Story image

Sandboxing and threat intelligence: Proactive defence against ransomware

14 Aug 2017

In today’s cyber security battlespace, seconds count. As soon as a threat is detected anywhere in the world – regardless of its origin, intent or payload – it is incumbent upon security services to analyse the characteristics, identify the risks and disseminate the results, as well as any preventive measures, to subscribers in near real time. The faster the response, the fewer the victims.

“It takes a global cyber security community to fully protect your client’s networks,” says Swapneil Diwaan, Fortinet Business Unit Manager at Ingram Micro, New Zealand’s largest and most experienced distributor of Fortinet’s cyber security solutions. “The more security sensors there are in a vendor’s detection constellation, the faster they can pick up any new threats.

The more threat intelligence analysts there are the faster they can prepare viable mitigation strategies. And the faster your clients can update their defences across their entire network, the risk of infection decreases significantly.”

Fortinet leads the field on all counts. “It’s no surprise that Fortinet was just recognised as a leader in the 2017 Gartner Magic Quadrant for Enterprise Network Firewalls,” says Diwaan.

“The report evaluated Fortinet’s Security Fabric, its ‘completeness of vision’ and ‘ability to execute’ as factors for the placement in the Magic Quadrant. On top of that, IDC again named Fortinet the unit market share leader for security appliances shipped. And Fortinet’s Q2 2017 financial results recorded an increase of 17% in global revenues compared to the same quarter of 2016. Clearly, the market is responding to Fortinet’s technology.”

FortiSandbox – The quintessential first-responder

One of the drivers behind Fortinet’s continued leadership is FortiSandbox. “FortiSandbox is the ultimate in threat detection,” notes James Meuli, Fortinet Solution Architect at Ingram Micro. “A critical component of Fortinet’s Security Fabric, FortiSandbox is designed to identify highly targeted and tailored attacks that attempt to bypass traditional defences.

"Available as either a stand-alone appliance or as a service, FortiSandbox scans file types including Microsoft Office, PDFs, Internet Explorer, web URLs, shared file repositories and can even unzip and scan archived files.

FortiSandbox, combined with Fortinet’s ATP (advanced threat protection) Framework, ensures a new level of protection from sophisticated cyber threats. These capabilities give your clients the tools to protect themselves from malicious code no matter where it tries to hide.”

Once a threat has been identified and isolated, FortiSandbox notifies Fortinet Labs – there are a number located around the globe for true 24x7 response – and the threat is analysed for potential harm. More than 50 billion events are ingested daily by the FortiGuard Labs. If the threat is deemed significant, the Labs sends out automated updates to FortiGate firewalls in the form of:

  • Updated IP sender reputations
  • New web site ratings used for web filtering
  • New IPS rules and botnet detection to block command and control traffic
  • Updated anti-malware detection for this and similar attachments

“With fast-moving security events like WannaCry and Petya ransomwares,” says Diwaan, “the faster the response and updates, the less risk of infection. Speed is of the essence and no security vendor moves faster than Fortinet.”

Fortinet’s beta threat intelligence service

Fortinet has just released a beta Threat Intelligence service (sign up at that provides your client’s security team (and your own) with cyber situational awareness highlighting the latest threat trends and cyber risks. Fortinet’s FortiGuard Threat Intelligence Service (TIS) enables CISOs to stay ahead of the global threat landscape and proactively defend their enterprises against rapidly evolving threats.

“This cloud-based threat intelligence platform provides threat metrics and activity trends,” explains Diwaan, “enabling CISOs to instantly understand what is happening across the global threat landscape. It’s a fascinating new tool and is free of charge. Sign up and have a play…it will change the way you look at cyber security. And for your customers it will open their eyes to how and why Fortinet maintains its market leadership in cyber security.

For further information, please contact:

Swapneil Diwaan, Business Unit Manager
M: 021 240 1240

Jeffrey Whale, Business Development Manager
M: 027 543 5927

Gerrard Kennedy, Business Development Manager
M: 027 543 8212

BMC adds IBM Cloud, Watson to Helix solution
BMC Helix with IBM Watson delivers cognitive insights across structured and unstructured federated knowledgebases.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
NZ Cricket ups data analytics game with Qrious
The Black Caps and White Ferns have implemented a data and analytics solution from Qrious to monitor and improve game strategy and player performance.
Gartner: Smartphone biometrics coming to the workplace
Gartner predicts increased adoption of mobile-centric biometric authentication and SaaS-delivered IAM.
IDC: A/NZ second highest APAC IoT spenders per capita
New IDC forecast expects the Internet of Things spending in Asia/Pacific excluding Japan to reach US$381.8 Billion by 2022.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
Six barriers to efficient print and scan environments
Despite the promises of ‘paper-free’, printing remains an important aspect of many organisations, and one of the likeliest areas to lose control.