Product Id: 28053765
Description: Fortinet FortiSandbox 1000D - Security appliance - 10Mb LAN, 100Mb LAN, GigE - 2U
Mfr Part #: FSA-1000D
Today's most sophisticated cybercriminals are increasingly bypassing traditional antimalware solutions and inserting advanced persistent threats deep within networks. These highly targeted attacks evade established signature-based detection by masking their malicious nature in many ways - compression, encryption, polymorphism, the list of techniques goes on. Some have even begun to evade virtual "sandbox" environments using VM detection, "time bombs" and more. Fighting today's attacks requires a comprehensive and integrated approach - more than antimalware. More than a virtual sandbox. More than a separate monitoring system. FortiSandbox offers a robust combination of proactive detection and mitigation, actionable threat insight and easy, integrated deployment. At its foundation is a unique, dual-level sandbox which is complemented by Fortinet's award-winning antimalware and optional integrated FortiGuard threat intelligence. Years of Fortinet threat expertise is now packaged up and available on site via FortiSandbox.
- Secure virtual runtime environment exposes unknown threats
- Unique multi-layer pre-filters for fast and effective threat detection
- Rich reporting for full threat lifecycle visibility
- Inspection of many protocols in one appliance simplifies deployment and reduces cost
- Integration with FortiGate enhances rather than duplicates security infrastructure
- Validated security with NSS BDS (Breach Detection Systems) testing
- Proactive detection and mitigation
Suspicious codes are subjected to multi-layer pre-filters prior to execution in the virtual OS for detailed behavioral analysis. The highly effective pre-filters include a screen by AV engine, queries to cloud-based threat databases and OS independent simulation with a code emulator, followed by execution in the full virtual runtime environment. Once a malicious code is detected, results are submitted for antimalware signature creation as well as updates to other threat databases.
- Actionable insight
All classifications - malicious and high/medium/low risk - are presented within an intuitive dashboard. Full threat information from the virtual execution - including system activity, exploit efforts, web traffic, subsequent downloads, communication attempts and more - is available in rich logs and reports.
- Easy deployment
FortiSandbox supports inspection of many protocols in one unified solution, thus simplifies network infrastructure and operations. Further, it integrates with FortiGate as an additional capability within your existing security framework.
This deployment mode relies on inputs from spanned switch ports and / or administrators' on-demand file uploads using the GUI. It is the most suitable infrastructure for adding protection capabilities to existing threat protection systems from various vendors.
- FortiGate/FortiMail integrated
The FortiGate, as the Internet security gateway, can be set up to submit suspicious files to the FortiSandbox. This seamless integration reduces network complexity and expands the applications and protocols supported including SSL encrypted ones such as HTTPS.
- Distributed FortiGate Integrated
This deployment is attractive for organizations that have distributed environments, where FortiGates are deployed in the branch offices and submit suspicious files to a centrally located FortiSandbox. This setup yields the benefits of lowest TCO and protects against threats in remote locations.
- File analysis tools
Reports with captured packets, original file, tracer log and screenshot provide rich threat intelligence and actionable insight after files are examined. This is to speed up remediation and updated protection.
- VM Sandboxing
Complement your established defenses with great capability - analyzing suspicious and high-risk files in a contained environment to uncover the full attack lifecycle using system activity and callback detection.
- Remediation with FortiMail
With many advanced threats starting with a targeted email that contains custom malware, in addition to social engineering that entices the user to open it, organizations are extending their secure email gateway (SEG) with integrated sandboxing. Specifically, the SEG will hold messages while additional analysis is performed in this contained run-time environment and, ultimately, apply policies based on its returned findings.