The Fortinet Advanced Threat Protection Framework
WHITE PAPERThe Fortinet Advanced ThreatProtection FrameworkA Cohesive Approach to Addressing AdvancedTargeted Attacks
WHITE PAPER: THE FORTINET ADVANCED THREAT PROTECTION FRAMEWORKThe Fortinet Advanced Threat Protection FrameworkTable of ContentsIntroduction3The Fortinet Advanced Threat Protection Framework4Staying Ahead of the Threat Curve with Fortinet62www.fortinet.com
WHITE PAPER: THE FORTINET ADVANCED THREAT PROTECTION FRAMEWORKIntroductionSophisticated Attacks Yield Big RewardsThe past few years have seen many major brands and large companiesmaking headlines, not for some remarkable post-recession economicrecovery or innovative product, but for massive data breaches. More than100 million customers had personal and/or credit card information stolenthrough just one of these bold and extended attacks.These types of attacks grab the attention of consumers, lawmakers, and themedia when they manage to breach very large organizations with dedicatedsecurity teams and extensive infrastructure designed to keep hackers atbay. Nobody is immune – smaller organizations are targets as well, eitheras part of a larger coordinated attack or through a variety of distributedmalware.The bottom line? It’s time for a deeper, more comprehensive approach tocyber security.“All organizations shouldnow assume that they arein a state of continuouscompromise.”– Gartner“77% of Executives citedprotection from/detectionof APTs as a high or criticalpriority in 2015.”– IDG/Fortinet“44% of organizationssurveyed cited a recent databreach as the primary driverfor their NGFW project.”– Forrester/Fortinet3www.fortinet.com
WHITE PAPER: THE FORTINET ADVANCED THREAT PROTECTION FRAMEWORKDeception, the Most Powerful Toolin a Hacker’s ArsenalAdvanced Threats Require AdvancedThreat ProtectionFueled by the success of profile hacks, we expect to seecontinued innovation among cybercriminals with an evengreater focus on deceiving and evading existing securitysolutions. Malicious hackers have attempted to concealmalware by using different file types and compression schemeswith the intent to exploit weaknesses in traditional meansof network protection. We also anticipate an increase insophisticated malware platforms that can be customized fortargeted attacks.There is no “silver bullet” to protect organizations against thetypes of advanced targeted attacks outlined above. Rapidinnovation on the malware front, frequent zero-day attacks,and emerging evasion techniques can all render any singleapproach ineffective at preventing tailored intrusion.Once malware has breached a network, it will, eitherautomatically or under control of cybercriminals, morph, adapt,and move about undetected for as long as possible, miningdata ranging from customer records and intellectual property todevice profiles and employee credentials. If security controlscannot detect the malware or its communication during thisperiod, then it’s only a matter of time before collected datais staged and exfiltrated, that is, sent back tothe cybercriminal.Keep Safe – Evade Law ialsBuild oracquire atedExfiltrationdataTest tools detectionSub-ZeroPlanningInitial intrusionGetting InInitial intrusionGetting OutSurviveFIGURE 1: THE ANATOMY OF AN ADVANCED THREAT4Instead, the most effective defense is founded on a cohesiveand extensible protection framework that extends fromthe network core through to the end user device. Thisframework incorporates current security capabilities, emergingtechnologies and a customized learning mechanism thatcreates actionable security intelligence from newly detectedthreats. The latter component is arguably most critical tostaying ahead of the threat curve.A Simple Framework for Complex ThreatsThe Fortinet Advanced Threat Protection Framework consistsof three elements:n Prevent – Act on known threats and informationn Detect – Identify previously unknown threatsn Mitigate – Respond to potential incidentsThis framework is conceptually simple; it covers a broad setof both advanced and traditional tools for network, applicationand endpoint security, threat detection, and mitigation. Thesetools are powered by strong research and threat intelligencecapabilities that transform information from a variety of sourcesinto actionable protection. Although elements of the framework(and even technologies within them) can operate in a vacuum,organizations will achieve much stronger protection if they areused together as part of a holistic security strategy.Element 1 – PreventAct on Known Threats and InformationKnown threats should be blocked immediately (Element 1 inthe Fortinet Advanced Threat Protection Framework) wheneverpossible through the use of next-generation firewalls, internalnetwork firewalls, secure email gateways, endpoint security,and similar solutions that leverage highly accurate securitytechnologies. Examples include anti-malware, web filtering,intrusion prevention, and more. This is the most efficientmeans of screening out a variety of threats with minimalimpact on network performance.www.fortinet.com
WHITE PAPER: THE FORTINET ADVANCED THREAT PROTECTION FRAMEWORKAnti-malware technology, for example, can detect and blockviruses, botnets, and even predicted variants of malware withthe use of technology such as Fortinet’s patented CompactPattern Recognition Language (CPRL) with minimumprocessing time.Attacks can also be thwarted by reducing the attack surface.The fewer points of entry or potential threat vectors availableto cybercriminals the better, meaning that carefully controllingaccess and implementing VPNs is also an important aspectof Element 1 and part of the first line of defense againsttargeted attacks.Traffic that can’t be swiftly dealt with here gets handed off toElement 2.Element 2 – DetectIdentify Previously Unknown ThreatsThere are obvious advantages to addressing threats inElement 1. The more threats that fall into the known category,the better. However, unknown “zero-day” threats andsophisticated attacks designed to hide themselves fromtraditional measures are being used every day to penetratehigh-stakes targets. Element 2 of the framework usesadvanced threat detection technologies to examine thebehavior of network traffic, users. and content moreclosely in order to identify novel attacks.There are a number of new approaches that canautomatically detect previously unknown threats and createactionable threat intelligence. Sandboxing, in particular,allows potentially malicious software to be handed off to asheltered environment so that its full behavior can be directlyobserved without affecting production networks. Additionally,botnet detection flags patterns of communication thatsuggest command & control activity while client reputationcapabilities flag potentially compromised endpoints based oncontextual profile.Though incredibly powerful, this type of threat detection isresource intensive and thus reserved for threats that couldnot be identified by more efficient traditional methods.Detection, of course, is only another element of the ATPframework. The next handoff deals decisively with thesenew threats.5Element 3 – MitigateRespond to Potential IncidentsOnce potential incidents and new threats are identified inElement 2, organizations immediately need to validate thethreat and mitigate any damage. Users, devices, and/orcontent should be quarantined, with automated and manualsystems in place to ensure the safety of network resources andorganizational data until this occurs.At the same time, threat detections trigger another criticalhandoff: moving the discovered information back to theresearch and development groups. Tactical protections canbe put in place. Previously unknown threats now can beanalyzed in depth, resulting in fixes that take all of thesecurity layers into account, providing the right mix of upto-date protection for every layer. At this stage, eliminatingredundancy and creating synergy between different securitytechnologies is the key to deploying ahigh-performing security solution, where the unknown becomesknown.Of course, the cycle is not completed until this actionable threatintelligence is available at the different enforcement points andshared globally so that Element 1 is strengthened to act on thenew known. This keeps cybercriminals at bay not just for oneorganization but for all organizations worldwide.Executing detection, prevention and mitigation in the mostefficient way possible (combining Elements 1, 2, and 3) isessential to maintain high levels of network performanceand maximize protection.FIGURE 2: THE FORTINET ADVANCED THREAT PROTECTION FRAMEWORKwww.fortinet.com
WHITE PAPER: THE FORTINET ADVANCED THREAT PROTECTION FRAMEWORKHandoffs – The Missing LinkPerhaps the most critical feature of the threat protectionframework – one that is missing in many organizations’ securityimplementations – is the notion of the handoff rather than anyparticular technology or element. Advanced threat protectionrelies on multiple types of security technologies, products,and research, each with different roles. However, each will beless effective if they don’t communicate with each other on acontinuous basis, handing off data from one to the next.As seen in Figure 2, Element 1, the prevention phase, will handoff high-risk items to Element 2, the detection phase, withpreviously unknown threats handed off in Element 3 for furtheranalysis or mitigation. Ultimately, threat intelligence and updatedprotection from Element 3 is handed back off to productsin Elements 1 and 2, for this constant cycle efficientlyimproving protection and detection against increasinglysophisticated attacks.Staying Ahead of the Threat Curvewith FortinetFortiGuard Labs Synergy and ResearchOne of Fortinet’s greatest strengths is in the synergy of itsproprietary software, high-performance appliances, and,most importantly, the FortiGuard Labs threat research teams.FortiGuard Labs research groups serve as the intelligencehub that ensures all three elements work seamlessly. Theystudy previously unknown threats, develop comprehensiveremediation strategies that are built from the ground up withhigh performance and efficient protection in mind, and deliversecurity intelligence that continually strengthens prevention anddetection over time.Comprehensive Security: FortiGuard Labs leverages real-timeintelligence on the threat landscape to deliver comprehensivesecurity updates across the full range of Fortinet solutions andcore technologies for synergistic protection.GLOBAL HEADQUARTERSFortinet Inc.899 Kifer RoadSunnyvale, CA 94086United StatesTel: 1.408.235.7700www.fortinet.com/salesProtection Ahead of the Threats: As a new threat emergescertain detection and prevention products communicatedirectly for immediate response. Additionally, FortiGuard Labs24x7x365 Global Operations pushes up-to-date securityintelligence in real-time to Fortinet solutions, delivering instantprotection against new and emerging threats.High-Performance Solutions: Fortinet’s portfolio ofIntegrated Security Services are designed from the groundup to maximize protection and optimize performance acrossFortinet’s security solutions – both physical and virtual.The handoff between Element 3 back to 1 and 2, where theadvanced threat protection cycle is routinely completed, occurswhen the extensive threat intelligence developed by FortiGuardLabs gets handed off to all users of Fortinet solutions via theglobal Fortinet Distribution Network. Additionally, as part of theCyber Threat Alliance and other related initiatives, Fortinet alsoshares threat intelligence with a larger body of researchers,further extending the reach of their work and of organizationgenerated threat intelligence discovered under this framework.Fortinet Solutions Together DeliverBetter ProtectionA collection of individual security products, however powerful,cannot deliver optimal security if they are acting in isolation.Each piece of the solution needs to work together to deliveroptimal protection. Fortinet integrates the intelligence ofFortiGuard Labs into FortiGate next-generation firewalls, as wellas internal network firewalls, FortiMail secure email gateways,FortClient endpoint security, FortiSandbox advanced threatdetection, and other security products in its ecosystem tocontinually optimize and improve each organization’s level ofsecurity.For more information about Fortinet and their ecosystemof advanced threat protection products, visitwww.fortinet.com/sandbox.EMEA SALES OFFICE120 rue Albert Caquot06560, Sophia Antipolis,FranceTel: 33.4.8987.0510APAC SALES OFFICE300 Beach Road 20-01The ConcourseSingapore 199555Tel: 65.6513.3730LATIN AMERICA SALES OFFICEPaseo de la Reforma 412 piso 16Col. JuarezC.P. 06600México D.F.Tel: 011-52-(55) 5524-8428Copyright 2015 Fortinet, Inc. All rights reserved. Fortinet , FortiGate , FortiCare and FortiGuard , and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common lawtrademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and otherresultsmay vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied,except to the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, insuch event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internallab tests. Fortinet disclaims in full any covenants, representations,and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the mostcurrent version of the publication shall be applicable.
the Fortinet Advanced Threat Protection Framework) whenever possible through the use of next-generation firewalls, internal network firewalls, secure email gateways, endpoint security, . high performance and efficient protection in mind, and deliver security intelligence that co
May 02, 2018 · D. Program Evaluation ͟The organization has provided a description of the framework for how each program will be evaluated. The framework should include all the elements below: ͟The evaluation methods are cost-effective for the organization ͟Quantitative and qualitative data is being collected (at Basics tier, data collection must have begun)
Silat is a combative art of self-defense and survival rooted from Matay archipelago. It was traced at thé early of Langkasuka Kingdom (2nd century CE) till thé reign of Melaka (Malaysia) Sultanate era (13th century). Silat has now evolved to become part of social culture and tradition with thé appearance of a fine physical and spiritual .
On an exceptional basis, Member States may request UNESCO to provide thé candidates with access to thé platform so they can complète thé form by themselves. Thèse requests must be addressed to esd rize unesco. or by 15 A ril 2021 UNESCO will provide thé nomineewith accessto thé platform via their émail address.
̶The leading indicator of employee engagement is based on the quality of the relationship between employee and supervisor Empower your managers! ̶Help them understand the impact on the organization ̶Share important changes, plan options, tasks, and deadlines ̶Provide key messages and talking points ̶Prepare them to answer employee questions
Dr. Sunita Bharatwal** Dr. Pawan Garga*** Abstract Customer satisfaction is derived from thè functionalities and values, a product or Service can provide. The current study aims to segregate thè dimensions of ordine Service quality and gather insights on its impact on web shopping. The trends of purchases have
Registering your Fortinet product Before you begin, take a moment to register yo ur Fortinet product at the Fortinet Technical Support web site, https://support.fortinet.com. Many Fortinet customer services, such as firmware updates, technical support, and FortiGuard Antivirus and other FortiGuard
DATA SHEET FortiGate/FortiWiFi 30E Coyright 221 Fortinet Inc ll rights reserve Fortinet FortiGate FortiCare an FortiGuard an certain other marks are registere traemarks of Fortinet Inc an other Fortinet names herein may also be registere anor common law traemarks of Fortinet ll other rouct or comany names may be traemarks of their resectie owners Performance an other metrics containe .
Chính Văn.- Còn đức Thế tôn thì tuệ giác cực kỳ trong sạch 8: hiện hành bất nhị 9, đạt đến vô tướng 10, đứng vào chỗ đứng của các đức Thế tôn 11, thể hiện tính bình đẳng của các Ngài, đến chỗ không còn chướng ngại 12, giáo pháp không thể khuynh đảo, tâm thức không bị cản trở, cái được
