Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

New threat detection and ­mitigation sandbox

February 2014 Infrastructure

Fortinet has announced the FortiSandbox-3000D, an advanced threat prevention appliance that provides enterprises with a powerful tool to help combat Advanced Persistent Threats (APTs). The new offering combines a unique dual-level sandbox, dynamic threat intelligence, real-time dashboard and rich reporting in a single device that integrates with Fortinet’s FortiGate next generation firewalls (NGFW) and FortiMail e-mail gateway appliances.

Fortinet NGFWs act as a first line of defence by scanning and mitigating threats. When used with FortiSandbox, the appliances together are able to identify and apply advanced inspection to suspicious or high-risk files and then update protections based on the full threat lifecycle of attacks uncovered. And with the new FortiMail version 5.1, Fortinet e-mail gateways can now similarly identify suspicious or high-risk files in e-mail and pass them to FortiSandbox for advanced inspection.

FortiSandbox at-a-glance

The FortiSandbox-3000D can be deployed on-premise on its own without changing any network configurations. Or, as mentioned, it can also be integrated with and extend Fortinet’s FortiGate and FortiMail platforms for improved detection and mitigation.

Consistent with Fortinet’s product development approach, the FortiSandbox consolidates specialised threat detection and intelligence services across protocols and functions into a single, high-performance and highly affordable appliance. At the heart of the appliance is a dual-level sandbox to effectively deal with increasing virtual machine (VM) evasion techniques and the increasing sophistication of attacks that require more advanced inspection.

“Today’s most sophisticated attackers are increasingly bypassing traditional anti-malware solutions and establishing a persistent presence within organisations’ networks,” said John Grady, research manager, Security Products at IDC. “These highly targeted attacks evade signature-based defences by leveraging compression, encryption, and polymorphism among other methods. Some malware variants are even able to detect virtual environments and utilise sleep techniques to make identification much more difficult. Combating today’s attacks requires a comprehensive and integrated approach that goes beyond anti-malware, virtual sandboxes and separate monitoring systems. The FortiSandbox appliance is a step in this direction.”

Key features of FortiSandbox include:

* Dynamic Antimalware and Updates/Cloud Query: Receives updates from FortiGuard Labs and can send queries back to the Labs in real time, helping to intelligently and immediately detect existing and emerging threats

* Code Emulation: Performs lightweight sandbox inspection in real time, including certain malware that uses sandbox evasion techniques and/or only executes with specific software versions.

* Full Virtual Environment: Provides a contained runtime environment to analyse high risk or suspicious code and explore the full threat lifecycle.

* Advanced Visibility: Delivers comprehensive views into a wide range of network, system and file activity, categorised by risk, to help speed incident response.

* Callback Detection: Inspects network traffic for requests to visit malicious sites, establish communications with C&C servers and other activity indicative of a compromise.

* Manual Analysis: Allows security administrators to manually upload malware samples to perform virtual sandboxing without the need for a separate appliance.

* Optional Submission to FortiGuard: Tracer reports, malicious files and other information may be submitted to FortiGuard Labs in order to receive remediation recommendations and updated in-line protections.

“The introduction of the FortiSandbox appliance is in direct response to APTs that are using highly sophisticated evasion techniques to avoid security detection,” said John Maddison, vice president of marketing for Fortinet. “Given our many years of threat research and development, we’re finding that inspection of file activity, as a complement to inspection based on attributes, is a necessary means of combating APTs. Our customers now have the opportunity to easily and cost-effectively perform detailed analysis of specific threats traversing their networks with the added benefit of integrating with our FortiGate and FortiMail appliances to perform in-line, real-time threat mitigation.”

Find more information at www.fortinet.com





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

New commercial and technical appointments at Veeam
News & Events Infrastructure
Veeam Software has announced two senior appointments in its South African business as it continues to invest in local market growth and partner and customer engagement.

Read more...
Access as a Service is inevitable
Technews Publishing SMART Security Solutions ATG Digital Access Control & Identity Management Infrastructure
When it comes to Access Control as a Service (ACaaS), most organisations (roughly 90% internationally) plan to move, or are in the process of moving to the cloud, but the majority of existing infrastructure (about 70%) remains on-premises for now.

Read more...
Privacy by design or by accident
Security Services & Risk Management Infrastructure
Africa’s data future depends on getting it right at the start. If privacy controls do not withstand real-world conditions, such as unstable power, fragile last-mile connectivity, shared devices, and decentralised branch environments, then privacy exists only on paper.

Read more...
Access trends for 2026
Technews Publishing SMART Security Solutions RR Electronic Security Solutions Enkulu Technologies IDEMIA neaMetrics Editor's Choice Access Control & Identity Management Infrastructure
The access control and identity management industry has been the cornerstone of organisations of all sizes for decades. SMART Security Solutions asked local integrators and distributors about the primary trends in the access and identity market for 2026.

Read more...
Protecting high-value data from AI
CASA Software Infrastructure Information Security Products & Solutions
As artificial intelligence accelerates the speed and sophistication of cyberattacks, protecting high-value data, such as financial records, legal files, patient data, intellectual property, and compliance records, has never been more urgent.

Read more...
Integrated security key to protecting cloud applications
Infrastructure Information Security
Cloud-native applications have transformed the way businesses operate, enabling faster innovation, greater agility, and enhanced scalability. Yet this evolution brings an equally complex security landscape.

Read more...
The global state of physical security
Genetec News & Events Infrastructure
Physical security has become a strategic business function, improving IT collaboration and decision-making. Moreover, interest in AI has more than doubled among users, and organisations seek flexibility to deploy workloads on-premises, in the cloud, or hybrid.

Read more...
SA availability of immutable backup storage appliance
CASA Software Infrastructure Security Services & Risk Management
CASA Software has launched the newly released Nexsan VHR-Series, a fully integrated, enterprise-class, immutable backup storage appliance purpose-built for Veeam software environments, with usable capacity ranging from 64 TB to 3,3 PB.

Read more...
What is your ‘real’ security posture?
BlueVision Editor's Choice Information Security Infrastructure AI & Data Analytics
Many businesses operate under the illusion that their security controls, policies, and incident response plans will hold firm when tested by cybercriminals, but does this mean you are really safe?

Read more...
What is your ‘real’ security posture? (Part 2)
BlueVision Editor's Choice Information Security Infrastructure
In the second part of this series of articles from BlueVision, we explore the human element: social engineering and insider threats and how red teaming can expose and remedy them.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.