Next Gen Firewall
FortiGate: Next-Generation Firewall Overview (Fortinet Product Matrix Download)
High threat protection performance with automated visibility to stop attacks
Available in: Appliance / Virtual Machine / Cloud
As security architects consider how to provide comprehensive threat protection for their enterprises, including intrusion prevention, web filtering, anti-malware and application control, they face a major complexity hurdle managing these point products with no integration and lack of visibility. Gartner estimates that by 2019 80% of enterprise traffic will be encrypted and 50% of attacks targeting enterprise will be hidden in encrypted traffic.
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance including encrypted traffic. FortiGate reduces complexity with automated visibility into applications, users and network and provides security ratings to adopt security best practices.
FortiGate: Next-Generation Firewalls Models and Specifications
FortiGate NGFW is available in many different models to meet your needs ranging from entry-level hardware appliances to ultra high-end appliances to meet the most demanding threat protection performance requirements. This ensures that enterprise campus, core data-center, or internal segments, FortiGate can fit seamlessly into your environment.
FortiGuard Security Services for FortiGate: Next-Generation Firewalls
FortiGate NGFW receives continuous threat intelligence updates from FortiGuard Labs security services. Intrusion prevention, anti-malware, cloud sand-box, application control and web filtering protects enterprises from known and unknown advanced attacks.
- Application Control
Improve security and meet compliance with easy enforcement of your acceptable use policy through unmatched, real-time visibility into the applications your users are running. With FortiGuard Application Control, you can quickly create policies to allow, deny, or restrict access to applications or entire categories of applications.
- Web Filtering
Protects your organization by blocking access to malicious, hacked, or inappropriate websites.
- FortiSandbox Cloud
FortiSandbox Cloud Service is an advanced threat detection solution that performs dynamic analysis to identify previously unknown malware. Actionable intelligence generated by FortiCloud Sandbox is fed back into preventive controls within your network—disarming the threat.
FortiGuard Antivirus protects against the latest viruses, spyware, and other content-level threats. It uses industry-leading advanced detection engines to prevent both new and evolving threats from gaining a foothold inside your network and accessing its invaluable content.
- Intrusion Prevention
FortiGuard IPS protects against the latest network intrusions by detecting and blocking threats before they reach network devices.
- Virus Outbreak Protection Service
FortiGuard Virus Outbreak Protection Service (VOS) closes the gap between antivirus updates with FortiCloud Sandbox analysis to detect and stop malware threats discovered between signature updates before they can spread throughout an organization. OS initiates a real-time look-up to our Global Threat Intelligence database.
- Content Disarm & Reconstruction
Content Disarm & Reconstruction (CDR) strips all active content from files in real-time, creating a flat sanitized file. All active content is treated as suspect and removed. CDR processes all incoming files, deconstructs them, and removes all elements that do not match firewall policies.
- IP Reputation & Anti-botnet Security
The FortiGuard IP Reputation Service aggregates malicious source IP data from the Fortinet distributed network of threat sensors, CERTs, MITRE, cooperative competitors, and other global sources that collaborate to provide up-to-date threat intelligence about hostile sources. Near real-time intelligence from distributed network gateways combined with world-class research from FortiGuard Labs helps organizations stay safer and proactively block attacks.
FortiGate Enterprise Bundle : read more
The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes:
- NGFW Application Control
- IP/Domain Reputation
- Mobile Security
- Web Filtering
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- Security Rating
- Industrial Security Service
FortiGate Secure SD-WAN
Application Aware, Multi-Path WAN Controller with Integrated NGFW Security
Fortinet NSS Labs RecommendedDistributed enterprise branches transitioning to a digital business model are having a significant impact on network WAN. The adoption of cloud services and increasingly mobile work force are accelerating advancements in WAN technologies. With enterprises directly accessing the internet, it’s becoming critical to deploy next-generation security strategies along with enabling multi-path WAN to improve application performance.
Fortinet is the only NGFW vendor to provide native SD-WAN along with integrated advanced threat protection. Fortinet, has received the “Recommended” rating for the first ever test conducted by NSS Labs for Software-Defined Wide Area Networking. Fortinet delivered excellent quality of experience for voice and video, high VPN throughput and best price/performance.
FortiGate SD-WAN replaces separate WAN routers, WAN optimization, and security devices with a single solution that is application-aware, offers automatic WAN path control and multi-broadband support. It improves application performance, reduces WAN Operating expenses and minimizes management complexity.
Powerful and Innovative Intrusion Prevention Systems
Whether part of a firewall solution or a separate standalone appliance, Intrusion Prevention Systems (IPS) technology is becoming an increasingly ubiquitous part of network security defenses. Fortinet, well known for its next-generation firewall (NGFW) solution, has built IPS technology for more than ten years. Fortinet customers expect and depend on high performance from FortiGate firewalls and FortiGate IPS benefits from this legacy, delivering pound-for-pound, the best IPS performance available in the market today. FortiGate IPS, following a different evolution path than traditional IPS, innovates in ways that other standalone IPS products do not.
FortiGate IPS Product Details
Zero-day, advanced targeted attacks, ransomware, polymorphic malware and distributed denial-of-service attacks all require sophisticated detection engines not available in traditional standalone IPS or in most firewalls. FortiGate IPS includes multiple inspection engines, threat intelligence feeds and advanced threat protection options to defend against these unknown threats. Packaged in powerful FortiGate platforms (hardware, virtual, cloud) with advanced analytics and workflows through FortiAnalyzer, FortiGate IPS is a cost-effective network security solution to feed incident response needs in your SOC.
VPN: Scalable, High-Performance, Diverse Crypto VPNs
Protect high-speed data in motion from breaches in a multi-cloud environment
Scalable High-Speed Diverse Crypto VPNs Overview
As companies look to transform everything from their business operating models to service delivery methods, they are adopting technologies such as mobile computing and cloud to make data and applications available wherever they are needed resulting in an increased digital surface and exposure to data in transit breaches.
Maintaining uniform security policy for all corporate users, applications, devices irrespective of their location and appropriate access control is essential to providing security in a multi-cloud environment. The data in motion must be protected using mutual authentication and confidentiality to protect sensitive corporate data over unprotected networks and provides a defensible proof of security.
What’s New in FortiOS 6.0?
This new version is focused on increasing visibility and network oversight, improving our integrated threat intelligence, and adding new automation features allowing you to proactively respond to emerging threats:
- new Security Fabric features
- new Network Management tools
- comprehensive Internet of Things/Endpoint Security coverage
- and many other useful features and updates.
Visit Fortinet’s documentation library at http://docs.fortinet.com or our video portal at http://video.fortinet.com.
Secure Web GW
Secure Web Gateway (SWG)
Enterprise-class protection against internet-borne threats
Secure Sockets Layer (SSL) adoption is on the rise, with at least 60% of internet sites using it as of January 2018. While this provides confidentiality, it’s also a great place for cybercriminals to hide malware. Industry reports indicate that 41% of malicious traffic leverages encryption. In addition, administrators lose visibility of data leaving the enterprise and can’t enforce data loss policies.
Fortinet firewalls with Gateway Security protects enterprises against web attacks with URL filtering, visibility and control of encrypted web traffic via SSL inspection, and application of granular web application policies. Fortinet is the first and only gateway security vendor to earn Virus Bulletin’s VBWeb certification for web filtering effectiveness.
FortiGate SWG employs multiple FortiGuard services to protect users against the latest web threats and to enforce compliance. One of the key services is FortiGuard Web Filtering, which is the only web filtering service in the industry that is VBWeb certified for security effectiveness by Virus Bulletin.
Management & Report
Management & Reporting
Operationalized Visibility, Quantifiable Security and Cross-silo Automation
Security teams globally are challenged by resource constraints, both in terms of the number of staff and raw security talent. Moreover, security teams are asked to do more, often in more complex networks and with growing numbers of alerts from multiple systems. Successful security teams allay these challenges by implementing three best practices. First, they simplify the way view management, combining operation NOC-style views with security-based SOC context. Second, they regularly measure and score their security effectiveness, enabling them anytime to answer how secure they are. Third, they demand deep integration so they can automate repetitive actions, especially across silos when possible.
FortiGate Management & Reporting Product Details
Fortinet has purpose-built NOC-SOC into central security management products. This NOC-SOC approach simplifies security management and reporting both during initial deployment as well as with ongoing adjustments to keep Fortinet’s Security Fabric tuned to the optimal security posture. Three products – FortiAnalyzer, FortiManager and FortiCloud – are part of NOC-SOC-based central security management and reporting.
FortiGuard Security Services for FortiGate Management and Reporting
- FortiSandbox Cloud Service is an advanced threat detection solution that performs dynamic analysis to identify previously unknown malware. Actionable intelligence generated by FortiCloud Sandbox is fed back into preventive controls within your network—disarming the threat.
- The FortiGuard Indicator of Compromise (IOC) service packages recently observed artifacts of host intrusions or compromise, delivering them daily to retroactively identify any host intrusions and proactively protect against the latest targeted attacks.
- Security Audit Update Service is intended to guide customers to design, implement and continually maintain the target Security Fabric security posture suited for their organization. The Security Fabric is fundamentally built on security best practices and by running these audit checks, security teams will be able to identify critical vulnerabilities and configuration weaknesses in their Security Fabric setup, and implement best practice recommendations.