Security vendor Fortinet has unveiled a major update to the company’s FortiOS network security operating system that powers the FortiGate platform. This release incorporates numerous innovations that strengthen Fortinet’s Advanced Threat Protection Framework, providing enterprises with a cohesive and coordinated way to combat Advanced Persistent Threats (APTs), zero-day attacks and other sophisticated malware. This Framework uniquely combines Fortinet’s new and established technologies with FortiGuard’s threat research and response to address increasingly complex cyber threats and reduce the risk of network breach and data loss.
The threat landscape has seen a proliferation of highly targeted zero-day attacks and APTs that are designed to steal intellectual property or other critical enterprise data. Researchers at Fortinet’s FortiGuard Labs have discovered more than 140 new zero-day vulnerabilities to date, including 18 found in 2013 alone.
In such context, Fortinet has integrated significant new security features to its operating system for a more effective protection against APTs and other targeted attacks. FortiOS 5.2 – which will still be supported by current versions of FortiAnalyzer 5.0 and FortiManager 5.0 with a new patch release – strengthens Fortinet’s Advanced Threat Protection Framework in multiple ways. A new graphical policy table manipulation feature allows easier and consistent configuration of firewall policies. A new deep flow advanced malware engine that goes beyond traditional signatures and heuristics for better threat prevention, combining the speed of flow-based analysis with the breadth of proactive detection technologies including unpacking and emulation. A new inline SSL engine leverages the company’s CP8 custom ASIC for as much as 5 times faster content inspection of encrypted traffic (varies by model and previous version of FortiOS). An enhanced IPS engine also protects against the latest exploit techniques with enhanced decoders, and dynamic analysis techniques.
Threat detection is improved by deeper integration between FortiGate and an enhanced FortiSandbox for faster deployment and greater protection. Enhanced client behavioral analysis features new indicators of compromise and severity rating for the threats to help detect previously unknown attacks. There are also more pre-defined reports, including botnet activity, which pinpoint compromised systems
New dashboard views, based on user devices, applications, websites and threats, include severity ratings and drill down to speed response. New role-based workflow modes guide incident response among other activities. Direct policy table manipulation from those views facilitating taking mitigating action.
New consolidated views with identity-based policy (combining users and devices) and log cross-referencing permit a more complete picture. New access to FortiSandbox community also leverages community intelligence.
“More than ever, enterprises require intelligent, integrated solutions to prevent data theft and network disruption caused by stealthy, targeted attacks. Despite what many vendors would have you believe, there is no one product or ‘silver bullet’ to solve this problem,” said John Maddison, vice president of marketing for Fortinet. “Today, Fortinet has introduced important enhancements to its FortiOS operating system to help better protect against APTs. FortiOS 5.2 supports the broader, coordinated framework for Advanced Threat Protection that we have established to guide organizations through a structured approach of defense. Only such a framework can allow enterprises to effectively protect themselves against the new generation of threats they are facing.”
FortiOS 5.2 software, as well as the patch releases for FortiAnalyzer 5.0 and FortiManager 5.0, are all expected to be available in 2Q14. A release candidate of FortiOS 5.2 is available now for download and testing by registering here: http://forti.net/beta