sb-nz logo
Story image

Advanced Threat Protection from Fortinet: Prevent, detect and mitigate

16 Nov 2020

Cornelius Mare, Fortinet A/NZ Director, Security Solutions, explains why zero-day threats represent an unacceptable risk to your enterprise and how to protect your network by adopting Advanced Threat Protection security services.

The global threat landscape is awash with adversaries and exploits. Most are known and can be blocked with a judicious application of network security services and threat intelligence. Yet some exploits are unknown (so-called zero-day threats) and can cause significant damage if they bypass your security defences and execute behind the firewall. 

State actors, criminal gangs and disgruntled individuals ferret out these exploits, keep them hidden away and then deploy them at the time and place of their choosing for maximum profit and/or upheaval. 

You can’t stop them. There are thought to be hundreds of unknown exploits at any given time hidden in popular software and apps. Yet you can take concrete steps to mitigate the damage if your organisation is targeted by adversaries weaponising a previously unknown exploit for whatever purposes. 

Advanced Threat Protection

An Advanced Threat Protection (ATP) framework is a fabric of inter-related security services that act in concert to detect zero-day exploits (or any suspicious activity) as soon as they deploy inside your perimeter, isolate and analyse the activity to ascertain the threat level and then, if appropriate, update all of the other security services on your network to prevent a recurrence. 

ATP is self-learning. Once an exploit is detected, the ATP fabric isolates it in a ‘sandbox’ for further analysis. If benign, no problem. But if it displays unwanted characteristics the file is analysed in-depth, resulting in fixes to prevent any further attempts at breaching your defences at every edge.

ATP is integrated. Because they are united within a common overall security fabric, ATP security services can communicate with each other immediately upon the detection of an unknown threat. Similarly, as soon as the characteristics are observed, every security service on your network will be updated for prevention. 

ATP is manageable. Because the ATP framework is highly-automated and incorporates AI and self-learning, most of the work happens behind the scenes and can be monitored in real time from a combined SOC/NOC dashboard. And ATP capabilities can be deployed quickly and easily as you onboard new fabric-ready security services to protect your digital transformation initiatives.

Risk buy down 

No network is 100% secure. But there is a direct correlation between the resources you expend on protecting your network and the level of protection you receive. This is known as risk buy down. Risk buy down is predicated on your understanding the nature of threats to your business, where these threats manifest themselves and the potential ramifications if these threats do indeed come to pass. These ramifications are both quantitative (monetary) and qualitative (reputational). 

In short, investing in cybersecurity reduces risk. A single DDoS attack – or three – can have a huge impact on your business if you haven’t kept your cyber defences up to speed. The solutions are out there. It’s just a question of which ones are best for you.

Response and mitigation

Fortinet’s ATP tools provide a set of procedures that can move quickly whenever or wherever anomalous behaviour is detected. These ATP tools orchestrate response and mitigation inside your network to isolate the threat, update their security profiles and then communicate directly with the FortiGuard Labs for further analysis. This collaboration slams shut the window of vulnerability on a global basis and transforms previously unknown threats into easily-detected signatures that can be halted at the gateway.

Fortinet’s ATP Framework enhances the protection offered by the Fortinet Security Fabric’s interconnected security technologies and services. It is global in scope yet on-premise in deployment. As a result, you can build an advanced threat identification and mitigation framework that is customised for your own network topologies and interacts with the latest threat intelligence from the FortiGuard Labs.

Fortinet’s integrated ATP framework and Security Fabric Services are available from a network of Authorised Partners across A/NZ as appliances, virtual appliances and cloud-based or managed services. Fortinet’s Security Fabric is backed by the global constellation of FortiGuard Labs to ensure that your defences are always updated with the very latest threat intelligence. And Fortinet’s commitment to research and development means that, regardless of which way your network evolves, Fortinet will be right there with the fully-integrated security services to protect it.

About the author

Cornelius Mare is Director, Security Solutions at Fortinet A/NZ. As such, it is his business to know what’s happening in the cybersecurity world and how to help enterprises secure their transitional networks without sacrificing speed, functionality or control. In particular, Corne is an expert with hybrid cloud environments and artificial intelligence. These tools, along with other Fortinet security services, help organisations manage their digital transformations with confidence.

About Fortinet

Fortinet (NASDAQ: FTNT) secures the largest enterprises, service providers and government organisations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 375,000 customers trust Fortinet to protect their businesses. Learn more at the Fortinet website, the Fortinet Blog, or FortiGuard Labs.

Story image
Ransom DDoS attacks can be defeated with proactive prevention - Penta Security
Ransom DDoS combines a ransom demand with the threat of a DDoS attack. Those who don’t pay the ransom are then subjected to an attack.More
Story image
Spark's CCL signs multimillion-dollar object storage deal with Cloudian
“With public cloud soaring and the expected local entry of CCL’s strategic partner, Microsoft, in the next few years, NZ’s ICT future is certain to be hybrid."More
Story image
Video: 10 Minute IT Jams - SonicWall VP on the benefits of Boundless Cybersecurity
Today's interviewee will discuss the ins and outs of the company's Boundless Cybersecurity solution and how it can help APAC organisations adjust to the new normal, as well as explaining the 'cybersecurity business gap'.More
Story image
The ultimate network security audit checklist
Experts project that losses and damage from cybercrime will skyrocket, with attacks ranging from spam and phishing to malware and spyware — all compromising the safety of sensitive data and proprietary information. These attacks can be minimised by performing network security audits regularly.More
Story image
DDoS attacks surge, becoming more sophisticated
After doubling from Q1 to Q2, the total number of network layer attacks observed in Q3 doubled again — resulting in a 4x increase in number compared to the pre-COVID levels in the first quarter. More
Story image
Check Point a Leader in Firewall Magic Quadrant for 21st Time
It is the 21st time in the company’s history that Check Point has been named a Leader in Gartner’s Magic Quadrant for Enterprise Network Firewalls.More