Story image

Fortinet’s Advanced Threat Protection: Secure your sensitive data, ensure your privacy

18 Feb 16

Advanced persistent threats are especially nasty. Cybercriminals (the skilled ones, at least) have moved beyond simple intrusions, viruses and worms. Nope, these people want to steal your data, for whatever reason. Your data has value. And the bad guys are willing to invest time and money to break into your network. They have upped the ante.

“Advanced persistent threats are just that - advanced and persistent,” says Andrew Khan, Fortinet Senior Business Manager at Ingram Micro, New Zealand’s largest distributor of Fortinet’s advanced threat protection (ATP) and cybersecurity solutions. “The attack is multi-faceted. They might try to get into your system via email and social engineering; they might target an unsecured mobile phone to gain access and then move sideways into the sensitive data. They look for unprotected ports. Or they’ll try to use brute force to get a weak password. And, if you are a high value target, they’ll keep trying until they get stopped or get through.”

Five key steps to ATP
So what can you do? The answer is to fight multi-faceted threats with defence-in-depth to reduce the attack surface. There are five critical components to advanced threat protection:

  • Access control
  • Threat prevention
  • Threat detection
  • Incident response
  • Continuous monitoring

These components, working in concert and kept current, can go a long way in protecting your network, data and reputation.

Access control
Access control reduces the attack surface by forcing all users and traffic through established inspection points running appropriate threat prevention and detection technologies. Solutions include Layer 2/3 firewalls, patch management and two-factor authentication. A security-centric infrastructure with a hardened OS provides pervasive security.

Threat prevention
Threat prevention stops malware before it enters the network. Most attacks utilise modified versions of known malware to bypass content-oriented inspection. Threat prevention technologies - such as intrusion prevention, application control, web/email filtering and anti-virus/spam - keep the windows and doors shut. Proactive solutions, typically subscription-based services from organisations such as Fortinet’s FortiGuard Labs, can identify and stop most malware.

Threat detection
If you do detect a threat - or even suspect that your perimeters have been breached - you need to take immediate action. For instance, you can ‘sandbox’, run objects in a contained environment, to isolate threats. Similarly, botnet detection uncovers communication patterns indicating botnet activity.

Incident response
If a security event occurs, incident response actions kick in to validate and contain the threat. All components, including those deployed for detection and prevention, need to work in concert for fast response and corrective action.

Continuous monitoring
Containment and response leads into continuous monitoring for ongoing assessments and audits. These activities identify and specify the effectiveness of an organisation’s security, the state of security amongst their peers and the continued evolution in the threat landscape.

“If you can provide these five components inside a homogeneous security-centric framework,” concludes Khan, “you’ll be going a long way to keep your data safe and your reputation intact. Fortinet is leading the charge against these advanced persistent threats and we can help you keep your networks more secure. Give us a call (below) and we can show you how.”

For further information, please contact:

Hugo Hutchinson, Business Development Manager
Mobile :021 245 8276

Marc Brunzel, Business Development Manager
Mobile:  021 241 6946

Andrew Khan, Senior Business Manager
Mobile : 021 819 793

Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
"Is this for real?" The reality of fraud against New Zealanders
Is this for real? More often than not these days it can be hard to tell, and it’s okay to be a bit suspicious, especially when it comes to fraud.
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.
Kordia launches Women in Tech scholarship at the University of Waikato
The scholarship is established to acknowledge and support up-and-coming female talent and future technology leaders.