Story image

Fortinet's advanced threat protection: Breaking the kill chain

25 Aug 2015

Cyber criminals are getting smarter. No longer satisfied with simply stealing credit card details or defacing web sites, today’s malware mavens want to destroy reputations, disrupt commerce and bring the internet to its knees.

The vehicles for this on-line mayhem are called Advanced Persistent Threats (APT). They infiltrate without detection, stay hidden and then execute on demand. And because APTs can morph ‘on the fly’, traditional signature-based network security is struggling to keep up.

It’s not the known threats that are today’s biggest challenge, it’s the unknown ones. So how can you protect against what you don’t know?

Prevent: Known threats

“Taking care of known threats is business as usual,” says Andrew Khan, Business Development Manager - Fortinet at Ingram Micro, distributor of Fortinet’s market leading FortiGate Next Generation Firewalls and associated network security solutions.

“An up-to-date firewall, secure email gateways and endpoint security keep most malware out of your network. But unknown malware and targeted attacks, however, can hide themselves and sneak by traditional network security.

"This is why savvy network managers are adopting a ‘defence-in-depth’ approach… If malware gets by one barrier, it gets stopped at the next one in a multi-layered defence.”

Detect: The unknown

Fortinet’s advanced threat protection, backed by 200 full-time security researchers at the FortiGuard laboratory, can detect previously unknown threats and create actionable threat intelligence. One tactic Fortinet employs is Sandboxing.

“Sandboxing shunts potentially malicious software into a ‘neutral zone’ so its full behaviour can be observed without affecting production networks,” continues Khan.

“This is an effective way to combat many of today’s attacks, especially those that are time sensitive, the so-called zero-day threats. But the bad guys are hard at work finding ways to circumvent sandbox protection. That’s why it’s important to stay updated: just as criminals evolve, your system needs to as well.”

Mitigate: Taking action

The prevention of threats into the network is the first priority for any security system. A clear detection and remediation process is just as critical in case malware gets by the first barriers.  

“Once an intrusion has been validated,” continues Khan, “users, devices and content should be quarantined. Ideally you’ll have systems in place to ensure the safety of network resources and organisational data.

"Collaboration is also critical. FortiGate / FortiSandbox forwards detected malware to the FortiGuard lab where it is analysed in depth. Then updates are fed back to the different services on the network to provide every layer with the right mix of up-to-date protection.”

“Today’s network security isn’t one particular product or methodology,” concludes Khan. “It takes integration and collaboration between multiple technologies, products and procedures.

"Deploying a multi-layered approach with established and emerging technologies is the most effective way to keep your networks safe and break the kill chain of Advanced Persistent Threats.”

For further information, please contact:

Hugo Hutchinson
Business Development Manager
P: 09-414-0261 | M: 021-245-8276

Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.