Story image

Fortinet's advanced threat protection: Breaking the kill chain

25 Aug 15

Cyber criminals are getting smarter. No longer satisfied with simply stealing credit card details or defacing web sites, today’s malware mavens want to destroy reputations, disrupt commerce and bring the internet to its knees.

The vehicles for this on-line mayhem are called Advanced Persistent Threats (APT). They infiltrate without detection, stay hidden and then execute on demand. And because APTs can morph ‘on the fly’, traditional signature-based network security is struggling to keep up.

It’s not the known threats that are today’s biggest challenge, it’s the unknown ones. So how can you protect against what you don’t know?

Prevent: Known threats

“Taking care of known threats is business as usual,” says Andrew Khan, Business Development Manager - Fortinet at Ingram Micro, distributor of Fortinet’s market leading FortiGate Next Generation Firewalls and associated network security solutions.

“An up-to-date firewall, secure email gateways and endpoint security keep most malware out of your network. But unknown malware and targeted attacks, however, can hide themselves and sneak by traditional network security.

"This is why savvy network managers are adopting a ‘defence-in-depth’ approach… If malware gets by one barrier, it gets stopped at the next one in a multi-layered defence.”

Detect: The unknown

Fortinet’s advanced threat protection, backed by 200 full-time security researchers at the FortiGuard laboratory, can detect previously unknown threats and create actionable threat intelligence. One tactic Fortinet employs is Sandboxing.

“Sandboxing shunts potentially malicious software into a ‘neutral zone’ so its full behaviour can be observed without affecting production networks,” continues Khan.

“This is an effective way to combat many of today’s attacks, especially those that are time sensitive, the so-called zero-day threats. But the bad guys are hard at work finding ways to circumvent sandbox protection. That’s why it’s important to stay updated: just as criminals evolve, your system needs to as well.”

Mitigate: Taking action

The prevention of threats into the network is the first priority for any security system. A clear detection and remediation process is just as critical in case malware gets by the first barriers.  

“Once an intrusion has been validated,” continues Khan, “users, devices and content should be quarantined. Ideally you’ll have systems in place to ensure the safety of network resources and organisational data.

"Collaboration is also critical. FortiGate / FortiSandbox forwards detected malware to the FortiGuard lab where it is analysed in depth. Then updates are fed back to the different services on the network to provide every layer with the right mix of up-to-date protection.”

“Today’s network security isn’t one particular product or methodology,” concludes Khan. “It takes integration and collaboration between multiple technologies, products and procedures.

"Deploying a multi-layered approach with established and emerging technologies is the most effective way to keep your networks safe and break the kill chain of Advanced Persistent Threats.”

For further information, please contact:

Hugo Hutchinson
Business Development Manager
P: 09-414-0261 | M: 021-245-8276

NZ Internet Task Force joins iSANZ Hall of Fame
NZITF chair Barry Brailey and former chairs Mike Seddon and Paul McKitrick received the award in Auckland last week.
Quantum computing: The double-edged sword for cybersecurity
Quantum computing is quickly moving from science fiction to reality.
Three ways to achieve data security whilst enabling BYOD
"A mobility strategy is now more important than ever before, that said, selecting the right one is often no small task."
How IoT and hybrid cloud will change in 2019
"Traditional VPN software solutions are obsolete for the new IT reality of hybrid and multi-cloud."
WatchGuard’s eight (terrifying) 2019 security predictions
The next evolution of ransomware, escalating nation-state attacks, biometric hacking, Wi-Fi protocol security, and Die Hard fiction becomes reality.
GCSB's CORTEX project scoops iSANZ Award
“I believe this award is particularly significant as it is acknowledgement from our peers in the information security industry and from across the private sector."
NZ firms lack cybersecurity confidence, HP survey says
Out of 434 of New Zealand’s small and large businesses, only half (50%) feel confident that they would be able to cope if they experienced a significant cybersecurity breach.
SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.