AVFirewalls.com - Fortinet

Fortinet Rounds Out Mid-Enterprise Segment with Multi-Threat Security Appliance

2009-11-12T10:21:00.001-08:00

Fortinet- a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced a new FortiGate® multi-threat security appliance that rounds out its mid-enterprise family of products with an entry-level edition in the FortiGate-200B. Continuing the leadership performance of Fortinet's three other FortiGate appliances in the mid-enterprise family, the FortiGate-200B appliance offers high performance with 5 Gbps firewall and 2.5 Gbps IPSec VPN throughputs. The FortiGate-200B is an entry-level product within the mid-enterprise segment and is ideal for deployment in remote and branch office locations. Fortinet's new network security appliance also delivers high port density with 16 ports, all of which are accelerated with FortiASIC™ processors. The FortiGate-200B appliance is expected to be generally available in December and will ship with the newest version of Fortinet's operating system, FortiOS 4.0 MR1.

The FortiGate-200B appliance makes hardware-acceleration and high port density, which enable wire-speed performance and network segmentation, affordable even for small organizations. In addition, accelerated security ensures that broad security protection does not affect application and network availability. The FortiGate-200B is joined by the -310B, -620B and recently announced -1240B products to form Fortinet's complete mid-enterprise product line.

"Our mid-enterprise product family is intended to deliver the best possible security performance and functionality at every price point, even at the entry-level segment supported by the FortiGate-200B," said Anthony James, vice president of products, Fortinet. "In the highly competitive mid-enterprise segment, we believe we have delivered four very competitive, high-value products to meet the diverse and demanding requirements of this customer segment."

Fortinet's FortiMail Earns Platinum Certification for Virus Bulletin's VBSpam Awards

2009-11-12T10:20:00.001-08:00

Fortinet® - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - - today announced that its FortiMail™ email security appliance was awarded Virus Bulletin's highest level "Platinum" certification in the VBSpam Awards.

Virus Bulletin staff tested FortiMail among 13 other anti-spam products for detection rates and the number of false positives. Fortinet�s FortiMail product was one of only two products that achieved the Platinum-level certification, which is given to products with a spam catch rate twice as high and a false positive rate twice as low as the average in the test.

"FortiMail has had a strong support from enterprises worldwide, and being certified as a Platinum product by Virus Bulletin is further validation of FortiMail's strong anti-spam capabilities," said Anthony James, vice president of products, Fortinet. "We are thrilled to have our FortiMail appliance Platinum-certified by Virus Bulletin. The highest-level VBSpam award underscores our dedication to providing customers with powerful and differentiated anti-spam products to meet their constantly evolving security needs."

Fortinet's FortiMail email security appliance is a multi-layered email security platform that removes unwanted spam and provides maximum protection for blended email-related threats. FortiMail enables enterprises to increase productivity by reducing unwanted spam messages and facilitates regulatory compliance through advanced email content archiving and routing.

Fortinet October '09 Threatscape Report Shows Highest Malware Levels

2009-11-05T14:26:00.000-08:00

Fortinet® - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - - today announced its October 2009 Threatscape report revealed the highest level of total malware detected in more than a year and four times greater than detected levels from the September Threatscape report. Mirroring the danger in last period's report, scareware tactics reached an all-time peak this month, with the worst attacks ever reported. In total, the seven malware variants listed in the top 10 malware list all point back to scareware, proving these attacks are occurring fast, hard and often. This unwelcomed news is in addition to recent scareware campaigns observed in the form of botnets, corrupted advertisements and SEO attacks. Key highlights of the October Threatscape report include:

* Scareware celebrates Halloween and masks malicious intent: Extending threat activity from September, scareware again dominates this period in the form of rogue security software, posing as the security suite AntiVirus Pro 2010. Users are schemed into purchasing the software to resolve their alleged problems, while more dangerous implications unfold: downloaders contact a remote server in order to obtain malicious payload and receive updated copies. Other components may be bundled with scareware, such as ransomware and bot agents; once an infection makes its way onto a system, the floodgates open up for cybercriminals. Such scareware activity pushed the pesky Virut and Netsky out of the top 10 malware list for the first time in over a year.
* Botnets make headway: The Trojan downloader Bredolab joined forces with scareware downloaders this period to add another element of surprise. Similar to the scareware framework, Bredolab reports to its network in order to obtain the latest components to download and this month downloaded the AntiVirus Pro 2010 installers. Through this download chain, Bredolab was also linked up to the notorious ZBot keylogger, bringing both a dangerous information-siphoning Trojan and a nasty scareware product together - a potent mix of threats, each one linking to different control sites. The two main Bredolab variants detected this month were W32/Bredo.G and W32/Bredolab.X, most notably included in fake DHL invoice spam campaigns.
* Affiliates extend scareware reach: No doubt scareware was the chart topper this month and the high threat levels can be attributed in part to the popular money-making affiliate programs that tempt participants with a handsome pay-out on each software download purchased. Tools and kits are readily available to participating affiliates, accelerating the distribution of scareware and other malicious components.

"We're seeing record levels of scareware building off volume from September, and the danger in these threats is only becoming more serious as the methods for delivery evolve and the blending of attacks bring more complexity," said Derek Manky, project manager, cyber security and threat research, Fortinet. "As we've seen in the consistency of repeated threats, the old schemes are still proving to be good methods. Enterprises and consumers must take equal responsibility in understanding the disguises of these threats and implementing a multi-pronged security solution that addresses the different and changing characteristics of tried and true tactics."

FortiGuard Labs compiled threat statistics and trends for October based on data collected from FortiGate® network security appliances and intelligence systems in production worldwide. Customers who use Fortinet's FortiGuard Subscription Services should already be protected against the threats outlined in this report.

To read the full October Threatscape report, which includes the top threat rankings in each category, please visit: http://www.fortiguard.com/report/roundup_october_2009.html. For ongoing threat research, bookmark the FortiGuard Center (http://www.fortiguardcenter.com/) or add it to your RSS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html. Additional discussion on security technologies and threat analysis can be found at the FortiGuard Blog at http://blog.fortinet.com. To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html.

FortiGuard Subscription Services offer broad security solutions including antivirus, intrusion prevention, Web content filtering and anti-spam capabilities. These services help enable protection against threats on both application and network layers. FortiGuard Services are updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and zero-day protection from new and emerging threats. For customers with a subscription to FortiGuard, these updates are delivered to all FortiGate, FortiMail™ and FortiClient™ products.

Fortinet Announces New Switching Portfolio for High Performance

2009-11-05T14:16:00.000-08:00

Fortinet® - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced its next-generation FortiSwitch™ family with the debut of two new 10 gigabit Ethernet (GbE), ultra-low latency switching platforms that feature high port density and "lossless" scalability. The FortiSwitch-1000 chassis and FortiSwitch-500 platform are designed to build high-performance network fabrics such as those required by supercomputers for calculation-intensive tasks or high-speed interconnect applications for server virtualization, data center consolidation, and parallel and cloud-based computing. With a high port-density of up to 576 10 GbE interfaces per seven-foot rack, the new FortiSwitch products can scale to thousands of non-blocking ports for maximum performance in minimal data center square footage. The introduction of these FortiSwitch products complements Fortinet's existing high-end 10 GbE security infrastructure. Fortinet is also introducing the FortiSwitch-100 "top-of-the-rack" switching platform as a complementary product intended to reduce overall data center deployment costs.

As bandwidth requirements in the data center core increases and 10 GbE performance is more commonplace, the underlying switching technology needs to come up to speed without adding more complexity to the network architecture or increasing the physical footprint. With FortiSwitch hardware at the core, network operators can build wire-speed, highly scalable and ultra-low latency network fabrics with the simplicity and robustness of standard Ethernet. Traffic congestion is minimized by using Fortinet's vScale™ multi-path traffic switching and dynamic congestion avoidance features, which re-route data flows to the lowest latency path in real-time and while maintaining full Ethernet compliance.

"The high-port density and high-speed switching capabilities of the new FortiSwitch platforms underscore the performance- and value-centric philosophy of Fortinet's entire product portfolio," said Anthony James, vice president, product marketing, Fortinet. "These combined benefits - the industry-standard Ethernet interface, Fortinet's vScale switching technology, and value-focused product line - will enable customers to more easily build a high-performance network fabric at industry-leading price points."

Dr. Bruce Allen, director of the Observational Relativity and Cosmology division at the Max Planck Institute for Gravitational Physics (Albert Einstein Institute), says: "Fortinet's FortiSwitch product uses unique technology to make a faster yet less complex switch. It enabled the Atlas computer cluster in Hannover to be the fastest Ethernet-based computer cluster in the world."

The Max Planck Institute for Gravitational Physics is the largest research center solely devoted to the whole spectrum of general relativity and beyond. The "Atlas Computer Cluster" is a part of the institute.

FortiSwitch Product Line-up

FortiSwitch-1000 is a 10 GbE switching platform designed for high performance computing and data center fabrics; its fully redundant and modular 10RU chassis houses configurable line cards, supporting up to 144 10 GbE interfaces. Multiple chassis can be interconnected to provide greater scalability; the FortiSwitch-1000 chassis is also interoperable with the FortiSwitch-500/100 appliances.
FortiSwitch-500 is a 10 GbE switching platform designed for high performance computing and data center fabrics; its fully redundant and modular 1RU platform offers 24 10 GbE interfaces. Multiple appliances can be interconnected to provide greater scalability; FortiSwitch-500 appliances are also interoperable with the FortiSwitch-1000/100 platforms.
FortiSwitch-100 is a GbE and 10 GbE switching platform designed for data center top-of-rack server aggregation; packaged in a compact 1RU form factor, the FortiSwitch-100 platform delivers full wire speed Layer 2/3/4 switch features at industry-leading price points. Working in conjunction with the FortiSwitch-1000 or -500 platforms, the FortiSwitch-100 series switch dramatically reduces overall data center deployment costs while preserving key performance innovations offered on other two FortiSwith-1000 and -500; comes with 48 wire speed 10/100/1000 ports with options including 4 x 10 GbE active CX4 or 4 x 10 GbE SFP+ uplinks.

This new FortiSwitch product set was added to Fortinet's product line as a result of Fortinet's purchase of certain assets from Woven Systems earlier this year.

Fortinet Announces Integrated Network and VoIP Security Platform

2009-11-05T14:14:00.000-08:00

Fortinet® - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced a new FortiGate® multi-threat security appliance with integrated internet protocol private branch exchange (IP-PBX) functionality, consolidating data and voice over IP (VoIP) security management into a single device. Aimed at medium and large enterprises with remote and branch offices, the new FortiGate Voice-80C offers organizations easier management of UTM security and PBX functionality by consolidating the two traditionally separate devices into one platform. The FortiGate Voice-80C supports Session Initiation Protocol (SIP), which lowers costs by enabling organizations to use VoIP inside and outside of the local area network (LAN). Additionally, as a complement to the new FortiGate Voice solution, Fortinet will be offering a SIP-compatible handset. The FortiGate Voice-80C is also compatible with most VoIP SIP handsets on the market.

With Fortinet's new FortiGate Voice-80C, remote and branch offices that are utilizing an analog PBX phone system can now tackle network and VoIP security management simultaneously without the additional investments required for individual hardware devices. For large enterprises that are supporting a growing mobile workforce with multiple voice and data clients, Fortinet's integrated UTM and SIP-compatible IP-PBX solution offers multiple points of protection, while also offering a reduction in the overall operating expenses (OPEX) and capital expenditures (CAPEX) associated with managing multiple devices and maintaining separate voice and data services. SIP permits businesses that have a PBX installed to use VoIP also outside the enterprise network by using the same connection as the Internet connection. It also enables remote offices to communicate with headquarters via VoIP, thus reducing costs by eliminating the need for separate voice and data lines.

Voxter Communications is a Vancouver, Canada VoIP provider and Fortinet partner. "A product like Fortinet's FortiGate Voice is important to us because of the benefit of combining PBX with UTM security and being able to manage both technologies from a single appliance," said Dayton Turner, CTO at Voxter Communications. "Our customers can also benefit from a product like FortiGate Voice-80C because it offers an extra layer of VoIP and network security without having to overhaul their network."

"Organizations of all sizes have been migrating to a Voice over IP architecture for years and while the benefits of both voice and data transmitting over IP have been proven in the reduction of cost as compared to legacy systems, the management of VoIP and security has historically been approached separately, leading to unnecessary expenses and unwanted security surprises," said Michael Xie, CTO and co-founder, Fortinet. "By combining data and voice protection into one device, Fortinet is further extending the value of its consolidated security approach, by enabling greater protection across multiple clients - voice and data - and at the best price for customers."

Partner OpportunitiesThe FortiGate Voice-80C also opens up new opportunities for Fortinet reseller partners and Internet telephony service providers (ITSP) with more competitive solutions and an integrated approach to network security, broadband security and SIP trunking. By offering a single platform for data and voice security, resellers and ITSPs can provide a one-stop solution for network security and VoIP. Additionally, for service providers offering SIP trunking as a way to extend the value of IP-PBX systems, Fortinet eliminates the need for two separate devices - IP PBX and SIP-enabled edge device or border element - and integrates voice and data security into one service offering, providing a significant cost savings for service providers and enterprises.

Based on the successful FortiGate-80C platform, Fortinet's new integrated voice solution delivers the same broad security for branch offices, small offices and home offices, as well as for service provider and mobile point-of-sale applications, as its antecedent, but with the added functionality of PBX security management and support. With Fortinet's security-hardened operating system, FortiOS, the FortiGate Voice-80C provides the full suite of Fortinet's UTM security and network services, including: a stateful firewall, IPSec/SSL VPN, Intrusion Prevention System, antivirus/antispyware/antimalware, Web content filtering, antispam, application control, data leakage protection, SSL inspection and WAN optimization.

New Fortinet Security Appliance Breaks Firewall/VPN/Price Performance Records

2009-10-28T08:56:00.001-07:00

Fortinet® - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced a new FortiGate® multi-threat security appliance designed to meet high-end requirements of the mid-enterprise customer segment. The new FortiGate-1240B appliance offers best-in-class 40 Gbps firewall and 16 Gbps IPSec VPN throughputs, which represent a 400- and 800-percent performance advantage, respectively, over the nearest competitor*. The FortiGate-1240B platform continues the technology excellence formula introduced on the other two members of Fortinet's mid-enterprise family - the FortiGate-310B and FortiGate-620B - by also providing the highest port density and best price/performance ratio among products in its class*. The three products make up Fortinet's complete range of multi-threat security appliances for the mid-enterprise.

Fortinet is also announcing new and improved functionalities for its FortiOS™ 4.0 operating system with a new maintenance release (FortiOS 4.0 MR1), which powers all FortiGate devices. Among the dozens of enhancements in this new release, FortiOS 4.0 MR1 will add antivirus scanning and URL filtering for IPv6 traffic, optimized log data to reduce network storage consumption by 50 percent, policy-based granular endpoint control for FortiClient™- capable endpoints, and enhanced data loss prevention (DLP) capabilities.

Mid-sized enterprises have the same fundamental security challenges as high-end enterprise organizations, including higher network throughput, increased port density to enable greater network segmentation, and sophisticated security control. This allows customers to segment dozens of LANs within their larger network, each with its own set of security policies and performance requirements. The combination of these attributes is integrated into a single FortiGate-1240B multi-threat security appliance, which now has even greater functionality due to the new FortiOS 4.0 MR1 enhancements.

"Our product strategy is to deliver the highest benefit that technology has to offer at the best possible performance and price, whether for networks of several hundred or several thousand," said Michael Xie, CTO and co-founder, Fortinet. "Cybercriminals target small and mid-sized enterprises just as they do the largest, so we've applied the same high-technology philosophy to our mid-enterprise products as we have our highest enterprise products, which give customers the most effective line of defense for their individual networks."

Underscoring a Successful Strategy
Similar to the first two members of the Fortinet mid-enterprise family, the new FortiGate-1240B appliance gives customers the security, performance and flexibility that were previously only available to high-enterprise customers at a fraction of the cost. Among similar products in the high-end mid-enterprise segment, the FortiGate-1240B product shows orders of magnitude advantage in firewall/IPSec performance, achieved through high port density that is accelerated with Fortinet's newest generation of network (NP4) and content (CP6) FortiASIC™ processors.

The FortiGate-1240B appliance offers the following leadership metrics when compared with other multi-threat security appliances in its class:

* Highest firewall/IPSec performance with 40 Gbps and 16 Gbps performance, respectively;
* Highest Gigabit Ethernet port density at 40 GbE ports, 38 of which are ASIC-accelerated; closest competitor offers 10 total ports;
* Firewall inspection of up to 2 million concurrent sessions, nearly doubling that of competitors;
* Six storage module slots enabling up to 384 gigabytes of storage, more than doubling storage capacity of competitive products; ideal for new services included in FortiOS 4.0 such as WAN optimization or storing reporting data for compliance purposes.

With enhancements to FortiOS 4.0, FortiGate-1240B customers will also see the following new functionalities:

* IPv6 support: Adds support for antivirus scanning and URL filtering of IPv6 traffic. Many security vendors are still lagging in supporting the new IP protocol, which is being adopted first by the federal segment in the U.S., the carrier segment globally, as well as for core networking in Japan.
* Log Optimization/Reduction: Log optimization reduces the amount of information generated by up to 50 percent, effectively reducing by half the amount of information transmitted across the network, as well as the amount required to be stored and maintained for security analysis and assisting with policy compliance.
* Endpoint Network Access Control (NAC): As part of the FortiGuard® subscription service, a FortiGate platform can monitor the applications being installed on FortiClient-managed endpoints. FortiGate can block access to users that run or install violating applications, ensuring policy compliance against unauthorized applications.
* Improvements in Data Loss Prevention: Improved ability to detect data loss where international character sets are used.

Volkswagen Mexico Drives off Network Threats with Fortinet

2009-10-15T10:33:00.000-07:00

Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced that Volkswagen Mexico has deployed Fortinet's FortiGate® multi-threat appliances for firewall, intrusion prevention (IPS), virtual private network (VPN), Web content filtering, anti-spam and antivirus protection at its Mexico headquarters and 300 dealerships nationwide. Volkswagen Mexico has also deployed Fortinet's FortiMail™ multi-layered email security platform and FortiManager™ management and reporting appliance to monitor network activity and attempted attacks.

With annual revenue of $166 billion, Volkswagen is ranked #14 on Fortune's Global list of top companies and is Europe's largest car manufacturer. Volkswagen Mexico is responsible for 300 dealerships representing the Volkswagen brand as well as Bentley, Porsche, Seat, Audi and VW commercial trucks.

Volkswagen Mexico's previous MPLS open network had no network security solution in place, so when a virus or malware hit the network, it was quickly distributed throughout the 300 dealerships and would disable the entire network. After evaluating multiple security vendors, Volkswagen narrowed their search down to Juniper and Fortinet. Fortinet's strong management solution, which allows Volkswagen to centrally manage and create rules specific to each dealership, was the deciding factor in purchasing the FortiGate solution.

"Using Fortinet appliances, we have been able to apply high technology to solve to a business problem - protecting our assets while controlling costs. In doing so, we've now achieved a good ROI for each network connection and improved the productivity of our employees," said Glenn Pereira Espinoza, information systems manager for Volkswagen Mexico. "No longer does our IT staff have to worry about viruses proliferating and taking down the entire network."

The Secured Network Topography
An enterprise-class FortiGate-1000 appliance is located at Volkswagen Mexico's headquarters and is connected to FortiGate appliances located at the 300 distributed dealerships to provide point-to-point VPN connectivity by serving as a VPN concentrator. Each of the 300 dealerships has either a FortiGate-100A, FortiGate-80C or FortiGate-60 appliance. The model of the appliance is determined by the number of users at each dealership. These FortiGate appliances are being used for firewall, IPS, VPN, Web content filtering, antivirus and anti-spam protection.

Volkswagen has also deployed four FortiMail appliances to protect from unwanted spam traversing the network of some of the network nodes: for example AFASA, the credit division of Volkswagen that is responsible for all credit applications.

Information security is considered a critical service for VW and their national network of dealers, so they were very careful in selecting the right integrator. Looking for a managed service security provider (MSSP) they selected TI America, a Fortinet partner in Latin America and trusted advisor to Volkswagen Mexico. TI America is responsible for all policy, management and operation of the entire VM Mexico network. By connecting directly to a FortiManager-400 at Volkswagen's headquarters, TI America is able to make adjustments to the policies and rules in place to help protect the network. TI America can also easily diagnose and remotely fix a network problem at a dealership via the FortiManager. Dealership employees do not have to be technically proficient with FortiGate appliances, and the consistent GUI across all FortiGate platforms allows the TI America to easily manage the appliances without additional training.

"The global brand of quality that Volkswagen represents is deserving of the world-class protection that Fortinet offers, and we are very pleased to be able to help secure their network in an economical and efficient way," said Pedro Paixao, regional director for Fortinet Latin America. "Fortinet's combination of broad security and central management allows large enterprises such as Volkswagen to easily manage both core and distributed networks, saving companies both capital and operation expenses."

Fortinet's FortiGate systems are ASIC-accelerated security appliances that integrate essential security applications such as antivirus, firewall, VPN, intrusion prevention, Web content filtering, anti-spam and traffic shaping. All FortiGate systems are kept up to date automatically by Fortinet's FortiGuard® Network, which helps ensure protection against the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, other unwanted network traffic and more - around the clock and around the world.

Fortinet Releases Major Update for Database Security and Compliance Solution

2009-10-15T10:30:00.000-07:00

Fortinet – a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions – today announced a major upgrade of its database security and compliance product, FortiDB™. In the new FortiDB 4.0 release, Fortinet has focused on making deployments and maintenance faster and easier. New features include a more intuitive graphical user interface, centralized policy management, and new data collection methods for agent-based auditing. Additionally, the new architecture is designed to improve scalability and performance, which will help customers optimize their hardware resources and result in better total cost of ownership. Fortinet is also offering a trial version of the FortiDB vulnerability assessment (VA) tool for customers who would like to test the product prior to purchase.

“This major upgrade to our FortiDB product line is designed to simplify and hasten the process of implementing or expanding a database security solution, especially in this environment of increased cybercriminal activity where databases are increasingly targeted,” said Anthony James, vice president of product marketing, Fortinet. “In addition, as there is greater pressure now more than ever in meeting regulatory compliance for normal business operations, we’ve enhanced the auditing methodology so that reports can be generated more quickly with minimal impact to system performance.”

Product Feature Details

* Ease of Deployment/Management: New features of FortiDB are designed to enhance ease of deployments and management for vulnerability assessment and database activity monitoring (DAM), especially in enterprise environments and virtualized environments. For example, users can now define a set of monitoring and audit policies and apply them against a group of databases for much more simplified management. This will dramatically simplify the deployment of FortiDB for security purposes and also enable users to generate audit and compliance reports much faster.
* Enhanced and additional audit data collection: FortiDB 4.0 supports native audit-based data collection, which has been enhanced to minimize system performance impact. Additionally, there are new agent-based audits for data collection which doesn’t require the native audit being turned on. Both these features result in a lower performance impact on the monitored databases.
* Scalability/performance: With the new architecture and improved data collection methods, one FortiDB system will be able to handle hundreds of millions of audit records a day, which represents a five to tenfold increase compared to the previous product version. This will result in lower deployment and maintenance costs. With better utilization and tuning of the internal storage of FortiDB, the performance of the alerting and reporting shows significant improvements.

Fortinet Joins PCI Security Standards Council

2009-10-15T10:29:00.000-07:00

Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced that it has joined the PCI Security Standards Council as a participating member. The PCI Security Standards Council (PCI SSC) is a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Entry Device (PED) Security Requirements and the Payment Application Data Security Standard (PA-DSS).
The mission of the PCI Security Standards Council is to enhance payment account data security by driving education and awareness of the PCI Security Standards. The organization was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa, Inc.

As part of the PCI Security Standards Council, Fortinet will have access to the latest payment card security standards from the Council, be able to provide feedback on the standards and join a growing community that now includes more than 500 organizations. Fortinet now has the option to incorporate the latest PCI standards in its line of network security hardware appliances including its flagship FortiGate product line. In an era of increasingly sophisticated attacks on systems, adhering to the PCI DSS represents an organization's best protection against data criminals.

"The PCI Security Standards Council is committed to helping everyone involved in the payment chain protect consumer payment data," said Bob Russo, General Manager of the PCI Security Standards Council. "By participating in the standards setting process, Fortinet demonstrates they are playing an active part in this important end goal."

"PCI compliance is no longer a nice to have - it's a must have for companies to securely do business online. Working closely with the PCI Security Standards Council is allowing Fortinet to be at the forefront of PCI-based decisions that will directly affect our customers," said Anthony James, vice president of product marketing for Fortinet.

Fortinet September '09 Threatscape Report Shows Scareware Anniversary Spike

2009-10-02T10:14:00.000-07:00

Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced its September 2009 Threatscape Report uncovered a preponderance of scary tactics, showing continued strength one year after the initial cyberspace explosion of scareware in September 2008. Just in time for Halloween, cyber criminals are spooking the innocent with scams including email threats, botnet downloads and fraudulent software - ultimately aimed at scaring users into actions intended to exploit their pocketbooks. Additionally, newly uncovered vulnerabilities as well as exploits targeting new vulnerabilities remained high this period. Key highlights of the September Threatscape Report include:

* Bredolab and others spook users for scareware anniversary celebration: Marking the one year anniversary since the initial explosion of scareware across cyberspace, the Bredolab botnet (W32/Bredo.G), a Trojan downloader linked to rogue security software, was highly active this period. This is another example of the growing trend in broad distribution of fraudulent software (recent examples this month include SEO black hat campaigns, the NY Times malicious advertisements and a variant of Pushbot downloading such payloads). Bredolab variants were pushed out through a mass mailing campaign that sends fake DHL invoices; if opened, the machines are then recruited into a network of zombies. ZBot was again active this period, with the do-it-yourself botnet spreading through another mass mailing attack disguised as a tax scare from the IRS. The supplied link, which includes the recipient's name alongside an IRS sub-domain (formed to a malicious domain), is one way to identify and prevent infection from this attack.
* Spam pushes creative money mule hook: In line with the massive scareware tactics rampant this period, cybercriminals continued to roll out creative money mule hooks to lure in unsuspecting end-users with too-good-to-be-true offers. Similar to last period's Honeywell job listing, spammers pushed out another attractive job advertisement for Global Shipping Agency through a professional-looking email that requires the user's bank account to process customer payments.
* Zero-day attacks: One of two fresh remote-code execution vulnerabilities to make a stir this month was Microsoft Server Message Block (SMB2, CVE-2009-3103), which reported low but steadily increasing exploit activity. Additionally, a second vulnerability - Microsoft ISS FTP Service (CVE-2009-3023) - also popped up new this period, while Adobe Reader/Flash (CVE-2009-1862) continued with increasing levels of activity. Microsoft has released a temporary fix for CVE-2009-3103 (SMB2).

"We're seeing a steady if not rapid growth of scareware which - like other high-profile threats - will eventually begin to diminish in success and profitability once end-users become wise to them," said Derek Manky, project manager, cyber security and threat research, Fortinet. "However, it's clear that these get-rich-quick schemes are still proving to be successful today, and cybercriminals will undoubtedly continue to mine them until they are forced to move onto other innovative ways to exploit end-users. End-users should continue to be wary, and proceed online as they would offline with the notion that if it's too good to be true, it likely is."

The FortiGuard research team compiled threat statistics and trends for September based on data collected from FortiGate® network security appliances and intelligence systems in production worldwide. Customers who use Fortinet's FortiGuard Subscription Services should already be protected against the threats outlined in this report.

U.S. Army Adds Fortinet Consolidated Security Appliances to Approved Product List

2009-09-25T10:25:00.000-07:00

Fortinet® – a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced that the Fortinet FortiGate® family of multi-threat security appliances has successfully completed the stringent certification process and is now approved for listing on the U.S. Army Information Assurance Approved Products List (IA APL). The product has been approved by the Army Office of Information Assurance and Compliance (OIA&C), having completed all of the steps necessary, including a favorable evaluation conducted by the U.S. Army Technical Integration Center (TIC).

“Fortinet is very pleased to be added to the Army IA APL and to have established an excellent working relationship with the Army OIA&C and TIC. Adding IA APL certification to Fortinet’s other government certifications, such as FIPS 140-2 Level 2 and EAL 4+, should give our customers greater assurance that their security acquisitions are in federal compliance -- with the U.S. Army in particular and the DoD in general,” said Jeff Lake, vice president, Federal Operations, Fortinet. “With Fortinet, the Army will be able to confidently increase their security posture while reducing costs, just like many other DoD tactical and garrison, intelligence community and civilian agency customers.”

In addition to this latest U.S. Army IA APL certification, Fortinet’s FortiOS 3.0 and specific FortiGate multi-threat security appliance models have been certified to Federal Information Processing Standards (FIPS) 140-2 Level 2. FortiOS is Common Criteria EAL4+ certified by NIAP and is currently undergoing testing for the NIAP Common Criteria Medium Robustness V3.0 program.

Fortinet’s FortiGate systems are ASIC-accelerated security appliances that integrate essential security and network functionalities such as firewall, VPN, intrusion prevention, Web filtering, antivirus, anti-spam, data leakage protection, application control, traffic shaping and WAN acceleration. All FortiGate systems are kept up to date automatically by Fortinet’s FortiGuard® Network, which helps ensure protection against the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, other unwanted network traffic and more - around the clock and around the world.

Fortinet to Present at Virus Bulletin VB2009 Conference

2009-09-18T13:36:00.000-07:00

Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced that four experts from its FortiGuard® Global Security Research Team will be sharing their insights on the current malware landscape at Virus Bulletin's VB2009 conference on September 23-25, 2009, in Geneva, Switzerland.

Members of Fortinet's security research team will present the following papers:

* "Fighting cybercrime: technical, juridical and ethical challenges," Wednesday, September 23, 4:20 p.m. Speaker: Guillaume Lovet, Threat Response senior manager.
* 'I am not a numero!': assessing global security threat levels," Thursday, September 24, 10:40 a.m. Speaker: Bryan Lu, FortiGuard project manager.
* "The hackpacker guide: an in-depth look into custom run-time packers," Thursday, September 24, 5:00 p.m. Speaker: Xu Yang, FortiGuard project manager.
* "Botnet-powered SQL injection attacks: a deeper look within," Thursday, September 24, 4:20 p.m. Authors: David Maciejak, IPS analyst, and Guillaume Lovet

Introduced in 1991, the VB conference is considered the anti-malware event of the year. The conference represents an opportunity for experts in the field to share their research interests, discuss methods and technologies and set new standards, as well as meet with - and learn from - those who put their technologies into practice in the real world. Only 38 of more than 160 proposals were selected by the VB2009 committee for this year's conference program. The strong presence of Fortinet's industry experts comes in recognition of their major contribution on the latest findings on global Internet threats and attacks.

Fortinet Gains NEBS Level 3 Compliance for Carrier-Class Security Appliances

2009-09-18T11:42:00.000-07:00

Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced that certain appliances within its FortiGate-5000 Series multi-threat security product line have gained NEBS Level 3 compliance - a requirement for operation of carrier-class equipment in the central offices of major telecommunications companies. NEBS compliance is ascertained through a collection of independently administered tests that measure the tolerance of hardware equipment in extreme environmental, electrical and physical conditions. NEBS is recognized by the major telecommunications companies around the world.

As a result of rigorous testing performed by Underwriters Laboratories, Inc., the FortiGate-5140D chassis, with FortiGate-5001A-DW and FortiSwitch-5003A modules, were found to have met all mandatory Telcordia GR-1089 and GR063 requirements and are therefore considered to be NEBS Level 3 compliant.

"The FortiGate-5000 Series is a high-performance, chassis-based product line that was designed for the stringent requirements of carrier-class equipment; we are very pleased to have the ruggedness of this product line verified with NEBS Level 3 compliancy," said Anthony James, vice president of product marketing, Fortinet. "Our enterprise and carrier customers around the world have successfully deployed the FortiGate-5000 Series for many years, but the NEBS Level 3 compliance now gives them even greater assurance of the reliability of their Fortinet network security infrastructure."

Fortinet Releases Modular Enterprise Endpoint Security Suite

2009-09-08T15:27:00.000-07:00

FortiClient 4.1 Premium Edition Offers High-Performance, Full-Featured Protection for Laptops, PCs; Freeware Version Minimizes Network Risks from Unprotected Personal Device. Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced the latest release of its FortiClient™ Endpoint Protection Suite, which introduces a host of enterprise-class features to support the largest and most performance-intensive environments. In its latest version 4.1 release, FortiClient offers new features including SSL VPN, WAN optimization, application detection and endpoint control, while providing a fully manageable compliance infrastructure to help businesses reduce exposure to cyber security threats. As a full-featured solution, FortiClient 4.1 can provide broad protection for laptops and PCs or be implemented modularly to co-exist with other dedicated security products for endpoints.

Fortinet is also offering a standard and unmanaged version of FortiClient 4.1 that is free of charge to anyone - consumers, small businesses, large enterprises - who seeks comprehensive protection for their laptops and personal computers. Whereas many endpoint security solutions available on the market only provide firewall and/or antivirus protection, both the complimentary and licensed versions of FortiClient 4.1 offer the consolidated security approach of Fortinet's FortiGate® enterprise-class, multi-threat network appliances. Both versions also receive automatic updates from the FortiGuard® subscription service to help ensure protection against the latest threats.

The aggressive cybercrime environment that consumers and businesses face today means that every computer not connected to a secure network perimeter is at risk. In addition, mobile or remote clients open networks to infection and added risk every time those clients re-connect. By offering complimentary and licensed versions of its FortiClient 4.1 solution, Fortinet is helping to minimize the infestation of networks by removing the cost barriers that prevent consumers from deploying appropriate protection, especially as the lines between work and home computers are ever blurring with Internet email and increased use of potential virus transporters such as USB storage devices.

"With FortiClient Endpoint Security Suite, there is no reason for users around the globe not to have broad security protection for their laptop or desktop," said Anthony James, vice president of products, Fortinet. "An unsecured endpoint or one that only provides AV or firewall protection - whether for personal or business use - should be considered an imminent threat. It's not enough to offer minimal protection for endpoints or for just the ones touching the networks, which is why we're making the latest FortiClient product with enterprise-level security available to everyone."

Product Line & Features
A key benefit of FortiClient 4.1 is its modular functionality, which allows organizations that do not want to immediately supplant their current endpoint strategy to augment and enhance their security posture for endpoints. The features of FortiClient 4.1 can be implemented in full or turned on individually to meet the specific needs of each organization. Following are the latest enterprise-class features being introduced in the FortiClient 4.1 release:

* Application Detection - provides security policy for applications regardless of port or protocol used for communication;
* SSL VPN - offers secure connection to internal Web applications in the security perimeter;
* Accelerated Performance - along with WAN acceleration, the 4.1 release advances performance with new accelerated antispyware and antivirus engines that results in a 3x performance increase over the previous FortiClient 4.0 version; new antispyware engine adds yet another layer of protection against malware, performing a full system scan for known malware in just seconds;
* Endpoint Control - broad global automated infrastructure to help enforce endpoint security compliance.

The complete FortiClient product line is made up of the following three products:

* FortiClient Premium Edition - includes SSL/IPSec VPN, WAN optimization client, application detection, endpoint control, host antivirus/antispyware, firewall, intrusion prevention service, Web content filtering, endpoint management (FortiManager), FortiCare support services, antispam and Web content filtering re-rating
* FortiClient Standard Edition (complimentary version) - all premium edition features except endpoint management (FortiManager), FortiCare support services, antispam and Web content filtering re-rating
* FortiMobile™ for Windows Mobile, Symbian & Pocket PC - IPSec VPN, phone security with handset data encrypt/decrypt, personal firewall, antivirus, incoming call filter, SMS antispam, multi-language support

Malware Variants Mark Record-Breaking Activity Levels

2009-09-08T14:57:00.000-07:00

Fortinet- a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced its August 2009 Threatscape Report. Vacations may be wrapping up towards the end of summer, but there was no time-off for the threat landscape as Fortinet reports a flood of malware activity executed through several spam campaigns in this period. In addition, increasing levels of software vulnerabilities were marked by critical in-the-wild exploits. Key highlights of the August Threatscape Report include:

* ZBot Variant Bumps Headline-making Worms of Years Past: Surpassing the single-day run of the Sober worm in 2006, the Storm worm in 2007 and rogue security software in 2008, ZBot variants flooded cyberspace on July 24th with record levels: one through HTML/Agent.E, an attachment in an email which used the ever-popular eCard hook to potentially steal and sell personal consumer information. An additional ZBot variant made it to the top 10 malware list, yet, even with such high activity rates, ZBot still didn't grab up the top position. Instead, the online gaming trojan W32/OnlineGames.BBR maintained its first place position for the third consecutive month.
* Spam Continues to Test the Unsuspecting: While the popular eCard social engineering campaign continued to prey on the innocent, this month's report highlighted a newly rendered - but an old time classic - money mule scheme. Using a fake job advertisement, this plays on a legitimate company name and the desperation of victims to make a quick buck in a money-laundering scheme. Israel entered the top five region list for receiving high spam volume, while the USA, Japan and France accounted for the remaining share of detected spam.
* Cause for Remote Code Execution Concern: Marking a consistent trend of increasing software vulnerabilities, threat rates during the August period jumped up from July. Of 168 new vulnerabilities detected, 62 were reported to be actively exploited in the wild, with a large portion of these attacked vulnerabilities rated as critical. Critical vulnerabilities typically indicate a concern for remote code execution - an easy way for attackers to permeate a system. Two in-the-wild vulnerabilities in Microsoft Office Web Components (MS09-043) and in Adobe Reader/Flash (APSA09-03) were detected to have consistent exploit activity during this period, as well.

"Threat activities for this month involved a few well-known schemes that are up to some new tricks, a good indication that cyber criminals weren't pulling out all the stops, but they certainly weren't taking a break during summer vacation," said Derek Manky, project manager, cyber security and threat research, Fortinet. "With criminals counting on consumers to fall for virtually the same old tricks, it can't be stressed enough that we need to know whom and what to trust - this is an important element to a robust security model."

The FortiGuard research team compiled threat statistics and trends for August based on data collected from FortiGate® network security appliances and intelligence systems in production worldwide. Customers who use Fortinet's FortiGuard Subscription Services should already be protected against the threats outlined in this report.

Fortinet's Kendra Krause Recognized by Everything Channel’s CRN Magazine

2009-08-27T13:37:00.000-07:00

Fortinet, Inc., a provider of network security appliances and unified threat management (UTM) solutions, today announced that Kendra Krause, the company’s vice president of channel sales, has been recognized by Everything Channel’s CRN Magazine as one of the Top 100 Women in the Channel. The Top 100 Women in the Channel were chosen by the editors of the magazine based on their achievements as executives and the amount of influence they wield over the technology channel.

Krause is responsible for strategy and management of channel sales, enablement and marketing programs for Fortinet’s channel partners around the globe. She plays a pivotal role in supporting Fortinet’s channel-focused sales model. With more than 10 years of channel experience, Krause has helped Fortinet create a team entirely dedicated to help partners plan, support and drive their businesses. Under her leadership, Fortinet’s channel account team has grown significantly, establishing a strong support system for the company’s FortiPartner program. The program recently earned Everything Channel’s Company of the Year award for the Network Security Appliances category of the Everything Channel 2009 ARC Awards. In addition, Fortinet also received certification as a Five-Star Partner from Everything Channel for the third consecutive year in 2009, an acknowledgement of the strength of Fortinet’s FortiPartner Program for IT integrators, solution providers, resellers and consultants.

“We are very pleased and honored that Everything Channel has once again recognized Kendra as a champion of the channel community and a strong asset for Fortinet,” said Michael Valentine, vice president of Americas sales and support, Fortinet. “Kendra and her team have worked hard not only to maintain our channel program in a tough economy, but also to innovate and invest in our partners during a time when they need vendor support the most.”

“We are very pleased to see women executives reaching the highest levels in a wide range of dynamic companies. It is with great pleasure that we honor the women that have made a profound impact in the technology marketplace. We offer our congratulations to Kendra for her significant contributions to our industry,” said Robert C. DeMarzo, senior vice president and editorial director, Everything Channel.

Fortinet Named Overall Winner in Network Security Appliance Category

2009-08-27T13:34:00.000-07:00

Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions, today announced it has been named to Everything Channel's 2009 Annual Report Card (ARC). For 24 years, the ARC Awards have recognized outstanding partner programs and superb vendor service. The ARC awards were held at an awards ceremony on Wednesday, August 19, during the XChange '09 conference at the Gaylord National Hotel in Washington, DC.

Fortinet was named ARC Overall Winner and Company of the Year in the Network Security Appliance category. In 2009, the value proposition of Fortinet's FortiGate® consolidated security product line resonated more strongly with customers than ever especially in the difficult economic climate. This, in combination with the strength of Fortinet's FortiPartner™ Program, enabled the channel focused company to create additional and more tailored initiatives for all partner levels and segments. Fortinet also added popular new deal terms to help partners in a down economy, including channel pricing optimization, a credit extension initiative and new enhancements for deal registration designed to protect partners' investments. In addition, Fortinet introduced a new operating system which added greater security and network functionality to the FortiGate multi-threat security product line.

"Now more than ever, partners need vendors they can rely on and trust," said Kendra Krause, vice president of Channel Sales, Fortinet. "It is truly an honor to be recognized as Company of the Year in our category - not only by Everything Channel - but our partners themselves, which further validates the efforts we have put into our product line and FortiPartner Program year after year. We are committed to investing in our channel program to provide partners with opportunities beyond just products, but also innovative technology and services for our mutual customers."

Now in its 24th year, the ARC Awards recognize outstanding partner programs in 19 product and service categories, including desktop computers, servers, storage management, Internet application server software, and networking hardware. Winners were selected based on the survey results of more than 5,000 systems integrators, IT consulting organizations, value-added resellers (VARs), solution providers, and software developers.

"For years, we've asked solution providers to rate vendors to determine their level of commitment to the partner community. Being named an ARC Company of the Year is one of the most prestigious honors in the IT industry. We congratulate Fortinet on being named to this year's list," said Robert C. DeMarzo, senior vice president and editorial director, Everything Channel.

Winners in 18 major product categories were selected by Everything Channel's editorial team, based on the survey results of more than 5,000 systems integrators, IT consulting organizations, value-added resellers (VARs), solution providers and software developers.

Fortinet Acquires Assets of Woven Systems

2009-08-27T13:33:00.000-07:00

Woven's High-speed Switching Technology to Enhance High Performance of FortiGate-5000 Series Chassis-based Security Appliances. Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced it has acquired certain assets and intellectual property of Woven Systems, formerly a provider of Ethernet fabric switching solutions for the high-performance computing market. Woven's high-speed switching and sophisticated traffic management technology will be used to further enhance the performance of Fortinet's FortiGate®-5000 Series chassis-based security solutions.

Among Woven's family of Ethernet switching products is one of the world's smallest, densest and highest-performing 10 GbE switches, which attributes its speed to a custom-designed switching ASIC with unique traffic management capabilities. Fortinet intends to combine Woven's technology with its own custom network and content processors for increased scalability, which will bring about additional acceleration of security throughput for its FortiGate-5000 Series appliances. Increased switching power in the chassis-based product means communications within and between security blades will happen at greater speeds and result in overall superior scalability and performance for Fortinet's high-end customers, including large enterprises, carriers and service providers.

"Woven's ASIC-driven approach to high performance is highly complementary to Fortinet's own strategy for maximizing performance through customized processors," said Ken Xie, CEO and co-founder, Fortinet. "This acquisition will harness the performance power of our respective technologies to offer tremendous benefits to customers who require the fastest and, often, the most mission-critical network security environments."

Fortinet Files for Initial Public Offering

2009-08-11T13:17:00.000-07:00

Fortinet Inc., a provider of network security appliances and unified threat management (UTM) solutions, today announced that it has filed a registration statement on Form S-1 with the Securities and Exchange Commission relating to a proposed initial public offering of its common stock. The shares in the offering will be offered by Fortinet and certain selling stockholders. The number of shares to be offered and the price range for the offering have not been determined.

Morgan Stanley & Co. Incorporated, J.P. Morgan Securities Inc., and Deutsche Bank Securities Inc. are acting as joint book-runners for the offering. Robert W. Baird & Co. Incorporated, RBC Capital Markets Corporation, ThinkEquity LLC, JMP Securities LLC, and Signal Hill Capital Group LLC are acting as co-managers.

Copies of the preliminary prospectus for the offering, when available, may be obtained from any of Morgan Stanley & Co. Incorporated, Attention: Prospectus Department, 180 Varick Street, New York, NY 10014, or by e-mail: prospectus@morganstanley.com; J.P. Morgan Securities Inc., 4 Chase MetrInitial Public Offeringotech Center, CS Level, Brooklyn, NY, 11245, Telephone: (718) 242-8002; and Deutsche Bank Securities Inc., 100 Plaza One, Jersey City, New Jersey 07311, Telephone: (800) 503-4611.

A registration statement relating to these securities has been filed with the Securities and Exchange Commission but has not yet become effective. These securities may not be sold nor may offers to buy be accepted prior to the time the registration statement becomes effective. This press release shall not constitute an offer to sell or the solicitation of an offer to buy, nor shall there be any sale of these securities in any state or jurisdiction in which such offer, solicitation or sale would be unlawful prior to registration or qualification under the securities laws of any such state or jurisdiction.

eCards Flood Cyberspace in Fortinet July '09 Threatscape Report

2009-08-11T13:15:00.000-07:00

Fortinet®- a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced that its July 2009 Threatscape Report showed aggressive eCard spam activity throughout the reporting period. The FortiGuard® Global Security Research Team reported this threat trend alongside others, including two exploits in the wild, growing mobile threats and a first-place showing for the ever-present online gaming malware variant.

* Canadian Pharmacy assaults Google Groups, Tinypic: Fortinet saw a flood of eCard spam continuing from last month and using various techniques, with a majority of them leading victims to Canadian Pharmacy domains. Canadian Pharmacy's success, fueled by an affiliate sponsorship model, invites cyber criminals to advertise the fraudulent pharmaceuticals and drive traffic to their domains. In this period, eCard spam primarily used direct links, Google© Groups and the photo sharing service Tinypic© as their distribution vehicles. While traditional spam continues to thrive through email, Fortinet has predicted and reported on many spam attacks that are occurring through new Web 2.0 platforms such as social networking sites. To help evade detection, cyber criminals have, in the past, used services such as Tinyurl to obfuscate their malicious URLs. Tinypic is a similar and recent example of how legitimate service providers are used to piggyback malicious resources.
* Two in-the-wild exploits make waves: The first of the two exploits is the highly discussed MS ActiveX Video control vulnerability, patched on July 14th by Microsoft MS09-032. Exploit activity for this vulnerability was frequent throughout the month, but remained relatively low with most prevalent activity detected in Korea, China and Japan. As of this writing, the second vulnerability, MS Office Web Components, remains unpatched/zero-day, also with relatively low detection rates with leading activity in China, India and Japan. Exploits against zero-day tend to be more successful since patches are not readily available. FortiGuard IPS is capable of detecting and blocking malicious activity against both of these attacks. The FortiGuard Global Security Research team first spotted public exploit code for this second vulnerability on July 11th.
* Mobile threat development continues: In July, Fortinet saw the emergence of SymbOS/Yxes.E and SymbOS/Yxes.F, the latest updated variants of Yxes that Fortinet first reported in February. In particular, Yxes served up dynamic content to show the beginning steps of how cyber criminals are addressing a market that is fragmented due to multiple platforms. This is important because malicious binaries are often written for a single target (i.e., Windows, OS/X). On traditional desktops, these targets are limited; however, in the mobile market, the number of platforms are growing and diversifying and offers many more possible targets.
* Virut posts record levels; online gaming trojans flood cyberspace: W32/OnlineGames.BBR maintained and built heavily from its first place position last report -- accounting for 43 percent of total detected malware activity. This latest attack saw much of its volume from July 5th onward, with a peak of activity on July 8th. Aside from this, the regular faces of W32/Virut.A and JS/PackRedir built on their activity from the last report. In fact, Fortinet's detected activity for W32/Virut.A this period climbed to record levels, underscoring the fact that this behemoth has become a dominant threat --particularly in Asia.

"With users flocking to popular Web 2.0 tools, including social networking sites, cyber criminals are following the masses and using these emerging platforms as new threat-delivery mechanisms with success," said Derek Manky, project manager, cyber security and threat research, Fortinet. "This is an especially effective strategy as users can view social media tools to be a trusted network. But, regardless of the image or what the link appears to be, users should always observe where any hyperlink will actually take you and exercise due care."

The FortiGuard research team compiled threat statistics and trends for July based on data collected from FortiGate® network security appliances and intelligence systems in production worldwide. Customers who use updated Fortinet's FortiGuard Subscription Services should be protected against the threats outlined in this report.

FortiScan Receives Secure Content Automation Protocol Validation

2009-07-24T13:46:00.000-07:00

Fortinet Adds to its Impressive List of Products Meeting Compliance Mandates. Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced that the FortiScan™ product line has completed the Secure Content Automation Protocol (SCAP) validation. In order for government agencies to provide Federal Information Security Management Act (FISMA) compliance reporting, they must utilize a SCAP validated product.

The SCAP program was established to ensure that security tools comply with the National Institute of Standards and Technology (NIST) standards. In addition, the compliance program enabled federal agencies to not only continuously monitor systems against the Office of Management and Budget mandated Federal Desktop Core Computing (FDCC) standards, but also provide reporting in a consistent format within FISMA.

The Fortinet FortiScan appliance allows organizations to identify and close IT compliance gaps and implement continuous monitoring in order to audit, evaluate, and comply with internal, industry, and regulatory policies for IT controls and security. The FortiScan appliance utilizes eXtensible Configuration Checklist Description Format (XCCDF) for customizable benchmarks as well as FDCC compliant benchmarks.

FortiScan provides a centrally managed, enterprise-scale solution. System administrators can monitor as well as optionally remediate assets from a central location that may or may not be geographically collocated with the assets - without the need to manually visit potentially thousands of assets in person. The FortiScan appliance also provides the ability to correlated FDCC scanning results by conforming to industry standards such as Common Vulnerabilities and Exposures (CVE®), Common Configuration Enumeration (CCE), Common Platform Enumeration (CPE™), Common Vulnerability Scoring System (CVSS) and Open Vulnerability and Assessment Language (OVAL™) references (where appropriate) as well as export detailed reports in Extensible Configuration Checklist Description Format (XCCDF) format.

FortiScan offers federal agencies a highly adaptable solution for conducting continuous monitoring and reporting of FISMA compliance. FortiScan provides agent-based scanning/reporting for complex networks that support today's architectures of remote and roaming networks as well as VPN and NAT networks. FortiScan even has agent-less capabilities for network discovery. FortiScan integrates endpoint vulnerability management, industry and federal compliance, patch management, remediation, auditing and reporting into a single, unified appliance for immediate results.

"We are very pleased to have completed the SCAP Validation Program with our FortiScan product. In typical Fortinet fashion, FortiScan is delivered in a unified appliance designed to provide immediate results, integrating endpoint vulnerability management, industry and federal compliance, patch management, remediation, auditing and reporting," said Jeff Lake, vice president of Federal operations at Fortinet.

Fortinet Offers Cure for First Medical Management Hospital’s Network Security

2009-07-24T13:44:00.000-07:00

Integrated Security Appliances Protect Hospital’s Distributed Network. Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions – today announced that First Medical Management/Pacific Hospital of Long Beach has engaged with Fortinet to help secure its core and distributed network with the Fortinet family of multi-threat security appliances including FortiGate® for network protection and FortiClient™ for endpoint security. In addition, Fortinet’s management solution, FortiManager™, has been deployed to easily and remotely make network security changes and to manage all appliances no matter where they are located.

First Medical Management selected Fortinet’s multi-threat security appliances over other UTM solutions due to the products’ enterprise capabilities. These features include the ability to create role-based policies for employees, easy management of distributed networks of more than 1,000 users, end point and core security managed from the same platform and, with the release of Fortinet’s new operating system FortiOS™ 4.0, the ability to have data loss protection (DLP) at no additional cost.

“Our initial Fortinet deployment was in 2005 and since then we have added FortiClient and upgraded to FortiOS 4.0 to take advantage of all the newly added features. We continue to be impressed with the enterprise-level security features that the product line offers without network degradation,” said Donald Newton, security engineer at First Medical Management Pacific Inc. “You can’t go wrong with Fortinet. It just keeps getting better.”

One key enterprise capability essential for successful operation of First Medical Management’s network is Fortinet Server Authentication Extension (FSAE) in combination with Microsoft Active Directory. This feature allows First Medical Management’s IT team to create four distinct user profiles based on the needs of employees: 1) no Internet 2) restricted Internet 3) basic Internet and 4) executive Internet. Prior to the Fortinet deployment, all employees were allowed the same level of access and did not give First Medical Management enough flexibility in managing its network traffic.

In addition to FSAE, First Medical Management has also benefited from Fortinet’s newly announced FortiOS 4.0 upgrade. This new operating system helps First Medical’s IT team meet compliance regulations, such as HIPAA, that prohibit hospital data from being distributed illegally outside the network via instant messaging protocols. The new data loss prevention functionality within FortiOS 4.0 enables the company to provide an extra level of data protection without having to deploy a new solution.

Deployment Scenario
Two FortiGate-1000A appliances are located at the hospital’s main site in Long Beach, Calif. and are being used for network address translation (NAT). Acting as the gateway for remote site-to-site IPSec VPN and for all Internet access, the FortiGate-1000A appliances act as the access point through which all Internet entries and exits must pass through.

Located at the data center in Irvine, Calif., another FortiGate-1000A is being used for back-up and, because it has its own bandwidth allotment, the appliance is being used for remote users to VPN into the network.

At smaller sites, such as clinics and for vice presidents and directors working remotely, First Medical Management has deployed FortiGate-60 appliances, which are ideal for remote/branch office deployments. Fifteen additional FortiGate-60 appliances are also deployed at a hospital in San Diego for IPSec VPN, routing and Web content filtering.

Two years after its initial FortiGate installation, First Medical Management has augmented its Fortinet deployment with 1,000 FortiClient end-point security solutions which are installed on the laptops of those who always work remotely and those who sometimes need to work remotely. The FortiClients are being used mainly for SSL VPN connectivity to the main network and are also being used as the security protection for Cisco IP phones.

To manage all its remote appliances, First Medical Management has deployed a FortiManager-800 central management system at its headquarters. FortiManager minimizes the administrative effort required to deploy, configure, monitor and maintain the full range of network protection services provided by Fortinet products.

Fortinet’s FortiGate systems are ASIC-accelerated security appliances that integrate essential network and security services such as antivirus, firewall, VPN, intrusion prevention, Web filtering, anti-spam, application control, data leakage protection, SSL inspection and WAN acceleration. All FortiGate systems are kept up to date automatically by Fortinet's FortiGuard® Network, which helps ensure protection against the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, other unwanted network traffic and more.

Havells Sylvania Standardizes on Fortinet for its Global Network Security

2009-07-24T13:34:00.000-07:00

Fortinet’s Broad Range of Security Solutions Allows Sylvania Strong Network Protection, Centralized Management and Control. Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions – today announced that Havells Sylvania, one of the leading global designers and suppliers of lighting systems, has standardized its network security infrastructure on Fortinet security solutions. Havells Sylvania has deployed more than 50 FortiGate® integrated multi-threat appliances across the globe, along with FortiManager® and FortiAnalyzer® management and reporting platforms, to provide protection for the company’s multiple sites and data centers across the globe.

With some 50 sites worldwide and two large data centers in Amsterdam and Brussels, Havells Sylvania required a global, uniform and centralized network security strategy. Critical data is dispatched over the network to all parts of the world and stored on the company’s various servers. To ensure safe communications, it was critical for the IT department to select a consolidated network security approach that would provide broad multi-threat protection, centralized management, ease of use and all while being cost-effective. Havells Sylvania identified Fortinet as the vendor that best met those requirements.

“Our business has grown from four decentralized locations to now more than 50. A point solution security strategy would have failed in providing us with strong security and simple and efficient management. We also found Fortinet’s focus as a one-stop-shop for security to offer the right level of expertise for us,” said Rajesh Bhatia Vice President IT at Havells Sylvania. “Fortinet not only offers the broadest suite of security appliances and technologies, but its home-grown technology allows the implementation of consistent, centralized and scalable network security.”

“At the enterprise level, many of our customers are faced with the challenge of efficiently protecting a widely distributed network,” said Patrice Perche, vice president of EMEA & SEA sales for Fortinet. “Our suite of security solutions is based on a single home-grown platform, which allows us to provide a highly efficient, cost-effective and consolidated security solution, with the same high level of security delivered to each office across the globe.”

Havells Sylvania has deployed over 50 Fortinet FortiGate integrated multi-threat security appliances consisting of a mix of FortiGate-60B, FortiGate-110C and larger FortiGate-310B appliances. Havells Sylvania leverages all the security functions provided in each FortiGate security platform including firewall, antivirus, anti-spam, IDS/IPS, Web content filtering and SSL VPN.

Havells Sylvania’s standard network configuration is comprised of two data centers and 50 remote sites interconnected via one large MPLS network. Fortinet’s FortiGate security appliances screen all incoming and outgoing traffic dispatched via leased lines or local Internet connections. They also provide VPN interconnectivity to Sylvania’s various worldwide locations, including in Sao Paulo, Madrid, Moscow, Amsterdam, Bangkok, etc.

Havells Sylvania’s security configuration is completed with FortiManager and FortiAnalyzer, Fortinet’s appliances for centralized management and reporting. FortiManager enables Havells Sylvania to monitor the various sites from one single location as well as to manage, configure and update its FortiGate appliances remotely. FortiAnalyzer performs the analysis, logging and reporting of the data recorded by the Fortinet appliances. Reporting can be tailor-made, which means that Havells Sylvania’s administrators can analyze their network security from a policy and compliance perspective, but also study the attack patterns against the network. This provides Havells Sylvania with a clear view of its network status, enabling the company to quickly respond to any changes.

Fortinet Discovers Vulnerability in Microsoft Office Web Components

2009-07-24T13:30:00.000-07:00

Fortinet's FortiGuard Intrusion Prevention Service (IPS) Protects Against Remote Code Execution Vulnerability. Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced that Fortinet Global Security Research Team recently discovered a critical memory corruption vulnerability existing in the ActiveX Controls of Microsoft Office Web Components, which allows a remote attacker to compromise a system through a malicious site. Fortinet customers using the FortiGuard Intrusion Prevention Service (IPS) should be protected against the remote code execution vulnerability.

The vulnerability lies in the default ActiveX Control installed by Microsoft Office. The vulnerability works by allowing a remote attacker to successfully craft a malicious HTML content which can then exploit the vulnerability in Internet Explorer, causing memory corruption and resulting in a remote-code execution vulnerability through a call instruction.

Fortinet customers subscribing to Fortinet's FortiGuard IPS should be protected against this remote code execution vulnerability. Fortinet's IPS is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and anti-spam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by the FortiGuard Global Security Research Team, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate® appliances, FortiMail™ email security, and FortiClient™ endpoint products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat's lifecycle.

This vulnerability affects the following software: Microsoft Office XP Service Pack 3, Microsoft Office 2003 Service Pack 3, Microsoft Office XP Web Components Service Pack 3, Microsoft Office 2003 Web Components Service Pack 3, Microsoft Office 2003 Web Components for the 2007 Microsoft Office system Service Pack 1, Microsoft Internet Security and Acceleration Server 2004 Standard Edition Service Pack 3, Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition Service Pack 3, Microsoft Internet Security and Acceleration Server 2006, Internet Security and Acceleration Server 2006 Supportability Update, Microsoft Internet Security and Acceleration Server 2006 Service Pack 1, and Microsoft Office Small Business Accounting 2006.

Web Threat Traffic Soars in Fortinet June ’09 Threatscape Report

2009-07-13T13:26:00.000-07:00

Increase in Phishing and Malware Reinforces Ongoing Trend Targeting Next Generation of Online Services and Threats. Fortinet - a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions – today announced that its June 2009 Threatscape Report showed dominance and significant growth in Web threat traffic, marked by increased volumes of malware and the highest rate of phishing attacks to date. Building off a year-high rate of active exploits in the May Threatscape Report, threat activity jumped even further ahead during this period, marking an all-time high. Key highlights of the June Threatscape Report include:

* Making Room for Web-Borne Malware:Bumping the resilient Netsky out of the malware Top 10 list, Zbot variants grabbed top positions in second and third place, with the most active variants, W32/Zbot.M and W32/Zbot.V, spreading keylogging and data siphoning Trojans through fake eCard mail and directing users to malicious sites. Also contributing to the overall trend of malicious redirects, JS/PackRedir.A jumped 36 positions in the top ten list by redirecting visitors to sites containing malicious content in PDF and SWF files. With all of the new activity, online gaming Trojans still maintained top positions, holding tight to number one, while W32/Virut.A grabbed hold of the number four spot, albeit dropping a couple of ranks.
* Spam Take-Down Disappoints: Spam levels were unchanged this period, despite efforts to take down the alleged spam-centric network, 3FN/Pricewert. Many campaigns remained aggressive, including the Canadian Pharmacy gang which mirrored the efforts of Zbot with a fake eCard hook.
* Vulnerabilities and Active Exploits Prove Consistency: On Par with the May Threatscape Report, threat rates during this period continued to climb. Out of 108 newly reported vulnerabilities this period, 62 were reported to be actively exploited, indicating an all time high of 57.4 percent of active exploits. A majority of overall exploit activity was observed to come out of the U.S. (22.2%).

"There were some very noteworthy trends that surfaced in the June report, such as the growing popularity of Web-borne malware, which we see driving the next generation of threats to online services," said Derek Manky, project manager, cyber security and threat research, Fortinet. “Hackers continue to attempt to drive mass traffic to their threats, utilizing various tactics aided by large online communities, and as a result -- more than ever -- users should be wary about who and what they trust.”

The FortiGuard research team compiled threat statistics and trends for June based on data collected from FortiGate® network security appliances and intelligence systems in production worldwide. Customers who use Fortinet's FortiGuard Subscription Services should already be protected against the threats outlined in this report.