Sandboxing and threat intelligence: Proactive defence against ransomware
In today’s cyber security battlespace, seconds count. As soon as a threat is detected anywhere in the world – regardless of its origin, intent or payload – it is incumbent upon security services to analyse the characteristics, identify the risks and disseminate the results, as well as any preventive measures, to subscribers in near real time. The faster the response, the fewer the victims.
“It takes a global cyber security community to fully protect your client’s networks,” says Swapneil Diwaan, Fortinet Business Unit Manager at Ingram Micro, New Zealand’s largest and most experienced distributor of Fortinet’s cyber security solutions. “The more security sensors there are in a vendor’s detection constellation, the faster they can pick up any new threats.
The more threat intelligence analysts there are the faster they can prepare viable mitigation strategies. And the faster your clients can update their defences across their entire network, the risk of infection decreases significantly.”
Fortinet leads the field on all counts. “It’s no surprise that Fortinet was just recognised as a leader in the 2017 Gartner Magic Quadrant for Enterprise Network Firewalls,” says Diwaan.
“The report evaluated Fortinet’s Security Fabric, its ‘completeness of vision’ and ‘ability to execute’ as factors for the placement in the Magic Quadrant. On top of that, IDC again named Fortinet the unit market share leader for security appliances shipped. And Fortinet’s Q2 2017 financial results recorded an increase of 17% in global revenues compared to the same quarter of 2016. Clearly, the market is responding to Fortinet’s technology.”
FortiSandbox – The quintessential first-responder
One of the drivers behind Fortinet’s continued leadership is FortiSandbox. “FortiSandbox is the ultimate in threat detection,” notes James Meuli, Fortinet Solution Architect at Ingram Micro. “A critical component of Fortinet’s Security Fabric, FortiSandbox is designed to identify highly targeted and tailored attacks that attempt to bypass traditional defences.
"Available as either a stand-alone appliance or as a service, FortiSandbox scans file types including Microsoft Office, PDFs, Internet Explorer, web URLs, shared file repositories and can even unzip and scan archived files.
FortiSandbox, combined with Fortinet’s ATP (advanced threat protection) Framework, ensures a new level of protection from sophisticated cyber threats. These capabilities give your clients the tools to protect themselves from malicious code no matter where it tries to hide.”
Once a threat has been identified and isolated, FortiSandbox notifies Fortinet Labs – there are a number located around the globe for true 24x7 response – and the threat is analysed for potential harm. More than 50 billion events are ingested daily by the FortiGuard Labs. If the threat is deemed significant, the Labs sends out automated updates to FortiGate firewalls in the form of:
- Updated IP sender reputations
- New web site ratings used for web filtering
- New IPS rules and botnet detection to block command and control traffic
- Updated anti-malware detection for this and similar attachments
“With fast-moving security events like WannaCry and Petya ransomwares,” says Diwaan, “the faster the response and updates, the less risk of infection. Speed is of the essence and no security vendor moves faster than Fortinet.”
Fortinet’s beta threat intelligence service
Fortinet has just released a beta Threat Intelligence service (sign up at https://tis.fortiguard.com/signup/) that provides your client’s security team (and your own) with cyber situational awareness highlighting the latest threat trends and cyber risks. Fortinet’s FortiGuard Threat Intelligence Service (TIS) enables CISOs to stay ahead of the global threat landscape and proactively defend their enterprises against rapidly evolving threats.
“This cloud-based threat intelligence platform provides threat metrics and activity trends,” explains Diwaan, “enabling CISOs to instantly understand what is happening across the global threat landscape. It’s a fascinating new tool and is free of charge. Sign up and have a play…it will change the way you look at cyber security. And for your customers it will open their eyes to how and why Fortinet maintains its market leadership in cyber security.
For further information, please contact:
Swapneil Diwaan, Business Unit Manager Email: firstname.lastname@example.org M: 021 240 1240
Jeffrey Whale, Business Development Manager Email: email@example.com M: 027 543 5927
Gerrard Kennedy, Business Development Manager Email: firstname.lastname@example.org M: 027 543 8212