Continuous monitoring assesses and improves security posture against individual and industry baselines while accommodating an evolving threat environment.
Network security specialist Fortinet unveiled a major update to the company's FortiOS network security operating system that powers the FortiGate platform.
The release incorporates numerous updates designed to strengthen Fortinet's Advanced Threat Protection (ATP) framework, which combines the company's technologies with FortiGuard's threat research and response to address cyber-threats and reduce the risk of network breach and data loss.
For example, access control reduces the attack surface by only allowing authorized users to access the network through authorized ports, while threat prevention proactively stops as many attacks as possible by inspecting code, traffic, Websites and applications.
Meanwhile, continuous monitoring assesses and improves security posture against individual and industry baselines, while accommodating an evolving threat environment.
In addition, threat detection continues seeking out indicators of compromise in order to identify previously unknown attacks that bypass traditional defenses, while incident response validates and contains incidents with expert security services, as well as automated actions and updates.
"More than ever, enterprises require intelligent, integrated solutions to prevent data theft and network disruption caused by stealthy, targeted attacks. Despite what many vendors would have you believe, there is no one product or 'silver bullet' to solve this problem," said John Maddison, vice president of marketing for Fortinet. "We have introduced important enhancements to its FortiOS operating system to help better protect against APTs [advanced persistent threats]. FortiOS 5.2 supports the broader, coordinated framework for Advanced Threat Protection that we have established to guide organizations through a structured approach of defense."
New dashboard views, based on user devices, applications, Websites and threats, include severity ratings and drill down to speed response, and new role-based workflow modes to guide incident response among other activities.
On the threat detection side, deeper integration between FortiGate and an enhanced FortiSandbox offer faster deployment and greater protection, while enhanced client behavioral analysis provide additional indicators of compromise and severity rating for the threats to help detect previously unknown attacks.
The updated platform also offers more predefined reports, including botnet activity and can pinpoint compromised systems. New consolidated views with identity-based policy (combining users and devices) and log cross-referencing give users a more complete picture, and access to FortiSandbox community helps to leverage community intelligence.
"All organizations should now assume that they are in a state of continuous compromise," a February report from IT research firm Gartner advised. "Comprehensive protection requires an adaptive protection process integrating predictive, preventive, detective and response capabilities."