Fortinet Announces the FortiDDoS E-Series with Two New Models – FortiDDoS 1500E and 2000E

Data Center Modernization

A growing number of service providers and data centers now face continuous DDoS attacks rather than the occasional attacks of the past. At the same time, the growing volume of applications and services are also forcing data centers to migrate from 10 Gbps to 100 Gbps. As a result, DDoS attack mitigation equipment deployed in the data center is expected to perform at levels approaching 100G speeds to avoid becoming a bottleneck. And at the same time, higher link speeds are needed for increased DDoS mitigation capacity.

To address the performance challenges of today’s need for always-on DDoS attack mitigation for data centers, Fortinet is announcing the immediate availability of new FortiDDoS 1500-E and FortiDDoS 2000-E models designed to meet these needs.

DDoS Attack Threat Landscape and FortiDDoS

Millions of devices are now joining the Internet and connecting to networks, the attack surface is increasing, and so is the attack power available to cyber criminals. DDoS attacks, especially from nation state actors with virtually limitless resources, are graduating to new techniques and dramatically higher scalability. Similarly, DDoS-related Crimeware is now being commercialized, with an affiliate model for distribution on tap for everyone from wannabe hackers to serious cybercriminal organizations.

Given the realities of this new threat landscape, modern data centers have to build DDoS attack mitigation into their basic infrastructure if they want to guarantee continuous availability to users. FortiDDoS products are designed to provide essential, broad, and advanced threat mitigation techniques for today’s environments that include, but are not limited to:

  • Machine learning from millions of traffic parameters to predict future behavior.
  • Local and remote address anti-spoofing.
  • Rate limiting at Layers 3 and 4, and Layer 7 DDoS attack mitigation for HTTP, HTTPS, NTP, GTP, and DNS.
  • IP and Domain reputation services via FortiGuard.
  • DNS cache response under DDoS attacks.
  • Cloud signaling to support third party cloud scrubbing for hybrid mitigation.
  • Fabric integration with FortiGate.
  • Extremely large DNS and IP blacklists.
  • The ability to block any number of IPv4 addresses without performance implications. This can be done via the REST API through complementary downstream services (such as WAF and NGFW) which can observe the rogue behavior of an IP address.

FortiDDoS E-Series to Fill a Void in High Performance DDoS Attack Mitigation 

The FortiDDoS E-series models – FortiDDoS 1500E and FortiDDoS 2000E – are built using a new architecture that delivers the industry’s highest DDoS attack mitigation performance to ensure data centers can scale their defenses while meeting the evolving needs of their business.

  • Ideally suited for data centers that have 1G, 10G, 40G, and 100G links.
  • Built around Fortinet’s patented hardware architecture that combines ASIC-based packet processing cards with no CPU, no MAC, and no IP address in the path of packets.
  • FortiDDoS 2000-E delivers 70Gbps of throughput for mixed enterprise traffic and can handle much larger UDP and ICMP DDoS attacks via multi-vector mitigation mechanisms.
  • Both appliances are in 2-U form factor and have passive optical (1310 nm) bypass for 1/10/40/100 GE.
  • Besides mitigating all the DDoS attacks that B-series mitigates is geared for, the E-Series provides additional logic for NTP and mobile infrastructure (GTP) DDoS attacks.

Here are some additional performance and capacity details:

Learn more about Fortinet’s new FortiDDoS E-Series appliances here.

Find out how Fortinet’s Security Fabric delivers broad, integrated, and automated protection across an organization’s entire digital attack surface from IoT to the edge, network core and to multi-clouds. 

Find out how Echoenergia and New Zealand Red Cross used Fortinet’s Security Fabric for end-to-end network protection.

Sourced from Fortinet

Ensuring Cybersecurity at Big Events This Summer

Does the arrival of summertime remind you of warm sunny days, the sizzle of the grill, trips to the beach, or the electricity of the crowd at the ballpark at the bottom of the ninth, bases loaded, as the home team’s star hitter steps up to bat?

Summertime living might be easy, but if relaxation brings a lack of vigilance, it can have devastating consequences for potential cybercrime victims. And the warmer months do come with some unique security risks, especially for IT teams working at stadiums and major event venues.

Summer is prime season for outdoor concerts, music festivals, and sporting events, when people tend to gather, both physically and online. And as a recent Fortinet Threat Landscape Report shows, attacks are increasing, cybercriminals are wily and shrewd, and are willing to take advantage of opportunities—both technical and human—wherever they can find them.

During the season when people gather, it’s essential for IT teams to be on guard against cyber attackers targeting crowds – especially on stadium and venue networks. If an event has brought thousands, or even tens of thousands, of people together, it’s all too likely that most of those people are also using a mobile device connected to your wireless access points, and as a result, someone there will also be looking for ways to exploit your wireless network to target attendees.

Olympic Destroyer Sets the Precedent

Cyberattacks targeting stadiums, arenas, or event sites are nothing new. Cybercriminals are willing to target any element of a venue’s potential attack surface in order to compromise internal systems as well as the devices of paying customers. As we noted in last year’s Q1 Threat Landscape Report, an attack made headlines around the world when it disrupted the opening ceremonies of the 2018 Winter Olympics in South Korea.

Though the majority of cybercriminals are motivated by the desire for financial gain, high-profile events like the Olympic Games also make attractive targets for politically motivated threat actors, or for those seeking to alter the competition’s outcome by tampering with scoring equipment or monitoring systems. If they manage to cause damage, millions of eyes will be watching them do it.

With this in mind, IT and security teams at venues need to be aware of what poses the greatest risk to their own and customer security, and how to minimize that risk while meeting user demands and increased traffic.

Fans are the Biggest Target

At any major event, the fans connecting to your network are the cybercriminal’s most likely prey. In the excitement leading up to the big day, people attending a game or concert may be more likely to click on fraudulent websites or phishing emails related to the event. Attackers are also using a number of ticket generation sites to sell fake tickets before events even start. Once there, attendees may also fall victim to credit card skimmers or keyloggers at stadium ATMs. IT staff should be coordinating with the ATM providers to ensure these devices are secure and have not been tampered with.

It is also possible that attackers could target critical stadium infrastructure, like lighting systems or power supplies. However, a cybercriminal’s most probable target—because it can allow them access to the treasure trove of financial data stored on users’ mobile phones—is the event site’s Wi-Fi network. Nearly every large-capacity stadium, major league ballpark, or noteworthy concert venue today offers free Wi-Fi connectivity to the public. Younger fans, in particular, have come to expect faster and more reliable access to data than 3G/4G cellular networks can provide.

Unfortunately, many wireless networks, especially if improperly segmented and secured, are vulnerable to malware injection or man-in-the-middle attacks. Given the sheer size of many crowds, man-in-the-middle attacks can be especially difficult to detect. To reduce risk, venue IT teams must be up on the latest threat intelligence concerning Wi-Fi and router attacks, as well as the tools that are able to identify and pinpoint rogue access points so steps can be taken to remove them.

Wireless Networks Are Common Cyber Targets

Wireless routers are common targets for exploit. With this is mind, the challenge in securing these large events comes down to venue IT teams enforcing appropriate logical segmentation and segregation in its wireless network architecture.

Monitoring the huge spike in traffic that sporting events or concert attendees generate for a relatively brief period of time is a major challenge. It’s critical that IT teams maintain strong network segmentation during the event’s traffic spike, as well as ensure the physical security of the wireless access points and the ports they’re connected to. They also need to continually monitor for the presence of “evil twin” wireless networks set up in or near their facility to ensure attendees connect to the actual stadium network, and not a spoofed imitation set up by criminals to harvest their data or credentials.

Take a Look at the Security of Your Streaming Services

Even though the focus of this article is on protecting your physical venue, today’s marketplace, driven by digital transformation, requires that security be extended to online services. Many organizations are supplementing their revenue by offering streaming services. As a result, a number of cybercriminals are offering free lifetime passes to popular streaming services. These hacked accounts are available on the dark web, often for around $10 USD, and can take a serious bite out of not only streaming services revenue, but ticket sales, as individuals may be less willing to pay for tickets to an event that they can stream for virtually free.

You should also regularly check application stores and search for online sites to ensure that hacked or unauthorized versions of your application aren’t being offered, and coordinate with law enforcement to shut down free services being offered on illegal commerce sites on the Dark Web.

Taking an Integrated Approach to Event Cybersecurity

An integrated, end-to-end approach can help protect event sites and fans against cyber threats.

The key element in securing large-scale network architectures and infrastructures that need to handle tens of thousands of data connections on a temporary basis is appropriate logical segmentation. Traffic containing payment information (used for food orders, merchandise kiosks, or ticketing) should be isolated from internal traffic (facility maintenance IT systems, for instance), which should, in turn, be isolated from team and player communication traffic. Likewise, the wireless Internet access provided to fans should restrict them from communicating directly with each other, and should include filters and firewall policies to prevent user-on-user attacks.

Ultimately, the most successful approaches to this significant security challenge are those that rely on a comprehensive Security Fabric approach. Combining internal segmentation firewalls (ISFWs) with integrated security tools and sensors deployed across the environment, a proactively designed security fabric can detect and filter out attack traffic and prevent criminals from exploiting mobile application vulnerabilities. Additionally, secure wireless equipment can recognize spoofed wireless networks, and automatically alert the SOC to take action.

Securing major event venues as thousands of mobile devices attempt to connect to the network is a daunting task. By staying up to date on common WI-FI attack vectors and threat intelligence, event IT teams can implement the necessary controls and strategies to thwart cyberattacks, allowing everyone to just go back to enjoying their summer.

For more detailed information on the botnets, malware, and exploits that were most prevalent in Q2 of 2019, view our latest Fortinet Threat Landscape Report.

Sourced from Fortinet

Fortinet Security Fabric Earns NSS Labs Recommendation for 2019 Breach Prevention Systems Group Test

NNSS Labs recently updated their Breach Prevention System (BPS) test methodologies, and in August 2019 they unveiled the 2019 BPS group test results. This new BPS test is designed to assess the ability of security solutions to not only simply detect, but also prevent emerging and unknown threats within 15 minutes of a breach. This is a critical capability for organizations concerned with today’s sophisticated threats, especially for Security Operations teams that are accountable for securing business initiatives and yet are understaffed, and are stuck with manual processes to provide continuous monitoring, threat and anomaly investigation, and human-initiated responses to security incidents.

What this new round of testing found (among others) is that the Fortinet Breach Protection solution – including its advanced threat detection deployed natively in AWS, and integrated across a broad set of security solutions protecting today’s distributed attack surface – dramatically changes the game. Replacing traditionally time-consuming detection and manual response methods with an integrated, automated, and highly granular detection, prevention, and response system can mean the difference between saving an organization from an unknown attack and being a victim.

Specifically, the Fortinet solution – comprised of FortiSandbox, FortiGate, and FortiClient – demonstrated a security effectiveness rate of 98.7%, with zero false positives. Combined with outstanding performance and exceptional TCO, Fortinet earned another highly coveted NSS Labs Recommended rating. And perhaps just as importantly, this latest Recommended rating for BPS is simply the latest in a long list of NSS recommendations for SD-WAN, NGFW, DCSG, DCIPS, WAF, NGIPS, BDS, and AEP*.

Threats Evolve

Failure is the Mother of Success, and nowhere is that more true that when applied to combating cyber threats. Every failed cyber campaign contributes to the ongoing evolution of cyber attacks, both in terms of sophistication and persistence. This ongoing refinement and improvement process has led to today’s sophisticated and rapidly evolving cyber attacks of today, which is why they are so increasingly difficult to detect and repel.

And that’s just the beginning. We are now seeing the use of AI to mine for and exploit new zero-days, to create new malware variants at machine speeds, and to enhance threat campaigns by changing tactics across different attack vectors to enable the self-discovery of vulnerabilities to establish a toehold within an organization. Combined with a rapidly expanding and evolving networked ecosystem of clouds, mobile devices, IoT, and applications, today’s understaffed Security Operations team have their hands full with managing dozens of isolated management consoles, disparate security policies, and siloed security products.

So Does Technology

The currently unprecedented level of vendor and solution sprawl can be overwhelming. To effectively respond, defense systems need to not just evolve alongside the cybercriminal community, but faster than they possibly can.

Fortinet’s Security Fabric platform creates an end-to-end security architecture by enabling solutions to correlate threat intelligence and quickly identify sophisticated and highly evasive threats, simplify threat response management, and accelerate threat response times.

One foundational element of this Security Fabric strategy involves integrating advanced threat protection (i.e. sandboxing) with Fortinet and non-Fortinet Fabric-Ready solutions to protect organizations and digital assets across a broad set of threat vectors against unknown threats. Behind the scenes, that sandbox acts as an intelligence hub, providing centralized analytics and the sharing of local and global threat intelligence for newly discovered threats. When combined with a fully automated prevent-detect-mitigate lifecycle across the entire attack surface, organizations are able to establish and maintain an effective mechanism to counter even highly automated attacks, which not only efficiently protects networks, but also goes a long way towards solving the cybersecurity talent shortage.

And Security Tests

To provide an effective and reliable measure for the effectiveness of today’s security solutions, it’s natural – and essential – for third party test vendors to evolve their testing methodologies to help security vendors and customers alike to validate and ensure that the latest round of security solutions have indeed kept pace with new malware techniques. To do just that, NSS Labs’ BPS v2.0 test bed has introduced a number of new tests, including physical access and malicious insider attacks, advanced attacks against system hardware, data exfiltration, and single application flows (e.g. SMTP, YouTube, WebEx, etc.)

For detailed explanations of these new tests, please refer to NSS BPS Test Methodology v2.0.

Proven Technology from Fortinet

Fortinet submitted their breach protection solution to NSS Labs for testing – consisting of FortiGate, FortiClient, and FortiSandbox (operating natively on AWS), which are all part of the Fortinet Security Fabric platform – for this iteration of rigorous BPS testing. Based on the default configurations of our solution, the NSS Labs BPS result highlights include:

  • 97.8% Security Effectiveness
  • 100% success rate for detecting and blocking across all malware categories (except IMAP, which has an overall success rate of 99.5%)
  • 0% for False Positives
  • Low 3-year TCO

The full BPS report can be downloaded here.

Consistent Results Year After Year

Fortinet has now earned a “Recommended” rating for NSS Labs Breach Prevention for two years in a row, ever since the test was first established. FortiSandbox has similarly proven itself in the NSS Labs Breach Detection Systems group tests, earning a Recommended rating five out of the last five years. And when combined with our growing list of NSS Labs Recommended awards for other Fortinet solutions, they serve as a testament not only to Fortinet’s commitment to independent testing, but also as an assurance that we are committed to continually evolving Fortinet’s Security Fabric technologies to enable organizations to securely achieve their digital transformation objectives.

Read the NSS Labs 2019 Breach Prevention Systems Group Test report here. To learn more about Fortinet’s Security Fabric, click here. To see how customers benefit from adopting the Fortinet Security Fabric, click here. And to better understand how Fortinet’s ATP solution works, click here.

*Software Defined Wide Area Network (SD-WAN), Next Generation Firewall (NGFW), Data Center Security Gateway (DCSG), Breach Detection Systems (BDS), Next Generation Intrusion Prevention System (NGIPS), Data Center Intrusion Prevention System (DCIPS), Advanced Endpoint Protection (AEP), and Web Application Firewall (WAF).

Sourced from Fortinet

NSS Labs 2019 Breach Prevention Systems Group Test Results: Fortinet Earns “Recommended” Rating

The NSS Labs 2019 Breach Prevention Systems (BPS) Group Test Results recently published with updated test methodologies for August 2019. This new BPS test is designed to assess the ability of security solutions to not only simply detect, but also prevent emerging and unknown threats within 15 minutes of a breach. This is a critical capability for organizations concerned with today’s sophisticated threats, especially for Security Operations teams that are accountable for securing business initiatives and yet are understaffed, and are stuck with manual processes to provide continuous monitoring, threat and anomaly investigation, and human-initiated responses to security incidents.

What this new round of testing found (among others) is that the Fortinet Breach Protection solution – including its advanced threat detection deployed natively in AWS, and integrated across a broad set of security solutions protecting today’s distributed attack surface – dramatically changes the game. Replacing traditionally time-consuming detection and manual response methods with an integrated, automated, and highly granular detection, prevention, and response system can mean the difference between saving an organization from an unknown attack and being a victim.

Specifically, the Fortinet solution – comprised of FortiSandbox, FortiGate, and FortiClient – demonstrated a security effectiveness rate of 98.7%, with zero false positives. Combined with outstanding performance and exceptional TCO, Fortinet earned another highly coveted NSS Labs Recommended rating. And perhaps just as importantly, this latest Recommended rating for BPS is simply the latest in a long list of NSS recommendations for SD-WAN, NGFW, DCSG, DCIPS, WAF, NGIPS, BDS, and AEP*.

Threats Evolve

Failure is the Mother of Success, and nowhere is that more true that when applied to combating cyber threats. Every failed cyber campaign contributes to the ongoing evolution of cyber attacks, both in terms of sophistication and persistence. This ongoing refinement and improvement process has led to today’s sophisticated and rapidly evolving cyber attacks of today, which is why they are so increasingly difficult to detect and repel.

And that’s just the beginning. We are now seeing the use of AI to mine for and exploit new zero-days, to create new malware variants at machine speeds, and to enhance threat campaigns by changing tactics across different attack vectors to enable the self-discovery of vulnerabilities to establish a toehold within an organization. Combined with a rapidly expanding and evolving networked ecosystem of clouds, mobile devices, IoT, and applications, today’s understaffed Security Operations team have their hands full with managing dozens of isolated management consoles, disparate security policies, and siloed security products.

So Does Technology

The currently unprecedented level of vendor and solution sprawl can be overwhelming. To effectively respond, defense systems need to not just evolve alongside the cybercriminal community, but faster than they possibly can.

Fortinet’s Security Fabric platform creates an end-to-end security architecture by enabling solutions to correlate threat intelligence and quickly identify sophisticated and highly evasive threats, simplify threat response management, and accelerate threat response times.

One foundational element of this Security Fabric strategy involves integrating advanced threat protection (i.e. sandboxing) with Fortinet and non-Fortinet Fabric-Ready solutions to protect organizations and digital assets across a broad set of threat vectors against unknown threats. Behind the scenes, that sandbox acts as an intelligence hub, providing centralized analytics and the sharing of local and global threat intelligence for newly discovered threats. When combined with a fully automated prevent-detect-mitigate lifecycle across the entire attack surface, organizations are able to establish and maintain an effective mechanism to counter even highly automated attacks, which not only efficiently protects networks, but also goes a long way towards solving the cybersecurity talent shortage.

And Security Tests

To provide an effective and reliable measure for the effectiveness of today’s security solutions, it’s natural – and essential – for third party test vendors to evolve their testing methodologies to help security vendors and customers alike to validate and ensure that the latest round of security solutions have indeed kept pace with new malware techniques. To do just that, NSS Labs’ BPS v2.0 test bed has introduced a number of new tests, including physical access and malicious insider attacks, advanced attacks against system hardware, data exfiltration, and single application flows (e.g. SMTP, YouTube, WebEx, etc.)

For detailed explanations of these new tests, please refer to NSS BPS Test Methodology v2.0.

Proven Technology from Fortinet

Fortinet submitted their breach protection solution to NSS Labs for testing – consisting of FortiGate, FortiClient, and FortiSandbox (operating natively on AWS), which are all part of the Fortinet Security Fabric platform – for this iteration of rigorous BPS testing. Based on the default configurations of our solution, the NSS Labs BPS result highlights include:

  • 97.8% Security Effectiveness
  • 100% success rate for detecting and blocking across all malware categories (except IMAP, which has an overall success rate of 99.5%)
  • 0% for False Positives
  • Low 3-year TCO

The full BPS report can be downloaded here.

Consistent Results Year After Year

Fortinet has now earned a “Recommended” rating for NSS Labs Breach Prevention for two years in a row, ever since the test was first established. FortiSandbox has similarly proven itself in the NSS Labs Breach Detection Systems group tests, earning a Recommended rating five out of the last five years. And when combined with our growing list of NSS Labs Recommended awards for other Fortinet solutions, they serve as a testament not only to Fortinet’s commitment to independent testing, but also as an assurance that we are committed to continually evolving Fortinet’s Security Fabric technologies to enable organizations to securely achieve their digital transformation objectives.

Read the NSS Labs 2019 Breach Prevention Systems Group Test report here. To learn more about Fortinet’s Security Fabric, click here. To see how customers benefit from adopting the Fortinet Security Fabric, click here. And to better understand how Fortinet’s ATP solution works, click here.

*Software Defined Wide Area Network (SD-WAN), Next Generation Firewall (NGFW), Data Center Security Gateway (DCSG), Breach Detection Systems (BDS), Next Generation Intrusion Prevention System (NGIPS), Data Center Intrusion Prevention System (DCIPS), Advanced Endpoint Protection (AEP), and Web Application Firewall (WAF).

Sourced from Fortinet

Fortinet Wins Over Customers With Its Distinguished Secure SD-WAN Solution

As organizations increase the use of business-critical cloud-based applications and infrastructures, IT teams are also becoming increasingly attuned to the benefits of extending these tools to remote locations through software-defined wide-area network (SD-WAN) architectures, a network segment now referred to as the WAN Edge. In fact, because the need to provide the services and applications being generated by digital transformation to the WAN Edge is accelerating so rapidly, the global SD-WAN market is projected to reach $4.5 billion and grow at over 40% CAGR by 2022.

SD-WAN offers accelerated connectivity, cost savings, and increased performance for Software-as-a-Service (SaaS) applications. However, organizations are also growing to realize that in order to meet evolving compliance and business requirements, SD-WAN solutions must also provide comprehensive security and management. Until recently, the lack of a comprehensive security package built into SD-WAN solutions has made adopting it a challenge for some organizations. Without an integrated security solution, organizations have been forced to add security as an overlay solution, creating significant overhead for security teams and leaving gaps in protection as security and management systems remain isolated.

Fortinet’s Secure SD-WAN is one of the only solutions to be fully integrated with advanced security controls to meet the growing demands of today’s connected businesses. It’s the only architecture that provides an integrated SD-Branch solution where a single-pane-of-glass controller allows for the unified management and orchestration of WAN, LAN, and security functionalities.

To highlight the value that Fortinet brings to the SD-WAN market, we have compiled three recent customer success stories of Secure SD-WAN and SD-Branch deployments across various industries:

Expansive Pioneer Bank

One of the major pioneering banks in the Middle East was looking to enable secure direct internet access with end-to-end segmentation. And with 100 branches and over 150 ATMs in place, they were also interested in delivering high-quality application experiences across their many branches and multi-cloud deployments.

After starting their digital transformation journey at the WAN Edge, most of the bank’s applications and digital channels were moved to the cloud. In the wake of this cloud adoption effort, however, they began to notice that remote branch locations were suffering from gaps within their security posture. Also, a growing number of point products at the WAN edge made intraday operations complex, making it difficult for security teams to manage those remote sites at scale. The network infrastructure team was also dealing with a lack of visibility and control over applications, along with a lack of application performance over broadband.

To address these challenges, the financial organization underwent multiple proofs-of-concept with various vendors before turning to Fortinet Secure SD-WAN. We were able to showcase simple, single-pane-of-glass management to meet the organization’s SD-WAN, NGFW, and segmentation requirements across their numerous branches, ATM locations, datacenters, and multi-cloud environments. Their current deployment with Fortinet now spans two datacenters, one disaster recovery site, 100 branches, and over 100 ATM locations, allowing them to meet their business goals today and into the future.

Major Home Retailer

One of Africa’s largest retailers of furniture, household appliances, and home entertainment, with thousands of employees and numerous retail brands, aimed to reduce WAN Edge costs by replacing MPLS links with an SD-WAN solution while hoping to maintain a high-level application experience.

Fortinet was able to demonstrate our Secure SD-WAN’s ability to consolidate WAN solutions with LAN-Wireless and Access Switching solutions to help reduce costs and simplify operations across the company’s 1,000+ branch locations. We also helped provide a high-quality experience across business-critical applications with Fortinet’s Secure SD-WAN Mutli-Path intelligence capabilities, and helped ensure futureproofing with cloud optimizing capabilities for applications across multi-cloud environments.

The overall deployed solution included nearly 1200 FortiAP, over 700 FortiSwitches, and nearly 1,000 FortiGate solutions, combined with FortiManager for centralized management, FortiAnalyzer for centralized logging and analysis, and FortiCare support services.

Large District School Board

A major Canadian school district was looking to enable secure direct internet access for each of their 80,000 students and guarantee a consistent application experience across data center and public cloud deployments, all at a low cost.

After receiving mandates that required they delegate 1 Mbps of internet access to every student in the district, and due to their desire to extend consistent application experience across cloud environments, the school board sought out a unified solution that could provide security and SD-WAN with SSL inspection. During vendor evaluations, Fortinet prevailed against the competition due to our unique architecture that provides unified SD-WAN and SSL inspection capabilities within one single-pane-of-glass management solution.

Their final deployment included 150+ FortiGates with SD-WAN optimized for remote school bandwidth requirements, FortiManager for centralized management, FortiAnalyzer for integrated logging and analysis, and FortiGuard services with FortiCare support for all remote school locations. Fortinet was not only able to align with the district’s business goals, but was also able to achieve cost savings by consolidating multiple key services into one management platform.

Final Thoughts

As the SD-WAN market continues to grow, it is imperative that organizations remain aware of the importance of security. Fortinet’s Secure SD-WAN solution is the first to full fully integrate security and networking – including routing, SD-WAN, a full security suite, WAN optimization, and integrated management – into a single SD-WAN solution designed to meet the actual demands of the growing WAN Edge market. We work to cost-effectively ensure the integrity of connected environments without compromising on functionality. When it comes to offering a fully integrated, simple, and secure solution, no other vendor can compare to Fortinet Secure SD-WAN. 

Fortinet’s Secure SD-WAN solution includes best-of-breed next-generation firewall (NGFW) security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering.

For more customer stories, read these case studies to see how Warrior Invictus Holding Co., Inc. and the District School Board of Niagara implemented Fortinet’s Secure SD-WAN to alleviate network complexity, increase bandwidth, and reduce security costs.  

Sourced from Fortinet

Accelerating the Cloud On-Ramp with Security-Driven Networking

Until recently, data moving between different data centers represented barely more than 5 percent of total data center traffic, and even that did not require the sort of speed and adaptability that modern distributed networks require. As a result, the vast majority of existing data center firewalls were simply not designed for the unique volume, performance, or translation efforts required to interconnect live data centers.

To put things in perspective, say you are healthcare provider with a cloud first strategy, have a growing subscriber base, and want to provide access to patient records from a centralized location as well utilize cloud-based SaaS services. To achieve this, you would select multiple clouds to optimize your operational costs. And if you were already operating your own data centers, you would need to connect them to those cloud providers. Your network would then become hybrid, complex, and geographically dispersed.

This is not a hypothetical situation.

Enterprises with legacy data center architectures are currently struggling with this very problem. Security has emerged as one of the primary roadblocks to full cloud adoption, making it difficult to achieve end-to-end visibility and consistent security for today’s distributed and shape-shifting environment.

The Need for Security-Driven Networking

Security-Driven Networking is an innovative new strategy that enables organizations to accelerate their on-ramp to the cloud. It starts long before a single device or service is deployed in the cloud.

  • You need to start by seeing security as an integral component to the network – and not as an add-on.
  • Next, you need to map out all data flows, identify all the resources they touch, especially those that move between different environments, whether physical or cloud, and baseline performance requirements.
  • You then need to define the unique security requirements for each environment, device, and data type.
  • Finally, you need to identify all potential issues related to the orchestration and management of security between these different environments, including where translation issues may result in security gaps related to solution functionality or policy enforcement.

This strategy allows enterprises to architect and deploy business critical applications and services faster than ever before. Networks and services built on seamlessly integrated, end-to-end visibility, and consistent security policy across all locations can be implemented, managed, and expanded from day one with much higher speed and efficiency. And they can achieve that without ever sacrificing an iota of protection or performance. 

Of course, achieving this also requires deploying security solutions designed to function natively in whatever environment they are placed. This can include one of the many clouds in use, at branch offices, with mobile workers, or inside traditional data centers that struggle to keep up with the elasticity and scalability of the ever-expanding extended network. Additionally, those tools need to function consistently. This eliminates security gaps and ensures that applications receive the same level of policy enforcement regardless of where their data path takes them. And to do that, they also need to be able to share and correlate intelligence in real-time. This can be achieved using a joint management and orchestration language and interface. And at the same time, it enables a system-wide coordinated response to any and every threat detected.

Today’s Expanding Data Centers Require Expanded Security

To support this security-driven networking strategy and accelerate the cloud on-ramp, Fortinet is introducing a new E-Series of FortiGate Next-Generation Firewalls, which includes the FortiGate 1100E, FortiGate 2200E, and FortiGate 3300E. This lineup has been specifically designed to support a security-driven networking strategy. Once in place, they solve the most common bottlenecks enterprises face when trying to securely connect their data center resources to the cloud:

  • Securing high-speed connections to multiple clouds. One of the most daunting challenges organizations with a multi-cloud strategy face is ensuring consistent performance and protection for data moving back and forth to different cloud environments. FortiGate’s Next-Generation Firewalls secure data in motion at the speed of business. They do this by using high-performance crypto VPNs combined with access control, data confidentiality, privacy, and breach prevention. This ensures that every device is accounted for and monitored, every workflow and application is understood and secured, and every transaction happens at digital speeds.
  • Providing perimeter defense and DDoS prevention: Data centers include a number of perimeters that need to be secured. There’s North-South traffic between the data center and the rest of the extended network, including SD-WAN and SD-Branch deployments. East-West traffic, especially between internal data center segments, makes up well over half of all data center traffic, and needs to be protected at exceptionally high speeds. And the fastest-growing data traffic segment – data flowing between data centers, is the toughest of all to secure because different cloud environments speak different languages. So, data center NGFW also require cloud connectors that can establish and translate those connections at business speeds. And at the end of the day, in spite of having every one of these perimeters secured, a single successful denial of service attack can bring the whole thing down. To address these issues, FortiGate solutions designed for data centers, especially this new E-Series of devices, include high-capacity data center firewall and DDoS prevention capabilities to protect business-critical e-commerce services.
  • Gaining full visibility into encrypted flows. Inspecting encrypted traffic is the Achilles heel of most security devices. Even the largest and most expensive firewalls can be driven to their knees when trying to decrypt, inspect, and re-encrypt secured traffic. FortiGate NGFWs – including the new E-Series – include purpose-built, security ASIC hardware called Security Processing Units (the only ones of their kind in the entire industry) to offload and inspect encrypted traffic without crippling security performance or impeding digital business transactions at the fastest speeds in the industry.
  • Intent-based Segmentation. More and more CISOs and security teams understand that the best way to secure increasingly complex environments is to break them down into digestible segments that help reduce the attack surface. Organizations can then leverage advanced layer 7 security to perform content inspection, analyze data, and monitor behaviors to protect these segments, as well as to achieve business objectives such as implementing a zero-trust framework.
  • Protecting business-critical applications and servers. Maintaining consistent security hygiene can be challenging for even the most disciplined security teams. As a result, patches and updates can often go days, weeks, or longer before being implemented. FortiGate NGFW solutions address this reality through a virtual patching strategy enabled by high-performance data center IPS to wrap mission-critical servers and workloads in a protective shield. This strategy fills the security gap that exists between the time a patch or update is released and when it is loaded onto a device.

Accelerate Your Cloud On-Ramp Strategy with Purpose-Built Security

The only thing certain in this new digital economy is change. Embracing that change requires organizations to continually expand and modify their data center environments to meet changing business and digital marketplace requirements. And that can quickly overwhelm most security deployments. Traditional data center security devices, including the massive legacy firewalls in place at most organizations, were never designed for the complexity, connectivity, and performance requirements of today’s digital economy. Don’t let security concerns be the gating factor for your cloud on-ramp strategy.    

FortiGate Next-Generation Firewalls can accelerate the cloud on-ramp with high-speed secure connections, protect your geographically dispersed assets and deliver business critical services. To learn more, please refer to the Fortinet FortiGate NGFW page.

Sourced from Fortinet

Getting to NSE Level 8: A Conversation with Sylvia Schlaphof

Sylvia Schlaphof is the Head of Engineering for Boll Engineering in Zurich, Switzerland. She is the first woman to achieve Level 8 certification through Fortinet’s Network Security Expert (NSE) program. We spoke with her recently about how she got involved in cybersecurity, what it was like to go through Fortinet’s NSE program and what she’s passionate about in cybersecurity.

Q: How did you get started in the cybersecurity space?

A: I started to work with Fortinet products in 2003 around the start of my career in cybersecurity when I took a job with one of their distributors, Boll Engineering. I remember that in the beginning it was a nice startup experience with a new product operating system, FortiOS 2.25. We learned a lot by ourselves back then as the curriculum was still developing. Since then, I’ve supported Fortinet products and witnessed the evolution of the lessons and I’ve learned a lot in the past 16 years.

Q: What was your first impression of Fortinet’s Network Security Expert (NSE) program?

A: I thought it was great, because it’s not only one certification. It was increasingly more challenging with several steps to do the Level 4 certification, then the Level 5 and to take a few exams to get the Level 6 certification. I love challenges, and that’s why I love this NSE program. It’s not only one certification and then you are done; you have to work harder to achieve it, and it’s always a challenge.

Compared to other tech vendors, where there is only one level of certification, the NSE program demands a bigger commitment to proceed through the levels. Through this commitment you truly became a Network Security Expert.

Q: What did you enjoy about the process of going through the different levels?

A: I especially loved the NSE 7 because it fits my job and was very relevant to the work that I am doing here at Boll Engineering with the support department. For example, I used the training materials later on when I was on the support phone and I needed some CLI commands for troubleshooting. I found them in the training materials, and that was really helpful for my job!

And of course, achieving the NSE level 8 certification was an exceptional challenge. I took part in the first official practical exam. Nobody knew what was going to happen there. I flew to Sunnyvale thinking, “What’s awaiting me for the next two days?” There were no previous exam-takers to call and ask what to expect. That was really tough, and I was a little nervous before the exam. But Fortinet has done a great job setting up the exam. It’s really a hands-on exam with real devices, not a simulation. That’s what I loved about it. When I passed, it felt like a big achievement. And, of course, people are impressed. Especially because I was the first woman to accomplish it.

Last year I went through the first re-certification of NSE-8. Of course, Fortinet has updated the exam with new questions on current security topics. Therefore, it was a great challenge again and not only a repetition of what I did two years ago.

Q: For others that are looking to join the program or that are currently working through the program, do you have tips to help them stay motivated?

A: If you’re working with the Fortinet products on a daily basis, then it’s easy to stay motivated. If you’re not working with them, you need the commitment to build up a test lab and to play with the products. It’s really necessary to have hands-on experience.

Q: The first two NSE levels are more for people who may not have a technical background; it’s more for cybersecurity awareness. Do you feel people who aren’t in a technology-based career should take these certifications?

A: Yes, definitely. These lower-level certifications help people to learn more about cybersecurity. All of our staff working with Fortinet products — whether it is sales, product management or support — work through this level as a foundation.

Q: What are you passionate about in terms of cybersecurity these days? 

A: I’m a pretty technical person, for example I love all this deep-dive stuff about TLS, especially TLS 1.3 and how Fortinet is handling it. I really love to go down to bits and bytes and see how Fortinet is working with new protocols and so on; that’s what my passion is.

Are you curious about how Fortinet’s NSE program can enhance your knowledge, skills and career opportunities? Click here to find out how to get started.

Read more about our Network Security Expert programNetwork Security Academy program and our FortiVets program.

Sourced from Fortinet

Fortinet to Attend Black Hat 2019 in Las Vegas

Black Hat USA 2019 will host an estimated 19,000 InfoSec professionals who will gather to share critical information that can benefit the cybersecurity community as a whole. By discussing the latest cyber threat trends and security product updates, attendees will play an active role in defending against evolving cyber crime tactics.

Fortinet at Black Hat USA

With a continued commitment towards cybersecurity education and threat intelligence sharing, Fortinet is proud to be returning to Black Hat USA 2019 as a Platinum Plus Sponsor. As the threat landscape continues to expand rapidly, our team is dedicated to helping attendees take an active role in defending against potential risks.

At booth #630, attendees will have a number of opportunities to acquire the knowledge required to stay secure amid evolving threats. On August 7th and 8th, our team of experts will be ready in the Business Hall to answer questions and discuss how to establish an effective security strategy. This year, attendees can expect to see:

Live Demo Sessions: Our team of experts will be providing demonstrations on cloud security, Secure SD-WAN, IoT security, and security operations. These live demos will highlight Fortinet’s role in securing a range of environments by enabling full visibility and control of the network.

Fortinet Security Fabric Theater: As well as live demo sessions, visitors to the Fortinet booth can also hear from some of our product experts and partners about how Fortinet solutions protect the entire end-to-end infrastructure without compromising network performance

Expert Bar: Attendees will have the chance to meet with members of the Fortinet Technical Marketing team and get answers to any questions they may have about security technology.

Understanding the Latest Cyber Threat Trends: Fortinet Sessions at Black Hat USA

As cyber threats continue to evolve, the sharing of threat intelligence is critical to gain a better understanding of patterns and where they could lead to next. Once established, this information can then be used to better educate employees about the steps they can take to stay secure and avoid falling victim to a potential attack. With this in mind, Fortinet will be hosting two sessions around the tracking and analysis of attack vectors and trends:

Tracking Threat Campaigns to Stay Ahead

On August 8th from 1:30 – 2:20 PT, Fortinet will also be hosting a session which will center on the important role threat intelligence plays in understanding cyber trends. This session, Mapping the Adversary: Playbook Development & Response, will be led by Derek Manky, Chief of Security Insights at Fortinet, in Business Hall Theater B.

When analyzing cyber threats, security teams may face challenges due to ever-changing tactics, techniques, and procedures. By developing a playbook, experts can effectively track these changes and make updates to response strategies. In addition, this up-to-date intelligence can be shared with others within the cybersecurity community as a means of improving defense strategies across industries.

This session will explore the factors that go into playbook development, including potential challenges. It will also cover real-world experiences and success stories that came about while using STIX v2 and the MITRE ATT&CK framework and establishing collaborative partnerships to produce playbooks.

Malware Analysis & Automation Framework

FortiGuard Lab’s Chris Navarrete will host this session, BLACKPHENIX: Malware Analysis & Automation Framework, on Thursday, August 8th from 10:00-11:20 PT. This discussion will look at various approaches developed through the years for malware analysis, varying from static, dynamic, behavioral, network, memory, and automated. This can result in oversight of key details such as unexplored code paths, self-defense mechanisms, and more.

This framework focuses on consolidating, correlating, and cross-referencing the data collected between analysis stages by the execution of Python scripts and helper modules, providing full synchronization between the debugger, disassembler, and supporting components. The presentation will include a live demo of the system processing real different categories of malware taken from the wild.

Final Thoughts

As a Platinum Plus Sponsor, Fortinet is proud to be attending Black Hat USA, now in its 22nd year. In an effort to promote collaboration and intelligence sharing, our team of experts will be meeting with attendees to discuss the latest cyber threat and solution trends.

What: Black Hat USA 2019
Where: Mandalay Bay, Las Vegas, Nevada
When: August 3rd – 8th, 2019

Find out how Fortinet’s Security Fabric delivers broad, integrated, and automated protection across an organization’s entire digital attack surface from IoT to the edge, network core and to multi-clouds. 

Find out how Echoenergia and New Zealand Red Cross used Fortinet’s Security Fabric for end-to-end network protection.

Sourced from Fortinet

Fortinet Announces Mitigation Solutions and Patch Update After Discovery of Sophisticated Attempt

We recently discovered that a sophisticated entity gained access to technical data that enabled them to impersonate a server in an attempt to access customer systems. We took immediate action to contain and block the activity; implementing three layers of protection including automatic signature updates, manual signature updates and a comprehensive patch update to reduce potential residual risks. 

Out of an abundance of caution, we are asking that all customers immediately apply the comprehensive patch update, which can be accessed at: https://fortiguard.com/psirt/FG-IR-19-144. It’s also worth noting that customers installing software and threat definition updates to FortiOS via manual downloads from https://support.fortinet.com will not be impacted by this potential issue.

Fortinet has notified appropriate federal authorities and launched a formal investigation with the assistance of a leading external forensics firm. While our investigation is still ongoing, there is no evidence to date that customers have been impacted but if that changes we will communicate with customers directly on any steps they need to take.

Our customers are our #1 priority. We have strengthened both our configurations and our practices to harden our systems and make our distribution architecture more agile against future such threats.

We greatly value your loyalty to Fortinet and appreciate your ongoing support. 

Sourced from Fortinet

Fortinet Breaks Ground on New Energy Efficient Headquarters Facility

Fortinet broke ground on its forthcoming new home in Sunnyvale, CA where it is expanding its corporate headquarters building. This new facility, located at the corner of Kifer Road and Commercial Street in Sunnyvale, California will be a roughly 172,000 square foot state-of-the-art building with a LEED Gold Energy Efficiency Rating.

Fortinet has over 6,000 global employees dedicated to the company’s mission to deliver the most innovative, highest-performing security fabric to secure and simplify IT infrastructures. Fortinet is a leading global provider of network security appliances for carriers, data centers, enterprises and distributed offices. This month’s breaking ground is a momentous new milestone for the company and its employees to continue that mission.

The new building is set to include advanced technologies, like a precast concrete structural system with a highly efficient passive cooling system. It also will have a “night purge” that flushes the warm air from the building providing direct energy savings and significantly reduces the building’s overall carbon footprint. 

“Fortinet is tremendously proud to have called Sunnyvale home for almost 20 years. When we started Fortinet, we set out to build the most innovative, highest performing network security company in the industry. Today we are among the top three cybersecurity companies in the world.”  – Ken Xie, Founder, Chairman of the Board and CEO

“Fortinet has called Sunnyvale its home since the beginning when it was founded 20 years ago. As one of the top cybersecurity companies in the world, Fortinet contributes to jobs and growth in Sunnyvale and the surrounding community. The city of Sunnyvale is happy to support Fortinet’s growth and development with the expansion of its headquarters.” – Sunnyvale Mayor Larry Klein 

Here are some photos of the groundbreaking ceremony:

Sourced from Fortinet