Product Id: 32926144
Description: Fortinet FortiSandbox 3000E - Security appliance - with 1 year 24x7 FortiCare plus AV, IPS, Web Filtering, File Query and SandBox Engine Updates - 10 GigE - 2U - rack-mountable
Mfr Part #: FSA-3000E-BDL-970-12
Today's most sophisticated cybercriminals are increasingly bypassing traditional antimalware solutions and inserting advanced persistent threats deep within networks. These highly targeted attacks evade established signature-based detection by masking their malicious nature in many ways - compression, encryption, polymorphism, the list of techniques goes on. Some have even begun to evade virtual "sandbox" environments using VM detection, "time bombs" and more. Fighting today's attacks requires a comprehensive and integrated approach - more than antimalware. More than a virtual sandbox. More than a separate monitoring system. FortiSandbox offers a robust combination of proactive detection and mitigation, actionable threat insight and integrated and automated deployment. At its foundation is a unique, duallevel sandbox which is complemented by Fortinet's award-winning antimalware and optional integrated FortiGuard threat intelligence. Years of Fortinet threat expertise is now packaged up and available on site or in the cloud via FortiSandbox.
- Secure virtual runtime environment exposes unknown threats
- Unique multi-layer prefilters aid fast and effective threat detection
- Rich reporting provides full threat lifecycle visibility
- Inspection of many protocols in one appliance simplifies deployment and reduces cost
- Integration and automation with Fortinet threat prevention products enhances rather than duplicates security infrastructure
- Independent testing and certification validates effectiveness
- Proactive detection and mitigation
Suspicious codes are subjected to multi-layer pre-filters prior to execution in the virtual OS for detailed behavioral analysis. The highly effective pre-filters include a screen by the AV engine, queries to cloud-based threat databases and OS-independent simulation with a code emulator, followed by execution in the full virtual runtime environment. Once a malicious code is detected, granular ratings along with key threat intelligence is available, a signature is dynamically created for distribution to integrated products and full threat information is optionally shared with FortiGuard Labs for the update of global threat databases.
- Actionable insight
All classifications - malicious and high/medium/low risk - are presented within an intuitive dashboard. Full threat information from the virtual execution - including system activity, exploit efforts, web traffic, subsequent downloads, communication attempts and more - is available in rich logs and reports.
- Prevent attacks
Fortinet next generation firewalls, secure email gateways, web application firewalls, endpoint security and similar solutions use security such as antivirus, web filtering, IPS, and other traditional security techniques to quickly and efficiently prevent known threats from impacting an organization.
- Detect and analyze threats
FortiSandbox and other advanced detection techniques step in to detect "Zero-day" threats and sophisticated attacks, delivering risk ratings and attack details necessary for remediation.
- Mitigate impact and improve protection
In a Fortinet solution, detection findings can be used to trigger prevention actions to ensure the safety of resources and data until remediation is in place. Finally, the entire security ecosystem updates to mitigate any impact from future attacks through the strong, integrated threat intelligence research and services of FortiGuard Labs.
- Easy deployment
FortiSandbox supports inspection of many protocols in one unified solution, thus simplifies network infrastructure and operations. Further, it integrates with FortiGate as a new capability within your existing security framework.
This deployment mode relies on inputs from spanned switch ports or network taps. It may also include administrators' on-demand file uploads using the GUI. It is the most suitable infrastructure for adding protection capabilities to existing threat protection systems from various vendors.
Various Fortinet products, namely FortiGate, FortiMail, FortiWeb and FortiClient can intercept and submit suspicious content to FortiSandbox when they are configured to interact with FortiSandbox. The integration will also provide timely remediation and reporting capabilities to those devices.