardDevicesFortiCare Worldwide24/7 support Vulnerability Industrial Security Mobile SecurityOasis and NASA.FortiGuard SecurityServices Anti-SpamThreatIntelligenceSharing

DATA SHEET FortiGuardFeature HighlightsIntrusion Prevention (IPS)IP ReputationFortiGuards Automated updates provide latest defensesagainst network-based threats. You get the latest defensesagainst stealthy network-level threat, a comprehensiveIPS Library with thousands of signatures, flexible policiesthat enable full control of attack detection methods tosuit complex security applications, resistance to evasiontechniques proved by NSS Labs and the IPS signaturelookup service.Aggregates real-time threat data from Fortinet’s threat sensors,Cyber Threat Alliance, and other global resources. Providesprotection against malicious web and botnet attacks, blockslarge scale DDoS attacks from known infected sources andblocks access from anonymous and open proxies. Real-time IPreputation updates and analysis tools with Geo IP origin of attack.Content Disarm & Reconstruction (CDR) stripsactive content from files in real-time, creating asanitized file and active content is treated assuspect and removed. CDR processesIndicators ofCompromiseincoming files, deconstructs them,and removes any possibility ofmalicious content in your filesWebSecuritythat do not match firewallpolicies, fortifying your zeroday protection strategy.Virus OutbreakProtection Service(VOS) closes the gapSecurityRatingServiceWebFilteringbetween antivirus updates with ApplicationControlFortiCloud Sandbox analysis todetect and stop malware threatsCloud AccessSecurity Brokerdiscovered between signatureupdates before they can spreadthroughout an organization, with real-timelook-up to our Global Threat Intelligence database,Web FilteringBlock and monitor web activities to assist customers withgovernment regulations enforcement of corporate internet usagepolicies. FortiGuard’s massive web-content ratingdatabases power one of the industry’s mostAntivirusIntrusionaccurate web-filtering services. GranularPreventionblocking and filtering provide webcategories to allow, log, or blockMobileSecurityComprehensive URL databaseprovides rapid and comprehensiveprotection. Fortinet’s CredentialAntispamStuffing Defense identifies loginattempts using credentials thathave been compromised using anFortiGuardVulnerabilityServicesManagement always up-to-date feed of dustrialSecurityproviding you with the latest in malware protection.Security Rating ServiceStay on track of your Security Roadmap and TargetSecurity Maturity level with measurable and meaningfulfeedback in the form of actionable ConfigurationRecommendations, and Key Performance/Risk Indicators.Build Senior Management Confidence by demonstratingeffective business asset protection and compliance withregulatory requirements.For more information on Fortinet's Security Rating Service,please visit the FortiGuard icesAntivirusAutomated content updates & latestmalwareand heuristic detection engines,IP ReputationContent Disarmproactive threat library protects against all& Reconstructionknown threats and variants, Content PatternRecognition Language and new patented coderecognition software protects against unknown variants andguaranteed SLAs to address severe malware threats.Application ControlFortiGuard's App Control protects managed assets by controllingnetwork application usage. The sophisticated detectionsignatures identify Apps, DB applications, web applications andprotocols, both blacklist and white list approaches can allow ordeny traffic. Traffic shaping can be used to prioritize applicationsand flexible policies enable full control of attack detection methods.Vulnerability ScanVulnerability scan network assets for security weaknesses, withon demand or scheduled scans. Comprehensive reports on thesecurity posture of your critical assets and automated scanning ofremote location FortiGates for compliance requirements.3

DATA SHEET FortiGuardFeature HighlightsIndicators of Compromise (IOC)AntispamThe IOC service is an automated breach defense systemDual-pass detection technology reduces spam at the networkthat continuously monitors your network for attacks,perimeter. Flexible configuration and no-hassle implementation.vulnerabilities, and persistent threats. It provides protectionAllows anti-spam filtering policies. Advanced anti-spamagainst legitimate threats, guarding customer data anddetection capabilities provide greater protection than standarddefending against fraudulent access, malware, andreal-time blacklists.breaches. It also helps businesses detect and prevent fraudMobile Securityfrom compromised devices or accounts.Fully-automated updates protect against the latest threatsWeb Application Firewall (WAF)targeting mobile platforms. Employs advanced virus, spyware,Protects against SQL injection, cross-site scripting andand heuristic detection techniques to thwart new and evolvingvarious other attacks, hundreds of vulnerability scanmobile threats.NetworkOperationssignatures, data-type and web robot patterns, and suspiciousURLs, Automated updates of WAF signatures, SupportsPCI DSS compliance by protecting against OWASP top-10FabricAPIsvulnerabilities and using WAF technology to block attacks.FabricConnectorsIndustrial SecurityProtects ICS and SCADA of OT organization better byEndpoint/DeviceProtectionblocking or restricting access to risky industrial protocols.Multi-CloudSecurityNetworkSecurityGives you visibility and control of hundreds of industrialapplications and lets you add custom applications. Providesreal-time threat intelligence updates to battle advancedSecureAccesscyber threats. Supports major ICS manufactures to provideApplicationSecurityvulnerability protection.SecurityOperationsFortinet Appliances - Secured by SFortiAP S SeriesFortiCloud PAMIPSVULSCANANTIVIRUSIP CONTENTDISARM &RECONSTRUCTSECURITYRATINGUPDATE

DATA SHEET FortiGuardFortinet Developer Network (FNDN)FNDN subscription-based community helps administrators and developers enhance and increase the effectiveness ofFortinet products, by providing official documentation and advanced tools for developing custom solutions using Fortinetproducts, like customer web portals, automated deployment and provisioning systems, and CLI scripting.BenefitsSubscription Levels Developer Toolbox - Exclusive access to advancedtools, scripts/utilities and example code Basic - Free access to documentation, Forums,and basic tools Documentation and How-Tos - Latest API documentationand how-to content for customization and automation Personal Toolkit - Full access for single user,Premium tools and licenses Connect with Experts - Communicate and collaborate with Site Toolkit - Full access for up to 15 users,advanced users and interact directly with Fortinet expertsPremium tools and licenses, FortiGuard servicesFortiGuard Premier Signature LookupThe FNDN Site Toolkit includes a number of advanced FortiGuard services that allows you to access FortiGuard's comprehensive security resources. Organizations around the world use the FortiGuard IPS and application control capabilitiesin the FortiGate platform to block network intrusions and manage thousands of different applications. The FortiGuardPremier Signature Lookup Service provides viewing of IPS and application control signatures with source code. You cansearch for signatures by ID or name to look up information on released IPS and application control signatures.FNDN Global ServersFortiGuard Services and BundlesFortiGuard Labs delivers a number of security intelligence services to augment your core security component. You can easilyoptimize the protection capabilities of your security solution by either selecting individual services or logical security and supportservice bundles, like our Enterprise Bundle, which offers greater flexibility and 360PROTECTIONBUNDLEA-LA CARTEONLYFORTICARECONTRACTComponents/ ServicesApplication Control Database, Internet Service Database, Client IDDatabase, IP Geography Database, Malicious URL Database, URLWhitelist DatabaseBotnet domain Database, IP Reputation DatabaseAV Database (multiple) Flow AV Database, Mobile AV DatabaseFortiCloud SandboxIPS DatabaseContent Disarm & Reconstruct FeatureVirus Outbreak Protection QueryWeb Filtering Query Secure DNS QueryAnti-Spam QuerySecurity Rating DatabaseIndustrial Database (IPS and Application Control) SignaturesFortiCASBFortiManager CloudFortiAnalyzer CloudSD-WAN Cloud Assisted MonitoringSD-WAN Overlay Controller VPNFortiConverter Service5

DATA SHEET FortiGuardOrder InformationFortiGuard A La Carte ServicesAnti-Virus, Botnet IP/Domain and Mobile MalwareServiceProtects against the latest viruses, spyware, and other content-level threats.Web FilteringFirst line of defense against web-based attacks, monitor, control, or block access to risky or malicious websitesCloud SandboxAdvanced threat detection solution that performs dynamic analysis to identify previously unknown malware. Includes: Virus Outbreak Protection Service and ContentDisarm & Reconstruction ServiceVirus Outbreak ProtectionProtects against emerging threats discovered between signature updatesIndicator of CompromiseProvides a continually updated list of known bad threat elements for prevention and detection capabilitiesSecurity Rating ServiceIdentifies security fabric configuration weaknesses, provides ranking against industry peers, and automates best practice recommendationIndustrial Security ServiceProvides in-line protection, proactive filtering of malicious and unauthorized network traffic, enforce security policies tailored to industrial environments, protocols andequipmentIPS ServiceProvides real-time threat intelligence updates to block and prevent advanced cyber threatsAntiSpamMulti-layered approach to detect and filter spam at the perimeter, giving you unmatched control of email attacks and infectionsAdvanced Malware ProtectionFortiGuard Advanced Malware Protection is a robust service providing core technologies needed for security protection for known threats and emerging threats. andincludes: Antivirus, Botnet IP/Domain Service, Mobile Malware Security, FortiSandbox Cloud, Virus Outbreak Protection Service and Content Disarm & Reconstruct.Penetration Testing ServiceFortiGuard Pentest Team conducts a series of technical assessments on your organization’s security controls to determine the weakness on computer hardwareinfrastructure and software application, apply commercial automated tools to discover unintended services made publicly available by your network and also apply realworld attackers’ methodologies to discover unknown vulnerabilities on the given target.FortiCare SKUsFC-10-#####-247-02-DDFortiCare 24x7 -- In addition to 24x7 phone and email support, this SKU covers automatic updates following databases: Application Control DB, Internet Service DB,Client ID DB, IP Geography DB, Malicious URL DB, and URL Whitelist DB.FC-10-#####-280-02-DDFortiCare 360 Contract (24x7 FortiCare plus Advanced Support ticket handling & Health Check Monthly Reports; Collector included with Setup & Administration)FNDN License SKUsFC-10-FNDN1-651-02-12FNDN Develop Toolkit – FNDN access for single user. Includes Develop tools and licensesFC-10-FNDN1-652-02-12FNDN Deploy Toolkit - FNDN access for single user. Includes Deploy tools and licensesFC-10-FNDN2-139-02-12FNDN Site Toolkit – FNDN access for up to 15 users. Includes premium tools and licenses for developers and advanced users of Fortinet productsAdditional ServicesFortiAnalyzerSubscription license for the FortiGuard Indicator of Compromise (IOC)FortiSandboxIntelligence from IPS, AntiVirus, IP Reputation, Web Filtering, and FortiCare services.FortiClientIntelligence from Application Control, AntiVirus, Web Filtering, Vulnerability Scan, and FortiCare services.FortiProxyIntelligence from AntiVirus, Web Filtering, IPS, DLP, Appication Control, DNS Filtering, AntiSpam, Vulnerability Scan and FortiCare ServiceFortiMailIntelligence from AntiVirus, AntiSpam, FortiSandbox Cloud, Virus Outbreak Protection Service, Dynamic Adult Image Analysis Service, FortiCare servicesFortiWebIntelligence from Web Application Security, AntiVirus, IP Reputation, Vulnerability Scan, FortiGuard Credential Stuffing Defense, FortiCare services.FortiADCIntelligence from AntiVirus, IP Reputation Web Application Security, FortiGuard Web Filtering Service, and FortiCare services.FortiDDoSIntelligence from IP Reputation and FortiCare services.FortiSIEMSubscription license for the FortiGuard Indicator of Compromise (IOC)FortiCASBProvide visibility and control for data stored in the cloud.FortiManager Cloud:Cloud-based Orchestration Service (1yr subscription)FortiAnalyzer CloudCloud-based Security and Event Management Service (1yr subscription)SD-WAN Cloud Assisted MonitoringSD-WAN Bandwidth & Quality Monitoring ServiceSD-WAN Overlay Controller VPN ServiceCloud-based VPN Overlay Service & PortalFortiConverter ServicePolicy Migration and Optimization Servicewww.fortinet.comCopyright 2019 Fortinet, Inc. All rights reserved. Fortinet , FortiGate , FortiCare and FortiGuard , and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common lawtrademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other resultsmay vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except tothe extent Fortinet enters a binding written contract

Vulnerability Scan Vulnerability scan network assets for security weaknesses, with on demand or scheduled scans. Comprehensive reports on the . Fortinet products, by providing official documentation and advanced tools for developing custom solutions using Fortinet products, like custom