Story image

Fortinet’s Advanced Threat Protection: Secure your sensitive data, ensure your privacy

18 Feb 2016

Advanced persistent threats are especially nasty. Cybercriminals (the skilled ones, at least) have moved beyond simple intrusions, viruses and worms. Nope, these people want to steal your data, for whatever reason. Your data has value. And the bad guys are willing to invest time and money to break into your network. They have upped the ante.

“Advanced persistent threats are just that - advanced and persistent,” says Andrew Khan, Fortinet Senior Business Manager at Ingram Micro, New Zealand’s largest distributor of Fortinet’s advanced threat protection (ATP) and cybersecurity solutions. “The attack is multi-faceted. They might try to get into your system via email and social engineering; they might target an unsecured mobile phone to gain access and then move sideways into the sensitive data. They look for unprotected ports. Or they’ll try to use brute force to get a weak password. And, if you are a high value target, they’ll keep trying until they get stopped or get through.”

Five key steps to ATP
So what can you do? The answer is to fight multi-faceted threats with defence-in-depth to reduce the attack surface. There are five critical components to advanced threat protection:

  • Access control
  • Threat prevention
  • Threat detection
  • Incident response
  • Continuous monitoring

These components, working in concert and kept current, can go a long way in protecting your network, data and reputation.

Access control
Access control reduces the attack surface by forcing all users and traffic through established inspection points running appropriate threat prevention and detection technologies. Solutions include Layer 2/3 firewalls, patch management and two-factor authentication. A security-centric infrastructure with a hardened OS provides pervasive security.

Threat prevention
Threat prevention stops malware before it enters the network. Most attacks utilise modified versions of known malware to bypass content-oriented inspection. Threat prevention technologies - such as intrusion prevention, application control, web/email filtering and anti-virus/spam - keep the windows and doors shut. Proactive solutions, typically subscription-based services from organisations such as Fortinet’s FortiGuard Labs, can identify and stop most malware.

Threat detection
If you do detect a threat - or even suspect that your perimeters have been breached - you need to take immediate action. For instance, you can ‘sandbox’, run objects in a contained environment, to isolate threats. Similarly, botnet detection uncovers communication patterns indicating botnet activity.

Incident response
If a security event occurs, incident response actions kick in to validate and contain the threat. All components, including those deployed for detection and prevention, need to work in concert for fast response and corrective action.

Continuous monitoring
Containment and response leads into continuous monitoring for ongoing assessments and audits. These activities identify and specify the effectiveness of an organisation’s security, the state of security amongst their peers and the continued evolution in the threat landscape.

“If you can provide these five components inside a homogeneous security-centric framework,” concludes Khan, “you’ll be going a long way to keep your data safe and your reputation intact. Fortinet is leading the charge against these advanced persistent threats and we can help you keep your networks more secure. Give us a call (below) and we can show you how.”

For further information, please contact:

Hugo Hutchinson, Business Development Manager
Mobile :021 245 8276

Marc Brunzel, Business Development Manager
Mobile:  021 241 6946

Andrew Khan, Senior Business Manager
Mobile : 021 819 793

Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.