ChannelLife New Zealand logo
Industry insider news for New Zealand's technology resellers
Story image

Advanced Threat Protection – Preventing unknown risks

Mon 13 Mar 2017
FYI, this story is more than a year old

Preventing known threats is the bread and butter of almost every security solution. Stopping viruses, blocking dodgy macros, black-listing unauthorised web sites and banning non-essential applications are all tried and true tactics to keep adversaries out of your client’s networks. But what about advanced persistent threats and previously unknown attacks that can evade straightforward detection, use previously unseen (or zero-day) malware, exploit vulnerabilities (unpatched security holes) or come from brand-new or seemingly innocent hosting URLs and IPs?

Their goal is to compromise their target system with advanced code techniques to circumvent security barriers and stay under the radar as long as possible. They also include a high degree of social engineering to fool even the most security-conscious end users.

Firewall not enough

With advanced threats like these rapidly increasing in number and sophistication, a perimeter firewall is no longer enough. To add another layer of defence, advanced threat protection detects unknown exploits coming into your client’s network, performs dynamic analysis to identify the risk and counters the threat with preventive controls within the network itself, thereby mitigating the damage.

“The reality is that malware creators are well aware of all forms of security technology,” says Andrew Khan, Fortinet Senior Business Manager at Ingram Micro, New Zealand’s largest and most experienced distributor of Fortinet’s cyber security solutions. “These attackers build disguises and use advanced evasion techniques in hope of bypassing security tools to successfully deliver their malware. There are the adversaries that can cause the most damage.”

Combining threat prevention techniques

“Detection comes down to inspecting as many layers as possible through all potential angles of attack,” continues Khan. “The best approach is a combination of proactive threat prevention, such as Fortinet’s Content Pattern Recognition Language (CPRL), to stop as many threats as possible, while still leveraging those advanced technologies - such as sandboxing - to uncover sophisticated custom attacks. Further, tying prevention to advanced detection as a seamless solution to cover all potential attack vectors and facilitate incident response is key.”

The most effective defence is founded on a cohesive and extensible protection framework that extends from the cloud – including AWS and Microsoft Azure - to the data center and all the way through to the end user device. This framework – such as Fortinet’s Security Fabric - incorporates current security capabilities, emerging technologies and a customised learning mechanism that creates and distributes actionable security intelligence from newly detected threats in real-time. 

The five key components for ATP

There are five critical components to advanced threat protection:

  • Access control
  • Threat prevention
  • Threat detection
  • Incident response
  • Continuous monitoring

These components, working in concert and kept current, can go a long way in protecting your client’s networks, data and reputations.

Access control reduces the attack surface by forcing all users and traffic through established inspection points running appropriate threat prevention and detection technologies. Solutions include layer 2/3 firewalls, patch management and two-factor authentication. Keep in mind that these technologies are less effective when deployed in silos. A security-centric infrastructure with a hardened OS provides pervasive security.

Threat prevention stops malware before it enters the network. Most attacks utilise modified versions of known malware to bypass content-oriented inspection. Threat prevention technologies - such as intrusion prevention, application control, web/email filtering and anti-virus/spam - keep the windows and doors shut. Proactive solutions, typically subscription-based services, can identify and stop most malware.

If your clients do detect a threat - or even suspect that their perimeters have been breached - they need to take immediate action. For instance, IT managers can sandbox objects in a contained environment to isolate threats. Similarly, botnet detection uncovers communication patterns indicating botnet activity. 

If a security event occurs, incident response actions kick in to validate and contain the threat. All components, including those deployed for detection and prevention, need to work in concert for fast response and corrective action.

Containment and response leads into continuous monitoring for ongoing assessments and audits. These activities identify and specify the effectiveness of an organisation’s security, the state of security amongst their peers and the continued evolution in the threat landscape.

If you provide these five components as part of Fortinet’s Security Fabric, you’ll be going a long way to helping your clients keep their data safe and their reputations intact. Not to mention that you’ll be their preferred security supplier for the foreseeable future.

For further information, please contact:

Andrew Khan, Senior Business Manager Email: andrew.khan@ingrammicro.com M: 021 819 793

James Meuli, Solutions Architect Email: james.meuli@ingrammicro.com M: 0275 520 167

Hugo Hutchinson, Business Development Manager Email: hugo.hutchinson@ingrammicro.com P: 09 414 0261 | M: 021 245 8276

Related stories
Top stories
Story image
Employment
Tech job moves - Forcepoint, Malwarebytes, SolarWinds & VMware
We round up all job appointments from May 13-20, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Vectra AI
Understanding the weight on security leader’s shoulders, and how to shift it
Millions of dollars of government funding and internal budgets are being funnelled into cybersecurity to build resilience against sophisticated threats, indicating how serious this issue has become.
Story image
SaaS
Maintaining secure systems with expectations of flexible work
Most office workers feel they've proved they can work successfully from home, and as much as employers try, things aren't going back to the way they were anytime soon.
Story image
Ransomware
Alarming surge in Conti Ransomware Group activity - report
A new report has identified a 7.6 per cent increase in the number of vulnerabilities tied to ransomware in Q1 2022.
Story image
Microsoft
New Relic enters multi-year partnership with Microsoft Azure
New Relic has announced a strategic partnership with Microsoft to help enterprises accelerate cloud migration and multi-cloud initiatives. 
Story image
Cybersecurity
The 'A-B-C' of effective application security
Software applications have been a key tool for businesses for decades, but the way they are designed and operated has changed during the past few years.
Story image
Digital Transformation
Pluralsight and Ingram Micro Cloud team up on cloud initiative
Pluralsight has teamed with Ingram Micro Cloud to build upon cloud competence and maturity internally, and externally support partners’ capabilities.
Story image
PaaS
New digital traffic light system to tackle construction defects
Smarter Defects Management launches its PaaS digital system and says it will revolutionise managing defects in the construction industry.
Story image
Cybersecurity
Managed service providers: effective scoping to avoid costly vendor pitfalls
Managed security services are outsourced services focusing on the security and resilience of business networks.
Story image
Phishing
KnowBe4 celebrates reaching 50,000 customers worldwide
KnowBe4 has reached the milestone of 50,000 customers, adding nearly 2,500 in the first quarter of 2022 alone.
Story image
Wireless
Hands-on review: Technics EAH-A800 Noise Cancelling Wireless Headphones
Designed in Osaka, Japan, these headphones just exude quality. They aren’t heavy, but they feel well built and solid.
Story image
Fonterra
Fonterra to use automated guided vehicles by Dematic
New Zealand's dairy giant Fonterra is upgrading its manufacturing facility in Edendale with new automated guided vehicles (AGVs) from Dematic.
Story image
Gaming
Hands-on review: WD_Black SN770 NVMe SSD Game Drive
Western Digital expands its WD_Black range of NVMe solid-state drives with the WD_Black SN770 Game Drive.
Story image
Cybersecurity
NCSC advisory highlights poor security configurations
The GCSB's National Cyber Security Centre (NCSC) has released a cyber security advisory identifying commonly exploited controls and practices.
Story image
Digital Transformation
How to modernise legacy apps without compromising security
At a time when digital transformation has become central to business, even the most important applications come with a ‘use-by’ date.
Story image
Artificial Intelligence
SAS announces new products amid cloud portfolio success
Analytics and AI company SAS is deepening its broad industry portfolio with offerings that support life sciences, energy, and martech.
Story image
WolfVision
WolfVision announces new range of visualisers
WolfVision has announced a new range of visualisers to help meet multiple industry demands for remote learning and educational solutions.
Story image
Fortinet
Fortinet's Security Fabric hits new record for integrations
The Fortinet Security Fabric has surpassed 500 technology integrations with more than 300 Fabric-Ready Technology Alliance Partners.
Story image
Surveillance
Motorola Solutions acquires Videotec S.p.A for security portfolio
Motorola Solutions has acquired Italian ruggedised video security company Videotec S.p.A, along with its portfolio of highly versatile cameras.
Story image
Ransomware
Cybersecurity starts with education
In 2021, 80% of Australian organisations responding to the Sophos State of Ransomware study reported being hit by ransomware. 
Story image
Remote Working
How zero trust and SD-WANs can support productive remote working
The way people connect with applications and data has changed, users are remotely accessing resources that could be stored anywhere from a corporate data center to the cloud.
Story image
Commerce Commission
ComCom appeals $2.25 million fine in Vodafone FibreX case
The Commerce Commission has filed an appeal in the High Court against a $2.25 million fine imposed on Vodafone NZ for its offending under the Fair Trading Act.
Booster
Booster Innovation Fund. A fund of Kiwi ingenuity – for Kiwi investors.
Link image
Story image
SAS
New SAS service overcomes subscription fatigue for media companies
SAS has launched SAS 360 Match which helps media companies move towards a AVOD model to generate revenue as subscribers cancel.
Story image
Sift
Sift shares crucial advice for preventing serious ATO breaches
Are you or your business struggling with Account Takeover Fraud (ATO)? One of the latest ebooks from Sift can provide readers with the tools and expertise to help launch them into the new era of account security.
Story image
Collaboration
Meadows exits Ingram Micro New Zealand on a good note
We look at the resignation of Danny Meadows from Ingram Micro's New Zealand Unified Communications & Collaboration business unit.
Story image
Application Performance Monitoring / APM
Why SolarWinds Partners will have big wins in 2022
We summarise the key recent changes that the monitoring software vendor has made to accelerate its channel business.
Story image
Cybersecurity
Noname Security partners with Netpoleon to target API issues
Specialist API security firm Noname Security has appointed Netpoleon as its distributor in Australia and New Zealand.
Story image
Apple
Apple previews new features for users with disabilities
Apple says new software features that offer users with disabilities new tools for navigation, health and communication, are set to come out later this year.
Story image
Data Protection
Barracuda launches new capabilities for API Protection
"Every business needs this type of critical protection against API vulnerabilities and automated bot attacks," Barracuda says.
Story image
Commerce Commission
ComCom welcomes new marketing codes for the telecom industry
The Commerce Commission is welcoming the creation of new marketing codes for the telecommunications industry.
Story image
Microsoft
PwC NZ unveils new Cloud Security Operations Center
PwC New Zealand has unveiled its new Cloud Security Operations Center for the entire Microsoft technology stack.
Story image
Artificial Intelligence
AI-based email security platform Abnormal Security valued at $4B
"A new breed of cybersecurity solutions that leverage AI is required to change the game and stop the rising threat of sophisticated and targeted email attacks."
Story image
Amazon Web Services / AWS
RedShield leverages AWS to scale cybersecurity services
"Working with AWS gives RedShield the ability to mitigate significant application layer DDoS attacks, helping leaders adopt best practices and security architectures."
Story image
Lightspeed
Lightspeed launches all-in-one marketing platform in A/NZ
ECommerce provider, Lightspeed has launched a new all-in-one marketing solution, Lightspeed Marketing & Loyalty in Australia and New Zealand.
Story image
Application Security
What are the DDoS attack trend predictions for 2022?
Mitigation and recovery are vital to ensuring brand reputation remains solid in the face of a Distributed Denial of Service (DDoS) attack and that business growth and innovation can continue.
Story image
Artificial Intelligence
SAS launches human-focused responsible innovation initiative
SAS has launched a responsible innovation initiative, furthering its commitment to equity and putting people first.
Story image
Gaming
PNY launches XLR8 Gaming EPIX memory products in A/NZ
PNY has launched its XLR8 Gaming EPIC-X RGB™ DDR4 Silver 3200MHz and 3600MHz memory products in Australia and New Zealand.
Story image
Cloud Security
Aqua Security createa unified scanner for cloud native security
“By integrating more cloud native scanning targets into Trivy, such as Kubernetes, we are simplifying cloud native security."
Story image
Vodafone
Vodafone NZ buys remaining stake in retail joint venture
Vodafone New Zealand has purchased the remaining 50% stake in the specialist joint venture (JV) with private equity company Millennium Corp.
Story image
Sustainability
Legrand unveils Nexpand, a data center cabinet platform
Legrand has unveiled a new data center cabinet platform, Nexpand, to offer the necessary scalability and future-proof architecture for digital transformation.
Story image
Nozomi Networks
Nozomi Networks, Siemens reveal software integration
Nozomi Networks and Siemens have extended their partnership by embedding Nozomi Networks’ software into the Siemens Scalance LPE local processing engine.
Story image
ChildFund
ChildFund launches new campaign to protect children online
ChildFund says WEB Safe & Wise aims to protect children from sexual exploitation and abuse online while also empowering them to become digitally savvy. 
Story image
Artificial Intelligence
SAS unveils AI experience to improve kids' batting abilities
SAS has created The Batting Lab, an interactive experience using AI, computer vision and IoT analytics to help kids improve their baseball and softball swings.