Fortinet Receives Highest Rating (AAA) from CyberRatings in Cloud Network Firewall Third-Party Test

In the first-ever third-party testing of cloud network firewalls, Fortinet FortiGate-VM earned the highest possible rating of AAA in all five categories of a test by CyberRatings, an independent, nonprofit member organization that provides transparency and expert guidance on cybersecurity risks via research and testing programs.

The CyberRatings “scorecard” for the Fortinet Cloud Network Firewall states, “Security Effectiveness was excellent; Fortinet blocked 35 out of 35 evasion techniques, 977 out of 977 exploits, and passed all the stability and reliability tests.”

Fortinet Continues to Raise the Bar for NGFWs Across the Infrastructure

Below is a summary of the Fortinet scores in the five testing categories of the CyberRatings test: 

  1. Management and Reporting Capabilities
  2. Routing and Policy Enforcement
  3. SSL/TSL Functionality
  4. Threat Prevention
  5. Performance

Efficient Routing and Policy Enforcement

Proper routing and policy enforcement is critical to secure perimeters and ensure compliance of the IT infrastructure in hybrid and cloud deployments. They encompass segmentation and access control of different virtual networks on the cloud and in the virtual data center.

FortiGate-VM received the highest possible rating (AAA) for all CyberRatings’ Routing and Policy Enforcement tests, ranging from simple to complex policies. IT teams can use FortiGate-VM to apply proper segmentation, ensuring isolation and protection of internet-facing zones (north-south perimeter). And they can also use appropriate access control to filter traffic in environments with multiple zones (east-west perimeter) at different trust levels.

Robust SSL/TLS Functionality

About 80% of internet traffic is encrypted and almost all e-commerce websites use HTTPS traffic. It is imperative that firewalls protecting IT assets correctly decrypt SSL/TLS traffic to inspect and make policy-based decisions. The TLS 1.2 and 1.3 cipher suites tested by CyberRatings are used by 98% of all websites.

FortiGate-VM received the highest rating possible (AAA) for preventing insecure ciphers, decrypting, and inspecting SSL/TLS traffic to block prohibited content, and improving performance by reusing TLS sessions.

Highest Level of Threat Prevention

As organizations shift to more hybrid IT architectures, spanning from on-premises to the cloud, the attack surface continues to expand. And with threats more advanced and persistent than ever before, the protection against known and unknown exploits and attacker tactics becomes even more paramount.

FortiGate-VM received an AAA rating for blocking 100% of all exploits and evasions in the threat prevention tests. Organizations can use FortiGate-VM to protect trusted networks from untrusted networks while allowing only authorized communications to pass—thereby facilitating secure business use of the internet.

Strong Management and Reporting Capabilities

One of the key concerns for organizations adopting cloud is management and operational complexity. IT teams need solutions that enable them to apply consistent policies across on-premises and cloud deployments. It is vitally important for cloud network firewalls to have management and reporting capabilities that support authentication, including role-based access control, as well as policies for customization, logging, alert handling, summary reporting, and change control.

FortiGate-VM received the top AAA rating from CyberRatings for the Management and Reporting Capabilities section of their test. FortiGate-VM firewall rules and device configuration can be managed using native web interface. Alternately, the FortiManager management application can be used for larger deployments with tens or hundreds of FortiGate-VMs and physical firewalls.

Excellent NGFW Price/Performance (TCO)

Unlike Fortinet, many other cloud network firewall vendors lack the performance needed to deliver effective security at an optimal price point. In many cases they must scale out to many instances even to deliver a minimum level of performance that does not impact user experience, driving up operational costs.

Again, Fortinet received top scores in the CyberRatings Performance category. Because we believe that effective security should not break budgets, the FortiGate-VM cloud network firewall supports virtual SPU (security processor) technology that applies packet acceleration and other optimizations to deliver significant performance advantages at an optimal cost point. With Fortinet, organizations can right-size their investment without compromising security on the cloud.

At the Foundation of Integrated Cloud Security

Not only has Fortinet been validated as a top-flight achiever across CyberRatings’ five categories, as well as by other reviews in the past, we have also designed our solutions to interoperate as part of our unique Fortinet Security Fabric, comprised of a broad portfolio of converged networking and security offerings across endpoints, networks, and clouds. By connecting FortiGate-VM to the Fortinet Security Fabric, we can support hybrid networks (on-premises and in the cloud) and multi-cloud environments.

IT teams struggle to address the many challenges that come with cloud network security. They must deal with architectural complexities like elastic scaling, management complexities with multiple consoles for different security aspects like NGFW, NAT, logging, SSL VPN, IPsec VPN, etc., and fragmented policies between on-premises and cloud deployments. Fortinet simplifies all aspects of network security management and operations in the cloud.

Powered by FortiGuard services, FortiGate-VM delivers a consistent and agile network security solution that keeps up with the dynamic cloud environment through deep cloud-native integrations with AWS, Azure, Google Cloud, and Alibaba Cloud. It also secures virtual data center environments through seamless integrations with software-defined network platforms like VMware, Nutanix, OpenStack, and others.

For large-scale cloud and virtual data center environments with many FortiGate-VM virtual firewalls and/or FortiGate physical firewalls, FortiManager can be used as a single pane of management, and FortiAnalyzer can be used for deep visibility into security events.

FortiGate-VM deployed in the Security Fabric with other Fortinet security technologies and third-party products delivers full visibility and control across the entire attack surface in the cloud—helping reduce risk, improving compliance, increasing operational efficiency, and optimizing costs.

Commitment to Third-party Testing

Fortinet is committed to third-party testing because we know it can aid customers in the decision-making process. IT teams are always searching for the vendor that can best support their security needs, but they have to wade through marketing materials—all claiming the superiority of their solutions.

The problem is that no two vendors use the same standards for marketing the performance and functionality of their solutions, so window shopping is nearly impossible. When it comes to security, the stakes are extremely high. This is why we believe independent, unbiased third-party nonprofits like CyberRatings are invaluable.

Unbiased Ratings, Reports, and Advice

The CyberRatings team has a unique combination of experience and breadth of knowledge with three decades of security-product testing expertise and proficiency. It provides unbiased ratings, technical reports, and expert advice to help organizations understand their cyber-vulnerability profile.

CyberRatings has well-established relationships with most large and small security vendors and has built a strong trust with vendors and enterprises. As a result, its tests are designed and conducted to the highest technical standards with meaningful independence.

Download the CyberRatings Cloud Network Firewall Report and learn why FortiGate-VM should be an essential part of your cloud network security.

Sourced from Fortinet

Strengthening the Human Element in Your Cybersecurity Stack

Many of us reach a point in life—and in our business—where we feel the need to refocus on our core capabilities and strengths and outsource or ask for expert advice on the rest. This strategic decision allows us to make even more significant leaps forward in those places we are uniquely capable of solving the issues at hand. 

In cybersecurity, we talk a lot about the need for end-to-end automation to support a dynamic and agile security posture capable of responding to new threat information in near real-time. Our industry translates this to being able to stop attacks in their tracks. We have all invested and will keep investing time and resources in building toward this vision as we choose to add new technologies, vendors, and partners to our cybersecurity ecosystem.

However, one area many security leaders tend to talk less about is the human component of cybersecurity strategies and how we can increase its impact on our overall success. Today, two-thirds of global leaders claim that the global skills shortage creates additional cyber risks for their organization, including 80% who reported experiencing at least one breach during the last 12 months they could attribute to the cybersecurity skills gap.

It is time to talk about the human element as part of your overall cybersecurity framework. 

Enhance, Automate, and Outsource – The Human Element 

If I asked you today how many of your technology security capabilities are being consumed as a service and how many more you are currently evaluating, the answer would be—most. Security vendors already operate, maintain, and advance critical security capabilities for your technology, be it your IPS, URL, DNS, sandbox, AV, CASB, IoT, etc., by providing security intelligence to keep them tuned to the latest threats. Teams of cybersecurity experts are already helping keep you ahead of today’s cybercriminals. The same goes for automated processes. Many of you are on a path to creating a fully automated security posture, SOC, and process flows. And in many cases, you and your vendors are on this journey together.

But when we talk about your people, there is less of an organized process, strategy, or priority—or, even time for skill enhancement. And even fewer are evaluating which tasks the SOC team performs that would be best to outsource.    

There are three strategies for applying services to your security team, employees, and partners to better protect your organization. The first is to enhance their capabilities with the skills and technologies of dedicated cybersecurity professionals who spend every day on the front lines of today’s cyber war. Next is to automate many of your team’s processes to improve accuracy, mean time to detect (MTTD), and mean time to respond (MTTR). And there are simply some aspects of cybersecurity you will choose to outsource to keep your team focused on the critical tasks at hand.

Enhance

Employees

Many attacks today start with the exploitation of a vulnerability, whether it’s a technology or human failing (for example, phishing). We all strive to prevent and stop attacks as early as possible during the attack cycle by adding advanced capabilities like EASM, NDR, Deception, EDR, and even Secure Mail Gateways, and WAF to front critical assets. All to minimize damage and avoid the long process of remediation.

In many cases, your employees are your first line of defense. Suppose you evaluate your employees in the same way you assess technologies, looking for vulnerabilities (knowledge and skills gaps) that need to be “patched” on a regular basis? It should then be easy to understand the need for cyber-safe programs. This process of continual improvement can and should be built alongside partnering with a cybersecurity vendor/team well-versed in current attack tactics that can integrate that knowledge into your organization’s employee training program.

SOC teams and cybersecurity professionals

If you’re like most of us, your SOC teams are heads-down sifting through alerts, logs, and tasks. As a result, they find it difficult to find the time to stay sharp when it comes to the evolving attack threat landscape and the overarching state of your end-to-end security posture.

Practice will make your team better and faster in responding to attacks. Make time for it. Allocate time for tactical training a complete evaluation of capabilities, AND to build and test effective automation and playbooks, leveraging tools like SOAR. Cybersecurity experts actively working in threat hunting and Incident Response will have the real-world, hands-on experience needed to build and execute training for your team. It is also recommended that you evaluate and take advantage of onboarding and training programs that support short learning curve objectives and the optimization of investments.

Outsource

The current intensity, both in velocity and sophistication, we are experiencing across the threat landscape means we all need to work even harder to stay on top of our game. But that can only get us so far. So, we must also work smarter, which is the driver behind building automated, self-learning systems and outsourcing some functions to dedicated experts. Such enhancements are a critical way to eliminate noise and help your team focus on their most critical tasks and advance your business. Outsourcing can serve many purposes. It can be used temporarily until your team is past the learning curve of new technology or as a permanent arrangement as an extension of your security team.

There are generally three areas where we see organizations outsourcing security functions: 

Evaluating security effectiveness

There is a maxim among cybersecurity professionals that the team that builds a security posture should not be the one that assesses its effectiveness. Leveraging an external team to perform these tasks will invariably produce a better result. These services can range from individual point-in-time assessments, like vulnerability or ongoing monitoring of your external attack surface management (EASM) to determine end-to-end readiness for attacks like ransomware. These assessments also support a much-needed risk-based prioritization of future investments.   

Outsourcing some or all of your SOC threat hunting capabilities

The outsourcing of active monitoring detection and response to threats extends from the endpoint (MDR), to the network, to full SOC responsibilities (SOC as a Service). And given the speed of today’s threats, prevention is best served with a fully automated cycle from detection to response. However, in most cases, the adoption of fully automated response will be tied to the trust level the SOC team has in the machine learning recommendations and data and not in technology capabilities, which as in all automation-driven fields, will evolve and expand with time, data, and expertise.  

Outsourcing some or all of your Incident Response capacities

The benefits of working with an incident response (IR) team before you are under active attack cannot be stressed enough. By engaging early, an IR team can help you evolve and strengthen your security posture. They will also obtain critical knowledge on your existing security deployment and any agreed-upon response and remediation processes. That, in time, will help reduce incidents and shorten the time required for remediation once an incident occurs.  

Automate 

Everyone contributes to the problem of increasingly complex work environments. Marketing and engineering teams use multiple systems. Users employ numerous devices to connect to an even larger number of applications. The goal of every cybersecurity leader today should be to establish a unified security framework across the entire organization that prioritizes synergetic systems and centralized processes to deliver ML-powered automation.

But AI and ML are only as good as the data they are trained on and the people who teach them. When engaging with vendors offering ML-powered solutions, it is essential that you look inside the organization and figure out who’s designing their models. What datasets are they working with? Ensure that the process and automation used to gather, process, identify, and respond to incidents are trustworthy. 

FortiGuard Services Provide a Full Spectrum of Business-critical Support

As part of the industry’s leading fully integrated Security Fabric, delivering native synergy and automation across your security ecosystem, Fortinet also provides an extensive portfolio of technology and human-based as-a-service offerings. These services are powered by our global FortiGuard team of seasoned cybersecurity experts.

Book some time with this team of cybersecurity experts to learn more about how we can help you enhance, automate, and outsource critical security functions to keep your organization secure.  

Find out how Fortinet remains a global leader in broad, integrated and automated cybersecurity solutions: Fortinet Innovation series.

Sourced from Fortinet