<![CDATA[Phitech]]> http://www.phitech.com.tw/news/index.php UTF-8 20200715 13:24:40 20200715 13:24:40 YBlog RSS Generator 5​​ <![CDATA[TCTS and Fortinet launch secure SD-WAN managed services for Microsoft Azure Virtual WAN]]> http://www.phitech.com.tw/news/index.php?news_id=958 Tata Communications Transformation Services (TCTS), a wholly owned subsidiary of Tata Communications, and Fortinet, working with Microsoft Azure, have launched a fully managed SD-WAN offering for Azure Virtual WAN. The TCTS SD-WAN offering will help service providers create solutions to further enable enterprises with seamless migration to Azure, thereby helping to accelerate their revenue in IT migration to public clouds. This joint offering will also enable inter-branch connectivity for customers using the Microsoft backbone and help them to meet SLAs while securing access to applications running on Azure.

In collaboration with Azure, Fortinet and Equinixi, TCTS has augmented Azure’s current Virtual WAN offering in which application policies can be centrally configured using Fortinet’s SD-WAN technologies integrated with Equinix Network Edge to create Virtual Network Services that deliver enhanced performance and security protection.

Madhusudhan Mysore, Executive Chairman and CEO of TCTS said, “TCTS’s Cloud Networking-as-a-Service was developed to address the most complex real-world enterprise IT migration to the cloud. It offers a best-in-class white-labeled managed service provider (MSP) offering for operators worldwide to help them accelerate their MSP revenues through Microsoft’s worldwide enterprise customer base. TCTS has a significant set of highly skilled CNaaS technical consultants to provide white-labeled services to operators worldwide, thereby supporting the easy adoption and ongoing use of Microsoft Azure.”

“Wide Area Network (WAN) requirements for the enterprise are becoming more cloud centric. Microsoft Azure Virtual WAN (VWAN) is addressing these needs by allowing devices and sites to connect to Azure’s public cloud more easily and globally. TCTS’ SD-WAN managed services over Azure’s VWAN, will enable service providers worldwide to deliver CNaaS managed services,” added Ross Ortega, Partner Program Manager, Microsoft Azure Networking at Microsoft Corp.

Through this offering, enterprises at any given site can use a hybrid deployment of MPLS and Internet to steer the traffic between mission critical traffic (MPLS and Carrier Ethernet) and non-mission critical traffic (Internet), which further connects directly to Azure via Azure ExpressRoute. This connection can be established leveraging TCTS’ highly commended platform, ‘Virtual Cloud exchange,’ for building within native service provider environments or white-labeled options using the Equinix’ Cloud Exchange Fabric (ECX Fabric) and Network Edge solution offerings within their data centers globally.

Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet said, “Enterprise cloud adoption is driving a global WAN transformation by leveraging SD-WAN technology, but this increases security risks. Fortinet’s Secure SD-WAN offers best-of-breed SD-WAN, next-generation firewall security, advanced routing and WAN optimization capabilities integrated into a single offering. TCTS’ Managed SD-WAN offering with Fortinet provides communication service providers with a turn-key solution to deliver robust, secure and low latency connectivity services.”

TCTS’ Virtual Cloud exchange (US patent pending) automates connection and management to Azure and other public cloud delivered via a fully managed turn-key white-label solution for CSPs worldwide. With this service from TCTS, service providers can enable Azure enterprise customers to choose either a standard offering that needs no further SD-WAN Virtual Network Function (VNF) in Azure, or a more advanced option that places a SD-WAN VNF in Azure to deliver SD-WAN application traffic steering and security protection.

TCTS will provide customers with professional services for Azure CNaaS capabilities in planning, deployment and operations.

Source:
https://www.crn.in/news/tcts-and-fortinet-launch-secure-sd-wan-managed-services-for-microsoft-azure-virtual-wan/

]]>
2020-07-15
<![CDATA[Safe-T Joins Fortinet as a Fabric-ready Technology Alliance Partner]]> http://www.phitech.com.tw/news/index.php?news_id=957 HERZLIYA, Israel, Dec. 2, 2019 /PRNewswire/ -- Safe-T® Group Ltd. (NASDAQ: SFET) (TASE: SFET), a provider of Secure Access solutions for on-premises and hybrid cloud environments, today announced that it has joined the Fortinet Fabric-Ready Technology Alliance Partner program with its Software Defined Perimeter solution, to help organizations create a secure and agile remote access suit, based on Zero-Trust concepts. The integration with Fortinet delivers an advanced Zero Trust Network Access solution to control who can access internal and cloud services and how access is granted.

The joint solution grants access to applications on a need-to-know basis, while giving users fast and seamless access to the resources they need. This creates a "verify-first, access-second" Zero-Trust approach across an organization's applications, enabling enhanced security, greater visibility, and better user experience.

Safe-T's SDP solution controls the access to internal services and utilizes Fortinet FortiAuthenticator to authenticate each user. The joint solution can be deployed either by using Safe-T's on-premises SDP deployment or with Safe-T's cloud SDP service.

"Unlike the traditional approach to IT network security, Zero-Trust security means that no one from inside or outside the network is trusted by default, and verification is required from everyone trying to gain access to resources on the network. By implementing this methodology, the organization can guarantee that its' applications and files are exposed only to those who are really supposed to have access to such data, thus prevent and reduce breaches," said Eitan Bremler, VP Products & Technology at Safe-T. "Joining the Fortinet Fabric-Ready Partner Program allows us to expand our eco-system of identity providers and integrate with the leading FortiAuthenticator solution. Through this integration, organizations can now create a 'verify-first, access-second' Zero-Trust approach across organizations' applications to minimize the attack surface ad reduce risk, as well as the complexity and costs associated with the growing need to protect enterprise systems and data."

Fortinet's technology alliance partner program is built on Fortinet products and solutions to help customers get even more value from their security deployments. Technology alliance partners are a key part of the Fortinet Security Fabric, which enables the development and delivery of truly comprehensive, end-to-end security solutions that can dynamically adapt to the evolving network architecture as well as the changing threat landscape. Alliance solutions provide customers with more effective security, and are pre-integrated, saving time and resources in deployment, operations, and support. Please visit the Fortinet Technology Alliances Ecosystem  page for more information about this program.

About Safe-T®

Safe-T Group Ltd. (Nasdaq, TASE: SFET) is a provider of Zero Trust Access solutions which mitigate attacks on enterprises' business-critical services and sensitive data, while ensuring uninterrupted business continuity.

Safe-T's cloud and on-premises solutions ensure that an organization's access use cases, whether into the organization or from the organization out to the internet, are secured according to the "validate first, access later" philosophy of Zero Trust. This means that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network or in the cloud.

Safe-T's wide range of access solutions reduce organizations' attack surface and improve their ability to defend against modern cyberthreats. As an additional layer of security, our integrated business-grade global proxy solution cloud service enables smooth and efficient traffic flow, interruption-free service, unlimited concurrent connections, instant scaling and simple integration with our services.

With Safe-T's patented reverse-access technology and proprietary routing technology, organizations of all size and type can secure their data, services and networks against internal and external threats.

At Safe-T, we empower enterprises to safely migrate to the cloud and enable digital transformation.

Safe-T's SDP solution on AWS Marketplace is available here.

For more information about Safe-T, visit www.safe-t.com.

Forward-Looking Statements

This press release contains forward-looking statements within the meaning of the "safe harbor" provisions of the Private Securities Litigation Reform Act of 1995 and other Federal securities laws. Words such as "expects," "anticipates," "intends," "plans," "believes," "seeks," "estimates" and similar expressions or variations of such words are intended to identify forward-looking statements. For example, Safe-T is using forward-looking statements in this press release when it discusses the advantages of its SDP solution, the advantages of the joint solution and its potential to address market need and/or demand. Because such statements deal with future events and are based on Safe-T's current expectations, they are subject to various risks and uncertainties and actual results, performance or achievements of Safe-T could differ materially from those described in or implied by the statements in this press release. The forward-looking statements contained or implied in this press release are subject to other risks and uncertainties, including those discussed under the heading "Risk Factors" in Safe-T's annual report on Form 20-F filed with the Securities and Exchange Commission ("SEC") on March 26, 2019, and in any subsequent filings with the SEC. Except as otherwise required by law, Safe-T undertakes no obligation to publicly release any revisions to these forward-looking statements to reflect events or circumstances after the date hereof or to reflect the occurrence of unanticipated events. References and links to websites have been provided as a convenience, and the information contained on such websites is not incorporated by reference into this press release.

PRESS CONTACT: 
Karin Tamir 
Karin.Tamir@safe-t.com 
+972-9-8666110

Source:
https://www.prnewswire.com/news-releases/safe-t-joins-fortinet-as-a-fabric-ready-technology-alliance-partner-300967108.html

]]>
2020-07-08
<![CDATA[Carrier-Class Dialogic BUZZ™ UCaaS Platform Wins Industry Award from Capacity Media]]> http://www.phitech.com.tw/news/index.php?news_id=949 PARSIPPANNY, N.J., Nov. 5, 2019 /PRNewswire-PRWeb/ -- Dialogic, a cloud-optimized applications and infrastructure solutions provider for service providers, enterprises, and developers, announced today that the Dialogic® BUZZ™ UCaaS platform offered as a collaboration between Dialogic and Epsilon, a cloud-centric global connectivity and communications service provider, was the recipient of the Best Unified Communications Innovation Award at the Capacity Europe 2019 Global Carrier Awards ceremony held in London on October 30, 2019 and hosted by Capacity Media.

The BUZZ UCaaS offering combines the features of the Dialogic BUZZ UC platform with Infiny by Epsilon to create a powerful, fully managed and hosted carrier-class UCaaS platform that delivers unmatched UC and software-defined networking (SDN) capabilities.

Dialogic BUZZ delivers a single UC platform for all business communication needs, including video conferencing, unified communications, and PBX functionality. It is a multi-tenancy, brandable, full-stack, cloud-scale solution that raises the bar for both innovation and usability.

Infiny by Epsilon is an on-demand connectivity platform, that gives enterprises and service providers a suite of high-performance network services at the click-of-a-button. Users can access Epsilon's carrier-class network and interconnect to over 220 data centers, providing optimized voice and video QoS levels to customers.

"We are delighted to be chosen for this award, which recognized our efforts to give service providers and channel partners an accelerated path to competitive and innovative UCaaS cloud offerings," said Bill Crank, President & CEO of Dialogic. "With an API-driven, microservices architecture, Dialogic BUZZ is able to continually evolve and incorporate new, cutting-edge functionalities without disrupting existing deployments."

"This award validates the powerful combination of Dialogic BUZZ and Infiny to deliver a one-stop UCaaS platform for all unified communications and connectivity needs," added Jerzy Szlosarek, Chief Executive Officer, Epsilon. "It is a compelling offer, opening new revenue lines for the wholesale market, and which can now provide a complete UC solution leveraging our global network fabric."

Visit the Dialogic website for more information on Dialogic BUZZ. For more information on the UCaaS offering with Epsilon, see the press release announcing the collaboration.

About Dialogic

Dialogic is a leading cloud-optimized solutions provider for real-time communications media, applications, and infrastructure to service providers, enterprises, and developers around the globe. Based in Parsippany, NJ with offices worldwide, Dialogic works with 48 of the world's top 50 mobile operators, and nearly 1,000 application developers build and deploy on agile networks. Learn more about how Dialogic is enabling agility by following us on Twitter @Dialogic, and visiting dialogic.com and the Dialogic Blog for the latest industry news, trends and advice.

Dialogic and Dialogic BUZZ are either registered trademarks or trademarks of Dialogic Corporation or a subsidiary thereof ("Dialogic"). Other trademarks mentioned and/or marked herein belong to their respective owners.

About Epsilon

Epsilon is a cloud-centric global connectivity and communications service provider, connecting to 220 data centres in 39 cities. The company's SDN platform, Infiny by Epsilon, combines on-demand connectivity, a web-based portal and APIs to give partners simple and effective solutions. All Epsilon services are powered by a carrier-grade, hyper-scalable global backbone that connects the world's communications and technology hubs. Epsilon is headquartered in Singapore with offices in London, New York, Dubai and Sofia.

]]>
2020-07-01
<![CDATA[Fortinet Expands Integration of Cloud Security Offerings with Microsoft Azure to Provide Advanced Protection]]> http://www.phitech.com.tw/news/index.php?news_id=948 SUNNYVALE, Calif., Nov. 04, 2019 (GLOBE NEWSWIRE) -- 

John Maddison, EVP of product and CMO at Fortinet
“Fortinet is helping our customers protect, consume and deliver cloud through our dynamic cloud security offerings. Using Microsoft Azure allows our customers to implement broad protection across their cloud deployments as well as on-premises infrastructure. Today’s announcement strengthens our collaboration as we work together to provide end-to-end security across the expanding digital attack surface.”

News Summary 
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced the expansion of the Fortinet Security Fabric’s dynamic-cloud security offerings with Microsoft Azure, providing customers with an easier way to connect, manage and protect their cloud workloads on Microsoft Azure.    

Organizations turning to Azure want to take advantage of the public cloud benefits without compromising security. While Microsoft secures the Azure infrastructure and isolates the tenants, customers are responsible making sure their cloud configuration is secure. Fortinet provides customers that utilize Azure with the confidence to deploy any application in the cloud while maintaining a consistent operational model and managing risks. The Fortinet Security Fabric’s dynamic cloud solutions help Azure users connect and protect their cloud workloads and offers security capabilities that are delivered from the cloud.

Delivering dynamic-cloud security solutions

Fortinet is working with Microsoft to enable joint customers to reap the benefits provided by cloud environments without compromising security. Today’s announcement includes:

  • FortiGate Secure SD-WAN now integrates with Azure Virtual WAN to accelerate their cloud on-ramp by improving customer QoE and security. This is done through product integration and automation that simplifies connectivity to Azure Virtual WAN using Fortinet’s Secure SD-WAN offering. This integration automates the creation and tear down of branches connected to Azure Virtual WAN and provides centralized management of connected clouds across offices and regions. FortiGate Secure SD-WAN’s integration with Azure Virtual WAN also ensures optimal performance and security at the branch for customers accessing applications on Azure. 
     
  • Fortinet FortiCWP’s integration with Azure provides customers with increased visibility into their cloud workloads activity and configurations, as well as the ability to conduct deep analysis of data stored in Microsoft Azure blobs. By leveraging deep integration with Azure as well as utilizing FortiGuard-based threat intelligence, customers get comprehensive and most up-to-date threat information pertaining to their cloud workloads. FortiCWP works across clouds and leverages cloud providers’ APIs to gain a comprehensive view across workloads in any cloud region, enabling customers to detect threats and subsequently deploy necessary protection to mitigate these risks.
     
  • Fortinet is also delivering FortiWeb Cloud WAF-as-a-Service from Microsoft Azure Marketplace. Organizations protecting their web applications are struggling to find a working balance between operational overhead and security effectiveness. Fortiweb WAF-as-a-Service offers the ideal combination by exposing pertinent configuration parameters, while automating provisioning of protection resources and fine-tuning security policies. Customers can now activate Fortinet’s WAF solution instantaneously and have the Software-as-a-Service (SaaS) solution automatically provision resources through the Azure marketplace. Fortinet’s WAF SaaS solution does not require administrators to possess specific web application security skills, enabling rapid application deployment. Other products already available on the marketplace include FortiGate VM Next-Generation Firewall, FortiWeb VM, FortiMail VM, FortiManagerFortiAnalyzer & FortiSandbox for Azure.

As organizations increase their adoption of Azure to build or migrate applications their technology footprint diversifies and expands. As a result, organizations are increasing their attack surface and risk. To mitigate these risks and properly secure workloads and applications, organizations need to securely connect their organization to the cloud. This can be done with the implementation of cloud security for their web applications and cloud platforms that is managed easily and seamlessly.  

Tightened integration through the Fabric-Ready program

The Fortinet Security Fabric’s dynamic cloud security solution set provides Azure customers with an extensive portfolio of integrated security solutions to address this need. By implementing the Fortinet Security Fabric on Azure, customers can deploy a fully integrated security solution that seamlessly spans dynamic clouds, which consist of on-premises and hybrid cloud environments.

Fortinet has a broad range of Security Fabric integrations with Microsoft products, including the extensive solutions with Azure referenced above, as well as FortiNAC integration with Microsoft InTune and SCCM, and FortiMail integration with Microsoft 365. By integrating its solutions, Fortinet and Fabric-Ready Partner Microsoft provide customers with end-to-end security that is pre-validated, saving time, costs and resources in systems integration, deployment, operations and support.

Supporting Quotes

“We are pleased to expand our collaboration with Fortinet through the integration of their Secure SD-WAN solution and Microsoft Azure’s Virtual WAN offering. As customers look to simplify branch connectivity and extend application workloads on Microsoft Azure, FortiGate Secure SD-WAN offers a rich branch and corporate connectivity solution for customers looking to secure and optimize their cloud on-ramp requirements." 
-Reshmi Yandapalli, principal product manager at Microsoft Azure


Source:
http://www.globenewswire.com/news-release/2019/11/04/1940531/0/en/Fortinet-Expands-Integration-of-Cloud-Security-Offerings-with-Microsoft-Azure-to-Provide-Advanced-Protection.html

]]>
2020-06-24
<![CDATA[Fortinet Rated Top End-to-End Healthcare Cybersecurity Solution in Client Experience, 2019 Book Market Research User Survey]]> http://www.phitech.com.tw/news/index.php?news_id=947 Hospital system and physician organizations ranked cybersecurity firms by industry client satisfaction and loyalty scores via independent key performance indicators.

Press Release – updated: Nov 4, 2019 09:00 EST

TAMPA, Fla., November 4, 2019 (Newswire.com) – ​Black Book Market Research LLC’s annual poll of healthcare cybersecurity products, services, outsourcing and consulting clients spanned 17 functional areas of cybersecurity including: Authorization and Authentication Solutions; Blockchain Solutions; Compliance and Risk Management Solutions; Cybersecurity Advisors and Consultants; Cybersecurity Training and Education; DDoS Attack Prevention; End Point Security Solutions; Access Management; Firewall Networks; Data Encryption; Intrusion Protection Solutions; Threat Detection and Prevention; Network Security; Email Protection; and Cybersecurity Data Analytics.

The full listing of cybersecurity rankings in each category can be found at Black Book’s website https://blackbookmarketresearch.com/health-data-security-and-privacy.

“It is imperative that cybersecurity leaders continue to focus on and execute the fundamentals of patient privacy and data protection as many hospital C-Suites are still diverted by other IT initiatives in 2019 like EHR optimization, analytics and revenue cycle management transformation,” said Doug Brown, founder of Black Book and lead researcher on the Q3 2019 study.

Black Book anticipates demand for outsourced information security, consulting and support to increase faster than security technology products and software purchases as security job vacancies exceed qualified candidates and weak security training programs keep the majority of healthcare provider organizations vulnerable.

Black Book Market Research LLC measures customer satisfaction across eighteen copyrighted key performance indicators: Strategic Alignment of Vendor Offerings to the Client’s Mission and Goals; Innovation and Optimization; Training and Education; Client Relationships and Cultural Fit; Trust, Accountability, Ethics and Transparency; Breadth of Offerings; Deployment and Implementation; Customization; Integration and Interfaces, Interoperability and Connectivity; Scalability and Client Adaptability, Vendor Staff Expertise and Performance; Reliability; Brand Image and Marketing Communications; Marginal Value Adds; Vendor Financial Viability and Managerial Stability; Data Storage Services; Support and Customer Care; and Best of Breed Technology and Process Improvement.

“As investments in comprehensive, enterprise-wide solutions increase, it is critical that IT leaders validate to the entire management team that cybersecurity expenditures transcend basic data protection to truly shielding patient safety and ensuring financial strength,” said Brown.

In total, 2,876 cybersecurity system users and senior-level managers participated over the nine-month crowdsourced survey.

Source:
https://www.thechestnutpost.com/news/fortinet-rated-top-end-to-end-healthcare-cybersecurity-solution-in-client-experience-2019-book-market-research-user-survey/

]]>
2020-06-17
<![CDATA[Government Healthcare Entity Expands Secure COVID-19 Testing Sites with Fortinet]]> http://www.phitech.com.tw/news/index.php?news_id=1002 For many healthcare organizations, the COVID-19 pandemic created a sudden need for temporary testing and treatment facilities. This, in turn, required an expansion of secure network connectivity. However, the expansion associated with COVID-19 that one national government healthcare entity experienced was larger than most healthcare organizations.

During normal operations, this healthcare entity was responsible for operating over 130 hospitals and treatment locations. During the COVID-19 pandemic, the organization needed to open over 20 additional sites as quickly as possible in order to cope with the crisis. By creating new locations, the government entity could work to curb the spread of the virus by providing a local treatment option to infected citizens.

The organization already had a trusted relationship with Fortinet and leveraged the Fortinet Security Fabric to manage network security for their hospitals scattered across the country. When the need arose to securely connect the testing sites to the existing network, the organization trusted Fortinet to provide a solution that would arrive in time to open the new facilities.

A Sudden Need for New Healthcare Locations

The government healthcare entity was already using the secure software-defined wide area network (SD-WAN) capabilities integrated into FortiGate next-generation firewalls (NGFW) to securely network over 130 sites and improve user experience for business critical applications.

The new treatment locations created during the COVID-19 pandemic needed to deploy the same SD-WAN connectivity as quickly as possible to send test data for processing. These new sites were often repurposed hotels and conference centers with limited networking or security infrastructure. Every site required a FortiGate NGFW to provide a secure connection to the existing healthcare network.

In many locations, the remote site was capable of connecting over the public internet. However, in some rural locations, broadband internet was not available. In both types of locations, FortiExtender 3G/4G WAN extenders enabled healthcare providers to use mobile networks, either as a backup option or the primary means of connecting over the WAN.

Rapid Deployment of Security Solutions

Because the virus was spreading rapidly, the government entity needed to work with a vendor that it trusted, rather than engaging in a lengthy request for proposal (RFP) and proof of concept (PoC) process. It also required expedited delivery of the Fortinet solutions.

Operating within the healthcare entity’s three-day delivery window, Fortinet coordinated with a number of trusted Fortinet distributors in the area. These organizations had provided distribution assistance during the healthcare entity’s initial Fortinet deployment and could ensure that the new FortiGate Secure SD-WAN and FortiExtender WAN extenders reached their destinations in time.

After the devices were delivered, the government healthcare entity also needed them to be quickly configured. Since many of the new sites were in remote locations, sending trained IT staff to configure them was not a workable solution. However, with FortiDeploy zero-touch deployment, the devices automatically connected to the FortiManager centralized management platform deployed on the government entity’s main network. This platform led the device through any additional configuration steps required. Finally, Fortinet Professional Services helped onboard the IT staff and developed standard operating-procedure documentation.

Flexible Security Solutions Support Rapid Evolution

The government healthcare entity had previously integrated their network security using Secure SD-WAN. This enabled it to rapidly expand its secure WAN by deploying FortiGate NGFWs to its 20 brand-new sites. During theD COVID-19 pandemic, and during business as usual, Fortinet is committed to going the extra mile to ensure that its customers have the network security solutions that they need when they need them.

Discover how Fortinet Teleworker Solutions enable secure remote access at scale to support employees with a wide array of access requirements.

Learn more about enabling the latest advances in patient care while protecting against cyberattacks with Fortinet healthcare cybersecurity solutions.

Find out how Echoenergia and New Zealand Red Cross used Fortinet’s Security Fabric for protection from the network edge to core.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.

Source:

https://www.fortinet.com/blog/business-and-technology/government-healthcare-provider-expands-covid-19-testing-sites

]]>
2020-06-10
<![CDATA[Fortinet帶給網路防火牆市場前所未有的擴充性與效能]]> http://www.phitech.com.tw/news/index.php?news_id=1004 全方位整合與自動化網路資安領導廠商Fortinet宣布推出業界最高效能的產品,奠定另一個新里程碑。FortiGate 4200F採用Fortinet客製化的第七代網路處理器NP7,並具備可達成今日及未來網路擴充與效能要求的工程設計。

 

Fortinet產品執行副總裁暨行銷長John Maddison表示,這幾個星期以來,整合型防火牆與VPN解決方案的低效能和低擴充性導致許多企業組織無法擴大提供安全的遠端存取服務。部署傳統防火牆的企業因無法在多個應用程式上擴充防火牆功能而被迫升級或安裝另一套設備。

 

採用第七代網路處理器(Network Processor,NP7)的FortiGate 4200F以同樣的價格提供比競爭對手高10倍的效能,為網路安全效能樹立新標竿。透過市場上最佳效能的防火牆,客戶可以同樣價格獲得超乎期望的擴充性或以更少的成本得到所需的效能。不管怎樣,我們的客戶都是贏家。

 

企業組織必須具備可因應業務變化即時擴充與調整網路安全性的能力。不論是重新規劃網路以支援突發性的遠距工作需求,或是推動數位創新計劃,效能與擴充性都是關鍵要素。然而,大多數的安全解決方案都無法以合理價格提供企業所需的速度與擴充性。原因就在於安全產品廠商並未積極開發可以經濟實惠的方式滿足今日數位工作場所需求的技術。在這種情況下企業組織只能購買具有最低效能與擴充餘裕的安全解決方案。因此,當重大事件發生或市場需要進行數位創新時,防火牆就從助力成了阻力。

 

為了讓安全性跟上今日資料中心的擴充與效能需求的腳步,Fortinet在高階網路防火牆產品組合中推出FortiGate 4200F。作為Fortinet安全織網(Security Fabric)架構的元件之一,FortiGate 4200F經過特殊的工程設計,利用創新、安全的網路技術將網路與安全性緊密結合。

 

透過Fortinet NP7第七代網路處理器的硬體加速功能,FortiGate 4200F可以達到比競爭產品高5至10倍的安全運算評級(Security Compute Ratings)。

Source:
https://www.chinatimes.com/realtimenews/20200602002106-260410?chdtv

]]>
2020-06-03
<![CDATA[Fortinet’s Commitment to Healthcare Enables Scalable COVID-19 Testing and Care Solution]]> http://www.phitech.com.tw/news/index.php?news_id=1001 For many organizations, the COVID-19 pandemic has caused operations to slow down or come to a halt. However, the opposite is true for the healthcare industry, where an influx of COVID-19 patients has strained the capacity of hospitals and other existing healthcare infrastructure.

One regional hospital system, serving over 1 million residents and multiple hospital locations, decided to move COVID-19 testing off-site. This enabled them to protect patients from infection and save hospital space for confirmed cases.

By deploying a “network in a box” from Fortinet, this hospital system was able to quickly scale its secure network to multiple temporary testing sites located in parking lots and school gymnasiums. The enterprise-level Fortinet security allowed medical personnel working at these locations to maintain compliance with the Health Information Portability and Accessibility Act (HIPAA).

The Need for a Flexible Solution

When deploying remote testing sites for COVID-19, the priority was on selecting sites with the capacity to meet demand. Patients needed to be able to maintain social distance while waiting for their test results. Additionally, the testing sites may need to be converted to field hospitals if cases exceeded the capacity of existing infrastructure. The healthcare provider required a flexible solution that could be deployed anywhere.

Since Fortinet solutions can operate using power over Ethernet (PoE), only a single power outlet or generator was needed to power the entire solution. The core components of the “network in a box” consist of a FortiGate next-generation firewall (NGFW), a FortiSwitch, and a third-party wireless access point, providing a secure connection to the home office. FortiExtender provides a backup connection to the enterprise network, enabling the system to connect via 4G/LTE cellular data if an Ethernet connection is unavailable.

Quick Deployment with Fortinet

Hospitals commonly maintain contingency plans for pandemics; however, in recent cases such as Ebola, the need to implement them has not arisen. When the COVID-19 pandemic started, this hospital system needed to deploy its remote testing sites as quickly as possible.

Since the organization had an existing relationship with Fortinet, they reached out to determine how quickly they could deploy a “network in a box” to multiple test centers. When the order suddenly shifted from a “possibility” to “send as soon as possible”, Fortinet was ready. As an order from a healthcare provider, it was given top priority, and was shipped as soon as the order was received.

The open application program interface (API) architecture of the Fortinet Security Fabric further smoothed the deployment process. The organization was accustomed to using third-party wireless access points and telephony products and wanted that familiarity during this crisis. Fortinet’s commitment to seamless integration with third-party products meant that the hospital system was able to easily deploy a solution that they were comfortable with.

Maintaining Compliance with HIPAA

While the ability to deploy rapidly to remote testing sites was a priority, the hospital system could not compromise on regulatory compliance. Information collected from patients anywhere—even at temporary testing locations—is covered under HIPAA, and healthcare providers’ responsibility to protect this information from exposure has not diminished during the crisis.

Deploying FortiGate NGFWs at the remote sites, and enabling secure VPN connectivity between them in the main office addresses the confidentiality requirement of HIPAA compliance. This ensures that patient data traveling over untrusted networks is not exposed to eavesdroppers.

The Fortinet Security Fabric as a whole, which enabled centralized visibility and management of the appliances at these remote sites, addressed the remainder of the healthcare providers’ compliance requirements. Fabric Management Center (FortiManager and FortiAnalyzer) solution deployed at headquarters enabled the team to manage and monitor the remote sites’ “networks in a box.”

Fortinet Supports Healthcare Security

Throughout this crisis, Fortinet has shown that it is committed to going “above and beyond” to ensure that healthcare professionals have the necessary tools to keep themselves and their patients secure during this crisis. Fortinet solutions have also enabled other industries to continue to operate during this challenging time by enabling them to rapidly transition to support a remote workforce at scale.

Source:
https://www.fortinet.com/blog/business-and-technology/fortinets-commitment-to-healthcare-enables-scalable-covid19-testing-and-care-solution.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblogs+%28Fortinet+All+Blogs%29

]]>
2020-05-27
<![CDATA[Fortinet資安鐵三角協助企業快速建立遠端辦公模式 同時滿足資安需求]]> http://www.phitech.com.tw/news/index.php?news_id=995  影響遍及全球的公衛危機事件,對世界經濟造成前所未有的衝擊。企業也啟動緊急應變計畫,如遠端辦公、居家辦公、分流辦公、異地辦公等營運模式因應大環境的變化。Fortinet資安鐵三角業界唯一具備完整資安防護功能的SD-WAN解決方案,具備安裝簡便、操作簡易、防護周全等優點,成為企業於短時間內快速建立備援辦公室或新據點的最佳選擇。

 台灣Fortinet業務協理廖肇恆指出,現今企業在打造遠端辦公或居家辦公時,最常見的做法是引進VPN、SD-WAN等機制,雖然部分企業會同步添購相對應資安設備,但是若與原有防火牆分屬不同品牌,不僅容易導致現有資安防護機制產生破口,更可能徒增管理上的困擾。Fortinet資安鐵三角方案,包含整合式防火牆(FortiGate)、交換器(FortiSwitch)以及無線基地台(FortiAP)等三大產品,可迅速提供員工安全無虞的行動辦公環境,確保企業營運不中斷。

 對於某些必需特別強化資安防護的企業研發或設計部門,可以搭配FortiToken Mobile這一款應用程式,安裝於員工的手機,利用現有的FotiGate作為身分驗證伺服器,使用雙因子身份驗證機制,就可以有效管控資安問題。

 近幾年,隨著雲端服務盛行,不少產業在考量成本支出下,早已運用SD-WAN取代傳統網路專線,加快資料傳輸速度同時降低成本支出。面對多雲環境趨勢衍生的新資安問題,Fortinet 很早就在FortiGate中提供原生SD-WAN解決方案,具備應用程式感知能力、提供自動WAN路徑控管,並支援多寬頻連線的應用,可全方面提升整體資安防護力。

 廖肇恆指出,對某些中小型傳統產業及分支點較多的企業來說,IT人員通常有限,且可能由總務或其他職務的人兼任,讓公司面臨極大資安防護挑戰及管理上的不易。Fortinet資安鐵三角,因其簡明易懂的網路拓樸圖及流量可視化功能,不僅大幅降低IT人員管理的困難,加上FortiSwitch與FortiAP不需要額外的授權或學習成本,讓流通、傳產及製造業在推動數位轉型專案時更加順利成功。

 另外,隨著愈來愈多企業開始允許員工攜帶自有設備工作,各種惡意軟體或蠕蟲因可躲過防火牆偵測,反而讓公司面臨更嚴峻的威脅。FortiGate搭配自家交換器FortiSwitch、無線基地台FortiAP的Fortinet資安鐵三角方案,可將偵測能力從閘道端延伸到內部網路,協助企業能在第一時間發覺潛藏的惡意軟體,並立即阻斷相關連線,避免其他設備遭到感染外,並保護商業機密或客戶個資的安全。

 整體而言,Fortinet資安鐵三角方案在解決多品牌資安設備的部署與管理問題外,還可強化企業的內、外網防禦能力,預先將有資安風險的用戶端阻斷於交換器上,並用防火牆封鎖外部高資安風險的主機IP位址。此外,資訊人員還可運用功能強大的FortiView工具,監控網路流量與進行統計分析,輕鬆掌握最完整資訊安全與獲得全面保障。

 公衛危機事件之後,無論是遠端辦公或居家辦公模式,都可能會成為維持商業運作的新模式。而防護能力強大且全面的Fortinet資安鐵三角方案,正是企業營運不中斷的最佳後盾。

Source:

https://news.sina.com.tw/article/20200505/35065148.html]]>
2020-05-20
<![CDATA[Enghouse Interactive provides contact centre technology to Admiral Seguros during COVID-19 crisis]]> http://www.phitech.com.tw/news/index.php?news_id=990 n light of the situation created by COVID-19, Admiral Seguros wanted to protect all its phone agents of its contact centre; 270 of them, as well as all of its staff and their families. In addition, it would contribute to help fight the illness. 

To achieve this, Admiral Seguros needed to create an infrastructure in order to maintain its activity and continue offering to clients the same service with the same quality.

To speed up the process, the company relied on Enghouse Interactive’s contact centre technology and Amazon Workspace.

The result

The result was that not only did the company accomplish its goal, but also did it in record time; managing to disassociate the tasks of the agents with the physical workplace, and also providing the right tools for teleworking.

Apart from this main objective, it also obtained side benefits:

A backup solution to avoid loss of information during the migration process by using technology it already had, and therefore, making it easier to maintain all its business layers.

Absolute security for its clients and their data in all voice communications, virtual desktop interface and corporate information.

Team management is more efficient because the desktops are now homogeneous. 

Source:
https://www.itweb.co.za/content/KzQenvjVdzyvZd2r

]]>
2020-05-13
<![CDATA[Fortinet Announces Next-generation Firewall FortiGate 60F]]> http://www.phitech.com.tw/news/index.php?news_id=946 With over 1.5 million units sold worldwide, the FortiGate 60 series is the next-generation firewall.

 

Fortinet, integrated and automated cybersecurity solutions, today announced the FortiGate 60F next-generation firewall. With over 1.5 million units sold worldwide, the FortiGate 60 series is the next-generation firewall and now includes Fortinet’s purpose-built system on a chip 4 (SOC 4) security processor to achieve the high security compute ratings in the industry to support customers’ WAN edge transformation. 

Digital innovation and rapid cloud adoption is changing the face of today’s business and has created significant challenges for organizations, such as poor user experience due to network bandwidth constraints and increased security risks with branches connected to the internet. Software-defined wide area networks (SD-WANs) have emerged as the favoured solution to solve these issues while also reducing the costs associated with MPLS connections. However, not all SD-WAN solutions have risen to the requirements of today’s WAN edge. Many SD-WAN solutions on the market are incomplete and do not adequately provide the right performance, visibility, or security to ensure a secure connection and high quality of user experience.  

To continue its focus on supporting enterprises’ WAN edge transformation and delivering Secure SD-WAN, Fortinet is announcing the latest next-generation firewall to include its patented SOC4 security processor: the FortiGate 60F. Key features include: 

FortiGate 60F consolidates SD-WAN, advanced routing, and advanced security capabilities into a single appliance that enables network leaders to deploy Secure SD-WAN quickly and easily, while also reducing complexity by consolidating point products into a single offering. This allows high performance and improved user experience at an optimal total cost of ownership (TCO).  

To help customers maintain high-quality user experience for their business-critical traffic (be it SaaS, multi-cloud, or unified communications), FortiGate 60F delivers best-in-class application steering, giving visibility to all traffic (even if encrypted) without impacting performance and ensuring all critical applications are routed to their best path.  

FortiGate 60F leverages security-driven networking principals – powered by Fortinet’s patented SOC4 security processor – to deliver the fastest deep inspection of SSL/TLS encrypted traffic (including the industry’s first support for TLS 1.3) at 750Mbps, 11 times greater than the industry average. The FortiGate 60F offers comprehensive threat prevention with IPS, application control, and anti-malware at 700Mbps, four times greater than the industry average, to help customers protect their network without impacting performance. 

Fortinet security processors radically increase the performance, scalability, and value of Fortinet solutions while greatly improving user experience and shrinking space and power requirements.  

Security Compute Rating is a benchmark that compares the performance of Fortinet’s purpose-built ASIC-based next-generation firewall appliance to other NGFW and SD-WAN vendors in that same price range that utilize generic CPUs for networking and security capabilities. 

The FortiGate 60F offers the best price/performance in its class and lays the groundwork for network leaders to easily migrate to Secure SD-Branch by extending security from the WAN to the access edge in an integrated and automated fashion from a single console. 

The solution is also backed by third-party validation, receiving two consecutive “recommended” ratings in the NSS Labs SD-WAN Group Test Reports. 

Source:
http://bwcio.businessworld.in/article/Fortinet-Announces-Next-generation-Firewall-FortiGate-60F-/04-11-2019-178474/

]]>
2020-05-06
<![CDATA[Yedpay 推數碼革新藉 Fortinet 遷移數據至雲端 ]]> http://www.phitech.com.tw/news/index.php?news_id=945 企業要捨棄現有基建,大舉將應用和服務遷移至雲端這個決定並不容易。尤其 Yedpay 始於 2014 年,數據中心可說尚新,將一切推倒重來的勇氣實在可嘉。Yedpay 聯合創辦人兼技術總監 Alva Wong 就表示,當初花了差不多一年才完成數據中心所有部署和基建配置,因此確曾擔心遷移又得重新花一年時間進行部署,還好最後只需大半個月至一個月時間已完成整個遷移過程。

「這個決定當然不容易,但考慮到未來要配合更多網上業務,遷至雲端是必須的。」Alva 透露雖然目前尚未獲發虛擬銀行牌照,但公司已密鑼緊鼓,預計未來將推出更多基於網上的服務。

▲(左起) Fortinet 香港、澳門及蒙古區域總監馮玉明、Yedpay 市場策劃總監鄔家麟、Yedpay 創辦人兼技術總監黃韋皓,及 Fortinet 香港、澳門及蒙古區網絡安全方案經理吳維穎。

Fortinet「保安纖維」提供同步數碼革新

除針對中小企機構提供電子支付平台,Yedpay 亦支援市場推廣及分析工具,客戶層面由傳統企業到的士、街市以至花園街排檔等,可謂相當多元化。Alva 強調,Yedpay 不僅提供電子支付平台,同時亦可取代銀行擔當結算的角色,為那些無法滿足銀行中小企開戶條件的商戶提供較低門檻的交易結算選擇。

涉及交易和電子支付平台,對數據保安要求就不能因對象主要屬中小企而稍有鬆懈。是次部署 Yedpay 採用了建基於端對端功能的 Fortinet「保安纖維」 (Fortinet Security Fabric)進行數碼革新,以確保公司在將基建轉移至雲端的過程中,能同時提高網絡安全性。Yedpay 採納了 Fortinet 的方案,令公司在準備擴展旗下電子支付服務和發展業務的同時, 能確保現有電子支付系統的安全性,亦能避免潛在的網絡風險。


資料來源:

https://unwire.pro/2019/11/04/yedpay-fortinet/security/

]]>
2020-04-29
<![CDATA[Dialogic Announces Successful Interoperability Testing Between the Dialogic BorderNet SBC and the OrecX Oreka Audio Capture Platform]]> http://www.phitech.com.tw/news/index.php?news_id=944 Tuesday, September 17, 2019

BorderNet SBC provides secure scalability for Oreka Audio Capture platform

Parsippany, NJ (September 17, 2019) - Dialogic, a cloud-optimized applications and infrastructure solutions provider for service providers, enterprises, and developers, announced today that interoperability testing has been completed between the Dialogic® BorderNet™ SBC and the Oreka Audio Capture platform from OrecX, a world-leading open source call recording solution provider. 

The BorderNet SBC, a software-only, cloud-native SBC, secures connectivity to OrecX deployments, while simultaneously enabling high-quality call delivery and real-time call recording. The BorderNet SBC and OrecX solutions can be deployed both on-premises and in the cloud, including private, public, and hybrid cloud environments, without compromising performance, availability, and scalability.

“OrecX's interoperability with the Dialogic BorderNet SBC enables our enterprise customers, platform partners, and AI-fueled ecosystem to securely scale the Oreka audio capture platform and leverage it to meet their evolving real-time and post-call digital transformation initiatives,” said Steve Kaiser, OrecX CEO. 

“OrecX customers using the BorderNet SBC are leveraging its flexible licensing and deployment options to help them achieve their unique business objectives,” added Bill Crank, President and CEO of Dialogic. “This successful interoperability testing gives OrecX platform users confidence when choosing the BorderNet SBC for their security and session control needs.”

About Dialogic

Dialogic is a leading cloud-optimized solutions provider for real-time communications media, applications, and infrastructure to service providers, enterprises, and developers around the globe. Based in Parsippany, NJ with offices worldwide, Dialogic works with 48 of the world’s top 50 mobile operators, and nearly 1,000 application developers build and deploy on agile networks. Learn more about how Dialogic is enabling agility by following us on Twitter @Dialogic, and visiting www.dialogic.com and the  Dialogic Blog for the latest industry news, trends and advice. 

Dialogic and BorderNet are either registered trademarks or trademarks of Dialogic Corporation or a subsidiary thereof (“Dialogic”). Other trademarks mentioned and/or marked herein belong to their respective owners.

About OrecX

OrecX’s modern, open, and modular call recording platform meets the diverse requirements of call centers, communication platforms, platforms as a service, large enterprises, and small business at a fraction of the cost and complexity of proprietary closed-end solutions. The quality, access, and control of OrecX’s open design enables a broad ecosystem of third-party speech analytics, voice biometrics and workforce optimization solutions to extend the value of their software for their partners and clients. OrecX is the primary developer and sponsor of the Oreka GPL, an open source call recording project hosted on GitHub, with more than 200,000 unique downloads and tens of millions of users in over 200 countries. https://orecx.com https://github.com/orecx


Source:
https://www.dialogic.com/2019-09-17-interoperability-testing-between-bordernet-sbc-and-orecx-oreka-audio-capture-platform

 

]]>
2020-04-22
<![CDATA[Fortinet’s Latest Security Processor Accelerates the Industry’s Best-Selling Next-Generation Firewall]]> http://www.phitech.com.tw/news/index.php?news_id=943 FortiGate 60F Sets a New Benchmark for Security Compute Ratings and Delivers High-Performance for Integrated Security and SD-WAN
October 31, 2019 09:00 ET Source: Fortinet, Inc.
 
 

SUNNYVALE, Calif., Oct. 31, 2019 (GLOBE NEWSWIRE) --

John Maddison, EVP of Products and CMO at Fortinet
“We hear from an increasing number of customers who are struggling to achieve the required level of user experience, visibility, and security at their WAN edge to support key business applications. With today’s introduction of the FortiGate 60F powered by our latest security processor, Fortinet continues its commitment to security innovation, setting industry records for performance to empower network leaders to truly transform their WAN edge. Our rapidly growing marketshare underscores the need for Fortinet’s Security-Driven Networking approach to SD-WAN, which consolidates SD-WAN, advanced routing, and advanced security capabilities into a single appliance.”

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced the FortiGate 60F Next-Generation Firewall, the fastest, most powerful desktop Secure SD-WAN appliance. With over 1.5 million units sold worldwide, the FortiGate 60 series is the best-selling next-generation firewall and now includes Fortinet’s purpose-built system on a chip 4 (SOC4) security processor to achieve the highest Security Compute Ratings in the industry to support customers’ WAN edge transformation.

Digital innovation and rapid cloud adoption is changing the face of today’s business and has created significant challenges for organizations, such as poor user experience due to network bandwidth constraints and increased security risks with branches connected to the internet. Software-defined wide area networks (SD-WANs) have emerged as the favored solution to solve these issues while also reducing the costs associated with MPLS connections. However, not all SD-WAN solutions have risen to the requirements of today’s WAN edge. Many SD-WAN solutions on the market are incomplete and do not adequately provide the right performance, visibility, or security to ensure a secure connection and high quality of user experience.

To continue its focus on supporting enterprises’ WAN edge transformation and delivering Secure SD-WAN, Fortinet is announcing the latest next-generation firewall to include its patented SOC4 security processor: the FortiGate 60F. Key features include:

  • FortiGate 60F consolidates SD-WAN, advanced routing, and advanced security capabilities into a single appliance that enables network leaders to deploy Secure SD-WAN quickly and easily, while also reducing complexity by consolidating point products into a single offering. This allows high performance and improved user experience at an optimal total cost of ownership (TCO). 
     
  • To help customers maintain high quality user experience for their business critical traffic (be it SaaS, multi-cloud, or unified communications), FortiGate 60F delivers best-in-class application steering, giving visibility to all traffic (even if encrypted) without impacting performance and ensuring all critical applications are routed to their best path. 
     
  • FortiGate 60F leverages Security-Driven Networking principals – powered by Fortinet’s patented SOC4 security processor – to deliver the fastest deep inspection of SSL/TLS encrypted traffic (including the industry’s first support for TLS 1.3) at 750Mbps, 11 times greater than the industry average. The FortiGate 60F offers comprehensive threat prevention with IPS, application control, and anti-malware at 700Mbps, four times greater than the industry average, to help customers protect their network without impacting performance.

Fortinet security processors radically increase the performance, scalability, and value of Fortinet solutions while greatly improving user experience and shrinking space and power requirements. Security Compute Rating is a benchmark that compares the performance of Fortinet’s purpose-built ASIC-based next-generation firewall appliance to other NGFW and SD-WAN vendors in that same price range that utilize generic CPUs for networking and security capabilities. The FortiGate 60F powered by Fortinet’s SOC4 security processor highlights the security processor advantage, enabling the following Security Compute Ratings:

Specification  FortiGate
60F (SOC4
ASIC) 
Industry
Average 
Security
Compute
Rating
Palo Alto
Networks
PA 220
Check Point
1550
Security
Gateway
Cisco
Meraki
MX 67
VMware
VeloCloud
520V
Cisco
Viptela
vEdge
100
Firewall  10 Gbps 0.65 Gbps 15x 0.5 Gbps 1 Gbps 0.45 Gbps N/A N/A
IPSEC VPN 6.5 Gbps 0.38 Gbps 17x 0.1 Gbps 1.3 Gbps 0.2 Gbps 0.2 Gbps 0.1 Gbps
Threat Prevention 0.70 Gbps 0.18 Gbps 4x 0.15 Gbps 0.45 Gbps 0.3 Gbps N/A N/A
SSL Inspection 0.75 Gbps 0.065 Gbps 11x 0.065 Gbps N/A N/A N/A N/A
Concurrent sessions 700,000 15,000 47x 64,000 14,000 N/A N/A N/A

Source: FortiGate results from Fortinet tests. Other vendor information from datasheets. N/A reflects that vendor does not publish performance specifications.
* Industry average is calculated using similar price point solutions from Palo Alto Networks, Check Point, Cisco Meraki, Cisco Viptela, VMware VeloCloud, and other vendors.

The FortiGate 60F offers the best price/performance in its class and lays the groundwork for network leaders to easily migrate to Secure SD-Branch by extending security from the WAN to the access edge in an integrated and automated fashion from a single console.

Today’s announcement reinforces Fortinet’s commitment to Secure SD-WAN and aligns with Fortinet’s recent positioning among the top three vendors in worldwide market share for SD-WAN equipment by revenue in 2Q19, showing a 234% quarter-over-quarter growth rate.

The solution is also backed by third party validation, receiving two consecutive “recommended” ratings in the NSS Labs SD-WAN Group Test Reports. This additional validation underscores Fortinet’s focus on delivering the best performance and advanced security to deliver true WAN edge transformation to its customers.

Supporting Quotes:
“Fortinet significantly reduces complexity for customers because SD-WAN functionality is delivered on the FortiGate appliance, which means MSPs only have to manage one device with one team. With other SD-WAN solutions, the customer might have to bounce back and forth between the firewall team and the SD-WAN team to resolve an issue. With Fortinet Secure SD-WAN, everything is on one box and managed by one team, so MSPs are able to more seamlessly get their customers’ WAN connectivity back up and running without the risk of compromising their security posture.”
-Erik Nordquist, Sr. Product Manager, TPx Communications

“Fortinet provides solutions that are flexible enough to accommodate future changes in our network and will allow us to deploy SD-WAN with the right security requirements. In Fortinet we found a vendor with an excellent global reputation, a strong product offering, and a record of continuous innovation, including the new FortiGate 60F, that can support our needs now and in the future.”
-Keith, Head of IT, Marina Developments Limited 

Additional Resources

About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 415,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.    

Source:
https://www.globenewswire.com/news-release/2019/10/31/1938845/0/en/Fortinet-s-Latest-Security-Processor-Accelerates-the-Industry-s-Best-Selling-Next-Generation-Firewall.html

]]>
2020-04-15
<![CDATA[Fortinet Acquires enSilo, Boosts MDR Security for MSSP Partners]]> http://www.phitech.com.tw/news/index.php?news_id=942 Fortinet has acquired enSilo, setting the stage for MSSP (managed security services provider) partners to gain more advanced MDR (managed detection and response) capabilities that protect networks and endpoints. Financial terms were not disclosed.

Fortinet already has a strong MSSP partner program. enSilo, meanwhile, offers Endpoint Detection and Response (EDR) services to partners. Going forward, that EDR technology will integrate with the FortiSIEM solution, FortiInsight UEBA (user entity behavior analytics) features, and the FortiNAC solution, the two companies say.

The MDR-focused acquisition is somewhat similar to Sophos acquiring both Rook Security and DarkBytes earlier this year; and SolarWinds acquiring Trusted Metrics in 2018. All of those deals aim to arm MSSPs and MSP partners with MDR capabilities.

 

Fortinet Acquires enSilo: Executive Perspectives

Fortinet CEO Ken Xie

In a prepared statement about the enSilo acquisition, Fortinet CEO Ken Xie said:

“As businesses become more networked and operations extend from the cloud to the edge and Internet of Things, the digital attack surface has expanded exponentially and has become more complex to secure. Manual threat hunting or point security solutions are ineffective when managing or securing these new environments. Instead security and the network need to be integrated and orchestrated to enable advanced threat containment at network speeds. In acquiring enSilo, we add automated, real-time detection, protection, and response enhancements to our Fortinet Security Fabric to further protect endpoints and corresponding edge data.”

Added enSilo CEO Roy Katmor:

“Together, enSilo and Fortinet share the commitment to solve customers’ most difficult challenges and to protect the endpoint and their corresponding operations and data. Now, enSilo brings its patented approach for advanced endpoint protection and response to Fortinet and its broad security portfolio.”

 

Fortinet Acquires Ensilo: MSSP and MDR Services Converge

The line between MSSP and MDR service providers has been blurring. In fact, many of the world’s Top 200 MSSPs for 2019also rank among the world’s top MDR service providers.

Meanwhile, Fortinet will be on-hand at this week’s ConnectWise IT Nation Connect 2019 conference in Orlando. The company has close, growing relationships with multiple MSP-friendly business software providers — particularly ConnectWise and Continuum, among others.


資料來源:
https://www.msspalert.com/investments/fortinet-acquires-ensilo/

]]>
2020-04-08
<![CDATA[Fortinet資安鐵三角問世 兼顧網路管理與資訊安全]]> http://www.phitech.com.tw/news/index.php?news_id=987 伴隨企業數位化程度日深,為加快資料交換速度,各公司除了積極投入改善基礎網路架構外,同時也開放員工以自有設備存取公司內部網路。此舉雖然有助於強化公司競爭力,但是隨著內部聯網設備愈來愈多、應用朝向多元化發展,也讓網路界線變得更為模糊,對傳統資安防護網帶來極大挑戰。Fortinet認為在在網路管理人力有限的狀況下,企業必須重新思考防護策略,才能加快偵測資安威脅的速度,並兼顧網路管理與資訊安全 ,有效地保護商業機密及消費者個資安全。

為此,Fortinet 特別推出資安鐵三角,涵蓋新一代整合式防火牆、交換器、無線基地台等三大產品,藉由各種資安產品之間的緊密搭配,協助企業打造安全無虞的網路環境。如此一來,員工即可安心地在行動辦公環境中作業,快速完成工作與回應市場需求,進而幫助公司維持在產業中的競爭力。

Fortinet業務經理趙超聖說,企業 IT 對於網路資訊安全的期望有三大點,分別是可視化、智能化、彈性化,只是多數品牌產品受限於技術上的限制,並無法讓網管人員透過單一介面掌握內部網路的狀況,最終形成工作上的負擔。相較之下, 由防火牆、交換器、無線基地台組合而成的 Fortinet 資安鐵三角,正好能夠滿足企業在資安防護上的需求,並且能依照公司營運規模逐步擴充,讓寶貴資安預算發揮最大效益。

阻斷威脅於交換器 降低資安維運成本
在企業開放員工攜帶筆電、手機工作之後,面臨了當內網遭受威脅攻擊時,在網路交換器無法防堵攻擊的狀況下,網管人員無法在第一時間揪出攻擊者,且亦將因資安設備無攻擊記錄,導致無法有效杜絕資安威脅的困境。

而Fortinet資安鐵三角則能提供全面的內外網防禦,結合人員身份認證與設備辨識,可將問題主機攔阻在交換器上,更可在網路交換器或無線AP上直接隔離主機 ( 隔離 VLAN ),或至防火牆介面上封鎖主機 IP。最後,還可以使用 FortiView 網路流量監控與統計分析,清楚呈現網路拓樸結構,讓企業不須任何額外成本,擁有最完整的資訊安全與保障。

FortiGate防火牆不僅可提供資安防護功能,還可扮演無線網路基地台、交換器的控制器角色,內建創新的智能網路管理,偵測串連的網路基地台與交換器,自動產生公司內部的網路拓樸圖,包含每個交換器串連的狀況,不僅簡單易懂且隨時更新。其次,FortiGate採用的FortiOS作業系統,也有網路拓樸自動修正與錯誤連接功能,在發生迴圈時自動改成合併頻寬的線路。

「多數公司都欠缺東西向的偵測設備,以至於當惡意程式進入內部網路後,就可毫無忌憚地竊取資料,乃至於造成整個基礎網路癱瘓。」趙超聖解釋:「Fortinet資安鐵三角則因可將威脅阻斷於交換器中,所以能減少大幅內部資安事件發生,加上部署非常彈性,能依照企業預算逐步擴充,來滿足不同規模產業的需求。」

防火牆整合SD-WAN 保護分據點安全
對跨國企業而言,資安管理更是不容忽視的挑戰,特別是分支機構多半缺乏專職網管人員,往往形成資安防護上的漏洞。FortiGate防火牆內建的SD-WAN 功能,可為分支機構提供全方位的安全防護,並提高生產力和應用程式效能以確保關鍵業務應用程式得到優先處理。 FortiGate SD-WAN 提供集中式控管的單一虛擬平台,可將分據點的FortiGate 串連起來,除判斷最佳的資料傳遞路經之外,也能簡化網路管理和監控工作,因此已被全球金融、零售、製造和客服等行業所採用。

趙超聖說,Fortinet 是少數提供原生 SD-WAN 解決方案,以及整合式先進威脅防護的新一代防火牆 (NGFW) 服務供應商。 FortiGate 安全 SD-WAN 解決方案,具備應用程式感知能力、提供自動 WAN 路徑控管(Performance SLA),並支援多寬頻連線。此種設計,能取代傳統的分散 WAN 路由器、 WAN 優化和安全裝置,並且具備業界最佳的 VPN 效能,可將安全性擴展到多個分支機構。

目前 FortiGate能夠識別與支援多達 3,000 種以上的應用程式,並為子應用程式提供精密的可視性,自然深受全球各產業肯定與指定採用。

Source:

https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=71&aid=8785]]>
2020-04-01
<![CDATA[Enghouse Vidyo Unit Helps Health Systems Scale Telemedicine To Mitigate Coronavirus Risk]]> http://www.phitech.com.tw/news/index.php?news_id=985 Resilient Video Platform Ensures Health Systems Can Provide 
Remote Diagnoses and Effective Patient Care

MARKHAM, ON, March 20, 2020 /PRNewswire/ - Enghouse Systems Limited (TSX:ENGH) today announced its Vidyo, Inc. subsidiary has developed a program to help its telemedicine clients dramatically scale to combat the Coronavirus pandemic.

The program allows for new or existing clients to increase the time or bandwidth they use by multiples of up to 10 to meet needs as they arise. The new program is available as an on-premise, hybrid or cloud-based solution.

"As the world responds to the COVID-19 coronavirus outbreak, Vidyo is committed to doing its part to support health systems' essential efforts to maintain services," said Reuben Tozman, General Manager, Enghouse Vidyo. "We have put a unique program in place for our clients that provides them increased access to our technology to combat the disruptions many are experiencing."

In recent weeks, many organizations have exponentially increased their demand for video communication platforms. Vidyo's proven track record of supporting large health organizations, as well as major financial corporations, government agencies and educational institutions, positions it as an ideal solution for rapidly evolving contingency plans.

Specifically, the Vidyo Telehealth solution enables clinics and hospitals to protect front-line staff and patients by supporting self-isolation and quarantine scenarios, and ensures clinicians, nurses and physicians can provide remote diagnoses and treatments, often with existing technology.

"While we hope the impact of the COVID-19 outbreak will be short lived, the potential strain on health systems could be severe. We know many health organizations are evaluating how best to deliver patient care under difficult circumstances over potentially extended periods of time," said Tozman.

"Vidyo excels at delivering resilient virtual care services. As health systems prepare for the next few months, Vidyo is here to support them with our program so they can effectively integrate various forms of telehealth into their patient management strategies."

Health organizations interested in the program can register at https://info.vidyo.com/vidyo-license.html.

About Enghouse Vidyo

Vidyo is a subsidiary of Enghouse Systems Limited, a software and services company traded on the Toronto Stock Exchange (TSX) under the symbol "ENGH." Vidyo enriches people's lives by embedding real-time video into digital communications in the moments that matter most. Millions of people around the world connect visually every day through Vidyo's secure, scalable technology and cloud-based services. Its patented platform integrates with virtually any application environment, network and device to deliver the highest quality experiences that strengthen teams, build trust, solidify relationships, and improve quality of life. Learn more at www.vidyo.com, read our blog, or follow us on Twitter at @vidyo, on LinkedIn, and on Facebook.

Source:
https://www.prnewswire.com/news-releases/enghouse-vidyo-unit-helps-health-systems-scale-telemedicine-to-mitigate-coronavirus-risk-301027334.html

]]>
2020-03-25
<![CDATA[How To Provision A Branch Office Using Fortinet In Under 10 Minutes]]> http://www.phitech.com.tw/news/index.php?news_id=941 You can have a fully provisioned network stack in your branch office in under 10 minutes, where it’s firewall, Wi-Fi, switch, and SD-WAN,’ says Steve Huddleston, a Fortinet senior systems engineer.

 

 

Customers in verticals such as retail can provision a branch office in less than 10 minutes by turning to Fortinet’s centralized management platform, a company executive said.

“You can have a fully provisioned network stack in your branch office in under 10 minutes, where it’s firewall, Wi-Fi, switch, and SD-WAN,” said Steve Huddleston, a Fortinet senior systems engineer. “It’s a pretty cool solution.”

The Sunnyvale, Calif.-based company’s FortiManager centralized management platform can be quite complex due to all the functionality built into it, Huddleston said Wednesday at NexGen 2019, hosted by CRN parent The Channel Company.

[Related: Fortinet Rides Large SD-WAN Deals To Q2 Sales Success]

But Fortinet can dynamically map interfaces, device models, and IP addresses, Huddleston said, meaning that customers can set a particular firewall policy and apply it to all their branch locations. As a result, Huddleston said customers wishing to change their firewall policy only must do so once before pushing the new rules out to all the branch offices.

The FortiGate firewall can do so many things that some configuration work will be required at all branch sites, Huddleston said. However, by scripting functions, Huddleston said technicians can get devices up and running more quickly by setting host names and IP addresses as well as creating manuals.

Firewall policies and IP settings can be managed centrally for the devices in branch locations by using the graphical user interface (GUI), Huddleston said. In addition, Huddleston said the VPN Manager feature on FortiManager reduces the possibility of human error when setting up either a fully meshsed or hub-and-spoke VPN.

In addition, Huddleston said FortiGate can actually manage Fortinet Wi-Fi access points, allowing folks to quickly push out a standardized Wi-Fi configuration for a new branch office that operates off the same template. And the switch manager in FortiGate streamlines the set up process for configuring switches and VLANs (virtual local area networks), Huddleston said.

Branch offices with multiple internet connections can also be centrally provisioned and managed in less than 10 minutes, according to Huddleston. FortiManager is typically purchased by customers as a virtual machine sitting on the hypervisor and public cloud due to the scalability, Huddleston said, which allows customers to initially buy a small virtual machine and upgrade it over time as they get more devices.

Meanwhile, Huddleston said administrative domains in FortiManager allow for the established on role-based access with different levels of permission and control provided to different organizations or different people within the same organization. These administrative domains don’t impede the MSSP’s ability to fully access all customer environments and make whatever changes they deem necessary.

“FortiManager can do a lot. It’s a very powerful product,” Huddleston said. “I’ve been with the company for 10 years, and I’ve seen it come a long way. It’s extremely effective.”

FortiManager’s ability to put together templates should make it easier to assign tasks to less experienced technicians, according to Keith Nelson, vice president of technology at Irvine, Calif.-based Vistem Solutions. Getting network engineers and other high-ranking personnel off provisioning branch offices should free them up to do more around system design, Nelson said.

Setting up branch offices in less than 10 minutes seems realistic once solution providers have fine-tuned their templates and gotten up to speed on corporate policy, Nelson said. The templates will also allow field reps to get more involved in the deployment process in a controlled manner, Nelson said, boosting their familiarity with product interfaces and giving them more ownership over branch projects.

Source:
https://www.crn.com/news/security/how-to-provision-a-branch-office-using-fortinet-in-under-10-minutes

]]>
2020-03-18
<![CDATA[Fortinet expert on why CISOs must focus on employee development as a key security strategy]]> http://www.phitech.com.tw/news/index.php?news_id=939 Paul Anderson, Head of UK and Ireland, Fortinet, tells us how, by focusing on employee development, enablement and buy-in, CISOs can create a centralised security strategy that builds collaboration and reallocates security teams away from tactical, reactive work to more proactive and strategic efforts.

CISOs are facing a perfect storm when it comes to securing their networks. As the number of Internet of Things (IoT) devices increases exponentially, the scale, scope and even the definition of network has changed dramatically. Multi-cloud deployments and DevOps approaches have dispersed organisations’ data, while ever-increasing degrees of mobility create more and more points of access.

Modern CISOs must now protect a constantly expanding attack surface, with limited resources, at a time when cyberattacks are becoming increasingly sophisticated and security best practices are evolving – all while security talent becomes harder to find.

What contributes to these challenges and how can CISOs effectively address them? One of the clearest moves they can take to improve their organisation’s overall security posture is to prioritise employee training and create a proactive cybersecurity culture.

What’s getting in the way of CISOs’ ability to reach their cybersecurity goals?

According to recent reports, 35% of CISOs believe the lack of a centralised cybersecurity strategy and the lack of support from senior management are the top constraints to effective security. But when examining the reasons behind the lack of central strategy, many of the issues seem to start at the employee layer – both among IT employees as well as general employees across the various lines of business.

First, CISOs are dealing with the effects of the ongoing cybersecurity skills gap. According to the Center for Strategic and International Studies, 82% of organisations suffer from a shortage of cybersecurity professionals, hindering their ability to develop a more strategic approach to cybersecurity and to keep pace with new threats.

Instead, security teams end up staying focused on preventing existing threats, rather than using threat intelligence and advanced tools to identify and respond to unknown vulnerabilities and zero days.

The second challenge is around getting cybersecurity buy-in and participation from the executive suite and from the various lines of business. Among various security initiatives, the prevention, detection and response to insider threats are consistently listed among CISOs’ top-tier priorities.

Managing insider threats, both intentional and unintentional – like clicking on a phishing link, using weak passwords, or exposing the network to an unsecured device – eat up a lot of the security team’s time and resources, preventing them from focusing on threats from external sources.

Putting employees at the centre of cybersecurity

To address this, CISOs should give employees a more active role in cybersecurity. The key is to teach them how to avoid common attack tactics without limiting their productivity. In practice, this means developing a strategy around three main areas:

  1. Upskill the IT team: A truly efficient IT team will focus on threat detection and remediation rather than prevention. To achieve this, CISOs should ensure their security team has regular opportunities for further education in deploying, configuring and managing advanced security tools, as well as identifying and addressing new emerging threats. Proficiency in these types of integrated tools provides IT teams with enhanced visibility into how data is used and moved through the network, in addition to simplified management and analytics abilities. Additionally, hands-on training will ensure they have the ability to configure, install and troubleshoot their organisation’s security solution.
  • Give time back to security teams: Cyberattacks are happening at machine speed – meaning security teams cannot keep up with threat correlation or basic remediation efforts on their own. One way to tackle this challenge is to deploy security solutions that make extensive use of automation through Artificial Intelligence and Machine Learning. Automated solutions make it easier to respond to anomalous activity and known threats attempting to breach the network – allowing security teams time to focus on strategy and remediation efforts. For example, rather than having security teams working around the clock to detect potential internal threats, they can use Machine Learning to understand what normal behaviour for employees looks like and then react when there are deviations. They can also be assigned menial tasks such as inventory management and patching, freeing up human resources to focus on higher-order activities.
  • Create a culture of security: By focusing on training and enabling employees to perform basic security tasks such as updating devices, identifying suspicious behaviours and practising safe cyber behaviour across teams, CISOs can begin to establish a holistic security strategy that can stand up to today’s advanced threats. But beyond making sure that employees can identify phishing attacks or know how to update their applications on a regular basis, CISOs should also encourage collaboration between departments and the security team. This will reduce instances of inadvertent internal threats and increase overall buy-in for the security programme.

Within a context where cyber-risk is almost certain to escalate, effective CISOs will maximise their resources – and will then marshal their people, budget and expertise to fight the battles that matter most. This kind of flexible, scalable defence will prove most effective in the counterattacks against cyberbreaches to come.

資料來源:
https://www.intelligentcio.com/eu/2019/10/21/fortinet-expert-on-why-cisos-must-focus-on-employee-development-as-a-key-security-strategy/

]]>
2020-03-11
<![CDATA[FortiGate NGIPS Receives Third Consecutive Recommended Rating from NSS Labs]]> http://www.phitech.com.tw/news/index.php?news_id=938 By Vince Hwang | October 03, 2019

According to the latest Fortinet Threat Landscape Report published in Q2 2019, we continue to see increases in threats, particularly malware and exploits. In fact, towards end of July, the Fortinet Threat Landscape Index (TLI) was at its highest level over a 12-month period, coming in at a TLI score of 1037. (The TLI is a composite score based on a weekly analysis of randomly selected organizations that started with a baseline number of 1,000 so changes in the threat landscape can be easily compared.) This documented increase in threats highlights the importance of deploying a leading and proven intrusion prevention (IPS) solution to protect against attacks and prevent successful infiltration.

Another “Recommended” Rating from NSS Labs

Fortinet’s FortiGate Next-Generation IPS (NGIPS) is one such solution we believe every customer should consider. But don’t just take our word for it – take a look at the NGIPS Test Reports published annually by NSS Labs. In their latest report, Fortinet earned our 3rd consecutive “Recommended” rating from NSS Labs – once again reinforcing what we hear from our customers that Fortinet is one of the most certified and highly recommended security vendors in the market.

Best Total Cost of Ownership

Not only is FortiGate NGIPS recognized as a highly effective NGIPS solutions tested by NSS Labs in this year’s test, it also offers the best total cost of ownership (TCO) – an important consideration in today’s reality of trying to achieve the best security-driven networking outcome while balancing constrained security budgets and resources.

As an example, the FortiGate 100F used in this year’s NSS Labs NGIPS test offers a 3-Year TCO of $4,935, or roughly $2 per protected-Mbps. There are two reasons for this. The first is that it is powered by a purpose-built security ASIC that accelerates performance while reducing the cost of components by several times over off-the-shelf CPUs. The other reason is that it is also supported by FortiGuard Labs, Fortinet’s industry-leading, AI-driven threat research team, that provides the NGIPS system with some of the most effective and critical threat telemetry in the industry. Now that should be music to customers’ ears—and wallet!

Most Use Cases

And if this wasn’t enough, did you know that customers can leverage the exact same FortiGate platform to implement a security-driven network strategy across a variety of use cases – spanning Next-Generation Firewall (NGFW), Secure SD-WAN, Segmentation, and Secure Web Gateway (SWG), all in addition to NGIPS? FortiGate solutions can also be deployed as physical and virtual appliances supporting all on-premises and cloud uses cases, even providing seamless and consistent security in a multi-cloud environments. They are also a critical component of any end-to-end Security Fabric architecture, providing a broad, integrated, and automated solution to security and network operations.

We Believe in Testing – So Should You

But the accolades don’t stop there. Customers choosing Fortinet for their security-driven networking needs can feel good knowing that Fortinet is also recognized as a Leader amongst the 18 vendors in Gartner’s 2019 Magic Quadrant for Network Firewalls. In fact, this is the 12th time we’ve been recognized by Gartner for Network Firewalls. How’s that for a track record? 

At the end of the day, given the critical role security solutions play in allowing customers to run their businesses, talk is cheap. Which is why we subject our security solutions to more third-party testing than any other vendor. Fortinet is a strong believer that the proof of the pudding is in the eating, not just talking about it, especially when it comes to security effectiveness. We want our customers to feel confident that choosing Fortinet will keep them safe. As such, the NSS Labs NGIPS test is only one of many independent tests of Fortinet’s security effectiveness.

And as far as NSS Labs goes, we participate in a total of 8 tests and we have achieved a “Recommended” rating in every one of them! You can see all of Fortinet’s NSS Labs test results here.

Find out how Fortinet’s Security Fabric delivers broad, integrated, and automated protection across an organization’s entire digital attack surface from IoT to the edge, network core and to multi-clouds.  

Find out how Echoenergia and New Zealand Red Cross used Fortinet’s Security Fabric for end-to-end network protection. 


source:
https://www.fortinet.com/blog/business-and-technology/fortigate-ng-ips-nss-labs-recommended-rating.html

]]>
2020-03-04
<![CDATA[Fortinet unveils new FortiGate 1800F firewall, updates FortiOS]]> http://www.phitech.com.tw/news/index.php?news_id=979 Fortinet unveils new FortiGate 1800F firewall, updates FortiOS Wednesday 19 February 2020 | 09:12 CET | News

Fortinet unveiled the FortiGate 1800F Next-Generation Firewall (NGFW) powered by NP7, the company’s seventh generation network processor. In addition, the company announced the release of FortiOS 6.4, the latest version of its flagship operating system powering the Fortinet Security Fabric. Fortinet also hit a milestone with more than 355 technology integrations with the Fortinet Security Fabric.

FortiGate 1800F NGFW

Fortinet said it's introducing the FortiGate 1800F NGFW to meet the extraordinary demands of data centre security and enable a Security-Driven Networking approach.

The FortiGate 1800F is powered by NP7, the seventh generation of Fortinet’s purpose-built network processor specifically engineered to enable large enterprises to handle unprecedented levels of data and application demands. NP7 offers today’s largest organisations the ability to segment and launch services, manage internal and external risks, and preserve user experience.

FortiOS 6.4

With over 350 new features, FortiOS 6.4 introduces automation, scalability, performance, and AI functionalities to deliver full protection across the entire digital infrastructure. 

With version 6.4, FortiOS adds new features designed to support organisations’ digital innovation goals across the four key pillars of the Fortinet Security Fabric and FortiGuard Labs: security-driven networking, zero-trust network access, dynamic cloud security and AI-driven security operations. 

The Fortinet 360 Protection bundle delivered by FortiGuard Labs provides a complete package of operational, support, and security services to enable customers to deploy and benefit from the full power of the Fortinet Security Fabric and is optimised for SD-WAN deployments. 

source:
https://www.telecompaper.com/news/fortinet-unveils-new-fortigate-1800f-firewall-updates-fortios--1327159

]]>
2020-02-26
<![CDATA[Exablaze launches ExaNIC X25 & X100 NICs for low-latency trading]]> http://www.phitech.com.tw/news/index.php?news_id=977 Exablaze, a global provider of ultra-low latency network devices, is launching two new network adapters: ExaNIC X25 and ExaNIC X100. 

In both live trading and benchmark tests the new network adapters proved to be the fastest available, and have set a new record for low-latency performance. The exceptional speed of the new Network Interface Cards (NICs) is due to the unique hardware, software and firmware architecture developed by Exablaze. The ExaNIC X25 is available now, while the ExaNIC X100 is expected to ship in late Q1. 

 
Dr Matthew Grosvenor, SVP of Technology at Exablaze, says: “There is a maxim in Exablaze – in order to be fast, we have to design speed into everything we develop: it’s not enough to simply make old components go a bit faster. We must always start from a clean sheet. That’s how we stay ahead.

“Every aspect of the ExaNIC X25 and X100 is optimised for low latency operations. From our unique cut-through receive path, to our pre-loaded TCP packet transmission capability, we have gone the extra mile to create cutting-edge technology for our clients.”
 
In low latency trading and HFT minimising the time it takes to send and receive network messages is critically important. Exablaze’s achievement with the two new NICs is twofold: to provide significant speed improvements for sending and receiving messages, and to allow trading desks and firms to future-proof their NICs, by using flexible FPGA (field-programmable gate array) technology. FPGA-based NICs can be upgraded and customised ’in the field’ (ie after installation), for example, to support high-speed, 25GbE connections and/or, by adding application-specific logic directly inside the NIC hardware to further reduce system latency.
 
According to Exablaze internal benchmarks, the NICs run approximately 20 per cent faster (ie over 100 nanoseconds) than other low latency optimised NICs, including Exablaze’s own ExaNIC X10. On highly-optimised systems, the ExaNIC X25 offers software trigger-to-response latencies as low as 568ns (median 629ns). These results underscore Exablaze’s continued market dominance in making the fastest NICs available. 
 
Exablaze’s low-latency and highly-programmable networking technologies have caught the eye of world-leading networking technology company Cisco Systems. Cisco recently announced plans to acquire Exablaze, including the ExaNIC product portfolio. The ExaNIC product series is expected to continue to grow under the Cisco banner when the acquisition is formally concluded later this year.
 
"Cisco shares with Exablaze a relentless focus on improving end-to-end performance in ultra-low-latency environments,” said Thomas Scheibe, Vice President of Product Management for Cisco’s Nexus & ACI products. “Application performance is only as good as the sum of the parts: from latency optimized ExaNICs and FPGAs, to latency optimized layer 1 switches and multiplexers, through to latency optimized Cisco Nexus 3500 L3 switches, the whole system needs to be fully optimized.” 
 
A key contributor to the unmatched latency performance of the ExaNIC X25 and X100 is the latest generation of Xilinx Ultrascale+ FPGA technology. The devices are built around Xilinx KU3P FPGAs, featuring 25Gb/s capable transceivers and 13Mb of on-chip ultra-RAM. The X25/X100 NICs optionally also ship with 4GB/9GB (respectively) of on-board DDR4 memory, allowing developers to build more powerful and diverse applications directly inside the devices using the ExaNIC Firmware Development Kit (FDK).
 
The ExaNIC X25 will initially ship in a 2x 10GbE configuration. Future firmware updates will support 2x 25GbE support as well. The ExaNIC X100 will initially ship in 8x 10GbE and 2x 40GbE configurations. Future firmware updates will bring 8x 25GbE and potentially 2x 100GbE support.

Source:
https://www.institutionalassetmanager.co.uk/2020/01/16/282027/exablaze-launches-exanic-x25-x100-nics-low-latency-trading

]]>
2020-02-19
<![CDATA[Fortinet shares healthcare cyberattack trends in 2019]]> http://www.phitech.com.tw/news/index.php?news_id=937 BY  ON OCTOBER 14, 2019 • LEAVE A COMMENT )

During the first five months of 2019, healthcare organizations were under nearly constant cyberattack attempts ranging from targeted phishing and customized ransomware incidents to more common exploits such as malware and botnets. The examples below serve as a takeaway so that we can learn from what has come before.

Traditional Healthcare Network Threats

One of the most prevalent threats was Android/Generic.AP malware that targets Android mobile devices. Once installed on a phone, this trojan can capture keystrokes, collect system information, download/upload files, perform denial-of-service attacks, and run/terminating processes. In networks where healthcare providers rely on their mobile devices to provide real-time patient information, compromised phones can become a conduit for introducing additional malware into the network and gaining unauthorized access to patient information.

Botnets have been another challenge so far in 2019. Gh0st RAT is able to take full control of a victim’s machine, as well as log keystrokes and hijack webcam and microphone data. Bladabindi is similar, but it can also steal stored credentials such as usernames/passwords and other PII.

Have you read “Fortinet shares security-driven network strategies at cybersecurity conference”?

Targeted Attacks

We have also seen a spike in targeted attacks against healthcare networks. Incidences of an older Trojan called Kwampirs, that targets the systems of MRI and X-ray machines and siphons their configuration data, have been documented being actively deployed inside specific networks.

SamSam ransomware has also been targeting the healthcare industry, but we are now seeing additional capabilities being developed and additional malware being included with the ransomware payload, which should worry security administrators.

Cybersecurity company Fortinet shares the four essential elements of security hygiene.

  • Patch devices religiously.
  • Update hardware and software when possible.
  • Replace older systems that can no longer be patched or updated.
  • Implement strong proximity controls for systems that cannot be replaced.

Visibility not only requires seeing every device on the network but also knowing what they are and the role they play.

Mission-Critical Systems – It’s crucial that you understand your mission-critical processes, including critical care areas that cannot withstand downtime.
Online Assets – Maintain an automatically updated inventory of every asset on your network. Those resources that rely on remote access, such as telemedicine or remote clinics, need extra attention.
Extended Infrastructure – You need to not only understand your network topology, but cloud resources such as SaaS applications and infrastructures, as well as remote and branch offices.
Medical IoT – Monitoring or treatment systems need to be identified, tracked, and secured, including mobile devices that move between hospital departments or even into patient homes.

Segmentation is crucial

Once an attacker manages to gain access to the network, they will continue to drive deeper to achieve their goals. Proper network segmentation can limit lateral movement, thereby slowing down attacks and even discouraging attackers – giving you more time for detection and response.

Ransomware – not if, but when

Given their user’s preference for healthcare networks, healthcare IT administrators need to assume they will continue to be the target of a ransomware attack. Proper preparation includes an aggressive backup strategy, storing backups and recover systems offline, and running restoration drills so recovery can be fast and effective.

資料來源:
https://backendnews.net/2019/10/14/fortinet-shares-healthcare-cyberattack-trends-in-2019/

]]>
2020-02-12
<![CDATA[Fortinet Wins “Professional Certification Program of the Year” Award in 2019 CyberSecurity Breakthrough Awards Program]]> http://www.phitech.com.tw/news/index.php?news_id=936 By Rob Rashotte | October 09, 2019

Fortinet is pleased to announce that its Fortinet Network Security Expert (NSE) Institute’s certification program has been named the “Professional Certification Program of the Year” in the 2019 CyberSecurity Breakthrough Awards program. CyberSecurity Breakthrough is a leading independent market intelligence organization that recognizes the top companies, technologies, and products in the global information security market today.

“Fortinet’s combination of broad program scope, global accessibility, and program philosophy have resulted in a cybersecurity education program that goes well beyond a traditional commercial certification program focused on vendor-specific solutions,” said James Johnson, managing director, CyberSecurity Breakthrough. “Fortinet has built a program that is truly focused on closing the cybersecurity skills gap, with more than 230,000 certifications being issued to individuals in more than 200 countries, and we are thrilled to recognize the Company with our 2019 CyberSecurity Breakthrough Award designation as Professional Certification Program of the Year.”

The Fortinet Network Security Expert (NSE) certification program closes the cybersecurity skills gap from a much wider perspective than traditional training and certification programs. The program’s unprecedented level of accessibility includes an 8-level approach targeting different knowledge and skills at each level.

The lower levels (NSE 1 – 3) assess knowledge and understanding of the threat landscape and various solutions that are common in the industry. These initial NSE levels appeal to any individual wishing to understand cybersecurity principles and better protect themselves online, academic institutions looking to provide assessment tools to assess students entering cybersecurity programs, and organizations looking for tools to deploy a cybersecurity awareness program for their employees. The mid-levels of the program (NSE 4 – 6) are more traditional certification levels that focus on a technical audience and their ability to install, configure, and troubleshoot individual Fortinet products. The top levels of the program (NSE 7 - 8) focus on the skills and knowledge required by engineers and architects to design complete cybersecurity solutions using a variety of Fortinet and other products, and to deploy those solutions into complex network environments.

The mission of the CyberSecurity Breakthrough Awards is to honor excellence and recognize innovation, hard work, and success across a range of information security categories, including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, Email Security, and many more. This year’s program attracted more than 3,500 nominations from over 15 different countries throughout the world.

Learn more about Fortinet’s NSE Institute programs, including the Network Security Expert programNetwork Security Academy program and FortiVets program.


Source:
https://www.fortinet.com/blog/business-and-technology/fortinet-wins-cybersecurity-breakthrough-award-nse-institute.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblogs+%28Fortinet+All+Blogs%29

]]>
2020-02-05
<![CDATA[Introducing FortiCWP for Comprehensive Cloud Workload Protection]]> http://www.phitech.com.tw/news/index.php?news_id=935

The lack of cohesion between different security deployments often results in a lack of centralized visibility into critical service configurations, activities, network traffic, security events, and data hygiene. This challenge is compounded further as their business extends its presence across multiple public cloud provider platforms.

To help organizations address this fundamental cloud security issue, Fortinet has just introduced FortiCWP  – a Cloud Workload Protection solution designed to help customers assure compliance and mitigate risks associated with IaaS-based applications. It enables organizations to regain visibility and control over their dynamic multi-cloud infrastructure by providing the industry’s most integrated and dynamic multi-cloud security posture management solution.

Cross-Solution Integration

FortiCWP has been deeply integrated into multiple public cloud infrastructures – including using cloud native APIs from AWS, Google Cloud Platform, and Microsoft Azure – to assess configurations, monitor activity in cloud accounts, analyze and scan data, monitor cloud network traffic, and provide comprehensive compliance reports. 

To ensure it is always running up-to-the-minute security insights, FortiCWP is also integrated with FortiGuard Labs to receive regular and timely threat intelligence updates. It is also integrated with FortiSandbox to analyze data stored in the cloud for malicious content. When combined, these FortiCWP services provide unprecedented visibility and control over the state of cloud security, even across multi-cloud infrastructures, enabling security teams to see and manage their cloud environments with confidence.

Addressing Critical Cloud Security Challenges

Specifically, FortiCWP addresses several of the most critical challenges facing organizations tasked with securing their cloud environments.

  • To address the lack of visibility into cloud configuration and account activities, FortiCWP leverages its tight integration with the leading public cloud providers – Amazon AWS, Microsoft Azure, and Google Cloud Platform to scan configurations and setting and to compare them with best practices, compliance regimes and corporate policy.
  • As the industry’s most integrated dynamic cloud security visibility solution due to its Fabric-based integration with a Fortinet’s Multi-Cloud Dashboard, it enables security teams to seamlessly manage security across multiple cloud platforms.
  • FortiCWP supports the “shared responsibility model of any cloud deployment by looking at configuration settings of the cloud vendor as well as those of the organization.
  • FortiCWP addresses the challenge of ungoverned cloud data with high-capacity cloud-based DLP and malicious content inspection.
  • FortiCWP helps organizations assure they are compliant with industry specific security standards by comparing activity and configurations with policies require by standards including PCI, HIPAA, SOX, GDPR, ISO 27001, and NIST.

The First Fully Integrated Cloud Security Solution

When FortiCWP is combined with FortiGate VM for Ingress/egress cloud security and FortiWeb for Web Application and API Protection, they form the only integrated cloud security solution addressing network security, web application security, and cloud platform security in a comprehensive and tightly integrated solution. Its support for IaaS based applications also makes it the perfect complement to FortiCASB, which is designed to provide management, visibility, and control for SaaS-based applications.

By leveraging these integrated solutions, organizations can now extend the expertise of their security teams into the cloud, enabling them to effectively mitigate risk across their continuously evolving digital innovation landscape.

FortiCWP provides centralized dashboards, reports and maps to track security events and user activity.




source:
https://www.fortinet.com/blog/business-and-technology/forticwp-cloud-workload-protection.html

]]>
2020-01-29
<![CDATA[FortiGate NGIPS Receives Third Consecutive Recommended Rating from NSS Labs]]> http://www.phitech.com.tw/news/index.php?news_id=934 By Vince Hwang | October 03, 2019

According to the latest Fortinet Threat Landscape Report published in Q2 2019, we continue to see increases in threats, particularly malware and exploits. In fact, towards end of July, the Fortinet Threat Landscape Index (TLI) was at its highest level over a 12-month period, coming in at a TLI score of 1037. (The TLI is a composite score based on a weekly analysis of randomly selected organizations that started with a baseline number of 1,000 so changes in the threat landscape can be easily compared.) This documented increase in threats highlights the importance of deploying a leading and proven intrusion prevention (IPS) solution to protect against attacks and prevent successful infiltration.

Another “Recommended” Rating from NSS Labs

Fortinet’s FortiGate Next-Generation IPS (NGIPS) is one such solution we believe every customer should consider. But don’t just take our word for it – take a look at the NGIPS Test Reports published annually by NSS Labs. In their latest report, Fortinet earned our 6th consecutive “Recommended” rating from NSS Labs – once again reinforcing what we hear from our customers that Fortinet is one of the most certified and highly recommended security vendors in the market.

Best Total Cost of Ownership

Not only is FortiGate NGIPS recognized as a highly effective NGIPS solutions tested by NSS Labs in this year’s test, it also offers the best total cost of ownership (TCO) – an important consideration in today’s reality of trying to achieve the best security-driven networking outcome while balancing constrained security budgets and resources.

As an example, the FortiGate 100F used in this year’s NSS Labs NGIPS test offers a 3-Year TCO of $4,935, or roughly $2 per protected-Mbps. There are two reasons for this. The first is that it is powered by a purpose-built security ASIC that accelerates performance while reducing the cost of components by several times over off-the-shelf CPUs. The other reason is that it is also supported by FortiGuard Labs, Fortinet’s industry-leading, AI-driven threat research team, that provides the NGIPS system with some of the most effective and critical threat telemetry in the industry. Now that should be music to customers’ ears—and wallet!

Most Use Cases

And if this wasn’t enough, did you know that customers can leverage the exact same FortiGate platform to implement a security-driven network strategy across a variety of use cases – spanning Next-Generation Firewall (NGFW), Secure SD-WAN, Segmentation, and Secure Web Gateway (SWG), all in addition to NGIPS? FortiGate solutions can also be deployed as physical and virtual appliances supporting all on-premises and cloud uses cases, even providing seamless and consistent security in a multi-cloud environments. They are also a critical component of any end-to-end Security Fabric architecture, providing a broad, integrated, and automated solution to security and network operations.

We Believe in Testing – So Should You

At the end of the day, given the critical role security solutions play in allowing customers to run their businesses, talk is cheap. Which is why we subject our security solutions to more third-party testing than any other vendor. Fortinet is a strong believer that the proof of the pudding is in the eating, not just talking about it, especially when it comes to security effectiveness. We want our customers to feel confident that choosing Fortinet will keep them safe. As such, the NSS Labs NGIPS test is only one of many independent tests of Fortinet’s security effectiveness.

And as far as NSS Labs goes, we participate in a total of 8 tests and we have achieved a “Recommended” rating in every one of them! You can see all of Fortinet’s NSS Labs test results here.

Find out how Fortinet’s Security Fabric delivers broad, integrated, and automated protection across an organization’s entire digital attack surface from IoT to the edge, network core and to multi-clouds.  

Find out how Echoenergia and New Zealand Red Cross used Fortinet’s Security Fabric for end-to-end network protection. 

Source:

https://www.fortinet.com/blog/business-and-technology/fortigate-ng-ips-nss-labs-recommended-rating.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblogs+%28Fortinet+All+Blogs%29

]]>
2020-01-22
<![CDATA[Sangoma Leader in SIP Trunking for Small Businesses]]> http://www.phitech.com.tw/news/index.php?news_id=933 Out of 29 SIP trunking companies examined in the Eastern Management Group’s latest SMB customer survey, none beat Sangoma. No vendor other than Sangoma received the highest possible ranking — four stars — in every customer satisfaction category.
 
If you’re not familiar with Sangoma — or maybe it’s been a while since you were — you may want to brush up… or catch up. The $100 million voice and UC solution provider is on a bit of a tear. Sangoma’s revenue has grown by 53% (CAGR) each year since 2017, and it got another healthy boost when it acquired Digium last September. Sangoma’s gross profit is around 60%, and the business currently spends a customer-comforting 18% of revenue on research and development.
 
Let’s Talk SIP
Apart from the company’s good financials, Sangoma further distinguishes itself in SIP trunking customer satisfaction. In Eastern Management Group’s “2019 SMB SIP Trunking Customer Satisfaction” survey, no competitor beat Sangoma, which stands at the pinnacle of the satisfaction leader board.
 
The Eastern Management Group’s 2019 satisfaction survey of 3,000 IT managers shows a side-by-side comparison of 29 SIP trunk providers. SMB customers (from one to 500 employees) evaluated their SIP vendors on six Customer Satisfaction Measurements under the headings of product, vendor experience, and customer delight.
 

SIP_PROVIDERS1.JPG

SIP trunk providers rated by Eastern Management Group
 
 
The Eastern Management Group
 
In Eastern Management Group’s customer survey, Sangoma received the highest possible ranking — four stars, in every customer satisfaction measurement: technology and product, purchase experience, support, management tools, total overall satisfaction, and recommend-to-a-friend.
 
About Sangoma
Sangoma is one of the scores of providers in the $14.4 billion (2018) SIP trunk market — a market that’s growing 7% yearly — and will continue doing so. The SIP market itself is catapulted by cloud growth, enterprise branch office openings, high PSTN prices, and the inevitable POTS end of life, which are addressed in the Eastern Management Group report "2018-2024 SIP Market 7-Year Forecast and Analysis."
 
Sangoma is an established provider of hardware and software that drives IP communications systems for telecom and datacom applications. The company, which launched in 1984, sells to SMBs and carriers in 150 countries. Well-known Digium is a Sangoma subsidiary, making Sangoma the primary developer and sponsor of the open-source Asterisk project.
 
Based on Eastern Management Group’s customer survey research, 95% of Sangoma SIP trunk customers are SMBs having fewer than 500 employees; that’s more than the SIP trunk industry average of 83%. Sangoma’s largest customer cohort is businesses with 11 to 50 employees; this may account for a third of Sangoma’s SIP customer base.
 
Sangoma customers are well distributed across the 20 vertical markets Eastern Management Group tracks. Sangoma has a broader vertical market reach than many competitors. Our research finds considerable Sangoma SIP trunking sales to businesses in the professional services, retail, and transportation markets.
 
Product and Value
SIPStation is Sangoma’s SIP trunking offer. The company checks all the essential boxes with SIP features:
 
  • Choose your own phone numbers
  • Send and receive faxes
  • T.38 faxing & SMS
  • Share voice services across multiple locations
  • Add lines at any time — no contracts required
  • Create high-volume SIP trunks that are fax- and SMS-compatible
Sangoma’s elevator pitch for SIP is a good one, and the customer benefits include:
 
  • 21-day free trial
  • Cost savings with three-year, one-year, and monthly contracts
  • Integrated with the FreePBX and PBXact systems
  • Integrated fax services
 
It’s our opinion that Sangoma has made a very good name for itself. It has all the trappings of a hands-on company: The CMO blogs weekly, talking as if to a family. Sangoma operates just like a small business — and that’s nice to report on.
 
The research used in this post comes from the following Eastern Management Group sources: "2019 SIP Trunking Customer Satisfaction" report and models, and “2018-2024 SIP Global Market 7-Year Forecast and Analysis.” For more information on these studies and reports, please contact our analyst team or John Malone directly at 212-738-9402 Ext. 2201 or jmalone@easternmanagement.com.

資料來源:
https://www.nojitter.com/sipsip-trunking/sangoma-leader-sip-trunking-small-businesses
]]>
2020-01-15
<![CDATA[《科技》Fortinet SD-WAN解決方案,獲瑞典Telenor採用]]> http://www.phitech.com.tw/news/index.php?news_id=932 【時報記者林資傑台北報導】全方位整合與自動化網安廠Fortinet(NASDAQ: FTNT)宣布,其次世代SD-WAN網路解決方案,獲得全球行動電信集團Telenor旗下Telenor Sweden採用,協助提升敏捷性、靈活性與安全性,加速數位轉型推動,成為北歐首家推出安全SD-WAN服務的行動電信業者。

 為開發使用者更多能力、推動數位化轉型,許多企業致力最佳化WAN基礎架構與連線能力,讓雲端應用程式達到最佳效能,提供最佳的使用者體驗。Fortinet的SD-WAN解決方案協助Telenor可基於寬頻與4G/LTE提供所需智慧化及安全性,因應快速變化的應用需求。

 最新統計顯示,超過4成企業希望今年底前前試行或採用SD-WAN或混合WAN技術。Telenor表示,在瑞典擁有50名以上員工與3個營業據點的企業中,就有3000多家計畫在現階段或近期內發展WAN解決方案,讓內外部資料與應用程式存取更有效率且更安全。

 Telenor SD-WAN產品負責人Tomas Flodin表示,在提供安全、靈活且具成本效益的SD-WAN託管服務時,高安全性是首要考量。選擇Fortinet主要考量可將NGFW安全與SD-WAN服務整合到同一平台,獲得期望的可視性、控制力與安全性,保護客戶的資料與應用程式。

 Fortinet產品執行副總裁John Maddison表示,數位創新正對企業分支機構重大轉變。隨著服務與應用程式逐漸轉移至雲端,各分支機構的網路邊緣隨之增加,擴大網路被攻擊面,使得安全性比以往更加擔憂,除非安全性為SD-WAN一部分,否則無法發揮優勢。

 John Maddison認為,為了在部署後能立即發揮效益,SD-WAN必須提供完整的安全服務與可視性,讓企業知道是誰正透過哪些裝置存取網路,以便使用合適的安全原則給端對端,及本地到WAN、雲端或資料中心上使用。

資料來源:
https://tw.stock.yahoo.com/news/%E7%A7%91%E6%8A%80-fortinet-sd-wan%E8%A7%A3%E6%B1%BA%E6%96%B9%E6%A1%88-%E7%8D%B2%E7%91%9E%E5%85%B8telenor%E6%8E%A1%E7%94%A8-041715065.html

]]>
2020-01-08
<![CDATA[Customers Choose Fortinet Secure SD-WAN for True WAN Edge Transformation]]> http://www.phitech.com.tw/news/index.php?news_id=931 One of the most common issues facing organizations looking to deploy an SD-WAN solution is that what looks like a simple enough idea – replacing your static MPLS connection with a more flexible WAN solution – can quickly become a logistical nightmare. That’s because today’s branch offices have complex requirements that legacy routers, and even most SD-WAN solutions have simply not been designed to address.

The primary need is fast and reliable access to critical business applications. Cloud adoption is rampant, and as organizations migrate their data and resources to the cloud, backhauling those latency sensitive or performance hungry applications through a traditional WAN link to the corporate network quickly becomes problematic. It not only adds additional bandwidth loads on network infrastructures, but can reduce the effectiveness of the application and impact things like productivity and the user experience.

Branch Office Requirements are Evolving

Today’s branch offices require multiple links in order to enable direct connectivity to critical resources. While the traditional link to the core network is still important, they also need direct internet access in order to quickly connect to essential applications such as Salesforce, Office365, and unified communications located in the cloud.

Of course, internet connections are notoriously unreliable and unsecure. So an SD-WAN solution needs to provide rich application steering, redundancy, and quality controls at the network level, as well as a full stack of security solutions to secure data and information that used to rely on the security deployed within the core network. In addition, because 80% or more of the traffic moving through this direct internet connection will need to be encrypted, security also needs to provide deep SSL inspection without impacting application performance.

Most SD-WAN Solutions Don’t Measure Up

Because most SD-WAN vendors only provide very basic firewall functionality as a native element of their solution, customers are required to address this issue by adding security after the fact. But they quickly discover that the complexity of building such a solution is more than they bargained for. Security needs to provide a full stack of protection, including firewallIPSweb filtering, anti-virus and anti-malware, web application firewall, and even sandboxing. And if these solutions aren’t integrated to function as a single unit, managing these tools can require significant overhead.

Second, these security solutions need to be fully compatible with security deployed elsewhere, especially in the cloud. Policies need to traverse multiple ecosystems, enforcement needs to be consistent, and visibility needs to be seamless.

And finally, security and networking need to work as a single system.  This needs to work at scale across hundreds of locations, and do so easily with zero-touch deployment capabilities. And because connections are often in constant flux in order to maintain connection service levels, any overlay security system is forced to react to changes, which can introduce gaps in protections. Instead, what’s needed is for security and networking to be fully integrated together, so that when application or connectivity requirements change, both the network and security adapt simultaneously so there is never a need to “catch up.”

And even more importantly, a Security-Driven Network approach means that if an adjustment in connectivity or configurations would result in a compromise in terms of security, the security solution can prevent that adjustment based on policy, rather than leaving an unsecured connection, exposing data and applications to infection or theft.

A Real World Example

Addressing this real-world challenge was a top priority for one of the largest recycling and waste management companies in North America. They needed to upgrade their WAN solution to more efficiently and securely interconnect their recycling facilities, landfills, and transfer stations.  Their goal was to reduce circuit costs, rationalize their security product inventory, and centralize security management across their distributed organization.

By enhancing data correlation and integration between their various security elements, they also hoped to achieve better visibility, control, and decision making capabilities. However, this lower and more predictable infrastructure cost model also needed to provide a more flexible infrastructure that would be easier to tune in order to meet changing business requirements, without ever compromising security in the process.

Fortinet responded by positioning our Secure SD-WAN and SD-Branch solutions. We were able to demonstrate how, through our Security Fabric framework, all of the various security and networking elements worked together in terms of coordination, correlation, management, configuration, and orchestration. Unlike the traditionally complex SD-WAN story that involved multiple solutions that didn’t really interoperate, Fortinet’s Secure SD-WAN provided the right mix of tightly integrated network and connection functionality, management, and security that the organization was looking for.

Once the Secure SD-WAN solution was under consideration, we were then able to demonstrate how its security and network functionality could also be seamlessly extended deep into each branch network by combining them with switching, wireless access, and network access control functions. Even better, this integrated SD-Branch solution could also be managed remotely through the same interface used to manage the Secure SD-WAN connection.

SD-WAN networking, security, and access control solutions offering from other vendors, including the incumbent solution from Cisco, simply did not work as an integrated system. Separate management, configuration, and orchestration tools would significantly impact the organization’s goals of interoperability and lowering operational overhead. And the Fortinet solution also provided far and away the best price/performance of any solution under consideration.

Fortinet Uniquely Combines Networking and Security into a Single, Integrated SD-WAN Solution

Fortinet’s Secure SD-WAN and SD-Branch solutions combine the entire suite of powerful security tools included in the FortiGate NGFW security appliance – including firewall, IPS, antivirus, web filtering, and sandboxing – with a rich suite of essential connectivity, bandwidth management, and application recognition tools to ensure the reliable delivery of even the most latency-sensitive business applications. It then combines that security with Fortinet’s switching and wireless access points to extend the same security and network management functionality, combined with device and access control, into the branch office network to manage and secure locally deployed enduser and IoT devices.

No other solution in the market provides such a high-performance, deeply integrated, and highly interoperable solution for today’s distributed networks. Simple deployment, unmatched performance, and deep integration between network functionality, connectivity, access control, and a full suite world-class security solutions – all managed and orchestrated through a single pane of glass management system – sets the Fortinet Secure SD-WAN and SD-Branch solutions apart from the rest of the market.

Learn how Fortinet’s Secure SD-WAN Solution uses a security-driven networking approach to improve user experience and simplify operations at the WAN Edge.


資料來源:

https://securityboulevard.com/2019/10/customers-choose-fortinet-secure-sd-wan-for-true-wan-edge-transformation/

]]>
2020-01-01
<![CDATA[Fortinet Ranked in Top Three by Gartner for SD-WAN Equipment Market Share by Revenue]]> http://www.phitech.com.tw/news/index.php?news_id=930 SUNNYVALE, Calif., Oct. 01, 2019 (GLOBE NEWSWIRE) -- Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced that it is among the top three vendors in worldwide market share for SD-WAN equipment by revenue in Gartner’s Q2 2019 report titled, “Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 2Q19.” According to Gartner, total worldwide SD-WAN equipment revenue in 2Q19 was $417M, up 30% quarter-over-quarter. In 2Q19, Fortinet’s SD-WAN revenue is reported to have grown 234% quarter-over-quarter to $46M. This represents the third highest revenue market share at 11.1%.

“Cybersecurity has become a top-of-mind strategic business issue for enterprises deploying WAN edge solutions,” says John Maddison, EVP of products and CMO at Fortinet. “We’re hearing from an increasing number of customers who are concerned about the security risks associated with SD-WAN exposing branch offices to the Internet. We believe our growing market share validates the need for Fortinet’s unique Security-Driven Networking approach, which tightly integrates security and SD-WAN functionality into a single offering. Fortinet is committed to SD-WAN innovation; just this year we released the industry’s first SoC4 ASIC specifically designed to increase SD-WAN performance and security. Fortinet’s Secure SD-WAN solution includes best-of-breed next-generation firewall security, SD-WAN, advanced routing, and WAN optimization capabilities as well as the ability to extend SD-WAN to the access layer via SD-Branch. Because we deliver our SD-WAN solution in-built into every FortiGate Next-Generation Firewall, customers benefit from some of the industry’s best threat protection and threat detection capabilities, fully integrated with one of the top SD-WAN solutions on the market.”

Fortinet Secure SD-WAN is backed by third-party validation
Fortinet solutions have consistently demonstrated high security effectiveness, advanced feature offerings, and superior performance when put to the test by third parties. Fortinet’s Secure SD-WAN solution has received two consecutive NSS Labs “Recommended” ratings and showcased the lowest TCO in the latest NSS Labs SD-WAN Group Test.

Fortinet is a customer favorite
Fortinet received the February, 2018 Gartner Peer Insights Customers’ Choice recognition (Feb 2018) for Enterprise Network Firewall Management Software and has the most reviews of all vendors in the Gartner Peer Insights Enterprise Network Firewall Market as of September 30, 2019. Fortinet’s Secure SD-WAN solution, an integral part of FortiGate Network Firewalls, has also received the most reviews of all vendors in the Gartner Peer Insights WAN Edge Infrastructure Market as of September 30, 2019. Fortinet believes that this additional customer recognition further highlights Fortinet’s leadership in the SD-WAN market.

Fortinet’s Focus on SD-WAN Innovation
Fortinet developed the industry’s first SD-WAN ASIC, which allows them to deliver the fastest SD-WAN security performance in the industry. This includes acceleration for responsive overlay VPN and a better overall WAN user experience across the enterprise. Fortinet’s Secure SD-WAN solution interoperates as part of a comprehensive security architecture through the Fortinet Security Fabric, producing an integrated end-to-end security solution across the entire attack surface that leverages Security-Driven Networking. In addition, Fortinet offers a tightly integrated SD-Branch solution that brings together the branch LAN and WAN environments to ensure consistent security, single-pane-of-glass manageability and visibility, and better TCO.

Supporting Quotes
“We were already pleased with the performance of Fortinet’s Next-Generation Firewalls in our data center and the protection they provide for employee access and authentication. We recently chose to leverage Fortinet’s Secure SD-WAN capability because it provides superior security features in one simple offering. Fortinet helps us reduce complexity and gives us the single-pane-of-glass visibility across all our locations.” 
— Brian Talbert, Director, Network and Connectivity Solutions, Alaska Airlines

“We like Fortinet Secure SD-WAN’s ease of use at the scale at which we operate. Just as importantly, we were impressed with the high level of security that is built into Fortinet Secure SD-WAN. The other solutions we looked at would have required us to add a third-party security tool.”
— Hilton Sturisky, CIO at Crawford & Company

“Security was a top priority for us as a financial institution when it came time to execute our ‘Bank Branch of the Future’ project. We chose Fortinet’s SD-Branch solution because we were able to consolidate our branch services into the same platform that would be running our SD-WAN, giving us better visibility, control and security at our branch offices.”
— Luis Eduardo Dos Santos, Head of Network and Telecom, Banco Votorantim, Brazil

“Leveraging Fortinet’s SD-WAN solution, District School Board Niagara has been able to provide our staff and students with a stable, feature rich and secure network environment, including use of IoT devices in the classroom and schools. We’ve been able to deploy Fortinet’s premium technology while still lowering our broadband and fiber costs. The savings we’ve achieved as a result has allowed DSB Niagara to redirect funds toward educational priorities for all students in DSBN. This includes STEM programs, such as our iHub Academy and our IT4 Learning Team, elective programs for students focusing on artificial intelligence, machine learning, robotics, threat management, etc.” 
— Dino Miele, CIO, District School Board of Niagara

“We’ve been using a cloud-first approach for several years as part of our digital transformation journey. As part of our Ministry of Education Broadband Modernization Project, an initiative to transition all Ontario schools to SD-WAN, we’ve had to speed up this process while connecting each of our schools directly to the internet. After going through the vendor evaluation process, we selected FortiGate Secure SD-WAN because it provides best-of-breed SD-WAN and security features in one single offering. As a result, we’ve been able to reduce complexity at the school level and have single-pane-of-glass visibility across all our locations. We’ve seen a significant reduction in the total cost of ownership for our WAN.” 
— Chris Dale, Executive Manager of ICTS, London District Catholic School Board

Additional Resources

Gartner, Market Share: Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 2Q19, Joe Skorupa, Christian Canales, Nareesh Singh, 20 September 2019.

資料來源:

https://www.globenewswire.com/news-release/2019/10/01/1923391/0/en/Fortinet-Ranked-in-Top-Three-by-Gartner-for-SD-WAN-Equipment-Market-Share-by-Revenue.html

]]>
2019-12-25
<![CDATA[Reducing risk and complexity with Secure SD-WAN – Fortinet]]> http://www.phitech.com.tw/news/index.php?news_id=929 Article by Jon McGettigan, Senior Regional Director, Fortinet Australia and New Zealand

As the pace of digital innovation picks up, opportunities arise. But, concurrently, the attack surface expands.

The challenge for enterprises is to be able to take advantage of business opportunities whilst reducing risk and complexity.

Secure SD-WAN (software-defined wide area networking) is one trend that satisfies both imperatives: expanding the reach of the enterprise network and protecting those who use it.

SD-WAN

SD-WAN is primarily a networking solution without, by definition, embedded security.

SD-WAN simplifies the management and operation of a WAN by decoupling the networking hardware from its control mechanism.

This concept is similar to how software-defined networking uses virtualisation to improve data centre management and operations.

A key application of SD-WAN is to allow enterprises to build higher-performance WANs using lower-cost and commercially available internet access.

This enables them to partially or wholly replace legacy private WAN connection technologies such as MPLS (multi-protocol label switching).

Gartner predicts that by 2023 more than 90% of WAN edge infrastructure refresh initiatives will be based on either virtualised customer premises equipment (vCPE) platforms or SD-WAN software/appliances.

Secure SD-WAN

Secure SD-WAN takes the concept one step further by adding security into the solution.

Secure SD-WAN appliances incorporate all of the networking functionality inherent in SD-WAN and combines it with all of the security features of a next-generation firewall.

The key point here is tight integration between networking and security.

SD-WAN alone doesn’t address security. Security has to be added separately.

In order to establish and secure an SD-WAN branch office, IT managers have to install, configure and maintain both the SD-WAN appliance as well as a firewall.

Two vendors and two separate systems using different cost and licensing models add more complexity into the solution.  

Consistent policy

With a Secure SD-WAN appliance, your workload is cut in half.

And, if your Secure SD-WAN appliance is an integrated component of your overall security fabric, your workload is even further reduced as you’ll be able to extend your integrated security policy to the SD-WAN and branch office.

This further reduces complexity and total cost of ownership.

You’ll be able to manage your SOC (security operation centre) and NOC (network operation centre) management tasks from a single-pane-of-glass dashboard.

You will also be able to incorporate automation into the solution and implement zero-touch for branch offices.

Both reduce the need for skilled staff at remote locations.

Conclusion

Secure SD-WAN not only reduces complexity, but it also reduces risk by ensuring that your branch office is hardened against adversaries of all types.

It also supports a uniform security policy based on business requirements and ensures the desired outcome for the enterprise.

Fortinet’s Secure SD-WAN appliances, fully-integrated components of Fortinet’s market-leading Security Fabric, extend a consistent security policy into your branch offices whilst improving network functionality.

In addition, Secure SD-WAN, as part of the Security Fabric, ensures that no security gaps result due to connecting the branch office to the enterprise WAN.

If you have multiple components independently trying to defend your network, you’re only as strong as your weakest component.

But if they’re collaborating in defending your network, their sum is greater than the individual parts.

This is the true benefit of Secure SD-WAN and the Fortinet Security Fabric.

About the author

Jon McGettigan is Senior Regional Director, Fortinet ANZ. As such, he is responsible for driving Fortinet’s continued expansion in the Australasian region through building and maintaining relationships with enterprises, partners and staff. As a senior executive, he understands the risks, motivations and opportunities that face executives as they transform their networks into 21st-century revenue centres.

About Fortinet

Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organisations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 375,000 customers trust Fortinet to protect their businesses. Learn more at the Fortinet website, the Fortinet Blog, or FortiGuard Labs.


資料來源:
https://itbrief.co.nz/story/reducing-risk-and-complexity-with-secure-sd-wan-fortinet

]]>
2019-12-18
<![CDATA[Introducing FortiCWP for Comprehensive Cloud Workload Protection]]> http://www.phitech.com.tw/news/index.php?news_id=928 The lack of cohesion between different security deployments often results in a lack of centralized visibility into critical service configurations, activities, network traffic, security events, and data hygiene. This challenge is compounded further as their business extends its presence across multiple public cloud provider platforms.

To help organizations address this fundamental cloud security issue, Fortinet has just introduced FortiCWP  – a Cloud Workload Protection solution designed to help customers assure compliance and mitigate risks associated with IaaS-based applications. It enables organizations to regain visibility and control over their dynamic multi-cloud infrastructure by providing the industry’s most integrated and dynamic multi-cloud security posture management solution.

Cross-Solution Integration

FortiCWP has been deeply integrated into multiple public cloud infrastructures – including using cloud native APIs from AWS, Google Cloud Platform, and Microsoft Azure – to assess configurations, monitor activity in cloud accounts, analyze and scan data, monitor cloud network traffic, and provide comprehensive compliance reports. 

To ensure it is always running up-to-the-minute security insights, FortiCWP is also integrated with FortiGuard Labs to receive regular and timely threat intelligence updates. It is also integrated with FortiSandbox to analyze data stored in the cloud for malicious content. When combined, these FortiCWP services provide unprecedented visibility and control over the state of cloud security, even across multi-cloud infrastructures, enabling security teams to see and manage their cloud environments with confidence.

Addressing Critical Cloud Security Challenges

Specifically, FortiCWP addresses several of the most critical challenges facing organizations tasked with securing their cloud environments.

  • To address the lack of visibility into cloud configuration and account activities, FortiCWP leverages its tight integration with the leading public cloud providers – Amazon AWS, Microsoft Azure, and Google Cloud Platform to scan configurations and setting and to compare them with best practices, compliance regimes and corporate policy.
  • As the industry’s most integrated dynamic cloud security visibility solution due to its Fabric-based integration with a Fortinet’s Multi-Cloud Dashboard, it enables security teams to seamlessly manage security across multiple cloud platforms.
  • FortiCWP supports the “shared security model of any cloud deployment by looking at configuration settings of the cloud vendor as well as those of the organization.
  • FortiCWP addresses the challenge of ungoverned cloud data with high-capacity cloud-based DLP and malicious content inspection.
  • FortiCWP helps organizations assure they are compliant with industry specific security standards by comparing activity and configurations with policies require by standards including PCI, HIPPA, SOX, GDPR, ISO 27001, and NIST.

The First Fully Integrated Cloud Security Solution

When FortiCWP is combined with FortiGate VM for Ingress/egress cloud security and FortiWeb for Web Application and API Protection, they form the only integrated cloud security solution addressing network security, web application security, and cloud platform security in a comprehensive and tightly integrated solution. Its support for IaaS based applications also makes it the perfect complement to FortiCASB, which is designed to provide management, visibility, and control for SaaS-based applications.

By leveraging these integrated solutions, organizations can now extend the expertise of their security teams into the cloud, enabling them to effectively mitigate risk across their continuously evolving digital innovation landscape.

 

Learn more about how FortiCWP can address critical cloud security challenges.

Learn more about how Fortinet’s dynamic cloud security solutions provide the necessary visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.

Read these customer case studies to see how Cuebiq and Steelcase implement Fortinet’sdynamic cloud security solutions for secure connectivity and application security.


資料來源:

https://securityboulevard.com/2019/09/introducing-forticwp-for-comprehensive-cloud-workload-protection/

]]>
2019-12-11
<![CDATA[FortiGate Network Firewalls Give MSSPs Another Reason to Select Fortinet]]> http://www.phitech.com.tw/news/index.php?news_id=927 For MSSPs, regardless of their business model or specialty, service excellence is a key factor in determining their success in the marketplace. Whether you are a pure play MSSP, a managed service provider with a strong security business, or a cloud service provider that has seen the need to offer security as part of your IT service portfolio, your business can benefit from partnerships with Industry Leaders.

Fortinet has been recognized as one of the Leaders among the 18 vendors included in the Gartner Magic Quadrant for Network Firewalls report for 2019. Fortinet believes this acknowledgement showcases our clear understanding of market needs, both as an innovator and thought leader. It also highlights our ongoing commitment to providing the IT community, and our more than 415,000 customers around the world, with the best possible cybersecurity protection for today’s increasingly sophisticated and highly distributed networks.

As networks continue to undergo rapid and ongoing transformation, it is critical that the underlying security architecture is able to adapt and scale in a way that enables organizations to realize their business objectives. Fortinet’s clear vision of the needs of both today’s and tomorrow’s networks has enabled us to continually be at the forefront of delivering capabilities that align with the current and future needs of our partners and your end-users. Fortinet is the only security vendor delivering a broad portfolio covering Secure SD-WANCloud Security, Network security, Application security, Email security, and Secure access, all supported with a single pane of glass management across the entire attack surface. We are also the only vendor to actually weave all of these elements into a single, integrated Security Fabric.

As an MSSP, seeking out best-of-breed functionality to ensure that client data and applications are optimally protected is a critical decision.  Due to the prevalence of high-profile security breaches, business leaders are increasingly making network security a top priority. Yet, their CISOs have an inadequate supply of high-level security skills to deal with the threats. As a result, many organizations are looking to migrate some or all of the risk out of their IT departments to MSSP and MSP partners.

We believe Fortinet’s recognition as a Magic Quadrant Leader by Gartner can play a key role in this selection process, and MSSPs offering Fortinet-based security services can benefit by association.

Of course, recognition is about much more than industry acknowledgement, which is why we are also so proud of the fact that our solutions have been universally adopted by more than 415,000 organizations both large and small – including a majority of the Fortune 500 companies, who trust Fortinet to secure their most critical assets.

We also count the top global service providers and a very large ecosystem of Managed Service Providers as our valued partners, deploying and managing services based on Fortinet security for their customers. With our strong and ongoing commitment to MSSP Services, Fortinet provides a strong and high value add security capability for the MSSP market.


資料來源:
https://securityboulevard.com/2019/09/fortigate-network-firewalls-give-mssps-another-reason-to-select-fortinet/

]]>
2019-12-04
<![CDATA[IndiGo Airlines Relies on Fortinet's Secure SD-WAN Solution to Provide the Best User Experience for Business Critical Applications]]> http://www.phitech.com.tw/news/index.php?news_id=926 SUNNYVALE, Calif. - Sep 24, 2019 
 

John Maddison, EVP of products and CMO at Fortinet

"Many customers are currently forced to use multiple point products and management consoles to achieve a secure SD-WAN connection. This separation of network and security operations is not only labor-intensive, but also makes performance and security a bottleneck to move toward direct internet access. Fortinet's unique combination of next-generation firewall and SD-WAN in the same offering, managed through a single centralized controller has seen tremendous momentum in customer adoption and received two consecutive SD-WAN "Recommended" ratings from NSS Labs."

Fortinet®  (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced that IndiGo, India's largest airline, has deployed Fortinet Secure SD-WAN solution across its branch offices to secure its WAN edge.

IndiGo is the largest passenger airline in India with a market share of 46.9 percent as of March, 2019. The airline connects to 58 domestic and 19 international destinations and operates more than 1300 flights every day. It is also the largest individual Asian low-cost carrier in terms of jet fleet size and passengers carried, and the seventh largest carrier in Asia. With a fleet size of 222 aircrafts, IndiGo has served over 300 million customers globally.

IndiGo's growing passenger traffic combined with poor MPLS network and Internet quality had resulted in delays for customers accessing their applications for flight booking, call centers, airport counters and flight status checking, adversely affecting their business. To avoid delays  and provide the best possible user experience for business-critical applications, the airline decided to adopt a hybrid WAN model, supporting its 54 airport counters, that would be able to distribute traffic over a variety of links, including MPLS, Broadband and Internet Leased Line. IndiGo selected Fortinet Secure SD-WAN solution to provide best of breed SD-WAN integrated with security capabilities with one single offering. As part of the Fortinet Security Fabric, Fortinet's Secure SD-WAN solution combines networking and security features, such as routing, WAN optimization, application control and next-generation firewall, enabling IndiGo to manage and configure its WAN and security system from a single-pane-of-glass view.

IndiGo has also deployed multiple FortiGate Next-Generation Firewalls at 54 airport counters and in their data centers, along with FortiManager and FortiAnalyzer for management and analytics. As a result, IndiGo can now map WAN resources directly making the network more efficient and responsive by combining scalability, flexibility, simplicity and cost savings with industry-leading security protection through Fortinet's Secure SD-WAN solution.

After the SD-WAN deployment IndiGo has benefited from:

  • High Application Performance: Automated intelligence, a key feature of FortiOS for SD-WAN, significantly reduces latency by selecting the most efficient route for business-critical traffic through the tracking of granular WAN path information. This helps IndiGo monitor link quality connecting 2000 users in 54 branches with the lowest latency, supporting comprehensive routing with dynamic failover that ensures high-application availability.  
  • Best-of-Breed SD-WAN and Security Capabilities in One Console: With an integrated solution, IndiGo manages both SD-WAN optimization and security capabilities using a single interface. This integration of network and security operations makes it easy to tie traditionally network-centric issues such as performance and functionality to critical NGFW capabilites and SSL data inspection. The single console management helps IndiGo better allocate its IT resources to increase productivity and reduce business costs.
  • Reduced WAN Opex: IndiGo is able to achieve higher bandwith with lower WAN cost by transitioning from MPLS to a hybrid WAN using Fortinet's Secure SD-WAN. Fortinet's Secure SD-WAN capabilities allows IndiGo to leverage WAN link remediation to handle even the most volatile WAN connections and deliver superior application performance for unified communication.  
  • Simplified WAN Edge Management: FortiManager and FortiAnalyzer helps IndiGo with SD-WAN management and orchestration with a single pane for centralized management with reporting and analytics across the SD-WAN environment. 
  • Potential to Scale: With Fortinet's Secure SD-WAN solution, IndiGo can continue to grow its business and expand operations by easily and securely adding new SD-WAN branches to its expanding network.

資料來源:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2019/indigo-airlines-relies-on-fortinet-s-secure-sd-wan-solution.html
]]>
2019-11-27
<![CDATA[AudioCodes Introduces Meeting Insights™]]> http://www.phitech.com.tw/news/index.php?news_id=925

Meeting Insights is an enterprise solution that turns meetings into continuous productivity, by capturing and sharing every idea, action and opinion from any meeting through AudioCodes Voice.AI technology


NEWS PROVIDED BY

AudioCodes 

23 Sep, 2019, 16:24 IDT


LOD, Israel, Sept. 23, 2019 /PRNewswire/ --

Highlights

  • Enterprise corporate meetings are strategically important, bringing together key team members driving decisions, execution and planning
  • Meetings generate an untapped body of business intelligence data, expert opinions, and actionable insights – most of which are typically lost as soon as the meeting ends
  • AudioCodes Meeting Insights solution is an enterprise solution enabling enterprises to capture, organize, and share meeting content
  • Meeting Insights seamlessly delivers multi-modal and real-time access to key meeting moments, decisions taken and resulting action items
  • Meeting Insights ensures that anyone in an organization, whether they attended a meeting or not, can simply and efficiently analyze and act upon its content

Details

AudioCodes (NASDAQ: AUDC), a leading vendor of advanced voice networking and media processing solutions for the digital workforce, today announced Meeting Insights, an enterprise solution that is designed to easily capture, organize and share corporate meeting content assets using AudioCodes state-of-the-art Voice.AI technology.

Meeting Insights leverages years of VoIP leadership and enterprise market presence to power a new age of advanced voice analytics and meeting-generated insights. Capturing information from multiple sources spanning both in-room and remote participants connected from multiple locations, Meeting Insights seamlessly delivers multi-modal and real-time access to key meeting moments, decisions taken and resulting action items. The result is a robust solution that holds crucial information that would otherwise be lost.

"Business meetings are an essential part of business life, but even after the most strategic sessions, important information and key decisions can be lost or forgotten," commented Shabtai Adlersberg, AudioCodes President & CEO. "Relying on AudioCodes vast experience and know-how in voice and AI technology, Meeting Insights ensures that anyone in an organization, whether they attended a meeting or not, can simply and efficiently analyze and act upon its content, significantly improving organizations' ability to retain and share critical business data".

Common organizational use-cases of Meeting Insights include team collaboration sessions, training classes, recruitment interviews and sales reviews. With the solution currently in beta stage, these use-cases together with user feedback will serve as a basis for the general availability of Meeting Insights as a Software-as-a-Service (SaaS) offering.

Follow AudioCodes' social media channels:

AudioCodes invites you to join our online community and follow us on: AudioCodes Voice BlogLinkedInTwitterFacebook, and YouTube.

About AudioCodes

AudioCodes Ltd. (NASDAQ, TASE: AUDC) is a leading vendor of advanced voice networking and media processing solutions for the digital workplace. AudioCodes enables enterprises and service providers to build and operate all-IP voice networks for unified communications, contact centers, and hosted business services. AudioCodes offers a broad range of innovative products, solutions and services that are used by large multi-national enterprises and leading tier-1 operators around the world.

For more information on AudioCodes, visit http://www.audiocodes.com.

Statements concerning AudioCodes' business outlook or future economic performance; product introductions and plans and objectives related thereto; and statements concerning assumptions made or expectations as to any future events, conditions, performance or other matters, are "forward-looking statements'' as that term is defined under U.S. Federal securities laws. Forward-looking statements are subject to various risks, uncertainties and other factors that could cause actual results to differ materially from those stated in such statements. These risks, uncertainties and factors include, but are not limited to: the effect of global economic conditions in general and conditions in AudioCodes' industry and target markets in particular; shifts in supply and demand; market acceptance of new products and the demand for existing products; the impact of competitive products and pricing on AudioCodes' and its customers' products and markets; timely product and technology development, upgrades and the ability to manage changes in market conditions as needed; possible need for additional financing; the ability to satisfy covenants in the Company's loan agreements; possible disruptions from acquisitions; the ability of AudioCodes to successfully integrate the products and operations of acquired companies into AudioCodes' business; and other factors detailed in AudioCodes' filings with the U.S. Securities and Exchange Commission. AudioCodes assumes no obligation to update the information in this release.

©2019 AudioCodes Ltd. All rights reserved. AudioCodes, AC, HD VoIP, HD VoIP Sounds Better, IPmedia, Mediant, MediaPack, What's Inside Matters, OSN, SmartTAP, User Management Pack, VMAS, VoIPerfect, VoIPerfectHD, Your Gateway To VoIP, 3GX, VocaNom, AudioCodes One Voice, AudioCodes Meetings Insights and CloudBond are trademarks or registered trademarks of AudioCodes Limited. All other products or trademarks are property of their respective owners. Product specifications are subject to change without notice.

Company Contact

IR Agency Contact

Shirley Nakar - Orgad
Director, Investor Relations
AudioCodes
Tel: +972-3-976-4000
shirley@audiocodes.com

Brett Maas
Managing Partner
Hayden IR 
Tel: +1-646-536-7331
Brett@haydenir.com

SOURCE AudioCodes

]]>
2019-11-20
<![CDATA[Fortinet leading the fight against cybercriminals]]> http://www.phitech.com.tw/news/index.php?news_id=924 As cybercriminal methods become ever more smart and sophisticated, protecting financial services and other organisations is a major undertaking, writes Paul Anderson.

Due to the sensitive nature of the data they store, and the monetary motivations of cybercriminals, organisations within the financial services (FS) sector are a high-value target and are at high risk of cyber attacks.

This growing risk comes at a time when FS firms are turning their focus to innovating new technologies and features to meet evolving consumer demands. Providing regular updates and new online products is a necessary key differentiator in the competitive financial market. However, rolling out new features at such a fast pace also increases the attack surface and potential vulnerabilities.

The risk of going mobile

With the rise in mobile usage, financial firms are focusing on developing digital wallets and innovative peer-to-peer (P2P) solutions. As mobile payments grow in popularity, FS and fintech firms have to be increasingly wary of related cyber risks. Vulnerabilities lurking in payment applications, mobile phones and point of sale (POS) systems can become entry-ways into customer accounts and even broader financial networks. In fact, according to Fortinet’s Threat Landscape Report, more than a quarter of organisations have experienced a mobile malware attack, with the vast majority of those threats targeting or originating from devices running the Android operating system.

Compromising mobile devices not only allows attackers to steal data stored on that device, it can also be used to collect personal banking information using phishing apps, intercept data moving between a user and their online bank, and monitor financial transactions when purchasing goods or services online. The ‘Android.banker.A2f8a’ malware, for example, targeted more than 200 different banking apps to steal login credentials, hijack short message services, and upload contact lists and other data onto a malicious server.

Worryingly, these apps aren’t just being downloaded from risky sites. Between August and October of 2018, 29 banking Trojans masquerading as legitimate apps were removed from the Google Play store, but only after they had been installed by over 30,000 users. Yet even this is only part of the exposure. Compromised devices are also becoming a gateway through which the larger financial services network can be exploited.

New threats challenging FS

In addition to mobile threats, Fortinet has documented four additional attack strategies that financial security teams need to pay special attention to.

The first is cryptojacking which, in many industries including FS, has jumped ahead of ransomware as the malware of choice. While ransomware continues to be a serious concern for financial networks, the number of unique cryptojacking signatures nearly doubled in 2018. The number of platforms compromised by cryptojacking jumped 38 per cent. Perpetrators included advanced attackers using customised malware, as well as ‘as-a-service’ options available on the dark web for novice criminals.

Although cryptojacking is often considered to be a nuisance threat that only hijacks unused central processing unit cycles, a growing number of new attack techniques include disabling essential security functions on devices, thereby enabling cryptojacking to become a gateway for additional attacks.

Encrypted traffic is a second area of concern. This staple of financial organisations now represents an unprecedented 72 per cent of all network traffic, up from 55 per cent in 2017. While encryption can certainly help protect data and transactions, it also represents a challenge for traditional security solutions. The critical firewall and intrusion prevention system performance limitations of most legacy security technologies continue to hinder organisations’ ability to inspect encrypted data at network speeds. Rather than attempting to slow down time-sensitive financial transactions, a growing percentage of this traffic is simply not being adequately analysed for malicious activity, making it an ideal mechanism for criminals to spread malware or exfiltrate data.

Additionally, botnets are getting smarter. The number of days that a botnet infection was able to persist inside an organisation has increased from 7.6 to 10.2 days, indicating that botnets are becoming harder to detect and remove. This is also the result of many organisations still failing to practice good cyber hygiene, including patching and updating vulnerable devices, protecting the Internet of Things (IoT), and thoroughly scrubbing a network after an attack has been detected.

Last but not least, a new form of spear phishing is enabling threat actors like Silence Group to compromise banks via email in order to gather financial data and remotely withdraw money from ATMs, also known as “jackpotting”. By leveraging pre-installed and publicly available tools, such as PowerShell – an automation engine and scripting language designed to help information technology professionals configure systems and automate administrative tasks – they can accelerate lateral movement across a network while enhancing evasiveness by leveraging processes already identified as legitimate.

Implementing cohesive security

To successfully address today’s challenges, FS organisations need to rethink their strategy, from automating their security hygiene measures to replacing isolated security devices with an integrated security fabric architecture that can seamlessly span the growing attack surface.

In order to address the latest attack vectors, organisations need to achieve greater control over their network, thereby limiting exposure if there is a breach.

This entails:

To protect these customers, organisations should start by educating them about using legitimate banking applications. This includes constantly reminding them of what sorts of information they will – and won’t – be asked for, such as online “password validation” or “account validation” techniques used by phishers and scammers. Organisations should also regularly scan the internet for fraudulent applications, warn consumers when they are found, and apply pressure on application stores to remove them from their inventories.

Commercial banks, credit unions, stock brokerage firms, asset management firms, and insurance companies that support digital transactions through mobile apps are increasingly being targeted and exploited by malicious criminals.

At the same time, they suffer the same challenges as organisations in other sectors, including figuring out how to inspect and secure the growing volume of encrypted traffic, battling the persistence of botnets, and addressing new malware trends.

The use of automation and high-performance security resources will enable financial organisations to protect their distributed environments and keep pace with modern forms of cyberattacks.


資料來源:
https://www.scotsman.com/business/fortinet-leading-the-fight-against-cybercriminals-1-5007569

]]>
2019-11-13
<![CDATA[Fortinet shares security-driven network strategies at cybersecurity conference]]> http://www.phitech.com.tw/news/index.php?news_id=923 BY  ON SEPTEMBER 20, 2019 • LEAVE A COMMENT )

Cybersecurity solutions firm Fortinet holds anew its annual Fortinet 361° Security conference this year across multiple cities in Southeast Asia and Hong Kong. The 2019 iteration explores innovative ways to protect business networks in the hyper-connected world of today.

The regional Fortinet 361° Security 2019 cybersecurity conference will gather Fortinet executives, industry experts, and customers who will share their insights on how to securely unlock the potential of the digital economy, enabling organizations to confidently focus on the business, technology, and infrastructure drivers shaping their future.

Keynote and panel discussions will cover a range of topics, including today’s changing threat landscape, the growing challenge of interconnected devices, the widening distributed network, and how security strategies need to adapt to meet the new demands of today and tomorrow.

“In today’s hyper-connected world, data moves between various environments such as multi-cloud, IoT, and mobile devices. It is important for modern networks to enforce consistent security, yet preserve functionality in the network, so that essential workflows are protected along their entire data path as data travels through multiple environments. That is why this year’s regional 361° Security conference focuses on Security-Driven Networking, where networking and security are integrated and combined. This concept of building a network around security as a foundation, allows enterprises to architect and deploy business critical applications and services faster than ever before without compromising security throughout the network,” said Peerapong Jongvibool, VP for Southeast Asia and Hong Kong at Fortinet.

“The pace of digital transformation in the Philippines is accelerating. Since the entry of this mindset into the mainstream consciousness roughly three years ago, we have seen local businesses start undertaking their transformation journey. The country has also started fulfilling its mission to establish one digitized government as the Department of Information and Communications Technology recently launched the E-Government Masterplan (EGMP) 2022—this makes this year’s regional 361° Security conference more relevant to local organizations,” said Louie Castañeda, country manager, Fortinet Philippines.

“The demands of digital transformation are forcing organizations of all sizes and industries to reassess the effectiveness and scalability of existing legacy security infrastructure. Networks in sensitive sectors such as government, financial services, and healthcare, often hold highly-valuable data on individuals, financial transactions, and critical infrastructure. This data-rich environment makes them the target of a variety of threats like ransomware, phishing, and DDoS, which aim to halt, extort, or disrupt networks. Business leaders and IT professionals must equip themselves with forward-looking strategies to cope with increasingly complicated network environments. As organizations develop a meshed and hyper-connected networking infrastructure that spans ecosystems, businesses, societies, and personal lives, security needs to do the same,” said Anthony Lim, Principal Consultant for South East Asia and Hong Kong at Fortinet.

Fortinet 361° Security 2019 conference goes to Ho Chi Minh (Oct 22), Hanoi (Oct 24), Hong Kong (Oct 31) and Singapore (Nov 6).


資料來源:
https://backendnews.net/2019/09/20/fortinet-shares-security-driven-network-strategies-at-cybersecurity-conference/
 

]]>
2019-11-06
<![CDATA[Fortinet Recognized as a Leader in the Gartner Magic Quadrant for Network Firewalls]]> http://www.phitech.com.tw/news/index.php?news_id=922 Marks 10th time in a row that Fortinet is in the Magic Quadrant for Network Firewalls
September 19, 2019 11:15 ET Source: Fortinet, Inc.
 
 

SUNNYVALE, Calif., Sept. 19, 2019 (GLOBE NEWSWIRE) -- 

John Maddison, EVP of products and CMO at Fortinet 
“Fortinet continues to be a clear leader in the network firewall market. The Fortinet Security Fabric platform removes complexity and provides automated and broad protection across the entire digital attack surface. FortiGate Network Firewalls were among the first to deliver integrated SD-WAN, provide broad support for multi-cloud environments and accelerate the cloud on-ramp for better user experience. We believe this recognition from Gartner validates our work toward enabling enterprise customers to architect a security-driven network that delivers consistent security to all network edges.”

News Summary 
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity solutions, today announced it has been named a Leader among 18 vendors in the 2019 Gartner Magic Quadrant for Network Firewalls. This marks the tenth time Fortinet has been recognized as a Leader for completeness of vision and ability to execute. Fortinet believes its placement in the Leaders quadrant is largely due to its commitment to enabling a security-driven networking approach, which integrates security into every element of the network, to help its more than 415,000 global customers increase efficiencies across their infrastructure.

FortiGate Network Firewalls ensure consistent, end-to-end protection across crucial network edges—from branches, to campuses, to hybrid data centers, and to multiple clouds—and allows customers to architect a security-driven network to gain a number of benefits, including:

  • Secure SD-WAN: Fortinet is one of the first vendors to deliver integrated SD-WAN with advanced security for distributed enterprise locations to improve user experience and lower WAN cost without compromising on an organization’s security posture. 
  • Cloud Security: FortiGate Network Firewalls secure multi-cloud environments with broad support for the top six IaaS providers. This allows customers to leverage consistent multi-layer security protection, automation, and deep integrations no matter how many clouds they adopt.
  • Accelerate the Cloud On-Ramp: Fortinet’s high-performance hybrid data center and SD-WAN solutions accelerate the cloud on-ramp by providing secure high-speed connectivity and deep SSL inspection to multi-cloud environments. Fortinet is also the only vendor that delivers inspection on encrypted flows that leverage newly introduced TLS 1.3 encryption standards. With FortiGate Network Firewalls, organizations are able to deliver excellent user experience while achieving full visibility with the inspection of all HTTPS traffic.
  • Single-pane-of-glass management: Single-pane-of-glass management enabled by FortiManager provides a complete and consolidated view across a variety of network edges, simplifies operations and provides network-wide security, visibility and analytics

Together, these capabilities deliver unparalleled protection and performance to Fortinet’s more than 415,000 customers worldwide. Fortinet’s FortiGate Network Firewalls have received the Feb. 2018 Gartner Peer Insights Customers’ Choicerecognition and Fortinet has the most reviews of all vendors in the Gartner Peer Insights Network Firewalls market as of September 18, 2019 based on 1,448 reviews. Fortinet has also received the most reviews of all vendors in the Gartner Peer Insights WAN Edge Infrastructure market as of September 18, 2019 based on 162 total reviews for Fortinet’s Secure SD-WAN solution, an integral part of FortiGate Network Firewalls. Fortinet believes that this additional customer validation further highlights Fortinet’s leadership in the network firewalls market.

Additional Resources

Gartner, Magic Quadrant for Network Firewalls, Rajpreet Kaur, Adam Hils, Jeremy D'Hoinne, John Watts, 17 September 2019. This report was previously titled Magic Quadrant for Enterprise Network Firewalls.

Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences, and do not represent the views of Gartner or its affiliates.

Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 415,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.    

FTNT-O

Copyright © 2019 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiCare, FortiManager, FortiAnalyzer, FortiOS, FortiADC, FortiAP, FortiAppMonitor, FortiASIC, FortiAuthenticator, FortiBridge, FortiCache, FortiCamera, FortiCASB, FortiClient, FortiCloud, FortiConnect, FortiController, FortiConverter, FortiDB, FortiDDoS, FortiExplorer, FortiExtender, FortiFone, FortiCarrier, FortiHypervisor, FortiInsight, FortiIsolator, FortiMail, FortiMonitor, FortiNAC, FortiPlanner, FortiPortal, FortiPresence , FortiProxy, FortiRecorder, FortiSandbox, FortiSIEM, FortiSwitch, FortiTester, FortiToken, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLCOS and FortiWLM.

Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments. This news release may contain forward-looking statements that involve uncertainties and assumptions, such as statements regarding technology releases among others. Changes of circumstances, product release delays, or other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this press release. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and expressly disclaims any obligation to update these forward-looking statements.

Media Contact Investor Contact Analyst Contact
Michelle Zimmermann Peter Salkowski Ron Davis
Fortinet, Inc. Fortinet, Inc. Fortinet, Inc.
408-235-7700 408-331-4595 415-806-9892
pr@fortinet.com

 
psalkowski@fortinet.com rdavis@fortinet.com

 

資料來源:
https://www.globenewswire.com/news-release/2019/09/19/1918135/0/en/Fortinet-Recognized-as-a-Leader-in-the-Gartner-Magic-Quadrant-for-Network-Firewalls.html ]]>
2019-10-30
<![CDATA[Dialogic Announces Successful Interoperability Testing Between the Dialogic BorderNet SBC and the OrecX Oreka Audio Capture Platform]]> http://www.phitech.com.tw/news/index.php?news_id=921

Dialogic, a cloud-optimized applications and infrastructure solutions provider for service providers, enterprises, and developers, announced today that interoperability testing has been completed between the Dialogic® BorderNet™ SBC and the Oreka Audio Capture platform from OrecX, a world-leading open source call recording solution provider.

The BorderNet SBC, a software-only, cloud-native SBC, secures connectivity to OrecX deployments, while simultaneously enabling high-quality call delivery and real-time call recording. The BorderNet SBC and OrecX solutions can be deployed both on-premises and in the cloud, including private, public, and hybrid cloud environments, without compromising performance, availability, and scalability.

“OrecX's interoperability with the Dialogic BorderNet SBC enables our enterprise customers, platform partners, and AI-fueled ecosystem to securely scale the Oreka audio capture platform and leverage it to meet their evolving real-time and post-call digital transformation initiatives,” said Steve Kaiser, OrecX CEO.

“OrecX customers using the BorderNet SBC are leveraging its flexible licensing and deployment options to help them achieve their unique business objectives,” added Bill Crank, President and CEO of Dialogic. “This successful interoperability testing gives OrecX platform users confidence when choosing the BorderNet SBC for their security and session control needs.”

About Dialogic

Dialogic (dialogic.com) is a leading cloud-optimized solutions provider for real-time communications media, applications, and infrastructure to service providers, enterprises, and developers around the globe. Based in Parsippany, NJ with offices worldwide, Dialogic works with 48 of the world’s top 50 mobile operators, and nearly 1,000 application developers build and deploy on agile networks.

Dialogic and BorderNet are either registered trademarks or trademarks of Dialogic Corporation or a subsidiary thereof (“Dialogic”). Other trademarks mentioned and/or marked herein belong to their respective owners.

About OrecX

OrecX’s modern, open, and modular call recording platform meets the diverse requirements of call centers, communication platforms, platforms as a service, large enterprises, and small business at a fraction of the cost and complexity of proprietary closed-end solutions. The quality, access, and control of OrecX’s open design enables a broad ecosystem of third-party speech analytics, voice biometrics and workforce optimization solutions to extend the value of their software for their partners and clients. OrecX (orecx.com) is the primary developer and sponsor of the Oreka GPL, an open source call recording project hosted on GitHub, with more than 200,000 unique downloads and tens of millions of users in over 200 countries.

    Your Banner Ad Here instead - Showing along with ALL Articles covering IT Security / Anti-Spam Announcements

 

Replace these Affiliate Programs at ANYTIME! Your banner here within the next hour. Learn How!

 

 

Written by / Agency / Source: Dialogic Corporation

   

Availability: All Regions (Including Int'l)

]]>
2019-10-23
<![CDATA[Fortinet Discovers WordPress (Core) Cross-Site Scripting Vulnerability]]> http://www.phitech.com.tw/news/index.php?news_id=920

Summary

Fortinet's FortiGuard Labs has discovered a Cross-Site Scripting (XSS) vulnerability in WordPress CMS.

 

WordPress is one of the world's most popular content management system (CMS). WordPress is by far the most popular CMS with 60.4% of the market share. This means WordPress is used by 33.5% of all the websites online.

 

An XSS vulnerability has been discovered in WordPress 5.2.2 and earlier versions. The vulnerability is caused by inadequate input filtering of HTML encoded characters which can lead to XSS attacks in the Shortcode function.

Solutions

FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:

WordPress.Shortcode.Preview.XSS
Released Dec 24, 2018 

Users should apply the solution provided by WordPress.

Timeline

Fortinet reported the vulnerability to WordPress on December 11, 2018.

WordPress confirmed the vulnerability on December 24, 2018.

WordPress patched the vulnerability on September 5, 2019.

Acknowledgement

This vulnerability was discovered by Zhouyuan Yang of Fortinet's FortiGuard Labs.

IPS Subscription

Fortinet customers who subscribe to Fortinet's intrusion prevention (IPS) service should be protected against this vulnerability with the appropriate configuration parameters in place. Fortinet's IPS service is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and antispam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate, FortiMail and FortiClient products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat's lifecycle.
]]>
2019-10-16
<![CDATA[Stop Using CVSS to Score Risk]]> http://www.phitech.com.tw/news/index.php?news_id=919 Stop Using CVSS to Score Risk

The mechanics of prioritizing one vulnerability’s business risk over another has always been fraught with concern. What began as securing business applications and infrastructure from full-disclosure bugs a couple of decades ago, has grown to encompass vaguely referenced flaws in insulin-pumps and fly-by-wire aircraft with lives potentially hanging in the balance.

The security industry has always struggled to “score” the significance of the threat posed by a newly discovered vulnerability and recent industry practices have increased pressure on how this should be done.

With the growth of bug bounty programs and vertical industry specialization at boutique security consultancies, vulnerability discoveries with higher severity often translate directly into greater financial reward for the discoverers. As such, there is immense pressure to increase both the significance and perceived threat posed by the vulnerability. In a growing number of cases, marketing teams will conduct world-wide campaigns to alert, scare, and drive business to the company.

It’s been close to 25 years since the first commercial vulnerability scanners started labeling findings in terms of high, medium, and low severity. Even back then, security professionals stumbled by confusing severity with “risk.”

At the turn of the last century as companies battled millennium bugs, the first generation of professional penetration testing consultancies started to include factors such as “exploitability,” “likelihood of exploitation,” and “impact of exploitation” in to their daily reports and end-of-engagement reports as way of differentiating between vulnerabilities with identical severity levels. Customers loved the additional detail, yet the system of scoring was highly dependent on the skills and experience of the consultant tabulating and reporting the results. While the penetration testing practices of 20 years ago have been rebranded Red Teaming and increasingly taken in-house, risk scoring vulnerabilities remains valuable – but continues to be more art than science.

Perhaps the most useful innovation in terms of qualifying the significance of a new vulnerability (or threat) has been the Common Vulnerability Scoring System (CVSS). It’s something I feel lucky to have contributed to and helped drive across products when I led X-Force at Internet Security Systems (acquired by IBM in 2006). As the (then) premier automated scanner and managed vulnerability scanning vendor, the development and inclusion of CVSS v1 scoring back in 2005 changed the industry – and opened up new contentions in the quantitative weighting of vulnerability features that are still wrestled with today in CVSS version 3.1.

CVSS is intended to summarize the severity of vulnerabilities in the context of the software or device – not the systems that are dependent upon the software or device. As a result, it worries me deeply when I hear that CVSS scores are wrongly being used to score the risk a vulnerability poses to an organization, device manufacturer, or end user.

That misconception was captured recently in an article arguing that vulnerability scoring flaws put patients’ lives at risk. On one hand, the researchers point out that though the CVSS score for their newly disclosed vulnerability was only middling (5.8 out of 10), successful exploitation could enable an attacker to adjust medicine dosage levels and potentially kill a patient. And, on the other hand, medical device manufacturers argue that because the score was relatively low, the vulnerability may not require an expedited fix and subsequent regulatory alerting.

As far as CVSS in concerned, both the researchers and medical device vendor were wrong. CVSS isn’t, and should never be used as, a risk score.

Many bright minds over two decades have refined CVSS scoring elements to make it more accurate and useful as a severity indicator, but have stalled in searching for ways to stretch environmental factors and the knock-on impacts of a vulnerability into quantifiable elements for determining “risk.” Today, CVSS doesn’t natively translate to a risk score – and it may never because every industry assesses risk differently and each business has its own risk factor qualifications that an external party won’t know.

I would caution any bug hunter, security analyst, software vendor, or device manufacturer to not rely on CVSS as the pointy end of the stick for prioritizing remediation. It is an important variable in the risk calculation – but it is not an adequate risk qualifier by itself.

Related: Risk-Based Vulnerability Management is a Must for Security & Compliance

Related: The Top Vulnerabilities Exploited by Cybercriminals

Related: Tenable Adds 'Predictive Prioritization' to Vulnerability Management Offering

Related: Many ICS Vulnerability Advisories Contain Errors

]]>
2019-10-09
<![CDATA[阿里巴巴宣佈進一步整合 Fortinet 保安纖維 保護雲端遷移]]> http://www.phitech.com.tw/news/index.php?news_id=918 雲端平台全時間與網絡互動,對於網絡保安的要求亦相當高。為了進一步提升客戶從數據中心遷移至雲端平台過程間的安全,阿里雲最近與 Fortinet 加強合作,進一步整合其保安纖維。

Fortinet 產品及解決方案高級副總裁 John Maddison 表示:「透過與阿里雲的緊密合作及整合,以及其他雲端防護的應用,Fortinet 致力為客戶在雲端過程上提供更全面周全的保護。為進一步支援一些資源有限的客戶,我們今天正式宣佈為雙方客戶提供更自動化的安全流程,並更加無縫地將安全防護整合至其應用程序的生命週期。」

在新的功能整合下,客戶可以在其混合基礎架構中實施一致的安全策略,為機構從數據中心至雲端的過程中提升保安的可視性及可控性。其中包括有 API 方面的原生整合,Fortinet 亦會提供一系列的保安產品組合供阿里雲客戶選擇,而管理和自動化方面,客戶也可以透過雲端和內部部署的 Fortinet 安全管理工具管理阿里雲的安全功能。

資料來源:
https://unwire.pro/2019/08/02/alicloud-fortinet-fabric/cloud/
 

]]>
2019-10-02
<![CDATA[Dialogic Receives “Best Unified Communications Online Provider of the Year” at the Carrier Community Global 2019 Awards ]]> http://www.phitech.com.tw/news/index.php?news_id=917   

Parsippany, NJ (May 28, 2019) - Dialogic, a cloud-optimized applications and infrastructure solutions provider for service providers, enterprises, and developers, announced today that the Dialogic BUZZ™ UC platform was the recipient of the “Best Unified Communications Online Provider of the Year” award at the CC Global 2019 Awards event in Berlin on May 14, 2019 and hosted by the Carrier Community.

Dialogic BUZZ combines Dialogic’s real-time communications leadership, application development know-how, and AI/IoT proficiency into a single platform. This cloud-scale, carrier-class business communications solution offers an Instant Message (IM)-centric platform that addresses requirements for audio, video calling, and conferencing in a collaborative environment while supporting full mobility via smartphone, desktop, and web clients. In addition, Dialogic BUZZ supports traditional PBX functionality and advanced telephony features that enterprises call for. Its unique architecture supports an additional tenancy layer that allows wholesale voice providers to bundle Dialogic BUZZ with their offerings to service providers.

“We are thrilled that the Carrier Community has acknowledged the uniqueness of our Dialogic BUZZ UC platform,” said Bill Crank, President & CEO of Dialogic. “Dialogic BUZZ reflects Dialogic’s expertise in media processing, applications, and network infrastructure, enhanced by our experience with AI and IoT technologies. This powerful combination has allowed Dialogic to create a paradigm shift in Unified Communications.”

“Support for on-premises, cloud deployment, and UCaaS models, in addition to an extra tenancy layer, give Dialogic BUZZ the flexibility needed to address the needs of both service providers and channel partners,” added Miguel Lopes, Vice President PLM Applications Products at Dialogic. “The ability to easily customize the platform to meet multiple market segment needs gives Dialogic BUZZ – and our customers – an advantage over the competition.”

For more information on Dialogic BUZZ, visit the Dialogic website at www.dialogic.com/buzz.

About Dialogic

Dialogic is a leading cloud-optimized solutions provider for real-time communications media, applications, and infrastructure to service providers and developers around the globe. Based in Parsippany, NJ with offices worldwide, Dialogic helps 48 of the world’s top 50 mobile operators, and nearly 1,000 application developers build and deploy on agile networks. Learn more about how Dialogic is enabling agility by following us on Twitter @Dialogic, and visiting www.dialogic.com and the Dialogic Blog for the latest industry news, trends and advice.

Dialogic and Dialogic BUZZ are either registered trademarks or trademarks of Dialogic Corporation or a subsidiary thereof (“Dialogic”). Other trademarks mentioned and/or marked herein belong to their respective owners.

資料來源:
https://www.dialogic.com/2019-05-28-best-unified-communications-online-provider-carrier-community-global-2019-awards?utm_source=hs_email&utm_medium=email&utm_content=74473573&_hsenc=p2ANqtz-_MuKRSgTBXOLMWj_1dB1bJNNzCp3wRb6NMgwkGgBsqcPNYBaCLX3XoTwqmvTmChzoAiBCwMwtce8--Frwq5ys0d4wpoav__OYhtDrHi-ZaKeFuN_8&_hsmi=74474141
 

]]>
2019-09-25
<![CDATA[Alibaba Cloud Extends Integration with the Fortinet Security Fabric to Secure Cloud Migration]]> http://www.phitech.com.tw/news/index.php?news_id=916 John Maddison, EVP of Products and Solutions at Fortinet
“Fortinet is committed to helping customers make their journey to the cloud even more secure by integrating more tightly with Alibaba Cloud and supporting additional cloud security use cases. To further support resource-constrained teams, today’s announcement is helping our joint customers automate additional security processes and more seamlessly integrate into their application life cycle.”

News Summary 
Alibaba Cloud, the data intelligence backbone of Alibaba Group, and Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced the expansion of the Fortinet Security Fabric offerings and new automation capabilities for Alibaba Cloud to provide streamlined and consistent security for organizations with hybrid cloud infrastructures. The combination of Alibaba Cloud and the Fortinet Security Fabric provide organizations with the ability to extend security visibility and control from the data center to the cloud and the ability to ensure that organizations employ consistent security policies no matter where their applications are deployed.

By implementing the Fortinet Security Fabric on Alibaba Cloud, customers can apply consistent security policies throughout their hybrid infrastructures and can realize multi-layer security protection and operational benefits for running applications on Alibaba Cloud. Sodexo and Fung Group are among the global customers leveraging Fortinet’s cloud native integration with Alibaba Cloud to secure its hybrid cloud environment. Sodexo is using Fortinet’s FortiGate-VM to deploy secure VPC on Alibaba Cloud, effectively aggregating and securing its globally distributed infrastructure. Fung Group is also taking advantage of the integration with the deployment of the FortiGate-VM on Alibaba Cloud, which enables consistent visibility and security management across its cloud environments.

As organizations move workloads and applications to the cloud, the digital attack surface is expanding and making it harder to ensure robust, consistent security across clouds and data centers. Organizations are looking to take advantage of the agility and scalability that cloud environments offer without compromising security. Alibaba Cloud’s extended collaboration with Fortinet addresses this concern as it leverages Fortinet’s breadth of cloud security offerings that are part of the Fortinet Security Fabric. Additional benefits of this expanded partnership include:

  • Native Integration: Fortinet’s security solution will natively integrate with Alibaba Cloud for seamless integration with workloads running in Alibaba Cloud. As a Fortinet Fabric-Ready Partner, Alibaba Cloud will integrate its APIs with the Fortinet Security Fabric to provide more consistent and effective end-to-end security to end users.
     
  • Broad Protection: The Fortinet Security Fabric for Alibaba Cloud includes a broad range of Fortinet security offerings including: FortiGateVM, FortiWebFortiManagerFortiAnalyzer and Fabric Connectors. These solutions address a broad set of use cases including protecting cloud workloads, securing hybrid cloud and cloud-based security management.
     
  • Management and Automation: With the expanded integration, Alibaba Cloud’s security functionalities can be managed through the Fortinet Security Management tools across both Alibaba Cloud and on-premises deployments to streamline security operations. Customers can leverage automation capabilities provided by The Fortinet Security Fabric, leveraging APIs and stitches for example, to further streamline and automate operations.

Fortinet’s cloud security solutions are available on Alibaba Cloud Marketplace or can be purchased from a Fortinet channel partner providing customers with the flexability of purchasing only on demand or owning a license that is transferrable across platforms.

Supporting Quotes

“Sodexo chose to work with Fortinet for its commitment to the cloud and its native integration of security capabilities into Alibaba Cloud. Fortinet provides us with a robust solution to deploy advanced architecture on Alibaba Cloud with reinforced security. This was critical for Sodexo as we expand the business in China and consolidate our workloads and applications to Alibaba Cloud. With Fortinet and Alibaba Cloud’s integrated security solution, we are able to stay agile to our customer needs while protecting sensitive information in both a cloud and on-premise setup. This is very key to our commitments in proving quality of life services to our clients and consumers.” 
-Krone Cai, Head of IS&T at Sodexo China

“Fortinet has demonstrated its performance and delivered consistent policy management for a hybrid-cloud environment – without compromising ease-of-use when it comes to manageability. Fung Group has deployed Fortinet cloud security solutions in Alibaba Cloud environments and Fortinet enables secure applications and connectivity from data centre to cloud.” 
- Mark Lu, General Manager of Information Security at Fung Group

Additional Resources

About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 400,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.


資料來源:
https://www.globenewswire.com/news-release/2019/07/30/1893729/0/en/Alibaba-Cloud-Extends-Integration-with-the-Fortinet-Security-Fabric-to-Secure-Cloud-Migration.html
 

]]>
2019-09-18
<![CDATA[Fortinet Discovers AVIRA Self-Protection Bypass via Registry Removal]]> http://www.phitech.com.tw/news/index.php?news_id=915

Summary

Fortinet's FortiGuard Labs has discovered self-protection bypass flaw in Avira Antivirus.

Avira Antivirus is a security software developed by Avira Operations GmbH & Co. KG.

Avira self-defense driver can be bypassed by user-mode program that would allow adversary to disable critical product functionalities. The flaw resides in Avira's self-defense driver avipbb.sys which allows adversary to modify Avast protected registry key that could make product become completely nonfunctional or partially malfunction by disabling product update

Solutions

Users of vulnerable Avira products should apply the latest updates from Avira.

Additional Information

Following products and versions are affected.

  Avira Free Edition 15.0.19.164 and below

Acknowledgement

This vulnerability was discovered by Wayne Low of Fortinet's FortiGuard Labs.

IPS Subscription

Fortinet customers who subscribe to Fortinet's intrusion prevention (IPS) service should be protected against this vulnerability with the appropriate configuration parameters in place. Fortinet's IPS service is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and antispam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate, FortiMail and FortiClient products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat's lifecycle.

資料來源:
https://fortiguard.com/zeroday/1693
]]>
2019-09-11
<![CDATA[美超微為智能邊緣帶來前所未有的性能和可配置性 展示新安全、5G與人工智能解決方案]]> http://www.phitech.com.tw/news/index.php?news_id=914 最新的邊緣服務器為網絡邊緣帶來配置了37個局域網端口的軟件定義網絡解決方案並加快人工智能推理,開?了全新的5G就緒型解決方案類型

新加坡2019年7月16日 /美通社/ -- 企業運算、存儲和網絡解決方案以及綠色運算技術領域的全球領導者美超微電腦股份有限公司(Super Micro Computer, Inc.) (SMCI)再次重申,該公司最新的智能邊緣平台非常適合網絡安全、虛擬化網絡功能(VNFs)以及用於5G和物聯網的多接入邊緣運算(MEC)。

美超微在RSA Asia展出新安全、5G與人工智能邊緣解決方案 
美超微在RSA Asia展出新安全、5G與人工智能邊緣解決方案

美超微的網絡安全邊緣解決方案為我們合作夥伴的網絡軟件棧提供支持,如低延遲數據包管理,這十分適合統一威脅管理(UTM)、下一代防火牆(NGFW)、深度數據包檢測(DPI)和其它網絡安全應用。

美超微總裁兼行政總裁梁見後(Charles Liang)表示:「美超微致力於提供最先進的邊緣和數據中心服務器解決方案,從而支持網絡安全、物聯網和用於5G的多接入邊緣運算。美超微資源節約型服務器是高度可配置的,允許客戶在部署時選擇最好的內存、處理器、連接和軟件。」

美超微最新的嵌入式服務器採用英特爾(R)至強(R)D-2100系列處理器,如1019D-16C-FHN13TP,可以在微數據中心或智能邊緣需要的地方加速運算和虛擬化網絡功能,從而支持英特爾(R)精選解決方案通用客戶端設備(uCPE)、5G虛擬化無線接入網(vRAN)和多接入邊緣運算。這些新的邊緣平台為GPU加速卡或英特爾(R)FPGA可編程加速卡提供支持,以提供本地運算和人工智能推理,從而將邊緣和雲端聚合到一個無縫數據處理平台中。

美超微的SuperServer 1019D-FRN5TP利用高級輸入/輸出模塊(AIOMs)為虛擬化網絡邊緣帶來了最終的通用性,這些模塊可以配置多達37個局域網(LAN)端口,以補充平台的虛擬化網絡功能和軟件定義的廣域網(SD-WAN)功能。此外,緊湊型E300 SuperServer在一個非常小的空間內融合了很多功能——它可以用作安全設備,或部署包括SD-WAN在內的虛擬化網絡功能,而且還是經驗證的英特爾(R)精選解決方案通用客戶端設備。這些平台有助於消除複雜性,加速部署,並使開發人員能夠專注於支持5G和物聯網應用和服務的業務邏輯。

美超微將於7月16日-18日在新加坡濱海灣金沙酒店舉行的RSA Asia 2019(展台號1815)上展出這些新系統。

有關美超微完整的嵌入式Building Block Solutions系列詳情,請瀏覽www.supermicro.com/Embedded或下載嵌入式解決方案手冊

有關RSA Asia 2019或註冊領取展會入場券的詳情,請瀏覽https://www.rsaconference.com/events/ap19

美超微電腦股份有限公司(SMCI)簡介

領先的高性能、高效率服務器技術創新企業美超微(R)是用於數據中心、雲端運算、企業IT、Hadoop/大數據、高性能運算和嵌入式系統的先進服務器Building Block Solutions(R)的全球首要供應商。美超微致力於透過其「We Keep IT Green(R)」計劃來保護環境,並且向客戶提供市面上最節能、最環保的解決方案。

Supermicro、Building Block Solutions和We Keep IT Green是美超微電腦股份有限公司的商標和/或註冊商標。

所有其他品牌、名稱和商標均是其各自所有者的財產。

資料來源:
https://tw.stock.yahoo.com/news/%E7%BE%8E%E8%B6%85%E5%BE%AE%E7%82%BA%E6%99%BA%E8%83%BD%E9%82%8A%E7%B7%A3%E5%B8%B6%E4%BE%86%E5%89%8D%E6%89%80%E6%9C%AA%E6%9C%89%E7%9A%84%E6%80%A7%E8%83%BD%E5%92%8C%E5%8F%AF%E9%85%8D%E7%BD%AE%E6%80%A7-%E5%B1%95%E7%A4%BA%E6%96%B0%E5%AE%89%E5%85%A8-5g%E8%88%87%E4%BA%BA%E5%B7%A5%E6%99%BA%E8%83%BD%E8%A7%A3%E6%B1%BA%E6%96%B9%E6%A1%88-010000497.html
 

]]>
2019-09-04
<![CDATA[Fortinet連續兩年於NSS實驗室的SD-WAN組別測試中獲得推薦評級]]> http://www.phitech.com.tw/news/index.php?news_id=913 Fortinet產品與解決方案執行副總裁John Maddison

 Fortinet將首屈一指的SD-WAN(軟體定義廣域網路)與資安防禦整合於一個解決方案中,以加速推動廣域網路邊緣(WAN Edge)的發展。繼去年首度於NSS實驗室的SD-WAN組別測試報告獲得「推薦」評級,今年Fortinet再度獲得同等殊榮。該報告指出,Fortinet解決方案的每Mbps總擁有成本是所有參與測試的解決方案中最低的,而且其快速的自動配置功能可提升營運效率。Fortinet在此類別已連獲兩年獲得「推薦」評級,這次再度獲得NSS實驗室的推薦,證明Fortinet致力讓產品與解決方案通過第三方機構的測試和驗證。

新聞摘要
全方位整合與自動化網路安全領導廠商Fortinet®(NASDAQ: FTNT)今天宣布再度於NSS實驗室的SD-WAN組別測試中獲得「推薦」評級。根據NSS實驗室的評比,Fortinet的FortiGate安全SD-WAN(FortiGate Secure SD-WAN)具有以下優勢:

• 最低的總擁有成本(TCO):從75個企業分支機構的部署與不同環境中的實境測試結果顯示,FortiGate安全SD-WAN解決方案的每Mbps總擁有成本(TCO)是最低的,因此能大幅降低營運支出。FortiGate安全SD-WAN可在六分鐘內為新分支機構內自動配置好網路,不僅能簡化WANEdge的運作,還能透過一流的SD-WAN與安全功能提供可擴充、集中化的管理功能。
• 可靠、高品質的整合通訊體驗:在組別測試中,FortiGate安全SD-WAN在平均意見分數(Mean Opinion Scores,MOS)方面表現優異,其在VoIP與視訊測試的分數分別為4.36分與4.15分。此外,FortiGate安全SD-WAN也能為關鍵業務的影音應用提供卓越的使用體驗。此測試模擬了現實環境中各種困難的WAN情境,例如丟包、高延遲、封包延遲與斷線。
• 可提升使用體驗的高復原力與可用性:NSS實驗室也測試了FortiGate安全SD-WAN的高可用性,此特性與網路與應用程式穩定性息息相關,而且對企業網路至關重要。FortiGate安全SD-WAN解決方案在VoIP與視訊這兩方面都得到高平均意見分數(MOS),可見WAN連線失敗時,此解決方案仍具備高復原力,並可維持一致的使用體驗。
• 雲端應用的高WAN效能:FortiGate安全SD-WAN採用專用型的SD-WAN ASIC,因此在VPN覆蓋效能取得893Mbps的佳績,證實其可提供卓越的使用體驗與最低的延遲性。由於數位轉型中的企業偏好直接透過網際網路連線至公有雲與SaaS應用程式,因此這個效能特別重要。

Fortinet的安全SD-WAN解決方案可降低複雜度並簡化WANEdge的運作
FortiGate安全SD-WAN採用了內建更強大功能的專用型SD-WAN ASIC,例如SD-WAN、安全性、WAN最佳化與進階路由,因此能加速企業推動WANEdge轉型。今年,NSS實驗室的SD-WAN組別測試報告將FortiGate安全SD-WAN評比為TCO最低的解決方案,並強調其可在數分鐘內自動完成配置。自動配置能解決企業分支機構目前遭遇到的問題-當企業擁有許多端點產品,部署新據點的網路經常需要花上數個月的時間,而且網路問題的疑難排解相當費時。FortiGate安全SD-WAN的自動配置功能可解決這個難題,讓企業組織更輕鬆、安全地使用WANEdge。

全球客戶的青睞加速FortiGate安全SD-WAN的普及
隨著Fortinet持續開發創新功能,包括最近發布業界首創的SD-WAN ASIC,其安全SD-WAN解決方案客戶的使用率迅速攀升。企業組織可以透過單一解決方案獲得一流的SD-WAN功能與安全性,因此他們逐漸體驗到FortiGate安全SD-WAN解決方案的優勢。截至2019年6月12日為止,Fortinet在Gartner的Peer Insights WAN邊緣基礎架構市場(Peer Insights WAN Edge Infrastructure Market)評比中獲得最高評價。客戶肯定以及NSS實驗室的「推薦」評級等第三方測試結果是FortiGate安全SD-WAN在業界脫穎而出的重要原因。

FortiGate安全SD-WAN解決方案具備業界最推薦的新世代防火牆(NGFW)
FortiGate安全SD-WAN解決方案內建連續五年獲NSS實驗室新世代防火牆(NGFW)測試評比為推薦的Fortinet新世代FortiGate防火牆。此防火牆具備IPS、防毒軟體、URL過濾以及可抵禦與偵測進階威脅的沙箱。在NSS實驗室最新的新世代防火牆(NGFW)組別測試中,FortiGate的整體安全有效性評分高達99.3%,並可100%阻擋閃避式攻擊。FortiGate也展現高度的SSL檢測能力,而且不會影響系統效能。在測試期間,Fortinet解決方案在安全有效性、進階功能與卓越效能等方面表現相當優異。Fortinet解決方案已在NSS實驗室的九個組別測試中獲得推薦評級,包括:
• 軟體定義廣域網路
• 新世代防火牆
• 資料中心入侵防護系統
• 資料中心安全閘道設備
• 漏洞防護系統
• 新世代入侵防護系統
• 漏洞偵測系統
• Web應用防火牆
• 進階端點防護

所有榮獲NSS實驗室推薦評級的Fortinet解決方案都可透過Fortinet安全織網 (Fortinet Security Fabric)互通,以構成完整的安全架構,為各種攻擊提供完整的端點對端點的安全解決方案。

證言
「Fortinet在NSS實驗室組別測試中再度得到優異成績。在今年的SD-WAN組別測試中,FortiGate安全SD-WAN以最低的總擁有成本再次榮獲「推薦」評級。對於想在單一控制台中獲得資安防禦性與SD-WAN功能的企業而言,Fortinet的FortiGate安全SD-WAN是強大的解決方案。」
-NSS實驗室執行長Jason Brvenik


資料來源:

https://news.sina.com.tw/article/20190712/31951182.html]]>
2019-08-28
<![CDATA[Fortinet 夥中信國際電訊 CPC 推 SD-WAN  單一平台管理部署降整體擁有成本]]> http://www.phitech.com.tw/news/index.php?news_id=912

在 SaaS、IaaS 等雲端服務和流動應用高速普及之下,私有雲網絡和公共雲網絡的界線愈趨模糊。在節點、應用、頻寬和網絡成本日高的催化下,市場對軟件定義廣域網(SD-WAN)基建的需求有增無減。市場研究機構 IDC 指出,2017 年 SD-WAN 基建市場盈利增長為 83.3%,達 8 億 3 千 3 百萬美元;預期由 2017 至 2022 年間,SD-WAN 基建市場將可增長至 45 億美元,年複合增長率達 40.4%。

有見及此,中信國際電訊 CPC 與 Fortinet 近日便推出以聯合解決方案「TrueCONNECT Hybrid」,採用了 Fortinet 的 FortiGate 安全 SD-WAN 技術及防火牆功能,而中信國際電訊 CPC 則為 Fortinet 在泛亞首個信息安全管理服務合作夥伴(MSSP)。TrueCONNECT Hybrid 有助中小企業以至大企業快速實施 SD-WAN,同時免除當中有可能遇到的安全威脅。

▲ Fortinet 香港、澳門和蒙古區域總監馮玉明與中信國際電訊 CPC 產品部副總裁藍泰來宣布推出 TrueCONNECT Hybrid 軟件定義廣域網(SD-WAN)解決方案。

單一平台提供可視度、自動化和簡化網絡部署管理

中信國際電訊 CPC 產品部副總裁藍泰來表示:「TrueCONNECT Hybrid 提供的 SD-WAN 監控及報告,讓客戶能恪守私隱、安全標準和行業法規。特別對一些面對高度分散環境如零售網絡的客戶來說,由於他們需遵守嚴格的規則,這項服務對於他們尤其重要。方案只須通過單一管理平台,即可為企業的分支機構網絡網絡帶來更高的可視度、自動化,和簡化網絡部署及管理。 」

而 Fortinet 香港、澳門和蒙古區域總監馮玉明則指出,Fortinet 將 SD-WAN 和網絡安全性整合至單一產品之中,除助中小企業以至大企業快速實施 SD-WAN,更可提供一致的執行措施,免除當中有可能遇到的安全威脅,為所有分支機構提供有效的保護。

具有嵌入式 SD-WAN 功能的 FortiGate 下一代防火牆(NGFWs)技術與中信國際電訊 CPC 的網絡和信息安全管理服務結合後,可為企業碼化轉型提供以下優勢:

  • 確保享有高性能和高安全效能的網絡; 
  • 高效的網絡和信息安全的營運模式;和 
  • 降低分支機構網絡的整體擁有成本。 

資料來源:
https://unwire.pro/2019/07/08/fortinet-cpc/new-product/
 ]]>
2019-08-21
<![CDATA[Fortinet extends Advanced Application Security with FortiWeb Cloud WAF-as-a-Service on AWS]]> http://www.phitech.com.tw/news/index.php?news_id=911 Fortinet has announced the addition of FortiWeb Cloud WAF-as-a-Service to its cloud security portfolio. FortiWeb Cloud WAF-as-a-Service on Amazon Web Services (AWS) allows organisations to rapidly deploy web applications while providing security for mission-critical applications – protecting applications and APIs from threats and addressing compliance requirements.

Organisations protecting their web applications with this Software-as-a-Service (SaaS) solution can deploy the full WAF solution without the need to deploy and manage infrastructure or possess specific web application security skills, enabling rapid application deployment.

Fortinet is addressing the issues that IT teams, including DevOps, face with the addition of FortiWeb Cloud WAF-as-a-Service to its cloud security portfolio. FortiWeb Cloud WAF-as-a-Service is available for purchase on AWS Marketplace or through preferred Fortinet reseller and leverages the flexibility of AWS by automatically provisioning security protection for customers across multiple AWS Regions.

Rajesh Maurya, Regional Vice President, India & SAARC at Fortinet, “As organisations increasingly build out their business in the cloud and use web applications, they increase their exposure to known and unknown targeted attacks. Delivered through the Fortinet Security Fabric, FortiWeb Cloud Web Application Firewall (WAF)-as-a-Service allows organizations to rapidly deploy web applications while providing best-in-class security for mission-critical applications.”

“The availability of FortiWeb Cloud WAF-as-a-Service on AWS makes it easy for organizations to get a SaaS cloud-based web application firewall up and running for advanced threat protection within minutes in a single global AWS Region. Fortinet’s SaaS solution is delivered from multiple AWS Regions and runs closest to customer applications, providing customers with the flexible performance and cost benefits they desire to support their business agility,” Dan Plastina, Vice President, Security Services at Amazon Web Services, Inc.

資料來源:
https://www.crn.in/cloud/fortinet-extends-advanced-application-security-with-fortiweb-cloud-waf-as-a-service-on-aws/

]]>
2019-08-14
<![CDATA[Fortinet launches new WAN and edge security platform]]> http://www.phitech.com.tw/news/index.php?news_id=910 Fortinet's Secure SD-Branch platform uses Fortinet security products to converge WAN and security into an integrated platform and protect access edges.
  •  
  •  
  •  
  •  
  •  

Fortinet has launched the Secure SD-Branch platform, designed to secure the WAN and access edge, as well as enable security-driven networking for distributed enterprises.

The Secure SD-Branch platform extends Fortinet Security Fabric, and according to Fortinet, it converges WAN and security into an integrated platform. Fortinet claims this increases security and visibility, while reducing complexity, to improve performance and lower overall IT costs.

The intention of the Secure SD-Branch platform, according to Fortinet, is to provide adequate, easy-to-manage security of an organization's ever-increasing number of edges. Fortinet's Secure SD-Branch platform is composed of the FortiGate next-generation firewall, FortiNAC network access control, FortiSwitch and FortiAP access points.

The two main protections that Fortinet claims the Secure SD-Branch platform provides are network edge protection and device edge protection.

The FortiGate next-generation firewall extends through the access layer with FortiSwitch and FortiAP to consolidate security and network access. According to Fortinet, this is the architecture ideal for Secure SD-Branch deployments. New Wi-Fi 6 FortiAP access points enable greater capacity and throughput to keep up with expanding bandwidth needs, and FortiSwitch switches offer higher power to run power-hungry IoT devices, Fortinet claims.

The FortiNAC network access controller provides automatic discovery, classification and security of IoT devices as they enter the network. It uses FortiGate as a sensor to detect anomalies via traffic.

Fortinet claims Secure SD-Branch delivers the following customer benefits:

  • Integrated security: FortiGate extends next-generation firewall services to the network access layer through the integration of wireless and switch management.
  • Simplified management: Zero-touch deployment and integrated management via a single pane of glass simplify enterprise branch deployments. The architecture scales to support a variety of branch sizes and growth.
  • Lower cost of ownership: According to Fortinet, it does not charge licensing fees, and network traffic sensors do not have to be purchased. Simplified management operations require fewer interfaces to learn and manage daily and less time to deploy, saving organizations time and money, Fortinet claims.

source:
https://searchsecurity.techtarget.com/news/252465361/Fortinet-launches-new-WAN-and-edge-security-platform
]]>
2019-08-07
<![CDATA[Android 版的 iMessage 就快來了,英法用戶將支援 RCS 訊息服務]]> http://www.phitech.com.tw/news/index.php?news_id=909 作者  | 發布日期 2019 年 06 月 19 日 17:45 |   

由於電信服務商與手機製造商錯綜複雜的關係,Android 手機用戶想要使用新一代傳訊服務幾乎是不可能的事。但在 Google 的技術主導之下,採用 RCS(Rich Communication Services,進階通訊解決方案)的傳訊服務將搶先提供給英國、法國的用戶使用,並逐步向全球用戶開放。

本月底開始,英國與法國的 Android 用戶將能搶先使用由 Google 提供、採 RCS 的傳訊服務,不再需要等待電信商支援才能使用。這似乎意味著 RCS 未來將有機會取代 SMS(Short Message Service,簡訊服務),而隨著 Google 向愈來愈多國家推動這項服務後,最終 RCS 將適用於所有 Android 用戶。

藉由 RCS,Android 用戶可透過 Wi-Fi 或行動網路以系統預設的《訊息》App 收發訊息,其他像是傳送表情符號、高解析度的圖片與影片或讀取回條、甚至是群組聊天等都能辦得到。此外,用戶在電腦上透過訊息網頁版也能收發訊息,文字、照片以及貼圖都能傳送。

對於 Android 平台來說,Google 的 RCS 傳訊服務並非等同於蘋果的 iMessage,但已經很接近了;由於 RCS 尚未支援端到端加密(End-to-end encryption,E2EE),這是與 iMessage 的差異所在。不只是 iMessage,通訊軟體包括 WhatsApp、Signal 等已支援 E2EE,甚至 Facebook 也表示旗下所有應用程式將要預設採用 E2EE。此外,RCS 何時才能適用於所有 Android 用戶的手機則成了第二大問題,Google 目前正在加緊趕工。


資料來源:
http://technews.tw/2019/06/19/google-is-finally-taking-charge-of-the-rcs-rollout/

]]>
2019-07-31
<![CDATA[The benefits of 5G: Streaming video, gaming, and immersive mobile experiences]]> http://www.phitech.com.tw/news/index.php?news_id=908 The benefits of 5G: Streaming video, gaming, and immersive mobile experiences
18 June 2019 Sarah Henschel

With 5G deployments rolling out across the world, the next generation of mobile technology promises myriad benefits to consumers, especially those who enjoy streaming videos. Recall that when 4G LTE first launched, mobile operators partnered with pay-TV providers and streaming services such as Netflix to showcase that LTE allowed consumers to stream videos with their mobile devices. While LTE provided a strong foundation for video streaming, 5G is poised to enhance the consumer streaming experience even further while also opening new revenue opportunities for enterprises.

 

LTE currently supports $40 billion in consumer revenues in the online video market. With 5G, however, IHS Markit forecasts that number to jump to $100 billion in the next five years. 5G will offer countless opportunities for improved streaming experiences, thanks to faster speeds, lower latency, stronger reliability, higher capacity, and better mobility. Given such vast improvements, IHS Markit predicts that there will be 1 billion 5G mobile subscriptions by 2023.

 

The gaming industry in particular should benefit from the new opportunities that 5G presents. Because online gaming requires low latency and fast speeds for an optimal user experience, 5G will deliver a vastly improved gaming experience. IHS Markit predicts that revenue from mobile gaming will jump to $83 billion in the next five years. Moreover, cloud gaming will also benefit since 5G removes the need for high-cost hardware.

 

While streaming video and gaming will improve in the short term because of the faster speeds and lower latency that 5G offers, the long-term possibilities are perhaps even more compelling. For example, immersive, "choose your own adventure" experiences and AR stand to benefit a great deal from 5G. Augmented reality in particular should show continued improvement on 5G because AR has the entire smartphone footprint at its disposal. IHS Markit predicts AR revenue to grow to over $3 billion in the next five years.

 

While LTE generally provides a solid streaming experience, 5G will make it easier for consumers to enjoy a host of streaming options, such as binge-watching TV shows in 4K or playing online games whenever they want and anywhere they go.


Sarah Henschel is senior research analyst for media at IHS Markit
Posted 18 June 2019

資料來源:

https://ihsmarkit.com/research-analysis/the-benefits-of-5g.html

]]>
2019-07-24
<![CDATA[Gartner: Cybersecurity skills shortage requires a new approach]]> http://www.phitech.com.tw/news/index.php?news_id=907 At the Gartner Security and Risk Management Summit, analysts discuss the challenge of finding skilled cybersecurity professionals and how it can be solved.
  •  
  •  
  •  
  •  
  •  

National Harbor, Md. -- While the cybersecurity skills shortage continues to plague the industry, the "real problem" lies in how security leaders are addressing the issue, said Sam Olyaei, director at Gartner's security and risk management group.

"The problem is really our mindset has to be shifted away from thinking about open roles that can be hired out in the market to actually optimizing the security function in ways that can actually help you procure the competencies we need," Olyaei told attendees during a session at the Gartner Security & Risk Management Summit.

According to a Gartner survey, 61% of organizations admitted that they are struggling to hire security professionals.

Most organizations struggle because they don't know what cybersecurity skills they need or put too much weight on certifications, Olyaei said. They haven't mapped everything back to a workforce strategy or framework to figure out what they need, he added.

"We have to look for alternative, emergent techniques that we can use to not only source these people, but build them," he said.

When it comes to security roles, he said, there is a lack of standardization around titles, names, terminology and, as result, a lack of clear career paths.

"The problem is, there is no standardization on what these titles actually mean," he said. "An incident response analyst could potentially be an information security analyst in another organization. A security engineer could even be a security architect in another organization."

Olyaei advised security program practitioners to craft a strategy planning process that takes into account frameworks like the NIST's National Initiative for Cybersecurity Education (NICE) cybersecurity workforce framework. The NICE cybersecurity workforce framework is designed to introduce standardization in the titling aspect of the information security and cybersecurity roles, he said.

"That'll help you identify, the competencies, knowledge and skill sets that we might need in the future and ultimately get ahead of the curve by planning for these things today," Olyaei said.

He also recommended security professionals use enticing job titles that don't just focus on the technical aspect of the job, but stresses on opportunities to "develop and grow" and "learn and adapt," to help attract the right candidate.

He advised investing in training simulation platforms like a cyber range, which replicates an organization's environment in a lab, to build the cybersecurity skills needed to plan and execute a digital business strategy.

Security automation in the era of digital business

Gartner analysts believe a contributing factor to the cybersecurity skills shortage is the rapid digital transformations that many organizations are experiencing. In the company's latest digital business survey, 85% of organizations reported actively pursuing digital optimization strategies, and 66% reported being on the path to digital transformation.

Emerging technologies will impact security and risk directly because rapid adoption of emerging technologies is creating risks, Gartner director Beth Schumaecker said during the opening keynote at the conference.

"We try to build a security risk management team that can face all of these demands and we are confronted with the new reality that digital transformation needs new skills from our security people," Schumaecker said.

Given the "tight security labor market," Schumaecker advised organizations to think about how they implement an adaptive automation strategy that allows them to best utilize the people and skills they have.

Olyaei urged security professionals to figure out skills and functions that can be automated, and which ones can be outsourced to a managed security service provider or managed detection and response service providers.

"If you have repetitive functions in your organizations today, you should be looking to automate that right away," he said. "Take advantage of what's around you in terms of technologies, tool sets, capabilities, techniques, and ultimately, even external people."

Security leaders should also move away from a siloed approach toward cybersecurity, he said, because it will not work in digital security or digital business platforms.

"While information security analysts today probably focus more on the operational day to day, things like log management, or monitoring, or endpoint protection, you'll start to see a less siloed approach as you move to digital," he said. "A lot of times organizations try to break down the silos so that they have more versatile people that can arrive at the same conclusions."

Digital businesses require digital competencies

Embracing digital technologies to deliver new value and competitive advantage to the enterprise also requires developing digital competencies, Gartner analysts agreed. CISOs and security risk leaders need to hire people with digital competencies.

Adaptability is a key security skill in the digital era, Olyaei said.

"This is somebody who demonstrates flexibility, agility and the ability to respond effectively to different demands," he said. 

Business acumen, digital dexterity, outcome-driven, and collaboration and synergy are other key digital competencies required of security professionals today, he said.

The drive toward digital business will also create demand for new skills, he said. While top security roles currently in demand include information security analyst and vulnerability analyst/penetration tester, Olyaei predicted that's going to change in the next few years.

"A pen tester, for example, is measured on whether or not they can actually get into an environment, the system and network applications etc., and whether or not they can find original vulnerabilities," he said. "We're starting to see the role of a pen tester change and trying to figure out whether or not you can actually catch an attacker in the process of using a vulnerability to infiltrate the system or environment."

As organizations begin to mature, he said, the demand for the technical security analyst role will also decrease.

"A lot of the functions this technical security analyst is responsible for doing will either have been outsourced, automated or in a lot of cases be bundled into a common security function that this person's required to do," Olyaei said.

Some of the emerging roles that CISOs and CIOs and security and risk leaders need to keep track of are digital risk officer, data security scientist, security champion, digital ecosystem manager and chief of staff.

"These five roles are shaping up to be sort of that bridge between information security and digital security ... taking you from that traditional focus on confidentiality, integrity and capability, to focus more on privacy, safety and resilience," he said.


source:
https://searchsecurity.techtarget.com/news/252465325/Gartner-Cybersecurity-skills-shortage-requires-a-new-approach

]]>
2019-07-17
<![CDATA[AT&T Exec Said Telco's Ideas Will 'Radically Reshape' TV]]> http://www.phitech.com.tw/news/index.php?news_id=906 The hyperbole was on high boil Wednesday as AT&T's John Donovan made some big pronouncements, but little detail, about how the company is evolving and transforming its TV business.

At the Credit Suisse Communications Conference in New York yesterday, Donovan was asked about how AT&T's pay-TV and streaming video plans, including recent price changes for DirecTV Now and a coming "thin-client" version of the fuller-freight DirecTV service that will be delivered via the Internet rather than via satellite.

"We're going to transform our product," Donovan said. "It's the consumer product I'm most excited about since the iPhone. It radically reshapes what your concept of television is."

But how, exactly? After all, the market is teeming with relatively new OTT-TV options, with many of those services also grappling with razor-thin margins thanks to the continuous rise of programming costs. What TV magic does AT&T have in its bag of tricks?

 

Here's where AT&T's vision for the future of video and pay-TV gets a bit hazy. The company, perhaps to keep its competition guessing or because it's still trying to figure out how it's going to truly offer something new and different, is not being very clear on this count.

"We think we're going to be disruptive in the market on features and capability, but we need to evolve our product," he said.

Donovan was later pressed if he'd care to elaborate on the innovations AT&T will bring to bear to pay-TV.

"No," he responded, then jokingly chided his inquisitor for asking a question he already knew the answer to, along with a backhanded compliment. "You could be a reporter."

Donovan was a bit more forthcoming on the timing of the new thin-client DirecTV product, noting that it's expected to debut sometime in Q3 2019. That offering is expected to center on an inexpensive AT&T-supplied Android TV-powered box alongside streaming support on various retail streaming platforms.

Despite Donovan's dodginess about the features and capabilities that will grace that product, putting an OTT version of DirecTV's satellite TV packages makes a lot of economic sense. For starters, the cost of acquisition of an OTT-TV customer should be much lower than it is for DirecTV's satellite TV service. There's less (and cheaper) equipment involved, and the OTT version should allow for simple customer self-installs.

And that product should help DirecTV/AT&T expand its addressable market. Donovan estimated that about 20% of US households can't get satellite TV due to line-of-sight issues and other restrictions. He said DirecTV, on occasion, will role a truck to a new customer only to find that the customer isn't eligible or capable of getting the service -- a big waste of time and money.

"It's not immaterial," Donovan said of the portion of the market that the new product will allow AT&T to reach, noting that the company has a database of consumers who can't be served with satellite but would be eligible for the new thin-client TV product.

That product "is going to be a great opportunity for us to have a product that's not only competitive but one that we would expect to take some share with," he said.

AT&T could use something that steals some share, as its video business has been struggling alongside the broader pay-TV industry. The company lost 627,000 video subs in Q1 2019, including 544,000 legacy "premium" TV subs (DirecTV satellite and U-verse IPTV) and 82,000 DirecTV Now subs as OTT customers continued to roll off after early, heavily discounted rates dissipated.

An SVoD assist?
Donovan didn't advance the ball much regarding AT&T's plans to launch a subscription VoD service in beta form later this year and reach full commercial deployments in 2020. AT&T has alluded to plans to offer that product to traditional pay-TV distributors, so it seems likely that AT&T will attempt to package in this new SVoD product with its pay-TV offerings.

But, following an earlier analyst's note that AT&T is now looking at a single-tier SVoD product (rather than one with three separately priced tiers with a different content mix), The Wall Street Journal reported Thursday that the new offering will cost $16 to $17 per month.

Per the WSJ, the offering will include HBO, Cinemax and Warner Bros content, and cost just a bit more than HBO Now, HBO's standalone, direct-to-consumer OTT subscription service that fetches $14.99 per month. At the reported price, AT&T's new SVoD will carry a big premium over Disney+, a service set to debut in November for $6.99 per month.

Bolstering the bundle
AT&T is also hopeful that its new thin-client video option will refuel a service bundling strategy, making it much easier to combine TV with its broadband products.

On that point, Donovan also provided an update on AT&T Fiber's progress, predicting that the unit will add 1 million subs this year, with roughly two thirds of them coming from cable. That prediction is in contrast to recent analysis that found that most of the new AT&T Fiber subs are coming from existing AT&T broadband subs (including U-verse customers) that have migrated or upgraded to faster, fiber-fed Internet service.

While AT&T's DirecTV merger commitment was to have fiber deployed to 12 million locations by June 2019, Donovan reiterated that the number will be closer to 14 million.

"We have a lot of inventory now," Donovan said, confident that AT&T Fiber is in position to achieve service penetration of 50% to 55% in as little as 24 months in some markets.

]]>
2019-07-10
<![CDATA[Fortinet’s Robust Multi-Cloud Portfolio Secures Migration to Cloud Environments]]> http://www.phitech.com.tw/news/index.php?news_id=905 Fortinet secures the migration to multi-cloud with native integration, broad protection and management and automation capabilities for every cloud environment

SUNNYVALE, Calif. - Jun 3, 2019
 
 

John Maddison, EVP of products and solutions at Fortinet
“Hybrid Networks and multi-cloud are major tenants of the enterprise architecture for the next 10 years. Fortinet customers are deploying our Security Fabric for visibility across their entire digital attack surface, enabling high quality operations and rapid, orchestrated response to any potential threats.”

News Summary:
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced that Aspire Global, MediaKind, MLP Finanzberatung SE, and Nubank have chosen Fortinet’s multi-cloud security offerings to implement secure connectivity and consistent visibility and control across their cloud environments. These organizations confidently rely on Fortinet’s multi-cloud security solutions to ensure that applications and/or workloads have consistent security across physical, virtual and cloud footprints and can be centrally managed whether they reside in a private cloud, public cloud, hybrid cloud or on-premises. 

Migrating workloads and applications to cloud environments, building cloud native applications and consuming SaaS applications have many benefits for organizations looking to stay agile, flexible and reduce operational costs. However, this transition to multi-cloud also raises security concerns that if left unaddressed can be detrimental and offset these benefits. Gartner predicts that “by 2021, 50% of enterprises will unknowingly and mistakenly have some IaaS storage services, network segments, applications or APIs directly exposed to the public internet, up from 25% at YE18.” [1]

To address these concerns, Fortinet’s depth and breadth of multi-cloud security products and solutions that are part of the Fortinet Security Fabric offer the following solutions:  

  • Visibility and control: Organizations need a single-pane-of-glass to gain visibility and define consistent security policies throughout the entire cloud infrastructure to effectively manage risk. Fortinet’s FortiCASB-Cloud allows customers to leverage the public cloud management APIs to monitor activity and configuration of multiple cloud resources as well as eliminate blind spots across an expanding attack surface. It continuously evaluates configurations across regions and public cloud types while dynamically analyzing activity in the public cloud infrastructure to identify potentially malicious activities. FortiCASB-Cloud dashboards are pluggable into Fortinet Security Fabric FortiView, uniquely offering Security Administrators a single-pane-of-glass view of the entire attack surface in multi-cloud infrastructures. Through FortiView dashboards, administrators can see both inline security as well as cloud configuration security to build a comprehensive view of risk.
     
  • Application security: The growing number of cloud-based applications that organizations are building either for direct web access or as backend applications for various mobile and business applications increases security risks and threats. Fortinet provides advanced application layer security controls so customers can choose cloud platforms based on their business priorities, not security limitations. Through  FortiWeb-VM, customers are able to secure web APIs and front-end web application to protect from known and unknown threats. FortiWeb is easy to use and delivers high accuracy powered by on-device machine learning capabilities, as well as the flexibility of form factors from containers to virtual machines to SaaS. FortiWeb also integrates with FortiGate-VM through FortiView dashboards and shares security intelligence information to consistently enforce security policies and provide increased visibility. FortiCloud Sandbox Service is integrated to perform dynamic analysis of files and storage services in order to identify previously unknown malware.
     
  • Secure connectivity: As organizations deploy an array of cloud infrastructure and shift toward multi-cloud, secure connectivity across these various environments is critical to protect sensitive information and confidential communication. FortiGate-VM provides the most flexible and scalable offerings in the industry supporting small point workload connectivity designed to scale out. It also supports larger data connections that require a scale-up VPN connection to multiple Gbps of VPN traffic. FortiGate-VM’s virtual security processor (vSPU) technology accelerates performance in both private and public clouds, enabling customers to confidently migrate their high-performing applications to the cloud.

Aspire Global - the complete iGaming Platform, MediaKind - a global media technology leader, MLP Finanzberatung SE – the partner for all financial matters, and Nubank - the leading Fintech in Latin America, are among the most recent Fortinet customers realizing the benefits of multi-cloud without compromising security. Some of the benefits customers gain from leveraging the Fortinet Security Fabric for multi-cloud are:

  • Consistent security controls and policies regardless of application infrastructure.
  • Single-pane-of-glass visibility for multi-cloud security to comprehensively manage risk in a dynamic and diverse environment.
  • The ability to leverage existing security personnel skillset when securing the cloud.
  • The confidence to deploy any application on any cloud supporting the desired business velocity and choices.

Customer Supporting Quotes:
“MediaKind chose to work with Fortinet for its commitment to the cloud and its native integration of security capabilities into any cloud computing platform. Fortinet gives us the freedom to deploy any application on any cloud without compromising security. This was critical for MediaKind as we chose to reduce the number of physical data centers and transition our workloads and applications to the cloud. With Fortinet’s robust portfolio, we are able to stay agile to our customer needs while protecting sensitive information and intellectual property in both a cloud and on-premise setup.”
-Ravinder S. Jarral, Head of Global Security at MediaKind

“Aspire Global views cybersecurity as a top priority. It’s important for us to offer a safe, mutli-cloud secured platform in order set the groundwork to have a smooth business continuation from the start of the process to finish with network users. Fortinet’s cloud security solutions are a dynamic resource that gives Aspire Global the technology edge in the digital sector enforced across all environments.”
- Ziv Shtaeinberg, Chief Technology Officer at Aspire Global

Fortinet has demonstrated its performance for a multi-cloud environment – without compromising ease-of-use when it comes to manageability. We have deployed Fortinet cloud security solutions in all three – AWS, Azure, and Google – of our cloud environments and Fortinet delivers the necessary visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.
- Erik Vellmete, Head of IT Infrastructure and Basic Applications at MLP Finanzberatung SE

"The main benefit for Nubank when purchasing Fortinet security solutions was the security itself. We were looking for solutions that would serve our internal security Red Team, as well as improving integration with our AWS cloud environment. For this, we adopted Fortinet's Security Fabric for AWS. Further, with Fortinet’s cloud security solutions, we now have a record of activities for each engineer and for each user that uses one of our services, allowing us to understand all the activity being carried out – a very important safety point for us and for our clients. This was only the first step in blueprinting what we want to achieve.”
- Gabriel Diab, software engineer at Nubank Brasil

Additional Resources

 

1 Gartner, Innovation Insight for Cloud Security Posture Management, Neil MacDonald, 25 January 2019.

 

資料來源:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2019/multi-cloud-portfolio-secures-migration-to-cloud-environments.html

]]>
2019-07-03
<![CDATA[IETF推出用來取代IMAP的現代開源電子郵件協定JMAP]]> http://www.phitech.com.tw/news/index.php?news_id=904

由於老舊的IMAP協定已經不符合現代電子郵件處理需求,IETF推出更適用於網頁以及行動裝置的新協定JMAP

 
 

網際網路工程任務組(Internet Engineering Task Force,IETF)推出新的電子郵件協定JMAP(JSON Meta Application Protocol),這個協定更適合網頁以及行動裝置使用,電子郵件通知推送也更為即時。JMAP並非IMAP的升級版,而是一個全新的協定,使用結構化的JSON格式傳輸,修正了過去像是IMAP等開放協定的缺陷,主要用來取代IMAP與SMTP的組合。

IETF提到,IMAP並不適合用於網路資源受限的行動裝置上使用,而IMAP與其他協定諸如SMTP、CalDAV和CardDAV的組合,用來提供日曆和聯絡人功能,對開發者來說有一定的開發門檻。IETF認為,這樣的情況影響電子郵件的應用發展,許多新的客戶端以及擴充套件,僅為大型電子郵件服務開發,專有協定逐漸取代了開放協定。

IMAP IDLE功能有兩大問題,第一、更新機制效率不好,除非客戶端對所有資料夾開啟連接,否則一個連接只會通知更新一個資料夾的變更;第二、需要持續網路連線,在行動裝置實作IMAP有困難,對iOS來說更是無法使用。

而JMAP實作兩種推送機制,這兩種機制都以狀態字串觸發,讓客戶端知道有新訊息,接著客戶端接著以標準方式同步資料。對桌機客戶端與Webmail,其提供事件來源介面,使用持續的HTTP連接進行更新,對行動裝置以及網頁整合使用上,開發者可以設定回呼處理程序,執行應用程式伺服器推送。

JMAP可以在單個指令中,對多個訊息進行創建、更新與刪除的動作,這是舊的IMAP做不到的。另外,JMAP是無狀態協定,不需要持續連線,對於間歇網路存取,像是行動裝置更加友善,而且提供一系列彈性的指令,可以方便地進行批次處理,雖然還是能以串流的方式處理郵件,但是JMAP設計的初衷就是無狀態協定,減少斷開連接的手續。

在相容性支援上,JMAP資料模型相容於IMAP資料夾以及類Gmail標籤,實作JMAP的伺服器也能支援IMAP。JMAP還具有流量控制的能力,客戶端可以限制伺服器發送的資料量,當數量超過客戶端限制,則指令將回傳錯誤。

IETF認為,JMAP是新一代電子郵件開放標準,為電子郵件提供現代的功能支援,又具有良好的擴充性,可以輕鬆地加上日曆等服務,能正面影響整個生態系的發展。

資料來源:
 https://www.ithome.com.tw/news/130539]]>
2019-06-26
<![CDATA[Going into 5G, don't forget security]]> http://www.phitech.com.tw/news/index.php?news_id=902  
telecomasia.net

For years telco revenues as measured in Average Revenue Per User (ARPU) have been on a decline. As consumers and business acquire a taste for broadband and mobile broadband connectivity, operators are pressured to offer bigger and faster pipes, and to do so more cheaply lest competition from OTTs and mobile virtual network operators (MVNO) take home the bacon. We have reached a point where telcos are finding themselves becoming almost exclusively connectivity vendors– what some call “the pipe business”.

Guner Reiss, vice president of strategy, A10 NetworksAs Gunter Reiss (pictured), vice president of strategy at A10 Networks, tells it, that a lot of operators want to get out of being labeled a telco – a connectivity provider.

He cites the comment made by Johan Johan Wibergh, chief technology officer at Vodafone: “We want to become a technology provider. We want to become a service provider to the enterprise community.”

Based on what we understand about 5G technology, this may just be what the industry is praying for. Some believe that 5G features like network splicing, enhanced mobile broadband, ultra reliable low latency communications and massive machine type communications, are all geared towards the performance requirements of enterprises.

To date, a number of telcos in Asia and around the world are making significant investments in 5G with the intent to target enterprise opportunities. One area that has always lagged when it comes to understanding and planning for is around security.

At the 2019 Total Security Conference, a chief security officer speaking at a panel noted that “if you want to stay secure from cyber threat, then stay out of the internet.” However, the reality is that internet has become so embedded into everyday living [and business] that it would be a business suicide if any business stays out of it.

So for telcos, the challenge is building infrastructure, including 5G-based connectivity solutions, that appeal to the risk appetite of their enterprise customers.

In an exclusive interview with Telecom Asia, Reiss opens up to the threats and opportunities operators must face as they rise to the 5G challenge.

Given that operators will need to invest more around security as part of their 5G rollout. How do they monetize in these investments?

Gunter Reiss: There are two ways: 

First, every operator has to protect their own infrastructure because the system is their bread and butter.

Secondly, we see a lot of operators today starting to offer a managed security services to enterprises. Cloud providers are doing the same thing.

Instead of buying a DDoS appliance directly for your premises, you want a DDoS service – literally just buying it as part of your connectivity, or part of any of the other specific IoT services you would buy from a mobile operator. You would add the security services on top of it.

This is why service providers and mobile operators in the 5G world will finally become a true service providers and partner to the enterprise community.

This is how they will monetize their investments, including security.

As operators near 5G rollout, what remains their biggest concern?

Gunter Reiss: That would be – “How can we protect our mobile infrastructure?”

It's the same as what they have now with 4G – just with 5G, they realize that they have more points to protect. If you think about it in 4G it was the GI-LAN infrastructure they just needed to protect – and it doesn’t scale. Scale requirements just weren’t there.

But what we see now, they have to protect the peer points. They have to protect the mobile edge – this is what they are building the architecture for. That's the conversations we have with them.

There is another aspect – our latest DDoS weapons report revealed more than 23.5 million DDoS weapons all around the world. The largest number is more than 6 million in China, followed by 3 million in the US. And as you go into each country, we can actually highlight how many DDoS weapons there are. This is important for operators because this is proactive defense of your infrastructure.

So that's basically how we help these operators to protect the infrastructure. And again, it doesn't really matter if they're on 4G right now. They are realizing that they have to protect the infrastructure. They have to start planning, investing and allocating budgets for the protection of the mobile infrastructure along the journey to 5G.

You don't want to wait and suddenly say, “Now that I’m launching 5G, it’s time for me to adjust my security architecture or infrastructure, and how I deal with [connectivity] suppliers.”

As operators look to harness the non-traditional business opportunities presented by 5G, including areas like Smart Cities, what should I be looking at as an operator?

Gunter Reiss: What you should look at is in order to support – ultimately as an operator – you need to increase your ARPU, you want to sell more services.

Now, particularly then with 5G, you need to build relationships with the various industries from smart cities, to governments, to hospitals, to whatever industry it is. And, of course, in that way, industry explosion of the IoT endpoints – depending on what data you trust – up to 35 billion over the next years.

When you take all that into consideration, you have to protect your infrastructure all the way, obviously, to where the IoT endpoints get connected, and as a consequence you need a comprehensive security architecture.

And the only way to really be able to manage the scale requirements is with Intelligent Automation.

And this is where you leverage machine learning algorithms, any AI type of capabilities and analytics to get more visibility about your network and your application environment in order to really be able to secure your infrastructure. The complexity is just getting that much larger than what these operators are dealing with today.

This is basically the straightforward message I try to explain to them.

It's not about how cyberattacks will come through the internet anymore. They come through those peering partners, and they come directly from the IoT devices which get weaponized from the phones. So, you have to have protection right away at the mobile edge.

And for this, you need to leverage automation capabilities.

As activities around 5G accelerate in 2019, what's your expectation?

Gunter Reiss: 5G is still in its early stage. I think we will see over the next 12 months a lot more operators commercially launching 5G services with various used-cases.

And I would say that at least within this year, we’ll see between 20 and 30 mobile operators launching new commercial services around the world.

But 2020 is going to be, I think, that big push where more operators will come with 5G commercial services. And this, from an A10 perspective, is the opportunity. We are working with a lot of them already right now under 4G virtualization developments and securing the 4G virtualized and NFV type of environment.

Now that they are future proof and ready, from a scale perspective, to take that all the way into this full 5G architecture.

As I mentioned before, for some time, we will see a hybrid type of 4G / 5G network architecture. Then some of those early adopters will go out with the 5G standalone, network architecture.

Even if the operator is not launching 5G yet in 2019, they're already working and starting to work with us on their plans towards 5G and how to protect that infrastructure. This is why we are super thrilled and excited about it.


資料來源:
https://www.telecomasia.net/content/going-5g-dont-forget-security?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+tarss+%28Telecom+Asia+RSS%29

]]>
2019-06-19
<![CDATA[Connectivity between Azure Virtual WAN and Fortinet Appliance]]> http://www.phitech.com.tw/news/index.php?news_id=900 Connectivity between Azure Virtual WAN and Fortinet Appliance

Contributors: Karthik T, Principal Cloud Architect at Powerupcloud Technologies.

“Networking is the cornerstone of communication and Infrastructure”

Azure VWAN

Microsoft Azure Virtual WAN allows to enable simplified connectivity to Azure Cloud workloads and to route traffic across the Azure backbone network and beyond. Azure provides 54+ regions and multiple points of presence across the globe Azure regions serve as hubs that you can choose to connect to the branches. After the branches are connected, use the Azure cloud service through hub-to-hub connectivity. You can simplify connectivity by applying multiple Azure services including hub peering with Azure VNETs. Hubs serve as traffic gateways for the branches.

Fortinet with Azure VWAN

Connecting Fortinet Firewalls to a Microsoft Azure Virtual WAN hub can be done automatically. The automatic configuration provides a robust and redundant connection by introducing two active-active IPSec IKEv2 VPN tunnels with the respective BGP setup and fully automated Azure Virtual WAN site creation on Microsoft Azure. The finished deployment allows full connectivity between branch-office sites and resources in Azure Virtual Networks via the Azure VPN Hub.

VWAN Offerings:

Microsoft Azure Virtual WAN offers the following advantages:

Integrated connectivity solutions in hub and spoke

Automated setup and configuration

Intuitive troubleshooting

Organizations can use Azure Virtual WAN to connect branch offices around the globe. An Azure Virtual WAN consists of multiple virtual hubs, and an organization can create virtual hubs in different Azure regions.

For on-premises devices to connect into Azure a controller is required. A controller ingests Azure APIs to establish site-to-site connectivity with the Azure WAN and a Hub.

Microsoft Azure Virtual WAN includes the following components and resources:

WAN: Represents the entire network in Microsoft Azure. It contains links to all Hubs that you would like to have within this WAN. WANs are isolated from each other and cannot contain a common hub, or connections between two hubs in different WANs.

Site: Represents your on-premises VPN device and its settings. A Site can connect to multiple hubs.

Hub: Represents the core of your network in a specific region. The Hub contains various service endpoints to enable connectivity and other solutions to your on-premises network. Site-to-site connections are established between the Sites to a Hubs VPN endpoint.

Hub virtual network connection: Hub network connects the Azure Virtual WAN Hub seamlessly to your virtual network. Currently, connectivity to virtual networks that are within the same Virtual Hub Region is available.

Branch: The branches are the on-premises Fortinet appliances, which exist in customer office locations. The connection originates from behind these branches and terminates into Azure.

Prerequisites and requirements

The following prerequisites required for configuring Azure and Fortinet to manage branch sites connecting to Azure hubs.

  1. Have white-listed Azure subscription for Virtual WAN.
  2. Have an on-premise appliance such as a Fortinet appliance to establish IPsec connection into Azure resources.
  3. Have Internet links with public IP addresses. Though a single Internet link is enough to establish connectivity into Azure, you need two IPsec tunnels to use the same WAN link.
  4. SD-WAN controller — a controller is the interface responsible for configuring appliances connecting into Azure.
  5. A VNET in Azure that has at least one workload. For instance, a VM, which is hosting a service. Consider the following points:
  6. The virtual network should not have an Azure VPN or Express Route gateway, or a network virtual appliance.
  7. The virtual network should not have a user-defined route, which routes traffic to a non-Virtual WAN virtual network for the workload accessed from the on-premise branch.
  8. Appropriate permissions to access the workload must be configured. For example, port 22 SSH access for a Ubuntu VM.

Step 1. Configure Microsoft Azure Virtual WAN Service

 
Fig 1.1 Virtual Network Configuration
 
Fig 1.2 Virtual WAN Creation
 
Fig 1.3 Virtual WAN
 
Fig 1.4 Virtual Hub
 
Fig 1.5 Hub status with no sites configured

Step 2. Configure and Connect the Fortinet Firewall

 
Fig 1.6 Fortinet Firewall Configuration
 
Fig 1.7 Fortinet Phase 1 & Phase 2 Proposal
 
Fig 1.8 Azure to Fortinet Rule
 
Fig 1.9 Fortinet to Azure Rule

Step 3. Associate Sites to the Hub

 
Fig 1.10 Add a connection between hub and site
 
Fig 1.11 Associate site with one or more hubs

Step 4. Verify Connectivity and Routing

 
Fig 1.12 Hub status with VPN site
 
Fig 1.13 VWAN Heath and Gateway status
 
Fig 1.14 Fortinet Gateway status

There you go the connection is established and network flows:)

Virtual WAN enables centralized, simple and fast connection of several branches, with each other and with Microsoft Azure.

If you need any help on Virtual WAN Implementation, Please do reach out to us.

資料來源:
https://blog.powerupcloud.com/connectivity-betweenazure-virtual-wan-and-fortinet-appliance-e5c66e66367f

]]>
2019-06-12
<![CDATA[Managing the 5G Hype Is Critical to Carriers]]> http://www.phitech.com.tw/news/index.php?news_id=901 Denver -- Big 5G Event -- At this early stage of the 5G era, it's critical for mobile carriers to manage the hype around the next-gen platform among both enterprise customers as well as consumers.

The near future of 5G has, of course, plenty to do with engineering, but it's likewise important to prepare customers for what the technology will be capable of early on and to avoid creating "unrealistic expectations," Patrick Riordan, chairman, president and chief strategy officer of Wisconsin-based Nsight (Cellcom), said here Tuesday during a panel discussion focused on the next steps for 5G. "We need to tell the story better on what 5G is."

As labels like "5Ge" enter the marketplace, they can create a "placebo effect" that ends up falling short of what "true 5G" will be capable of, Riordan said.

For its part, Cellcom has been spent the last two years preparing to move from 4G to 5G, he said, noting that purchasing and building fiber is "critical" to that effort, and that for a company like his, which is focused on rural areas, it's also important to "work hand-in-hand' with suppliers on the deployment.

 

Sprint, meanwhile, is amid an initial 5G rollout that will hit nine markets before the end of the first half of 2019, Mishka Dehghan, vice president of 5G deployment at Sprint, said. She estimated that this early batch of work will enable Sprint to cover about 1,000 square miles with 5G. At this stage, Sprint has some proof-of-concepts announced related to 5G-powered smart city applications. "There is definitely a ton of interest in cities from across the country about what 5G can bring to their communities," Dehghan said.

For Cisco Systems, the next big step on the 5G path is to work with carriers on the deployment of 5G radios with a 4G core. That will follow with the early positioning of a new 5G core architecture and more work on how this core-level migration will be completed, Ian Campbell, CTO service provider mobility and automation at Cisco Systems, said.

5G "is a major re-architecture of the core," he said, citing the move toward network-slicing and installing more compute at the network's edge. Some initial introductions of a 5G core are expected to start next year.

Network virtualization will also be paramount, as it will help to drive costs out of the network and put carriers in a better position to create a profitable 5G business. "There will be no 5G without virtualization," John Baker, SVP of business development at Mavenir, said. He said many carriers he speaks to are still struggling with how to make a 5G business plan work.

He also estimates that the computer industry is some 15 years behind the mobile industry concerning deployment technologies, and that could greatly affect the deployment of effective edge computing architectures needed by 5G. To the computer industry, "everything is 19-inch rack-based," he said, believing that this will open up opportunities for others to rethink and develop processing technologies that are more optimized for the edge.

5G will support faster speeds, but carriers will also need to ensure that their mobile networks can keep up and don't become the bottlenecks. The industry is still data center focused, so more work needs to be done to enable redundancy and harden the edge of the new 5G network, Oded Sagee, senior director of embedded and integrated solutions at Western Digital, said.

Panelists also noted that 5G networks, and the low-latencies and abundant capacities they will support, will be deployed to reach small pockets and target specific early cases early on.

"It can be done one enterprise at a time," Baker said.

"It could be as small as a manufacturing plant," Riordan added, reiterating that the industry must avoid the "super hype" building on 5G and the perception that it will suddenly become available everywhere. "It's not going to happen that way."

— Jeff Baumgartner, Senior Editor, Light Reading

資料來源:
https://www.lightreading.com/mobile/5g/managing-the-5g-hype-is-critical-to-carriers-/d/d-id/751315?_mc=RSS_LR_EDT

]]>
2019-06-05
<![CDATA[Fortinet has a Longstanding Commitment to Cloud Security Leadership]]> http://www.phitech.com.tw/news/index.php?news_id=899

Fortinet has a Longstanding Commitment to Cloud Security Leadership

As digital transformation requirements drive organizations to adopt and expand cloud usage, Fortinet is positioned to support a wide range of cloud migration initiatives—from extending and migrating applications and datecenters to the cloud, to helping companies build applications on the cloud through helping customers consume SaaS applications.

Due to the breadth of security offerings (FortiGate, FortiWebFortiSandbox, FortiMail, etc.) available on all six of the leading cloud platforms (AlibabaAWSAzure, GoogleIBM, and Oracle), Fortinet is uniquely positioned to offer organizations the confidence to deploy any application on any cloud as they can take their security with them supporting any cloud adoption initiative.

Four Major Advances in Cloud Security

In keeping with our Fortinet’s long history of security innovation on premise, Fortinet offers these expertise for the cloud as well. We are proud to announce Four new advances that further demonstrate our commitment to the variety of cloud adoption initiatives organizations are undertaking—enabling them with the confidence needed due to consistent security across their entire infrastructure even as their cloud and networking initiatives continue to evolve.

1. Accelerated Performance—Virtual Security Processor (vSPU) for FortiGate VM

As organizations migrate existing applications into the cloud, they too often find that many of these applications—especially those with high performance requirements—cannot benefit from the flexibility and potential that these new cloud architectures have to offer. Quite often, this is due to the performance constraints inherent in the virtual security solutions they have deployed to protect themselves and their resources, and not in the cloud environment itself. To truly unleash the potential of the cloud’s scale, customers need a new class of high-performance virtual security appliances designed for cloud environments.

Fortinet’s new Virtual Security Processing Unit (vSPU) for the FortiGate-VM solution, modeled after the award-winning security ASICs in place in Fortinet’s physical devices, extends accelerated security performance into private and public clouds. Our new vSPU technology enables customers to migrate their high performance applications to the cloud without compromising on speed or security. It also supports a variety of other use cases, including highly available, large scale VPN in the cloud.

Fortinet’s revolutionary vSPU architecture provides a whole new level of performance for virtual security. We also made the process of integrating with new acceleration technologies much easier, which, in turn, provides customers with the benefit of early access to high performance security in the public and private cloud.

Fortinet has achieved this by applying our 15+ years of proven hardware design leadership to cloud software by optimizing code, eliminating unnecessary processing, and addressing many of the processing challenges and complexities faced by other security solutions. As a result, Fortinet is now the first to market with high performance support for AWS C5n and Intel QAT, on top of their existing support for DPDK and SR-IOV running in a variety of environments.

2. Cloud Security Analytics—FortiCASB-Cloud 4.1

Gartner predicts that through 2023, at least 99% of cloud security failures will be the result of misconfiguration. So whether an organization is migrating to the cloud or building cloud-native applications, the cloud’s management interface is one of the new threat vectors that organizations need to address. In fact, while many organizations are still trying to use their traditional security tools to deal with cloud security issues, it is important to realize that none of these tools  address the threats associated with the misconfiguration of cloud infrastructures—let alone the potential risks associated with such misconfigurations being distributed across multiple disperse and distinct cloud infrastructures.

The cloud security management capabilities provided by FortiCASB-Cloud 4.1 provides organizations with the visibility and controls they need to mitigate the growing risks associated with the configuration of their public cloud infrastructures, as well as with the applications they have built in the cloud.

FortiCASB-Cloud powers security teams with insights and information that help them communicate cloud security information and findings more effectively with cloud DevOps teams. This information helps them better address potential risks, such as those that can be addressed through modifications to infrastructure code in the CI/CD pipeline. Among its capabilities. FortiCASB-Cloud offers organizations the ability to investigate security events, optimize security configurations, and assess an overall security posture against internal or external policies and regulatory requirements.

  • FortiCASB-Cloud leverages the public cloud management API to monitor activity and configure multiple public cloud resources on AWS, Azure, and Google Cloud Platform
  • FortiCASB-Cloud continuously evaluates configurations across regions and public cloud types to:
                    - Provide guidance on security best practices
                    - Offer threat and risk management tools to help mitigate cloud risk
                    - Trace misconfigurations to their source
                    - Enable regulatory compliance violation reporting

3. Container Security

As organizations build native cloud applications. they often leverage emerging technologies such as containers and serverless workloads. The use of these technologies to accelerate the application development process is accelerating digital transformation. However, traditional security tools—even those designed for the cloud—cannot address all of the security needs of these workloads.

FortiGate (FortiOS 6.2) Fabric Connectors and New Technology Partners

Fortinet offers a comprehensive Container and emerging technology solution for our customers through a mix of organic products and tools, and integrations with 3rd parties. 

FortiOS 6.2 addresses these cloud container challenges with the following advances:

  • FortiGate running FortiOS 6.2 Fabric Connectors delivers container-aware security by helping customers secure any traffic entering or leaving (north-south) their container clusters using logical policies based on labels and meta-data information attached to container resources. Since containers cannot be defined using static IP address information, these capabilities are essential when securing container-based workloads for publicly facing cloud applications.
  • FortiCASB-Cloud 4.1 delivers container-aware security by providing full visibility into container service configuration risk profiles and vulnerabilities, as well as well as detailed traffic analysis to and from container hosts.
  • Fortinet Cloud Technology Alliance Partnerships deliver container-integrated security with partnership with companies like: (1) Tufin, through their cloud-native Iris platform that manages native cloud security ,as well as their Orca platform that manages Kubernetes security without agents, and (2) Alcide, which offers deep integration into serverless and container-based workloads, leveraging emerging standards such as Istio, and supporting agents for containers. 

4. FortiMail 6.2 O365 Connector

For those organizations that consume O365 applications, many find it hard to implement a network-heavy security product which requires potentially challenging changes to network configuration. Fortinet addresses this challenge by offering organizations the ability to easily attach an industry-leading mail security to their O365 Exchange online instances that has been optimized for cloud performance and that functions as a cloud-native solution.  

Summary

Fortinet continues to be committed to solving the wide range of cloud adoption initiatives organizations are considering or implementing, whether migrating applications and infrastructure to the cloud, building cloud native applications, or consuming SaaS applications. Fortinet’s comprehensive strategy of the native integration of our portfolio of products and services into the cloud platforms, offering the broadest set of protections available, and enabling single pane of glass management and security operations offer customers the confidence they need to expand cloud operations while deploying any application on any cloud without concerns of risk, availability, or performance.

Read more about how Fortinet secures multi-cloud environments with our Security Fabric.

Read more about the news announced from Fortinet at Accelerate 19.

資料來源:
https://www.fortinet.com/blog/business-and-technology/fortinet-raises-bar-for-cloud-security-again.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblogs+%28Fortinet+All+Blogs%29
 

 


 
 
]]>
2019-05-29
<![CDATA[Container周報第100期:新版Docker企業版3.0內建K8s,而Windows則內建了Linux]]> http://www.phitech.com.tw/news/index.php?news_id=903

Docker企業版3.0新特色是內建了一個Kubernetes叢集管理服務DKS,等於是直接在Docker中內建了Kubernetes支援,可以強化Docker企業版與Kubernetes叢集的整合,

 
 

5/2~5/8你一定要知道的容器精選新聞

#企業版Docker、#DKS、#K8s
Docker企業版推出3.0,最大特色是內建Kubernetes管理服務

Docker在今年DockerCon大會中,推出了新的Docker企業版3.0,最大新特色是內建了一個Kubernetes叢集管理服務DKS(Docker Kubernetes Service),等於是直接在Docker中內建了Kubernetes支援,可以強化Docker企業版與Kubernetes叢集的整合,例如可在Docker中套用Kubernetes的RBAC權限、PKI金鑰,也可支援Kubernetes的網路CNI外掛,另外Docker也宣布3.0版。3.0還強化了Docker叢集的自動化部署功能,可以自動部署到指定的雲端環境,來建立藍綠測試環境,可支援AWS、Azure和VMware中。DockerCon另一個重要宣布是,Docker產品將支援服務網格專案Istio,不過沒有進一步說明。Docker也預告,未來將優先開發跨基礎架構(多OS、多雲)的部署機制,以及雲端自動化部署機制,另外也將推出containerd的商業支援。

#紅帽、#RHEL
紅帽企業版Linux 8正式推出

紅帽在年度大會中,正式推出了企業版Linux產品RHEL 8.0。新版內建了一個網頁管理介面(Web Console),這是源自開源Cockpit專案的新管理介面,透過瀏覽器就能提供系統層級的監控和維護管理,也能直接管理作業系統中的虛擬機器,這是RHEL 8用來統一混合雲管理機制的重要功能。RHEL Web Console還可以和紅帽基礎架構管理產品Satellite整合。另外,RHEL也新增了應用程式串流功能,來強化應用程式派送和部署版本的管理。新版還內建了一套完整的紅帽容器工作包(Red Hat Container Toolkit),以容器開放標準相關工具為主,涵蓋了建立、執行和共享容器化應用所需的常見工具。RHEL通用基礎映像檔也趁8.0發布正式推出,可作為建立紅帽容器化應用的基礎OS。

#WSL 2、#Linux、#Windows
Windows將內建完整Linux核心,可支援完整系統呼叫

微軟發表了第二版Windows內建的Linux次系統WSL 2,這次改將完整的Linux核心(目前是4.19版核心),放入了Windows作業系統中,而且可以提供全套Linux核心系統呼叫,包括了git clone、npm install、apt update、apt upgrade這些Linux工程師維運系統常用的指令都支援,開發者也可以在Windows中執行Linux應用程式。微軟表示,目前已測過不少Linux軟體,連Linux版Docker都能順利執行在Windows中。原本第一版WSL 1只是在Windows核心提供了一個可以和Windows NT核心溝通的轉譯層,讓Linux系統呼叫可以轉換成對應的Windows NT系統呼叫。但是到了第二版WSL 2,則改用特殊的虛擬化技術,直接將完整的Linux核心,放入Windows中來執行,也因此,微軟表示,WSL 2執行Linux App的速度,比WSL 1快了20倍。微軟預計在今年6月,先提供給Windows測試計畫用戶試用。

 

#CNAB、#Docker應用
Docker應用程式通用格式CNAB正式產品化

去年底,Docker和微軟聯手發表了一個全新的容器應用程式格式CNAB(Cloud Native Application Bundles ),要作為封裝容器化應用的標準檔案格式。今年DockerCon中,Docker終於在3.0新版中,正式支援這個封裝格式,也推出了Docker應用管理工具,讓開發者可以建立以CNAB格式打包的Docker應用樣版,快速將Dockerfile和相關檔案封裝成一個應用程式,以便分享給其他人。

#無伺服器、#Azure
微軟推出K8s無伺服器元件KEDA,可將Azure Functions部署到K8s上

微軟和紅帽聯手打造了一個K8s的無伺服器服務元件KEDA(Kubernetes-based event-driven autoscaling),可將Kubernetes上部署容器應用,變成一個事件驅動的無伺服器應用。KEDA可以自動依據事件訊息,自動部署、擴充在Kubernetes上的容器應用,可以從0(自動新增容器實例)擴充到數千個的容器實例。等於是KEDA可以用來在Kubernetes叢集上,自動建立一個事件驅動的無伺服器服務。微軟也宣布,Azure Functions將可透過KEDA部署到Kubernetes上,甚至是企業內部自建環境或其他公有雲上的Kubernetes皆可支援。

#IDE、#Visual Studio
微軟正打造網頁版開發工具Visual Studio Online

最近微軟宣布正在開發Visual Studio Online,以賦與開發者隨時隨地就能開發的靈活性,這是一個基於網頁的伴隨編輯器(Companion Editor),讓開發者在任何裝置的瀏覽器上,執行諸如快速編輯,或是查看團隊Live Share對話等工作。由於Visual Studio Online是基於Visual Studio Code開發,因此開發者能夠快速上手,而且還可以使用豐富的擴充套件,支援Visual Studio Code工作區與Visual Studio解決方案,此外,Visual Studio Online還會支援IntelliCode以及Live Share。

#Windows、#命令列工具
新版Windows終端機開源了,開發者可以自訂彩色介面

Windows的命令列工具不再黑黑醜醜,微軟在Build開發者大會上,宣布釋出全新開源全功能Windows終端機(Terminal),這是一個現代高效的終端應用程式,可用來操作命令提示字元、PowerShell和WSLWindows Subsystem for Linux)等殼層,將在今年夏天於Windows 10的Microsoft Store提供,但想嚐鮮的使用者,可以於GitHub中複製專案使用,目標在冬天時推出Windows終端機1.0。終端機也新增了多頁籤功能,可以開啟任意數量的分頁,每個分頁都可以連接到選擇的殼層或是應用程式,像是命令提示字元、PowerShell,也能在WSL執行Ubuntu、openSUSE以及Debian,甚至是透過SSH連接樹莓派也沒問題。

#AKS、#微軟
微軟推出AKS虛擬節點功能,數秒內可彈性擴充大量AKS節點

微軟在年度開發者大會上宣布了多項AKS服務新功能,其中一項是AKS虛擬節點(Virtual nodes)正式上線,可以讓開發者在幾秒內自行調度、新增大量Kubernetes運算節點,來回應突然暴增的運算需求。開發者只需要Azure入口網站設定即可快速建立AKS叢集,而不用自行在虛擬機器上進行部署。目前只可支援Linux pods和Linux節點。

責任編輯/王宏仁
 

資料來源:
 https://www.ithome.com.tw/news/130566]]>
2019-05-22
<![CDATA[Fortinet: 5G to present new edge computing security concerns]]> http://www.phitech.com.tw/news/index.php?news_id=897 Although the rollout of 5G connectivity will enable new edge computing opportunities, John Maddison, executive VP at Fortinet, said it will also require new security considerations.
  •  
  •  
  •  
  •  
  •  

The rollout of 5G wireless technology is expected to enable many new technologies to thrive, but it will also lead to new edge computing security challenges and competition with cloud providers.

John Maddison, executive vice president of products and solutions at Fortinet Inc., said that although the rollout of 5G may take a while, the benefits are apparent, including more data capacity, faster speeds and lower latency, which will enable more edge computing options.

In this Q&A, Maddison says this will also present challenges for edge computing security, as attack surfaces will grow larger and more decentralized, which will present the need to rethink how edge computing security is handled by enterprises. Additionally, the rise of edge computing could lead to competition between ISPs and cloud providers.

Editor's note: this interview has been edited for length and clarity.

Can you walk through how the 5G infrastructure is set up and how it could change enterprise connectivity?

John Maddison: I think a lot of the 5G applications will be IoT-oriented because a lot of those IoT applications need low latency, and I think edge compute will be a key component of 5G.

Today, we think about data centers all becoming mega-data centers around cloud, and we'll still see that trend happening. But we're also going to see compute move to the edge, and 5G will be a big platform to allow that to happen.

At edge compute, we'll empower these low-latency applications that require a very rapid compute and low latency for a small amount of compute.

At some point, because of the capacity and throughput, 5G will take over more of the traditional fixed-line connectivity where you've probably got more capacity. For example, today, we've got some products that are called SD-WAN, which have built-in 4G and 3G LTE capability and, often, the customer uses that as a backup.

5G is going to be a very important component of that because when it rolls out properly, it won't be used as backup like 4G is today. It'll be used as a primary connection for a lot of businesses, and they will use that as part of their SD-WAN 5G.

The move to more edge computing applications can decentralize the structure of the network. What does that mean if there's an edge computing security concern, like a malicious device on the network?

Maddison: Security people are always concerned about the attack surface, and the attack surface definitely changes when we've got networks and applications which are much broader and, sometimes, not under your control. Once that attack surface becomes so large, it is a big risk.

The security then needs to be deployed in a different way. And whether it's deployed in the car itself, in the application, the IoT devices -- it'll be security deployed in the edge compute.

And edge compute has to be much more efficient than centralized data centers, so you'll see custom silicon for edge compute deployed to provide security. You'll see security deployed as virtualized systems in the core networks and you'll see connectivity deployed at the internet gateway. You'll see a much more distributed model of security versus the current model today where it assumes everything goes through a secure gateway; that's just not going to be true.

But you're going to see a hybrid way of deploying that security through custom silicon, off-the-shelf virtual systems. And then, because of the serious scale, the other component [of] artificial intelligence and machine learning will be essential. It'll actually be mandatory.

There's no way you can provide security without deploying some AI and machine learning just because of the sheer scale. From a security perspective, you're going to see a much more distributed model, and then you're going to see much more deployment of AI and machine learning as the security component.

With the more distributed idea of edge computing security, how difficult is that going to be to implement?

Maddison: A very simple example is, 5G makes sure everything is encrypted. Even just to provide that encryption, there's a lot of processing power [needed], and if you use the normal, off-the-shelf CPU, that takes a lot of compute resource.

We're talking billions of devices here eventually. That's why we see custom silicon as being an essential part of edge computing going forward because you've just got to get the efficiency right.

Can you expand on the encryption changes coming with 5G?

Maddison: The encryption piece is end to end. If you look at all the applications on the web today, they're definitely encrypted -- 80% of the traffic is encrypted in HTTPS. The majority of the traffic is traveling across the application encrypted, but also they'll provide encryption at the transport layer, as well, so you've got encryption upon encryption upon encryption, which makes it even harder for general purpose CPUs.

Encryption is here to stay across our networks and it's great because that provides things not in clear text [where] people can just tap in and see what it is. But it's a lot more compute to transport it around.

The CEO of AT&T, Randall Stephenson, talked about how things will change because of the low latency of 5G. He said "the storage no longer needs to be [on endpoint devices]. The storage can be back in the network. The compute capacity no longer needs to be there. It can be back in the network." What are the edge computing security concerns of a move like this?

Maddison: What he's talking about is edge compute. Some of the compute might be in the towers. Imagine that, where you've got compute there. But there's no reason why that can't be there at some point. Whether you trust them or not is a different matter. I think they'll have to rethink that security strategy totally, but that's probably the only way it's going to work for some of these apps.

I was watching Sprint doing this 5G example. One of the applications was if you took your eyes off the road [while driving] for more than three seconds, it would send an alarm and buzz you or your phone. It's a very simple application, just to make sure your eyes are on the road all the time.

But it was using a very rapid calculation locally and in the edge compute to do that. If you had to send that information to data centers, [you're] too late. You're done. You've crashed. So some applications will have to work that way with edge compute.

And that necessarily gives a lot more power to the carriers.

Maddison: It's actually what they want. Why do you think they're building 5G? They're absolutely building 5G for that reason.

It's no different in my mind than some of the cloud vendors, like Microsoft and AWS. They're creating monopolies, as well. Data is very powerful going forward, and if you've got lots of data, you can even sell it and use it, to mine it, to kind of promote things. And so I think the carriers want a piece of that action, and they want to say they can do that if they control some of the applications, for sure.

We're here in Silicon Valley; we've got an Apple campus to our right and a Google campus to our left. They're huge campuses. It just gives you the size of the investment these companies make. [Google] is building a new data center every six months. The investment needed for these networks of 5G is enormous. There are going to be large companies that are the only people to build them. A shift from the cloud to edge compute might balance things out a bit.

Today, there are four or five cloud vendors around the world: it's Facebook, Apple, Amazon, Google, Microsoft. There's probably Alibaba in China, as well. If you let those [companies] decide everything going forward, then it's probably not a good thing. If you have maybe 10 carriers also able to offer it to most of us, I think that's a good thing. Would you like it to be more distributed? Probably.

But, coming back to it, this just means, in our mind, a different security challenge, and I think we refer to it as kind of a security-driven networking. Instead of thinking about security last, you think about security first. You think about how the security is going to be building a network first -- [with] privacy, encryption, defense, defense against exploits, social engineering -- and then build your network.

資料來源:
https://searchsecurity.techtarget.com/news/252460696/Fortinet-5G-to-present-new-edge-computing-security-concerns
 

]]>
2019-05-15
<![CDATA[五招教你 防範被植入木馬]]> http://www.phitech.com.tw/news/index.php?news_id=896 美國資安大廠Fortinet北亞區資深技術協理劉乙今日表示,安裝防火牆、不安裝不明來路的軟體、定期更新作業系統、定期備份手機與電腦,以及布署網路沙箱等,這五招將可以避免被植入木馬。

華碩自動更新軟體被植入木馬,引起關注,終端裝置的消費者,要如何防止被植入呢?劉乙說,要防止木馬被植入電腦或手機等終端裝置,有五項工作要做,即1.安裝防火牆和病毒軟體。2.不安裝來路不明的軟體,不隨便點擊不明來源的網頁連結和執行電子郵件附件。

3.定期更新作業系統安全補釘和軟件資安更新。4.定期備份工作手機和電腦。5.佈署網路沙箱和多功能資安防火牆,及早模擬或利用C&C的連線資訊,發現潛在的感染設備。

他說,若你的電腦或手機,出現以下八種症狀,就可能被植入木馬。1.瀏覽器經常性跳出莫名的視窗。2.電腦或手機出現龜速情況。3.Windows出現藍畫面。4.滑鼠無法控制或自行異常移動情形。

5.硬碟或SD儲存莫名滿載。6.防火牆或資安軟體被移除或暫停使用。7.重要檔案莫名損毀或消失。8.使用者介面語系被更改。

至於被植入木馬會發生什麼事? 他說,木馬程式已經不僅僅是感染電腦,已知多種的變型木馬大幅入侵移動裝置,甚至是手機和網路監控設備。

目前有幾種常見的型態,1. BackDoor-開啟後門,以利駭客遠端操控此電腦,進而竊取上傳的資料,甚至在下載更多不同的惡意軟體

2.DataThelf -偷竊機敏資訊,大至國家國防機密,小至個資及銀行帳密。3. Mining -竊取控制客戶的電腦資源,協助駭客數位貨幣挖礦。4.SMS/Call -利用感染手機盜傳簡訊,或盜撥高資費的付費電話。

資料來源:
https://udn.com/news/story/7240/3721991

]]>
2019-05-08
<![CDATA[Azure Marketplace App - Fortinet FortiWeb Web Application Firewall WAF VM]]> http://www.phitech.com.tw/news/index.php?news_id=895

AI-based, multi-layered protection for web-based applications

Whether to simply meet compliance standards or to protect mission critical hosted applications, FortiWeb's Web Application Firewalls (WAFs) provide advanced features and AI-based machine learning detection engines that defend web applications from known and zero-day threats.

Using a multi-layered and correlated approach, FortiWeb intelligently and accurately protects your web applications from the OWASP Top 10 threats. Combined with Fortinet’s Web Application Security Service from FortiGuard Labs, FortiWeb keeps your applications safe from vulnerability exploits, bots, malware uploads, DoS attacks, advanced persistent threats (APTs), and zero day attacks.

FortiWeb software editions offer the same features of the FortiWeb hardware-based appliances with the flexibility to deploy instances as needed to meet the demands of dynamic application hosting environments.

selected image

Highlights:

  • Effective protection using multiple techniques including signatures, IP reputation, antivirus, and AI-based behavioral analysis
  • Integrated with FortiGate, FortiSandbox, and leading third-party vulnerability scanners for enhanced zero-day threat protection and virtual application patching
  • Accurate with intelligent tools that minimize false positive detections including user scoring, session tracking, and event correlation
]]>
2019-05-02
<![CDATA[Fortinet Recognized as Best Security Company at 2019 SC Magazine Awards]]> http://www.phitech.com.tw/news/index.php?news_id=894 ast week at RSA Conference 2019, Fortinet won an Excellence Award for "Best Security Company" and a Trust Award for “Best UTM Security Solution” at the 2019 SC Awards held in San Francisco during RSAC.

“The Excellence Award honors those organizations and individuals whose relentless pursuit of data security, innovation and customer service places them in a league of their own. Fortinet has demonstrated its commitment to improving the industry and has rightfully earned this recognition,” said Illena Armstrong, VP, editorial, SC Media. “And as a winner in the Trust Award category, Fortinet's UTM solution stands out for its innovative approach to protecting businesses against the ever-changing threat landscape. This is a significant achievement and one that shows Fortinet’s dedication to improving the IT security industry as a whole.”

Trust: Fortinet’s UTM Solution

Fortinet has consistently delivered the industry’s most robust Unified Threat Management (UTM) solution since its initial release. Its tight integration of network connectivity, wireless access, and endpoint security with its top-rated protection, simplified management, and rich reporting provides a powerful solution for customers around the world.

Excellence: Fortinet Security Fabric

Fortinet’s growing portfolio of security, networking, and business productivity solutions are tightly integrated to ensure that today’s organizations can confidently build the digital business infrastructure they need without compromising on security. By combining custom security processors, an intuitive operating system, and applied threat intelligence, Fortinet customers receive proven security, exceptional performance, and better visibility and control, along with easier administration to reduce overhead and TCO.

This Security Fabric architecture approach also provides seamless protection across and between different networked environments, whether physical or virtual, and can adapt as business requirements and technologies continue to evolve without compromising on performance of functionality. This holistic approach to security, which is broad, integrated, and automated, sets Fortinet apart from the rest of the security industry, and those efforts are reflected in these industry-recognized awards. 

For more information and a detailed list of categories, finalists, and winners of this year’s, SC Awards, you can visit https://scawardsus.com/.

Learn more about how Fortinet's Security Fabric provides a unified security solution to seamlessly protect organizations for the Third Generation of Network Security




資料來源:
https://www.fortinet.com/blog/business-and-technology/fortinet-recognized-as-best-security-company-at-2019-sc-magazine.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblogs+%28Fortinet+All+Blogs%29
 

]]>
2019-04-24
<![CDATA[Fortinet’s FortiClient Blocks 100 Percent Malware in NSS Labs 2019 Advanced Endpoint Test Report]]> http://www.phitech.com.tw/news/index.php?news_id=893 FortiClient receives third-straight recommended rating in the NSS Labs AEP Group Test, offering powerful and cost-effective solution for safeguarding the growing number of endpoint devices.

Sunnyvale, CA - Mar 7, 2019
 - 

 

John Maddison, executive vice president of products and solutions, Fortinet

“Endpoint devices and applications play an increasingly important role in business and networking strategies. Endpoint security solutions need to coordinate closely with the network and other security components, enabling them to share telemetry, correlate intelligence and quickly address increasingly sophisticated threats as part of an automated and coordinated response. Fortinet is pleased to have received our third-straight Recommended rating by NSS Labs for FortiClient along with the many we have received for our other Security Fabric components as we remain committed to third-party testing validations.”

News Summary

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced its results from NSS Labs’ 2019 Advanced Endpoint Protection (AEP) Group Test. NSS Labs' AEP report provides the industry’s most comprehensive test results for security effectiveness and total cost of ownership for endpoint security solutions protecting today’s increasingly intelligent and hyperconnected endpoint devices.

In this year’s test, which included 19 endpoint security vendors, Fortinet’s FortiClient demonstrated a 100% block rate of exploits, unknown threats and HTTP malware, with zero false positives. It also demonstrated high effectiveness in detecting malicious malware across multiple vectors, including email, web, and USB (for offline threats), and was proven resistant to all evasion techniques. As a result, FortiClient has received NSS Labs' coveted 'Recommended' rating for the third straight year with low TCO.

  • As a robust advanced endpoint protection solution, FortiClient effectively detects and blocks threats such as malware, exploits and malicious scripts. FortiClient also provides effective vulnerability scanning and flexible patching options to help users and organizations maintain security hygiene and reduce their attack surface. 
  • FortiClient also integrates with FortiSandbox and FortiGate to further identify and respond to unknown, advanced and targeted threats, creating a single, unified security strategy that can seamlessly extend out highly mobile endpoint devices to correlate threat intelligence, extend visibility, and block threats before they reach the enterprise network.
  • Fortinet’s FortiClient Fabric Agent can also be deployed as an essential and integral component of the Fortinet Security Fabric, delivering endpoint visibility, network access control and automated threat response.

FortiClient AEP Test Report Highlights

  • 100 percent block rate on exploits
  • 100 percent block rate for web-borne malware
  • 100 percent detection rate for evasions
  • Zero false positives

Supporting NSS Labs Quote

“NSS Labs focuses on empowering enterprises to make informed decisions based on independent real-world testing results. We applaud Fortinet's years of consistent commitment to third-party testing. Fortinet's Recommended rating in our 2019 AEP Group Test makes them a strategic option for any business looking to strengthen their endpoint security strategy.”  Vikram Phatak, CEO of NSS Labs

Additional Resources


資料來源:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2019/fortinet-s-forticlient-blocks-100-percent-malware-in-nss-labs-20.html
 
]]>
2019-04-17
<![CDATA[THE LEADING GLOBAL IOT CONFERENCE 25-26 APRIL 2019, OLYMPIA, LONDON]]> http://www.phitech.com.tw/news/index.php?news_id=898 Stand No: 380
 

Dialogic is a leading cloud-optimized solutions provider for real-time communications media, applications, and infrastructure to service providers, enterprises, and developers around the globe. Based in Parsippany, NJ with offices worldwide, Dialogic works with 48 of the world’s top 50 mobile operators, and nearly 1,000 application developers build and deploy on agile networks. Our global team of professional services experts is ready to help you with unparalleled support and consulting so you can get the most out of your network investment.

For more information on Dialogic, visit www.dialogic.com

]]>
2019-04-10
<![CDATA[Fortinet Secures the Path to 5G]]> http://www.phitech.com.tw/news/index.php?news_id=892 By John Maddison | February 19, 2019
5G Blog

Fortinet has just announced its portfolio support for the Mobile Service Provider transformation to a 5G core network. Fortinet has a growing family of advanced security solutions not only designed for, but fully integrated together to protect today’s evolving networks and virtual infrastructures. The latest addition to this portfolio is the introduction of Virtual SPU (Security Processing Unit) technology to power our VM-based security products.

Service Providers are embracing 5G transformation to increase network capacity, improve operational efficiency, deliver gigabit speed connectivity, and support new revenue generating use cases—such as enhanced mobile broadband, multiaccess edge computing, and IoT. To accomplish this, they have to support and secure a rapid architectural shift to open, virtual, and cloud infrastructure. In fact, the rapid adoption of these technologies is one of the primary reasons why Service Providers need to implement advanced security techniques designed to protect their new network infrastructures and revenue generating services in order to augment their traditional perimeter-based security measures.

5G market overview and new service opportunities

We are at the threshold of remarkable growth and opportunity in the mobile space. 5G has now been commercially launched and there is strong momentum in the global 5G market. In the United States, a major communications service provider launched a 5G fixed in-home service (internet service) at the beginning of October 2018, and all four of the country’s major service providers have now publicly announced that they will begin providing 5G services by mid-2019. On a global level, major 5G network deployments are anticipated beginning in 2020.

According to Ericsson’s Mobility report from November 2018, there will be 8.9 billion mobile subscriptions by the end of 2024. Further, mobile broadband subscriptions will reach 8.4 billion, accounting for close to 95 percent of all mobile subscriptions. To frame the context of the 5G transition opportunity, by the end of 2024 there will be 1.5 billion 5G subscriptions for enhanced mobile broadband, accounting for close to 17 percent of all mobile subscriptions.

With global mobile data traffic forecast to increase more than 5X between 2018 and 2024, key drivers for 5G deployment include increased network capacity and decreased cost per byte. In fact, 5G subscription uptake is expected to be faster than it was for LTE, which has been the fastest growing mobile technology to date.

Similarly, the number of cellular IoT connections is expected to increase at an annual growth rate of 27 percent, reaching 4.1 billion in 2024. These cellular IoT connections and fixed wireless access (FWA) subscriptions support new use cases, and will come on top of mobile subscriptions. New IoT services will also address diverse and evolving requirements across a wide range of use cases in different verticals, including utilities, smart cities, transportation, logistics, agriculture, manufacturing, and wearables.

To support this evolution, massive IoT cellular technologies such as NB-IoT and Cat-M1 are taking off and driving growth in the number of cellular IoT connections worldwide. And as the IoT application market begins to widen, even more advanced use cases requiring enhanced network capabilities are beginning to emerge. For example, service providers have announced the deployment of 85 cellular IoT networks worldwide using Cat-M1 and/or NB-IoT.

These new use cases—and the need to support a magnitude increase in bandwidth and ultralow latencies— are driving the evolution of traditional hierarchical service provider architectures to a flatter, cloud-based architecture where services can be offered from the edge of the mobile core network.

A shift in the core architecture

Traditionally, the core of the mobile network was run from a handful of datacenters. All mobile traffic was hauled into the core before providing access to service provider-delivered application services, such as end-user account applications or walled garden applications, or sending mobile traffic over the internet to third party cloud networks or services. These networks have been designed to handle hundreds of millions of connections and deliver megabit connection speeds.

However, in order to meet the challenges of billions of connected devices, gigabit connection speeds, and ultralow latencies—in addition to delivering rich context around data transiting the mobile network—service providers must now rapidly increase network capacity and deployment agility, in addition to adding more compute and storage—all while avoiding raising costs and/or lowering the reliability and availability of the infrastructure and services.

Cloud service providers have already demonstrated that it is possible to quickly and reliably deliver services at massive scale and capacity to both enterprise customers and consumers. Service providers are adopting a similar approach, but with a twist. They plan to deliver services from thousands of edge clouds rather than from a few mega-capacity central clouds. To support agility in service delivery, there is also a heavy focus on the programmability of the network to make dynamic changes - add/delete/update - anytime and anywhere.

The adoption of virtual and cloud native technologies to support these initiatives means opening the service provider stack to open-source technologies. At the same time, new service use cases require support for extensive web-based application delivery frameworks, with a heavy emphasis on APIs to connect the different service layers together. These new architectural changes and open technologies open up a Pandora’s box of security issues that service providers have never had to consider or deal with before, at least not at the scale and complexity that this new transformation demands.

Key security use cases

A properly engineered service provider mobile core needs to considers the need for specific security controls early on in its lifecycle. These early considerations are driven by security principles and policies established by the service providers, as well as by regulations and laws imposed by oversight and governing bodies. These drivers, together with the assessed risks to the business and its assets, give rise to security requirements, which in turn lead to having safeguards and countermeasures planned and put in place to deal with vulnerabilities and protect infrastructure and information assets from threats, whether naturally occurring or adversarial, from day one.

Today, with the movement to virtual infrastructures and cloud-based architectures that rely on open technologies, there is a significant need for security capabilities that go well beyond the traditional safeguards provided by stateful firewalls. The surface attack area of this emerging infrastructure extends far beyond physical assets, backhaul and fronthaul, signaling, roaming, charging, and internet interfaces. Service providers also need to secure the virtual infrastructure and cloud platforms. And with new strategies such as network slicing, service providers have to be able to accommodate the complete end-to-end isolation of slices, in addition to the agile and dynamic allocation of end-to-end resources to multiple tenants running different services with varied requirements.

Another new concept arising from 5G transformation is edge clouds designed to deliver high bandwidth and low latency applications. These edge clouds will also need to support multiple tenants and specialized IoT applications that don’t run in the central cloud. However, from a security perspective, their policies and enforcement will need to be consistent with those in the core.

The most important consideration of the 5G threat landscape is that it is far more than the volumetric DDoS attacks and signaling protocol-specific hacks of the past. It also includes advanced persistent threats, lateral propagation, web application layer vulnerabilities, API security, and more. As a result, service providers need to ensure that the diverse set of security requirements imposed by this new architecture—along with the related use cases and services supported by their core networks—are adequately addressed by the security solutions they have in place. And further, these solutions need to be fully integrated and automated to ensure consistent and effective security enforcement to protect infrastructure assets and revenue generating services.

Fortinet solutions for 5G transformation

Fortinet offers a suite of strategic security solutions specifically designed to address the unique challenges facing operators as they migrate their core networks to deliver 5G mobility services. These specialized tools provide the ability to build an integrated security framework that optimizes the cost of launching and operating new services and revenue opportunities and enhances the ability to achieve service level goals, all while mitigating advanced threats.

Fortinet has a pedigree of building high performance carrier-class products and solutions. For example, we offer next generation firewalls that not only protect the mobile carrier signaling, roaming, charging, and internet interfaces with our 5G-ready FortiGate 7000 and FortiGate 5000 series, but we also provide secure transport for backhaul and fronthaul traffic with our FortiGate 3000 series. FortiGate NGFWs powered by the FortiCarrier OS offers several key security features including:

Stateful termination of GTP-C and GTP-U traffic (Gn/Gp interfaces and S5/S8 interfaces) to provide complete protection and content inspection to prevent GTP signaling attacks.

Comprehensive SCTP protection and inspection, including SCTP over IPSec VPN, IPS DoS protection, flood attacks, fuzzing attacks, and more.

Extensive protection with hardware acceleration for SIP (Voice) and MMS (multimedia messaging) features, including inspect only and header rewrite modes, complex SIP NAT environments, rate limiting, topology hiding, and more

Highest capacity for virtual domains and very high scale for profiles to enable true multi-tenancy needed to support MVNOs, IoT providers ,etc. Carrier features can be defined per-virtual domain.

For virtualized infrastructures, Fortinet offers a broad range of next generation virtual firewalls and virtual web application firewall virtualized network functions (VNFs). Powered by Fortinet’s Virtual SPU Technology, FortiGate Virtual Network Functions (VNFs) deliver significant increases in application and carrier security performance through innovative security processing optimizations and the latest packet processing acceleration technologies. While the FortiGate NGFW VNFs provide comprehensive network security capabilities along with deep application visibility and control, the FortiWeb WAF VNFs protect web applications and APIs powering cloud-based services.

These VNFs also have a small footprint, boot within seconds, and require less storage, thereby enabling service providers to protect their virtual networks and cloud platforms cost effectively. And for the efficient and agile deployment and utilization of these security VNFs, Fortinet also delivers integrations with NFV platform and SDN vendors. At the same time, FortiSIEM offers service providers offline inspection, security event correlation, and advanced analytics to detect and respond to application and user threats that may have evaded other inline protection systems.

Conclusion

The move to 5G presents service providers with a tremendous opportunity to grow their revenue streams into enterprise service offerings, in addition to improving ARPU with advanced mobile applications for consumers. These new services, however, require the adoption of virtual and cloud-based technologies that open up an entirely new set of vulnerabilities and threats to the infrastructure and services.

By utilizing Fortinet advanced security and high-performance systems, service providers can continuously monitor their extensive and complex mobile core networks and automatically detect and respond to threats. Additionally, Fortinet’s security fabric components provide mobile carriers with improved visibility through comprehensive and correlated analytics, and the ability to thwart complex external and internal security threats that can impact network infrastructure and services through massive scalability, high performance, broad visibility, and deep, granular controls.

Learn more about Fortinet's 5G security solutions.

Read the 5G Security Survey by Heavy Reading or the "Securing 4G, 5G and Beyond" white paper.

資料來源:
https://www.fortinet.com/blog/business-and-technology/fortinet-secures-the-path-to-5g.html

 
]]>
2019-04-03
<![CDATA[How Fortinet's Intent-Based Segmentation Makes SDN Easier to Do]]> http://www.phitech.com.tw/news/index.php?news_id=891

NETWORKING TREND ANALYSIS: In discussions with IT pros, eWEEK's Zeus Kerravala finds that network segmentation is a little like going to the gym--where everyone talks about it but very few actually do it.

Fortinet.conference

There may be no hotter trend in networking and security than segmentation. The rise of software-defined systems have made it possible to carve up the network into virtual segments to isolate assets. In actuality, in discussions with IT pros, I find that segmentation is a little like going to the gym--where everyone talks about it but very few actually do it. 

The reason for this is that applying segmentation can be very difficult. The concept is easy to understand: Keep high-value assets away from others and, as they say, “Bob’s your uncle” (this means "and there it is" or "and there you have it"; this is commonly used in United Kingdom and Commonwealth countries). In practicality, there are multiple kinds of segmentation and often a lack of understanding of how to apply the various types. 

Recently, security vendor Fortinet announced something called intent-based segmentation (IBS) to help make the process easier. The term “intent-based” refers to having the ability to have a system configure and maintain itself based on business intent. If you’re not familiar with the term, I recently wrote this post on how intent-based networking (IBN) works. Although this was specifically networking, the concepts as applied to segmentation are the same. In fact, one could argue that intent-based segmentation is a subset of the overall IBN term.

Varying Types of Segmentation

Before I get into how IBS works, it’s worth reviewing the various types of segmentation. These are:

  • Macro-segmentation, also known as coarse grained segmentation, is akin to VLANs, although they are significantly more flexible. The primary use case is to isolate broad buckets of device types, such as medical devices or guest endpoints.
  • Micro-segmentation, also known as fine-grained segmentation, is a more granular version of macro. This lets IT pros tailor security settings to isolate classes of devices within a broad group. An example of this might be a hospital that wants to isolate cardiac heart pumps from all other medical equipment.
  • Application level segmentation is used isolate traffic at an application or even process level. This can isolate applications on the same physical or virtual server.
  • Endpoint segmentation enables segmentation to be applied at the device level, regardless of the network topology below it. This can be particularly useful in IoT environments.

The obvious question here is which type of segmentation is best? The answer is all of them! It really depends on what the business is trying to achieve. In fact, the process of isolating cloud assets can involve using micro, macro and application segmentation.

This is where Fortinet’s IBS comes into play. Its new family of next-generation firewalls (NGFW) includes intent-based segmentation as part of its feature set. The family includes two mid-range NGFWs (FG-401E / 601E) and two high-end ones (FG-3401E / 3601E). Performance ranges from 4.8Gbps to 66 Gpbs. All of the NGFWs are built in Fortinet’s own security processing unit (SPU). The home-grown silicon has an advantage over off-the-shelf silicon in that it’s tailored to the needs of security, similar to the way a graphics processing unit (GPU) is optimized for video.

IBS Capabilities Can Be Adjusted to Workloads

The IBS capabilities intelligently segment the IT assets based on the intent of the business objectives and aligns the security process and access control to prevent threats from spreading laterally across the network. This is something that’s difficult, if not impossible, to do with traditional security tools.

To help understand, consider what happens when a user initiates or receives a transmission. The sessions traverse the public network, and that connection gets hardened and inspected to identify and prevent malware or traffic hijacking. This is certainly necessary but not enough. Isolating users and applications enables security professionals to see and control the devices that can interact with the connections, making it difficult for threat actors to intercept, steal or corrupt that data and helps ensure that data and resources are managed and secured as they move across an increasingly expanding network of connected ecosystems. Intent-based segmentation simplifies this by automating the process.

The "intent" in IBS indicates it operates at a business or use-case level. For example, the security administrator can initiate a use case of separating critical assets, and the Fortinet NGFW will apply a combination of micro and macro segmentation. Other use cases are things such as border security, tiered cloud access, meeting compliance requirements and securing physical access. Each one of these has a specific architecture that simplifies deployment and on-going management.

IBS Plugs in to Third-party Vendors

One final note is that IBS works with third-party vendors that customers may have in place as part of their segementation strategy. This includes some widely deployed solutions, such as Vmware’s NSX and Cisco ACI.

IT environments have grown more complex and dynamic, making it more difficult to reduce the overall attack surface.

Segmentation plays a key role in doing this, but trying to stitch together multiple products is difficult, because keeping policies up to date becomes overwhelmingly hard to do. The concept of intent-based segementation simplifies this process, because it applies the right combination of segmenation techniques to ensure the objectives of the business are always being met.

Zeus Kerravala is the founder and principal analyst with ZK Research. He spent 10 years at Yankee Group and prior to that held a number of corporate IT positions.


資料來源:

https://www.eweek.com/networking/how-fortinet-s-intent-based-segmentation-makes-sdn-easier-to-do

]]>
2019-03-27
<![CDATA[Fortinet To Share Expert Healthcare Insights During Sessions at HIMSS19]]> http://www.phitech.com.tw/news/index.php?news_id=889 By Fortinet | January 25, 2019
Fortinet Security Fabric for Healthcare

In the healthcare spacedigital transformation is a complex and crucial initiative. New medical and network-based IoT and OT devices are being added to improve care and reduce costs. But when these devices are compromised, they can not only disrupt the network but also jeopardize the well-being of patients, data, and internal processes. To address these new attack vectors, Healthcare IT teams must create robust plans for both network and physical security. This includes leveraging emerging tools such as voice and biometric recognition, in addition to more traditional application and IoT security.

Through our years of working closely with our healthcare partners and customers to address issues that stem from digital transformation, Fortinet has gained a first-hand understanding of the pressing needs and concerns plaguing the industry. Fortinet is attending HIMSS19 to work further with healthcare providers to help them better protect their patients and critical devices, and secure the data and other resources they have stored in their expanding networks.

Attendees at HIMSS19 have a chance to learn from the experience and innovations that have resulted from these critical collaborations between Fortinet and our partners through a number of speaking sessions, meetups and media engagements such as HIMSS TV.

HIMSS TV Session Overview

HIMSS TV is the first online broadcasting network focused on global technological innovation in healthcare. Fortinet is excited to announce our participation in two HIMSS TV interviews this year at the HIMSS conference in Orlando. We encourage attendees to sit in on these sessions to gain new insights on digital and physical security, and the application of AI and machine learning in the healthcare space.  

Bridging the Gap of Digital and Physical Security

In today's connected world, the gap between physical and digital security must be bridged to allow for an overarching security architecture that can support the requirements of modern healthcare organizations. The integration of physical security solutions such as monitors and physical access control systems with digital cybersecurity efforts allows for the addition of new recognition and response solutions to a healthcare organization's security toolkit. These efforts allow for greater physical and digital connectivity within the organization while centralizing and streamlining critical security functions.

Fortinet's VP of Enhanced Technologies & Consumer Success, Troy Roberts, will be sitting down with HIMSS TV for an exclusive interview to discuss the importance of a connected digital and physical security architecture and how CIOs can achieve this with the right tools.

What: Exclusive Interview @ Booth 821    

Who: Troy Roberts – VP, Enhanced Technologies & Customer Success at Fortinet

When: Tuesday, February 12: 11:00 AM

Artificial Intelligence and Machine Learning in Healthcare

Modern healthcare teams are tasked with a variety of complex business enablement requests. In order to keep up, they must expand their organizations' digital capabilities to improve the quality of patient care, reduce costs, and enhance the overall customer and patient experience. To meet these demands, IT teams need to begin leveraging the expanding capabilities of machine learning and AI technology to help address the needs of digital transformation—while also maintaining a consistent and adaptable cybersecurity posture.

During this interview, Fortinet's Senior Security Strategist, Keith Rayle, will be joining Halifax Health's Tom Stafford at the HIMSS TV News Desk to discuss the importance of incorporating artificial intelligence and machine learning into an organizations' security architecture to support digital transformation initiatives in healthcare.

What: Panel Interview @ HIMSSTV News desk: Artificial Intelligence and Machine Learning in Healthcare

Who: Tom Stafford, VP & CIO - Halifax Health, Keith Rayle, Senior Security Strategist - Fortinet

When: Wednesday, February 13: 11:00 AM

Working Together to Overcome Physical and Digital Security Challenges

At this meetup, we will be discussing the convergence of physical and digital security. Hear about practical solutions that you can get started with today from our panel of experts: Tom Stafford, VP & Chief Information Officer at Halifax Health, Erik Devine, Chief Information Security Officer at Riverside HealthcareJason Dugenio, Chief Information Officer at Bridgeway Senior HealthcareTroy Roberts, Vice President Enhanced Technologies & Customer Success at Fortinet, and John Lynn, Founder of HealthcareScene.com.

Join this discussion to explore the actionable ways your healthcare organization can improve both digital and physical security to better protect patient data and critical resources.

What: Physical and Digital Security: Practical Things You Can Do Today

When: Wednesday, February 13 - 3:00 - 4:00 PM @ Booth 821

Fostering Secure Practices and Communication Amongst Healthcare Staff

Fortinet is also excited to attend the sessions conducted by our valued partner, Tom Stafford of Halifax Health. Tom will be leading a session titled Forging a Stronger Approach for the Cybersecurity Challenge.

Healthcare leaders have identified two major cyberthreats facing their organizations: data theft and ransomware. This session will explore the "bad actors" who threaten healthcare and identify the areas health IT teams need to focus on protecting. Tom will go on to explain Halifax Health's "D3" coordination philosophy, which has reduced the organization’s vulnerabilities to cyberthreat. CIOs and C-Suite executives are encouraged to attend this important and valuable session.

What: Forging a Stronger Approach for the Cybersecurity Challenge

When: Tuesday, February 12: 12:00 - 1:00 PM @ W320

Final Thoughts

Fortinet is looking forward to working with our healthcare partners, customers, and other leaders in the healthcare space to help overcome the security challenges plaguing the industry. Join us and our partners at any of our sessions at HIMSS19 to gain perspective, insights, and actionable solutions to modern health IT issues. And be sure to follow our social media channels for behind-the-scenes coverage of HIMSS 2019.

We hope to see attendees at this year’s show at Fortinet Booth #821.

Read more about Fortinet cybersecurity solutions for healthcare.

 資料來源: https://www.fortinet.com/blog/business-and-technology/fortinet-to-share-expert-healthcare-insights-during-sessions-at-.html

 
]]>
2019-03-20
<![CDATA[Fortinet:企業組織將運用更多自動化技術來因應網路威脅]]> http://www.phitech.com.tw/news/index.php?news_id=887 全方位整合與自動化網路安全廠商Fortinet,公佈了旗下FortiGuard安全防護中心對於2019年的網路威脅預測,這些預測揭示了網路犯罪分子未來可能採用的方法和技術,以及企業組織未來在因應這些攻擊時的策略改變。

 

Fortinet全球安全策略長Derek Manky表示,「我們發現網路犯罪工具和服務有了重大進展,他們已在利用自動化和人工智慧的先行技術。因此,企業組織必須重新思考他們的策略,更佳地預測威脅,同時打擊網路犯罪分子的經濟誘因,讓他們徒勞無功回到原點。企業組織不需要永久的軍備競賽,而是也要採用自動化和人工智慧來降低風險,由被入侵到偵測入侵,再由偵測入侵到防禦入侵。

 

這可以藉由整合安全防護到一個安全織網(security fabric)架構來實現,在統一的架構裡動態共享威脅情報,進而從物聯網到多雲架構的每個網段中,獲得更全面的保護和可視性。」

 

網路攻擊會更聰明、更精密

 

對於很多網路犯罪組織而言,攻擊技術不僅僅單從它們的成效來評估,亦包括技術發展、改良和施行時所產生的成本開支,因此,有些攻擊可能會因人為、過程及技術的改變而受到干擾。

 

其中一個方法是引入新技術和策略,例如利用機器學習和自動化來處理需要大量人力監督和介入,既沉悶又耗時的工作。這些較新的防禦策略很可能會影響網路犯罪策略,令他們改變攻擊方法並加強技術發展。

 

隨著機器學習和自動化漸趨普及,我們預期網路罪犯很可能會採取以下策略,建議整個網路資安業界必須緊密觀察:

 

人工智慧模糊測試及漏洞檢測

 

模糊測試一向是網路威脅的專業實驗室研究人員,用來偵測軟、硬體界面及應用程式漏洞的精密技術。透過在界面或程式輸入無效、無關連性或半隨機的數據,研究人員會進行監控並檢測程式崩潰、沒有記錄的跳轉、偵錯常式、錯誤代碼和潛在的記憶體流失等事件。

 

隨著加入機器學習功能,我們預測這種技術將會變得更有效且量身定制,由於網路犯罪分子開始利用機器學習來開發自動化模糊測試程式,他們將能更快發現零日漏洞,並增加針對不同程式和平台的零日攻擊。

 

利用AIF挖掘零日漏洞

 

當AIF到位時,它可以利用受控環境中的代碼來挖掘零日漏洞,零日攻擊的速度亦會顯著加快。一旦因此出現零日挖掘服務(zero-day mining-as-a-service),它將徹底改變企業組織處理資安問題的方式,因為這些零日攻擊的出現將會無法預測,也無從計算正確防禦的方法。現階段很多單位仍使用單一獨立的傳統防護工具,這會讓問題變得更具挑戰性。

 

零日的「價格」

 

一直以來,零日漏洞的價格都很高,主要是因為發掘它們需要時間、精力和技能。但隨著人工智慧技術的應用,發掘這些漏洞將從極為稀有變成一件商品。我們看到一些更傳統的漏洞已商品化,例如勒索軟體和殭屍網路,結果讓許多傳統資安公司無力因應。急劇加速的漏洞數量與種類,包括快速製造零日漏洞的能力並轉化成服務,可能會徹底改變暗網上的服務類型和成本。

 

群集智能即服務(Swarm-as-a-Service)

 

以群集智能技術(swarm-based intelligence technology)驅動的精密攻擊,再進一步延伸至殭屍網絡,我們稱之為蜂巢網(hivenets),這種新型威脅可以用來製造能協同合作和自動化運作的大規模群集智能機器人,群集智能網路不僅提高了制定防禦措施所需的技術門檻,但跟零日挖掘一樣,他們亦會對潛在的網路犯罪商業模式有所影響。最終,隨著漏洞挖掘技術和攻擊方法不斷演變,最深受影響的會是網路犯罪組織的商業模式,而目前其生態圈主要由人所主導。

 

專業黑客多數按照客制化的漏洞挖掘方式來收費,即使一些嶄新先進技術如勒索軟體服務(ransomware-as-a-service),或需要黑帽工程師來支援不同項目,例如構建和測試漏洞,或是管理後端C2伺服器。當能自動化、自我學習的群集智能技術服務投入後,黑客顧客和黑帽企業家的直接互動量將急劇降低。

 

自選的群集智能技術

 

把群集智能劃分為不同任務去達成理想結果的能力,與世界走向虛擬化發展的方向非常相似。虛擬化網路可以完全基於需求,啟動或減緩虛擬機器去處理一些特定的問題,例如頻寬。同樣地,群集智能網路的資源可以彈性分配,或按照攻擊鏈上遇到的特定問題再重新分配。

 

犯罪企業利用一系列分析工具和漏洞,預先編制群集智能,配合自動學習,讓它們能以團隊形式一同改善攻擊協定,網路犯罪分子便能輕易地像挑選菜單一樣,任意選購攻擊項目。

 

有毒的機器學習

 

機器學習是資安防禦裡一項最有保證的工具。你可以訓練資安設備和系統自動執行特定任務,例如調整行為基準、使用行?分析來辨識複雜的威脅,或是追蹤和修復設備。不幸的是,網路罪犯同樣也會濫用這項技術。

 

針對機器學習流程,網路罪犯可以調控設備或系統,以停止使用漏洞修補或更新某個特定裝置、忽視特定的應用程式種類或行?、或者暫停記錄特定流量以逃避偵測。這都對機器學習和人工智慧科技的未來有重大的革命性影響。

 

防禦將變得更精密

?了因應這些技術發展,企業組織需要為網路罪犯構築高牆。每一項防禦的預測都會對犯罪組織有影響,逼使他們改變策略、修改攻擊方式,並尋找新方法來發掘機會。對他們而言,實行攻擊的代價會提升,讓犯罪開發者需要花費更多的資源去獲取同樣的結果,或是尋找一個更容易進入的網路來攻擊。

 

先進的詐騙策略

 

在資安策略中引入詐騙技術,利用造假資訊構建網路,能逼使攻擊者必須反覆驗證他們的資訊,花費更多時間和資源來檢測誤報,以確保他們可以看到的網路資源是準確的。由於在造假網路資源的任何攻擊都可以被即時偵測,並自動觸發防禦對策,因此攻擊者需要非常謹慎地執行策略,即使是探測網路的基本舉動。

 

統一開放式的合作

 

對網路罪犯來說,一個把現有攻擊的投資極大化,甚至可以逃避偵測的方法,就是簡單地做出一個微小的改變,例如改變網路IP位址。而防守方要跟上這些變化的有效方法,則是積極分享威脅情報。持續更新的威脅情報,可以讓資安廠商和其客戶密切了解最新的威脅概況。

 

如果威脅研究機構、業界聯盟、資安廠商和執法機構公開合作,將大幅縮短偵測最新威脅的時間。與其靜觀其變,倒不如藉由開放式合作,透過即時數據結合行?分析,讓防禦者有效預測惡意軟體的潛在風險,進而擊退目前網路罪犯重複利用現有惡意軟體進行攻擊的模式。

 

速度、整合和自動化都是重要的網路安全關鍵

 

假使未來防禦策略要引進自動化或機器學習,可利用智能響應技術的精密度,集中蒐集、處理威脅情報,或依情報做出相應行動。為應付日益複雜的威脅風險,企業組織必須將所有安全元件整合在一個安全織網架構,方便快速和大規模地探查和反應。

 

在安全元件之間有關聯或共享的先進威脅情報都需自動化,以降低風險並儘快進行補救。整合分散式網路中的單項產品,結合策略性的網路分區,對於抵禦愈趨智能化和自動化的攻擊有很大的幫助。

資料來源:
http://www.ctimes.com.tw/DispNews-tw.asp?O=HK2CB8YBTCGSAA00NV

]]>
2019-03-13
<![CDATA[Fortinet Discovers Microsoft Windows Universal Telemetry Client Denial of Service Vulnerability]]> http://www.phitech.com.tw/news/index.php?news_id=886

Summary

Fortinet's FortiGuard Labs has discovered a Denial of Service vulnerability in Microsoft Universal Telemetry Client.

 

Microsoft Universal Telemetry Client (UTC) is a remote procedure call (RPC) service that is used to collect telemetry data from Windows 10 to identify security and reliability issues, to analyze and fix software problems, to help improve the quality of Windows and related services, and to make design decisions for future releases.

 

The Denial of Service vulnerability is caused by insufficient user input validation sent to APIs exposed via UTC RPC interfaces that eventually lead to null pointer dereference. The vulnerability can be triggered by local authenticated user to effectively terminate the service that can normally be done by administrative users.

 

Solutions

FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:

MS.RPC.UTC.DoS
Released Nov 14, 2018 

Users should apply the solution provided by Microsoft.

Timeline

Fortinet reported the vulnerability to Microsoft on September 25, 2018.

Microsoft confirmed the vulnerability on October 3, 2018.

Microsoft patched the vulnerability on December 11, 2018.

Acknowledgement

This vulnerability was discovered by Wayne Low of Fortinet's FortiGuard Labs.

IPS Subscription

Fortinet customers who subscribe to Fortinet's intrusion prevention (IPS) service should be protected against this vulnerability with the appropriate configuration parameters in place. Fortinet's IPS service is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and antispam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate, FortiMail and FortiClient products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat's lifecycle.


資料來源:
https://fortiguard.com/zeroday/FG-VD-18-152
]]>
2019-03-06
<![CDATA[Fortinet Enables Intent-based Segmentation with New High-Performance FortiGate Next-Generation Firewalls]]> http://www.phitech.com.tw/news/index.php?news_id=890 FortiGate’s New Next-Generation Firewalls achieve an industry first by bringing together the combination of Intent-based Segmentation and high performance to help reduce cost, complexity and risks for a robust security architecture

Sunnyvale, California - Feb 6, 2019
 
 

John Maddison, EVP of products and solutions at Fortinet

“Segmentation is becoming as fundamental as patching vulnerable systems. Intent-based Segmentation aligns business goals with infrastructure changes and ultimately, dynamically separates infrastructure to protect users, data and systems. A fundamental element of Intent-based Segmentation is the high-performance NGFW. The new FortiGate 3400E and 3600E Series provide industry-leading threat protection and SSL inspection performance allowing customers to implement a holistic end-to-end architecture.”

News Summary

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced its new high-performance FortiGate Next-Generation Firewalls (NGFWs), comprised of FortiGate 3600E, FortiGate 3400E, FortiGate 600E and FortiGate 400E Series, enabling organizations to implement Intent-based Segmentation into their security architecture.

  • Intent-based Segmentation allows organizations to achieve granular access control, continuous trust assessment, end-to-end visibility and automated threat protection.
  • In addition to delivering Intent-based Segmentation, FortiGate 3600E offers 30Gbps threat protection and 34Gbps SSL inspection performance. FortiGate 3400E offers 23Gbps threat protection and 30Gbps SSL inspection performance.
  • FortiGate has a longstanding trajectory of earning NSS Labs Recommended ratings in the Next-Generation Firewalls group tests given its high SSL inspection performance with minimal performance degradation as one of the reasons.

The combination of business growth, workloads migrating to multiple clouds and increasing cyber attacks makes it difficult for organizations to maintain a robust security architecture that effectively implements consistent security policy across all network environments. Having flat networks with a single enforcement point further compounds this problem by making it easier for cybercriminals to get inside the network. Once inside, they become part of the trusted zone, allowing them to quickly spread threats laterally. It’s extremely hard to detect and contain these cybercriminals as they move deeper into the network, resulting in cascading risks and exfilteration of valuable data.

As existing security strategies are failing to keep pace with a complex security landscape, organizations are seeking adaptive and predictive protection that prevents the spread of threats throughout the network. With Intent-based Segmentation, organizations achieve adaptive security by intelligently segmenting IT assets in accordance with the business intent, like addressing compliance, by having multiple enforcement points. Adaptive protection is achieved by implementing granular access control based on varying trust levels and high-performance advanced security.

Fortinet is making it easier for organizations to adopt Intent-based Segmentation with the introduction of its new high-performance FortiGate NGFWs, which include FortiGate 3600E, FortiGate 3400E, FortiGate 600E and FortiGate 400E Series. As part of Fortinet’s Security Fabric, the new FortiGate NGFWs give organizations an integrated and consistent security policy across on-premise and cloud assets. Powered by customized Security Processor Units (SPUs), the new FortiGate NGFWs provide full visibility and advanced threat protection without the fear of performance degradation. Other benefits of FortiGate E-Series include:

  • FortiGate 3600E Series deliver 30Gbps threat protection performance and 34Gbps SSL inspection performance. With high-density interfaces of 10G, 40G and 100G, it offers product consolidation and meets the needs of diverse deployments. Fortinet’s FortiGate Next-Generation Firewalls offer one of the industry’s highest marked SSL inspection performance and threat protection throughput.
  • The FortiGate 3400E Series provide 23Gbps threat protection performance and 30Gbps SSL inspection performance. Combined with high-density interfaces of 10G, 40G, 100G, the FortiGate 3400E Series meet the needs of a variety of deployments by offering input/output flexibility, reducing complexity to achieve operational efficiency
  • FortiGate 600E Series achieve 7Gbps threat portection and 8Gbps of SSL inspection performance with diverse 1G and 10G interfaces, allowing deployment flexibility.
  • FortiGate 400E Series deliver 5Gbps threat protection and 4.8Gbps SSL inspection performance with high 1G port density to suit the needs of branch offices.
  • The new FortiGate NGFWs, as part of Fortinet’s Security Fabric, leverage Fabric Connectors to seamlessly integrate with external security ecosystems, sharing threat intelligence quickly for automated remediation. Fabric Connectors provide open APIs, allowing the FortiGate NGFWs to integrate with third-party solutions and Fabric-Ready Partners. This gives users advanced high-performance security integration with industry leading solutions, such as VMWare NSX and Cisco ACI.

Supporting Quotes

“With over 60,000 students and staff in 100 locations, Halton District School Board has a vast network to protect as well as personal data to keep secure. We leverage Fortinet’s FortiGate Next-Generation Firewalls not only to mitigate risks, but also to gain greater end-to-end visibility into our security ecosystem. With Fortinet, we know we’re receiving the highest performing security products at the best price point in the industry.”

—    Fernando (Fern) Pinho, Information Technology Manager, Network & Corporate Operations at Halton District School Board

“As environments become more dynamic and complex, reducing an organization’s attack surface is a key initiative. Network segmentation plays a fundamental role in this strategy, but often customers need assistance with design and integration. ePlus partners with Fortinet to bring the FortiGate NGFW portfolio to our customers, supplementing with our advisory, assessment, and deployment expertise to speed their adoption while also providing advanced threat protection.”  

—    Marc Cohen, Security Solutions Director at ePlus

“The increasing complexity of security has led organizations to seek real-time visibility and adaptive threat protection. Traditional security solutions aren’t agile enough to adequately secure organizations and effectively mitigate risk. As a result, more businesses are considering network segmentation to augment their security strategy, but don’t know where to start. With the extension of its FortiGate NGFW portfolio, Fortinet is making it easier for organizations to start segmenting their networks intelligently and with the business objectives at the forefront.”

—    Zeus Kerravala, Principal Analyst at ZK Research

Additional Resources

  • Read more on how to achieve business goals with Intent-based Segmentation in the blog.
  • Read this blog to learn more about this announcement.
  • Learn more about FortiGuard Labs and the FortiGuard Security Services portfolio.
  • Learn more about the FortiGuard Security Rating Service, which provides security audits and best practices.
  • Sign up for the weekly FortiGuard Threat Intelligence Briefs.
  • Read more about our Network Security Expert program, Network Security Academy program or our FortiVets program.
  • Read more about the Fortinet Security Fabric or the Third Generation of Network Security.
  • Follow Fortinet on TwitterLinkedInFacebookYouTube, and Instagram.     

資料來源:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2019/fortinet-enables-intent-based-segmentation.html
]]>
2019-02-27
<![CDATA[Fortinet:企業組織將運用更多自動化技術來因應網路威脅]]> http://www.phitech.com.tw/news/index.php?news_id=885 全方位整合與自動化網路安全廠商Fortinet,公佈了旗下FortiGuard安全防護中心對於2019年的網路威脅預測,這些預測揭示了網路犯罪分子未來可能採用的方法和技術,以及企業組織未來在因應這些攻擊時的策略改變。

 

Fortinet全球安全策略長Derek Manky表示,「我們發現網路犯罪工具和服務有了重大進展,他們已在利用自動化和人工智慧的先行技術。因此,企業組織必須重新思考他們的策略,更佳地預測威脅,同時打擊網路犯罪分子的經濟誘因,讓他們徒勞無功回到原點。企業組織不需要永久的軍備競賽,而是也要採用自動化和人工智慧來降低風險,由被入侵到偵測入侵,再由偵測入侵到防禦入侵。

 

這可以藉由整合安全防護到一個安全織網(security fabric)架構來實現,在統一的架構裡動態共享威脅情報,進而從物聯網到多雲架構的每個網段中,獲得更全面的保護和可視性。」

 

網路攻擊會更聰明、更精密

 

對於很多網路犯罪組織而言,攻擊技術不僅僅單從它們的成效來評估,亦包括技術發展、改良和施行時所產生的成本開支,因此,有些攻擊可能會因人為、過程及技術的改變而受到干擾。

 

其中一個方法是引入新技術和策略,例如利用機器學習和自動化來處理需要大量人力監督和介入,既沉悶又耗時的工作。這些較新的防禦策略很可能會影響網路犯罪策略,令他們改變攻擊方法並加強技術發展。

 

隨著機器學習和自動化漸趨普及,我們預期網路罪犯很可能會採取以下策略,建議整個網路資安業界必須緊密觀察:

 

人工智慧模糊測試及漏洞檢測

 

模糊測試一向是網路威脅的專業實驗室研究人員,用來偵測軟、硬體界面及應用程式漏洞的精密技術。透過在界面或程式輸入無效、無關連性或半隨機的數據,研究人員會進行監控並檢測程式崩潰、沒有記錄的跳轉、偵錯常式、錯誤代碼和潛在的記憶體流失等事件。

 

隨著加入機器學習功能,我們預測這種技術將會變得更有效且量身定制,由於網路犯罪分子開始利用機器學習來開發自動化模糊測試程式,他們將能更快發現零日漏洞,並增加針對不同程式和平台的零日攻擊。

 

利用AIF挖掘零日漏洞

 

當AIF到位時,它可以利用受控環境中的代碼來挖掘零日漏洞,零日攻擊的速度亦會顯著加快。一旦因此出現零日挖掘服務(zero-day mining-as-a-service),它將徹底改變企業組織處理資安問題的方式,因為這些零日攻擊的出現將會無法預測,也無從計算正確防禦的方法。現階段很多單位仍使用單一獨立的傳統防護工具,這會讓問題變得更具挑戰性。

 

零日的「價格」

 

一直以來,零日漏洞的價格都很高,主要是因為發掘它們需要時間、精力和技能。但隨著人工智慧技術的應用,發掘這些漏洞將從極為稀有變成一件商品。我們看到一些更傳統的漏洞已商品化,例如勒索軟體和殭屍網路,結果讓許多傳統資安公司無力因應。急劇加速的漏洞數量與種類,包括快速製造零日漏洞的能力並轉化成服務,可能會徹底改變暗網上的服務類型和成本。

 

群集智能即服務(Swarm-as-a-Service)

 

以群集智能技術(swarm-based intelligence technology)驅動的精密攻擊,再進一步延伸至殭屍網絡,我們稱之為蜂巢網(hivenets),這種新型威脅可以用來製造能協同合作和自動化運作的大規模群集智能機器人,群集智能網路不僅提高了制定防禦措施所需的技術門檻,但跟零日挖掘一樣,他們亦會對潛在的網路犯罪商業模式有所影響。最終,隨著漏洞挖掘技術和攻擊方法不斷演變,最深受影響的會是網路犯罪組織的商業模式,而目前其生態圈主要由人所主導。

 

專業黑客多數按照客制化的漏洞挖掘方式來收費,即使一些嶄新先進技術如勒索軟體服務(ransomware-as-a-service),或需要黑帽工程師來支援不同項目,例如構建和測試漏洞,或是管理後端C2伺服器。當能自動化、自我學習的群集智能技術服務投入後,黑客顧客和黑帽企業家的直接互動量將急劇降低。

 

自選的群集智能技術

 

把群集智能劃分為不同任務去達成理想結果的能力,與世界走向虛擬化發展的方向非常相似。虛擬化網路可以完全基於需求,啟動或減緩虛擬機器去處理一些特定的問題,例如頻寬。同樣地,群集智能網路的資源可以彈性分配,或按照攻擊鏈上遇到的特定問題再重新分配。

 

犯罪企業利用一系列分析工具和漏洞,預先編制群集智能,配合自動學習,讓它們能以團隊形式一同改善攻擊協定,網路犯罪分子便能輕易地像挑選菜單一樣,任意選購攻擊項目。

 

有毒的機器學習

 

機器學習是資安防禦裡一項最有保證的工具。你可以訓練資安設備和系統自動執行特定任務,例如調整行為基準、使用行?分析來辨識複雜的威脅,或是追蹤和修復設備。不幸的是,網路罪犯同樣也會濫用這項技術。

 

針對機器學習流程,網路罪犯可以調控設備或系統,以停止使用漏洞修補或更新某個特定裝置、忽視特定的應用程式種類或行?、或者暫停記錄特定流量以逃避偵測。這都對機器學習和人工智慧科技的未來有重大的革命性影響。

 

防禦將變得更精密

?了因應這些技術發展,企業組織需要為網路罪犯構築高牆。每一項防禦的預測都會對犯罪組織有影響,逼使他們改變策略、修改攻擊方式,並尋找新方法來發掘機會。對他們而言,實行攻擊的代價會提升,讓犯罪開發者需要花費更多的資源去獲取同樣的結果,或是尋找一個更容易進入的網路來攻擊。

 

先進的詐騙策略

 

在資安策略中引入詐騙技術,利用造假資訊構建網路,能逼使攻擊者必須反覆驗證他們的資訊,花費更多時間和資源來檢測誤報,以確保他們可以看到的網路資源是準確的。由於在造假網路資源的任何攻擊都可以被即時偵測,並自動觸發防禦對策,因此攻擊者需要非常謹慎地執行策略,即使是探測網路的基本舉動。

 

統一開放式的合作

 

對網路罪犯來說,一個把現有攻擊的投資極大化,甚至可以逃避偵測的方法,就是簡單地做出一個微小的改變,例如改變網路IP位址。而防守方要跟上這些變化的有效方法,則是積極分享威脅情報。持續更新的威脅情報,可以讓資安廠商和其客戶密切了解最新的威脅概況。

 

如果威脅研究機構、業界聯盟、資安廠商和執法機構公開合作,將大幅縮短偵測最新威脅的時間。與其靜觀其變,倒不如藉由開放式合作,透過即時數據結合行?分析,讓防禦者有效預測惡意軟體的潛在風險,進而擊退目前網路罪犯重複利用現有惡意軟體進行攻擊的模式。

 

速度、整合和自動化都是重要的網路安全關鍵

 

假使未來防禦策略要引進自動化或機器學習,可利用智能響應技術的精密度,集中蒐集、處理威脅情報,或依情報做出相應行動。為應付日益複雜的威脅風險,企業組織必須將所有安全元件整合在一個安全織網架構,方便快速和大規模地探查和反應。

 

在安全元件之間有關聯或共享的先進威脅情報都需自動化,以降低風險並儘快進行補救。整合分散式網路中的單項產品,結合策略性的網路分區,對於抵禦愈趨智能化和自動化的攻擊有很大的幫助。

資料來源:
http://www.ctimes.com.tw/DispNews-tw.asp?O=HK2CB8YBTCGSAA00NV

]]>
2019-02-20
<![CDATA[黑客攻擊升級增用AI Fortinet預測3趨勢]]> http://www.phitech.com.tw/news/index.php?news_id=884 網絡保安成為企業難題,有網絡服務供應商預測,未來黑客的入侵攻擊將會愈加智能化,包括在攻撃時應用機器學習等人工智能(AI)技術,加快黑客尋找網絡漏洞及攻擊速度。Fortinet早前發布2019年威脅概況預測,指出有3點黑客攻擊趨勢:

  • 1. 人工智能檢測漏洞:黑客增加使用機器學習應用於偵測硬件及軟件介面的保安漏洞,以模糊測試的形式,在介面輸入無效、無關連的數據,檢測程式崩潰、錯誤代碼等情況。黑客日後可以加快發現漏洞,展開攻擊。過往發掘成本較高的零日漏洞攻擊,應用AI後,可以變得商品化。
  • 2. 蜂群智能即服務(Swarm-as-a-Service):以蜂群智能技術驅動的攻擊將會延伸至殭屍網絡,大規模蜂群智能機器人以協同合作和自動化形式進行攻擊的形態將更普遍,今後犯罪分子的商業模式可能會由人所主導,轉為更自動化,黑客與「顧客」的直接互動量料將急劇下降。
  • 3.投毒的機器學習:網絡罪犯將可針對網絡保安的機器學習流程,調控裝置或系統以停止使用漏洞修補或更新某個特定裝置、忽視特定的應用程式種類或行爲、或者暫停記錄特定流量以逃避偵測。

Fortinet 安全解決方案經理吳維穎介紹,企業機構需要針對網絡犯罪提高防衛程度,近年新引入的方法包括引入詐騙技術,透過虛假資訊騙取黑客攻擊,讓防禦系統可爭取時間進行對策。

資料來源:
https://wealth.hket.com/article/2226927/%E9%BB%91%E5%AE%A2%E6%94%BB%E6%93%8A%E5%8D%87%E7%B4%9A%E5%A2%9E%E7%94%A8AI%E3%80%80Fortinet%E9%A0%90%E6%B8%AC3%E8%B6%A8%E5%8B%A2?mtc=b0005

]]>
2019-02-13
<![CDATA[料 AI 與 ML 將大幅影響網絡攻擊手法 Fortinet 針對端點可視性收購 ZoneFox]]> http://www.phitech.com.tw/news/index.php?news_id=883 今年數據外洩頻仍,當中不乏涉及全球用戶個人資料的大規模外洩。敏感資訊未能得到完善保護,僅歐洲用戶受 GDPR 保障,本港用戶只能徒歎奈何。而據 Verizon 早前發布的《2018年資料洩漏調查報告》,三成的資料外洩事件均涉及內部人員的疏忽或惡意行為。

為針對防禦內部威脅、清除網絡盲點,Fortinet 上月便宣布收購雲端威脅分析公司 ZoneFox,將其以雲端為本的網絡威脅捕獵技術收歸麾下,整合至 FortiClient 端點保安,提供端點偵測及反應功能(EDR),同時可延伸 FortiSIEM 的功能,不論在主機或雲端均可提供額外的用戶實體行為分析(UEBA)功能,讓企業可對端點及相關數據流動及用戶行為有更深層的可視性。

整合 ZoneFox 後的 FortiClient 將具備以下功能:

  • 透過機器學習的能力,從每日以 10 億計的事件抽出高質的潛在網絡威脅項目,以揭露盲點並提醒用戶注意可疑活動;
  • 以雲端為本的獨特架構能收集圍繞 5 個核心因素的重要數據,包括用戶、裝 置、資源、過程及行為,從而分析及設定安全政策;
  • 提供資料的完全檢驗時序記錄,結合簡單的搜尋介面,協助分析師快速決定提 升企業安全設置所需的行動;  
  • 零配置代理外更可擴展至支援超過 10,000 個配置代理而不會影響表現;
  • 就《通用數據保障條例》(GDPR)、ISO 27001、HIPAA 及 PCI DSS 為用戶提供支援,並已具備隨時可用的安全政策。

Fortinet 安全解決方案經理吳維穎(上圖)透露,未來 Fortinet 主要集中 4 個保安領域,包括:網絡保安、雲端保安、IoT與營運技術保安,以及端點、應用和存取保安。他相信,下一波攻擊將會是保安廠商與黑客之間的 AI/ML 攻防戰。

「我們會採用 AI 去學習和預測黑客的行為和攻擊手法,但換過來說,黑客同樣可以借助 AI 去預測我們如何防範攻擊。所以明年我們將在客戶端設置多個 Deception 產品,原理與 Honeypot(蜜罐)類同。」吳維穎指出, 過去 Honeypot 只會放在 Fortinet 的伺服器上引誘黑客攻擊,繼而作出分析,如今則設置於客戶端,誤導黑客以為他們所盜取的是真的客戶資料。

2019 保安趨勢預測

吳維穎續指,有些攻擊可能會受人、過程及技術的改變而受到干擾,例如利用機器學習和自動化來處理需要大量人 力監督和介入、既沉悶又耗時的工作。隨著機器學習和自動化漸趨普及化,他預期網絡罪犯很可能會實施以下策略,建議企業緊密關注:

  • 人工智能模糊測試(Artificial Intelligence Fuzzing,AIF)及漏洞檢測模糊測試一向是專業實驗室研究人員用來偵測硬件和軟件介面及應用程式漏洞的精密技術。透過在介面或程式輸入無效、無關連性或半隨機的數據,研究人員會進行監察並檢測程式崩潰、沒有記錄的跳轉、偵錯常式、錯誤代碼和潛在的記憶體流失等事件。隨著加入機器學習功能,預測這種技術將會變得更有效和量身定制。由於網絡犯罪分子開始利用機器學習來開發自動化模糊測試程式,他們將可加快發現零日漏洞,並增加針對不同程式和平台的零日攻擊。
  • 利用 AIF 的零日挖掘:AIF 可以利用受控環境中的代碼來挖掘零日漏洞,零日攻擊的速度亦會顯著加快。一旦啟用零日挖掘即服務,將徹底改變企業處理保安問題的方法,因為這些零日攻擊的出現將變得難以預測,也無從計算正確的防禦方法。現時,很多機構正使用獨立或傳統且過時的防護工具,令保安變得更具挑戰性。
  • 零日的「代價」:一直以來,零日漏洞的代價都很高,因為發挖需要大量時間、精力和技能。但隨著人工智能技術的應用,這些漏洞成果 將從極為稀有變成一件商品。急劇加速的漏洞數量與種類,包括快速製造零日漏洞的能力並將之轉化成一種服務,可能會徹底改變暗網上的服務類型和成本。
  • 投毒的機器學習:機器學習是其中一個在防禦保安工具包裏最有保證的工具。你可 以調控保安裝置和系統自動執行特定任務,例如行為基線、使用行爲分析來識別複 雜的威脅風險或者追蹤和修復裝置,惟網絡罪犯同時亦會濫用這項技術。針對 機器學習流程,網絡罪犯可以調控裝置或系統,以停止使用漏洞修補或更新某個特定 裝置、忽視特定的應用程式種類或行爲,或者暫停記錄特定流量以逃避偵測。
資料來源:
https://unwire.pro/2018/12/06/fortinet-2/security/
 ]]>
2019-01-30
<![CDATA[【2019年預測】Fortinet:網絡攻擊將更聰明更精密]]> http://www.phitech.com.tw/news/index.php?news_id=882 隨著機器學習及自動化漸趨普及,Fortinet 預測網絡罪犯很可能利用人工智能作 Fuzzing、推出 Swarm-as-a-Service,甚至可能於機器學習防禦系統中放毒。

2018 年第三季整體威脅持續上升

Fortinet 代表 Cherry Fung 及 Nick Ng 於發布會中簡述第三季情況,整體威脅持續上升。當中,惡意程式依然肆虐,由於容易搵錢,挖礦劫持(Cryptojacking)問題進一步擴大。惡意入侵方面,Nick 指出不少是針對過去的漏洞,因為不少企業仍未修補漏洞,令網絡罪犯有機可乘,而排第一位的惡意程入侵繼續是針對 Apache Struts,各位要留意。

【2019年預測】Fortinet:網絡攻擊將更聰明更精密
整體網絡威脅持續上升,以惡意程式尤甚。
黑客都識得人工智能模糊測試及漏洞檢測

引入機器學習技術之後的人工智能模糊測試(Artificial Intelligence Fuzzing,AIF)可加快發現零日漏洞,網絡保安專家可藉此加快修補。不過,Fortinet 預計網絡罪犯將可能利用同樣技術,零日攻擊速度加快,甚至發展為「zero-day mining-as-a-service」,情況將會非常危險,因為零日攻擊是難以預測,亦難以計算正確防禦方法,這將會是個大挑戰。

Swarm-as-a-Service — 蜂群智能即服務

過去幾年,網絡專家利用 Swarm 技術提升偵測軟件系統的效能,不過 Fortinet 發現網絡罪犯亦開始利用 Swarm 技術,令 Botnet 進化為 Hivenet(蜂巢網絡)。其特點是 Botnet 高度自動化以及可以互相協調,大規模的Hivenet 攻擊令防禦更難。另外,網絡罪犯更可以制訂菜單,為犯罪商人提升更方便的攻擊選項服務,Swarm-as-a-Service 有可能成為犯罪商人的熱賣商品。

於機器學習防禦系統中放毒

機器學習是近年最得寵的技術,透過輸入大量數據如行為基線、使用行爲,讓人工智能學懂識別複雜的威脅風險或者追蹤和修復裝置。不過,網絡罪犯亦有可能針對機器學習流程「教壞」人工智能,例如生產超大量假數據誤導機器學習、調控裝置或系統等,對網絡保安人員將會是個撠手問題。

Fortinet 收購雲端威脅分析公司 ZoneFox

Cherry Fung 表示,Fortinet 剛完成的收購雲端威脅分析公司 ZoneFox,目的正是為增加機器學習為本的威脅偵測及反應能力。未來,Fortinet 會將 ZoneFox 以雲端為本的網絡威脅捕獵技術與 Fortinet 現有的端點及安全性資訊與事件管理(SIEM)保安產品結合,為客戶提供一個全面的方法去防禦內部威脅、清除網絡盲點,保護正在擴張中的可攻擊面。

【2019年預測】Fortinet:網絡攻擊將更聰明更精密
(左)Nick Ng, Security Solutions Manager for Hong Kong, Macau and Mongolia, Fortinet;(右) Cherry Fung, Fortinet’s regional director for Hong Kong, Macau and Mongolia, Fortinet

資料來源:
https://wepro180.com/editorial-feature/%E3%80%902019%E5%B9%B4%E9%A0%90%E6%B8%AC%E3%80%91fortinet%EF%BC%9A%E7%B6%B2%E7%B5%A1%E6%94%BB%E6%93%8A%E5%B0%87%E6%9B%B4%E8%81%B0%E6%98%8E%E6%9B%B4%E7%B2%BE%E5%AF%86/]]>
2019-01-23
<![CDATA[Rapid7 Releases Metasploit 5.0]]> http://www.phitech.com.tw/news/index.php?news_id=888 Rapid7 on 1/11 announced the release of Metasploit 5.0. The latest major version of the popular penetration testing framework introduces several new important features, improved performance, and its developers say it should be easier to use.

According to Rapid7, Metasploit 5.0 brings significant changes in terms of database and automation APIs, improving the way the platform interacts with data and other tools. Metasploit has been using the PostgreSQL database system, but the latest version also allows users to run the database as a RESTful service, enabling interaction with Metasploit consoles and external tools.

There is also a new JSON-RPC API that should make it easier to integrate the framework with new tools and languages. In addition, Metasploit’s own automation protocol is now complemented by a common web service framework for the database and automation APIs.

Metasploit 5.0 releasedAnother significant improvement in Metasploit 5.0 is related to evasion modules and libraries. Penetration testers can now generate their own evasion modules more easily using the C programming language.

The latest version also enables the execution of an exploit module against multiple targets at a time.

Other improvements include faster and more advanced search functionality for modules, a new metashell feature, and support for three new languages – Go, Python and Ruby – for external modules.

Metasploit 5.0 is currently available from its official GitHub project. Rapid7 says it’s in the process of informing third-party developers that Metasploit 5.0 is stable – Linux distributions such as Kali and ParrotSec are shipped with Metasploit.

“Metasploit 5.0 offers a new data service, introduces fresh evasion capabilities, supports multiple languages, and builds upon the Framework’s ever-growing repository of world-class offensive security content,” wrote Brent Cook, engineering manager for Metasploit at Rapid7. “We’re able to continue innovating and expanding in no small part thanks to the many open source users and developers who make it a priority to share their knowledge with the community. You have our gratitude.”

Related: NSA-Linked Hacking Tools Ported to Metasploit

Related: Rapid7 Adds Hardware Testing Capabilities to Metasploit

Related: Vulnerable Services Emulator Released for Metasploit

Related: New Encrypted Downloader Delivers Metasploit Backdoor


資料來源:

https://www.securityweek.com/rapid7-releases-metasploit-50?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

]]>
2019-01-16
<![CDATA[Fortinet Solutions for the Hospitality Industry]]> http://www.phitech.com.tw/news/index.php?news_id=881

The hospitality industry continues to grow and evolve, deploying an increasing number of new technologies to enhance and customize guest experiences. As part of the hospitality digital transformation, an increasing volume of data and applications are rapidly moving to the cloud, which also unintentionally expands the attack surface. The Fortinet Security Fabric offers an extensive set of network security capabilities to unify a hotel’s security infrastructure and provide broad protection from advanced threats.

With the Fortinet Hospitality Solution, you can:

  • Connect and protect all branches from headquarters to chain locations
  • Secure guest Wi-Fi, in-room entertainment systems, and reservation systems
  • Achieve integrated security flexible enough to fit the unique needs of any hotel
Hospitality Location Network Hospitality Headquarters Network
 
 
Protecting Hotels and Guests with the Fortinet Security Fabric
 

Protecting Hotels and Guests with the Fortinet Security Fabric

Download the white paper for more information 
A New Guest Experience Requires a New Approach to Security
 

A New Guest Experience Requires a New Approach to Security

Learn more 
Security Transformation in Hospitality
 

Security Transformation in Hospitality

Find out more in the eBook 
 
UTM for hotel network security

Network security

Hoteliers looking for comprehensive security need to consider a company that offers proven end-to-end protection. The revolutionary Fortinet Security Fabric is the only offering that provides true integrates security at every angle of an infrastructure. As the leader in unified threat management (UTM), ensure your hotel is secured from internal, external, and branch-wide advanced threats. 

hotel network connectivity

Network connectivity

Enhance the functionality of hospitality networks with ease from Fortinet integrated solutions. Fortinet's solution offers simple deployment for quick ramp up time. Gain end-to-end visibility across the network that is simultaneously easy to manage with a single pane of glass. In addition, gain enhanced performance all while saving resources and your bottom line. 

Hotel presence analytics

Presence analytics

FortiPresence analytics empowers hotel to track and even influence guest experiences during their stay. The FortiPresence solution combines advanced analytics with a sophisticated customer engagement engine that includes social Wi-Fi to help hotels influence guests and increase purchases.

]]>
2019-01-09
<![CDATA[DialogicONE – Working with Smart Speakers]]> http://www.phitech.com.tw/news/index.php?news_id=880 DialogicONE – Working with Smart Speakers-->

by Peter Kuciak

Nov 2, 2018 11:30:00 AM

smartspeaker-office (002)We now live in a time where most of us have heard of smart speakers and quite a few of us have one (or two or more). According to our friends at Gartner, Ovum, and Voicebot.ai who specialize in smart speaker research, the world has adopted these tiny devices into their homes at an incredible rate. Living rooms and kitchens are the most popular locations to place them, and Amazon has over 70% of the market. Looking at recent reports, 1 in 5 U.S. adults have a smart speaker, for a total of over 48M in the U.S. alone.

Some of us, myself included, have quite of few of these devices as they allow us to automate our homes and cottages, as well as provide timely information and hands-free communication with friends and family. Amazon Echo Show has been great for video calls with my kids away in University. Smart speakers also assist with simple tasks like boiling the perfect egg, or the highly complex task of figuring out who was the second-to-last president of [fill in the country] to win that round of a trivia game.

Some of the initial “skills,” “intents,” and “capabilities” of smart speakers have been pretty simple. However, as the features and applications that run on smart speakers continue to grow, the interactions are getting more complex.

Let’s have a peak at the challenges a service provider might run into in order not only to cover the Amazon and Google camps of smart speakers, but also to have that conversational user interface behave the same on all smart phones. What if a service provider wanted to create an excellent (read - excellent user experience) solution that would allow you to ask any relevant question from your CSP, such as Verizon, TELUS, Vodafone, BT, or Softbank? What if your question was not static, which you could easily google or find in an FAQ, but contained ever changing details? What if the question was specifically connected to YOU, for example: “How much data has my family used this month?” Or what if it was even more complex: “Can you tell me when I can upgrade to the new iPhone XS?” Or try an even harder request: “Setup a voice conference tomorrow at noon with my kids.” I would fully expect this to dial my family’s respective 5 phones and put us into an HD conference call as a service available from my CSP.

Ah yes and I also want this smart speaker/smart phone solution to:

  • work more or less the same on Google and Amazon smart speaker devices
  • be context-aware of our conversation so I do not have to make requests in fully qualified statements, but rather to ask in a natural manner
  • behave the same on my mobile phone as well so I can get the same user experience while on the road
  • last but not least, I DO NOT want this to be just a first step that will end up sending me to call center “Mike” in a far-away location … if this solution is not able to take concrete actions, and I get transferred to a human (unless I ask specifically) because the system is unable to help me, then it is a total failure!

Oh and one last thing: as a developer of implementing such a beautiful solution for smart speakers and mobile phones, I want to do the work once – not twice, not three times - once!

As I mentioned in my previous blog, here at Dialogic we have been helping customers develop solutions that include smart speakers and conversational user interfaces. We got quite tired of doing the same things two and three times – plus maintaining three different sets of code to make it all happen. So instead, we developed a few new services within DialogicONE to make it all better :-)

There are a couple of different ways to do this. To begin, CSPs can certainly start by using DialogicONE as the data model repository of the conversational user interface for smart speakers (Google and Amazon) and for mobile apps. Or, they can import one of the smart speaker solutions into DialogicONE and manage it in DialogicONE. From that point forward they’ll be able to push it out to both sides of the smart speaker world (Amazon and Google) and to mobile apps as well.

Ah much better now. Rest assured that if we have to do things twice, just because there is fragmentation out there, we’ll put our smart hats on and develop a solution so that CSPs do not have to. DialogicONE servers are also utilized to perform cache functionality that reduces the latency of going to AI engines to figure out what the user is asking – but that is a much deeper subject that I can discuss another time.

In my next blog post, I’ll talk about one of the coolest recent technologies - Artificial Intelligence! I’ll do a quick primer to show you the state of the industry, and then describe HOW CSPs can leverage AI to create incredible applications and services with DialogicONE.

Topics: Internet of Things, Communications Application Development

資料來源:
https://blog.dialogic.com/blog/dialogicone-working-with-smart-speakers?utm_source=hs_email&utm_medium=email&utm_content=67208498&_hsenc=p2ANqtz--LLJcVVcH31u5GNXeoT4q1YMkqri9MmDJIZjrRmQOxOe5wAo38gvmR-YQ7VER8gurcfpKKkmcByAgYD1n68EuPJZ7ApK0w8Q1qwKx9ya46fh0gj0s&_hsmi=67208498
 

]]>
2019-01-02
<![CDATA[Fortinet Acquires Cloud-Based Threat Analytics Company ZoneFox]]> http://www.phitech.com.tw/news/index.php?news_id=877 Sunnyvale - Oct 23, 2018 -

 

Ken Xie, founder, chairman of the board and chief executive officer, Fortinet

“Enterprise organizations are experiencing a dramatic increase in the number of endpoints and users accessing data and cloud resources, which is also increasing the need to defend against insider threats. In fact, 30 percent of breaches involved insiders acting negligently or maliciously according to the 2018 Verizon Data Breach Investigations Report. By combining ZoneFox’s cloud-based threat-hunting technology with Fortinet’s existing endpoint and SIEM security offerings, we are well positioned to provide our customers with an integrated approach to defend against insider threats, eliminate network blind spots and protect today's expanding attack surface with automation and machine learning.”

News Summary          

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today completed the acquisition of ZoneFox Limited, a privately-held cloud-based insider threat detection and response company headquartered in Edinburgh, Scotland. The acquisition further enhances the Fortinet Security Fabric and strengthens Fortinet’s existing endpoint and SIEM security business by providing customers with:

  • Deeper visibility into endpoints and associated data flow and user behavior, both on and off the network
  • Machine learning capabilities able to distill billions of events per day into high-quality threat leads to uncover blind spots and alert users of suspicious activities
  • A unique cloud-based architecture that captures essential data around five core factors - user, device, resource, process, and behavior - to analyze and configure policies easily
  • Full forensics timeline recording of information, combined with a simple search interface that helps analysts quickly determine the actions needed to boost an enterprise’s security posture
  • A zero-configuration agent that is easy and fast to deploy; the solution can scale up to support over 10,000 agents without performance loss
  • Out-of-the-box support for GDPR, ISO 27001, HIPAA and PCI DSS, with “ready-to-go” policies

The integration of ZoneFox’s award-winning machine learning-based threat-hunting technology will complement FortiClient endpoint security to provide endpoint detection and response (EDR) capabilities and will extend FortiSIEM with additional user entity behavior analytics (UEBA) features, both on-premises and in the cloud. Fortinet expects that the new endpoint security capabilities provided by ZoneFox will allow enterprise organizations to better leverage machine learning to detect anomalous behavior and provide an even faster response to insider threats.

Dr. Jamie Graves, chief executive officer and founder, ZoneFox

“We’re pleased to join the Fortinet team and bring together our shared vision of alleviating CISO concerns about insider threats. Integrating our solution with the Fortinet Security Fabric will allow us to extend our reach to a broad spectrum of Fortinet and third-party solutions to solve customers’ most difficult challenges in network security.”

Additional Resources


資料來源:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2018/fortinet-acquired-cloud-based-threat-analytics-company-zonefox.html
]]>
2018-12-26
<![CDATA[Fortinet 列入標準普爾 500 指數成份股]]> http://www.phitech.com.tw/news/index.php?news_id=876 Fortinet 創辦人、董事長暨執行長謝青表示,「我們很高興能列入標準普爾指數,這項里程碑對 Fortinet 來說是非常重要的肯定。自從 2009 年上市以來,Fortinet 持續獲利,且每季相對同期營收均達 2 位數成長。」

謝青進一步指出,「遍及全球的業務、不斷創新的承諾,以及獨特的 Security Fabric 安全織網平台,都讓 Fortinet 與眾不同。不僅能解決客戶最棘手的問題,還能讓他們在快速演變的網路威脅環境下,實現數位轉型的目標。」

Fortinet 自 10 月 11 日正式列入 S&P 500 指數,取代 Envision Healthcare Corp.,之前 Fortinet 為 S&P 中型股 400 指數成份股。Fortinet 在 GICS 產業分類為資訊科技(information technology),次分類為系統軟體(system software)。

資料來源:
http://technews.tw/2018/10/23/fortinet-sp-500/

]]>
2018-12-19
<![CDATA[Fortinet Discovers New Android Apps that Mine the Unminable]]> http://www.phitech.com.tw/news/index.php?news_id=875 By Axelle Apvrille | October 11, 2018
rippleminer

Cryptocurrencies don't all work the same way. Some are minable, some aren't. For example, Ripple (XRP), Cardano (ADA) and Tether (USDT) aren't minable.

Despite this fact, several applications pose as miners for those currencies on Android ;) Do not be fooled, they are all malicious, if not scams.

It's not the first time that researchers have spotted such miners on Android marketplaces: Lukas Stefanko already noticed some in February. However, the samples below are new and are believed to have been hiding under the radar since May 2018.

A collection of fake miners created by developer 'lovecoin'. You'll notice some of them claim to mine Ripple, Cardano and Tether...

Fake Mining

The app displays a (fake) miner as below.

App claims you start mining Ripple by pressing the Start button...This is impossible.

But check the code: the mining speed is generated randomly.

  • A new thread is created
  • The mining speed is absolutely fake. The digit before and after the comma are random.
  • The random numbers are displayed (setText)
  • There is no mining at all... (and for Ripple, it's impossible by design anyway) 
Fortinet FortiGuard Labs Threat Research

Withdraw Currencies

The app has a menu, and one of the possible choices is "Withdraw" to presumably collect your mined currencies. At this point, you probably won't be surprised that this withdrawal will not succeed.

To the question "Are you want to Withdraw now?" (English as in code...), there are only two alternatives:

  1. Yes. Then, the application complains your wallet address is incorrect. Too bad ;-)
  2. No. Closes the window.

So, in all cases, you won't be able to withdraw.

Fortinet FortiGuard Labs Threat Research

What's Their Business?

As far as we know, the only business around those applications is for their author to display ads and collect revenue:

Fortinet FortiGuard Labs Threat Research

So, basically, the idea is to fool the end-user in downloading an adware.

Protection

Fortinet customers are protected from these scams, detected as Riskware/FakeMiner!Android.

-- the Crypto Girl

IOC

Unminable:

 

  • 9ccfc1c9de7934b6f1c958d73f8e0b969495fce171e48d642ec4c5bad3dc44cb
  • 8890366fc67c5a896d7494b3de3cf87debe0d0f96548cec9f81d072e3442716b
  • 4a67d5c5bf0e1dba3d215c15e95ce1bdbd2f9fca4e103a0e702161d6efc3aae6

Fake miners of the same family:

  • 0a25f286986149202eda1fdb336f80a6a035d0966a785573e676217151b7ccba
  • 7054160813fddd4a94e393eba4764cda356e631f229f69a062e5a34ec39e1cb4
  • 074c93f24e9de178a4af73e69d26c1da06a29be0c6a4b0f8893b27add7ce47fe
  • 7403ab326a6afdb07a5e717792bf9dfea09303f044f1fdadea86c6b3a81f5030
  • a2ecfd59b8fdec7eb5d5a139bae77815c25ed347e05d57de9847210acce5d4f6
  • c06815b3e2c10d5bbb4a7aa1a15bad00eb79d012e5bb5a1a37d24c68eda1818b 

 

Download our latest Fortinet Global Threat Landscape Report to find out more detail about recent threat landscape trends.

Sign up for our weekly FortiGuard Threat Brief.

Know your vulnerabilities – get the facts about your network security. A Fortinet Cyber Threat Assessment can help you better understand: Security and Threat Prevention, User Productivity, and Network Utilization and Performance.

資料來源:
https://www.fortinet.com/blog/threat-research/fortinet-discovers-new-android-apps-that-mine-the-unminable.html

 

]]>
2018-12-12
<![CDATA[Fortinet 高性能 SD-WAN 獲 NSS Labs 推薦]]> http://www.phitech.com.tw/news/index.php?news_id=874 數碼轉型期間,企業往往要過五關斬六將。而其中一個大將,便是解決網絡數據問題。移動辦公方式嘅出現,令雲端服務應用及語音視像通話需求大大增加,咁就需要大量數據支撐,但現今的網絡收費愈來愈貴,企業應該點做?

SD-WAN 新技術出現

SD-WAN 嘅出現就解決呢個問題。SD-WAN (軟定義廣域網絡)將軟體定義網絡(SDN)技術應用在管理廣域網絡(WAN)中,簡化資料中心的管理工作,公司就可以用低成本的網絡存取方式,建立高效能廣域網絡。所以,依家越來越多企業從傳統 WAN 轉用 SD-WAN。而市面上咁多 SD-WAN 解決方案,唯網絡保安供應商 Fortinet 嘅FortiGate SD-WAN 成績最突出。佢運用保安處理器單元(SPU)的專利科技,高效降低整體擁有成本,為企業於數碼轉型提供優勢。

Fortinet 獲 NSS Labs SD-WAN 推薦

全球權威安全研究及評測機構 NSS Labs 最近公佈首個 SD-WAN 測試結果,Fortinet 成為業界唯一一個在 SD-WAN 及 NGFW 組測試中獲得「推薦」等級的解決方案商。其中優勢包括:絕佳的 VoIP 體驗、最低整體擁有成本 (total cost of ownershop)以及原生下一代防火牆(NGFW),三個優勢分別提升企業級語音和視像應用程式穩定性、成本效益及安全問題。

價格合理,成效超卓

NSS Labs 行政總裁 Vikram Phatak 表示:「Fortinet 在 NSS Labs 集體測試中持續表現良好。 FortiGate SD-WAN 為語音和視像提供高質素體驗,而且具備出色的 VPN 表現及良好的整體擁有成本。任何尋求價格合理且成效超卓的 SD-WAN 產品的機構都應該考慮 Fortinet 的 FortiGate SD-WAN,該產品結合 NGFW 的安全性和高性能的 SD-WAN。」

資料來源: https://wepro180.com/enterprise/%E3%80%90%E6%95%B8%E7%A2%BC%E8%BD%89%E5%9E%8B%E7%A6%8F%E9%9F%B3%E3%80%91fortinet-%E9%AB%98%E6%80%A7%E8%83%BD-sd-wan-%E7%8D%B2-nss-labs-%E6%8E%A8%E8%96%A6/

]]>
2018-12-05
<![CDATA[Fortinet Recognized by Gartner as a Leader in UTM MQ]]> http://www.phitech.com.tw/news/index.php?news_id=873 Fortinet has now been recognized by Gartner as a leader in their annual UTM (Unified Threat Management) Magic Quadrant report for nine years, with the highest placement for their ability to execute. Fortinet believes our leadership is attributed to our high volume of unit sales and our extensive portfolio of both security and networking solutions woven into our UTM solution. We’ve also received high marks in independent certification of security effectiveness and continue to foster close partnerships with leading channel partners and MSSPs around the world.

We believe Fortinet continues to be on the UTM shortlist of SMBs, whether they are looking for strong security features combined with wireless security, want to consolidate toward a single vendor for other network security needs, such as web application firewalls and SIEM, or where SD-WAN adoption is a critical use case.

SMB Security Needs Accelerating

A primary driver for UTM solutions is that the need for a range of effective security solutions for smaller organizations continues to escalate. The challenge is that many of the security and networking solutions available for Small to Medium-sized Businesses (SMB) don’t provide the functionality, performance, or cost-effectiveness that today’s smaller businesses require. While 96% of organizations saw a severe exploit in Q2 of 2018,[1] 39% of SMBs experienced more serious compromises than their enterprise counterparts.[2] In addition, during the first half of 2018, SMBs had an average of 1.23 active malware or botnet infections on their networks,[3] clearly demonstrating that far too many of them still have inadequate security solutions in place.

Fortinet foresaw and began addressing these challenges nearly two decades ago as the original developer of the first UTM solution. The hallmark of UTM devices is their all-in-one approach to security, making them an ideal solution for organizations with real-world security and networking requirements, but limited IT staff and resources. This unique approach was so successful that it became the template for today’s Next-Generation Firewall market. Today, by combining next-generation FortiGate security with FortiAP and FortiSwitch unified access solutions, all centrally managed by FortiCloud (or FortiManager), Fortinet’s UTM solutions continue to provide the most compelling value proposition for SMBs.

That value has not gone unnoticed. Fortinet is now the most trusted network security brand in the world, and according to IDC, is also the clear security market leader—shipping more units over the past five years than the next two vendors combined. And in addition to having now been recognized by Gartner as a leader in the UTM MQ for the ninth time, we believe Fortinet is also the most certified security vendor in the industry—earning a record nine NSS Labs recommendations in the last year alone.

Partners Are Central to Fortinet’s SMB Success

Key to Fortinet’s success is their strong partner program. The broad Fortinet portfolio enables partners to design and build custom security and networking solutions, while robust channel training, partner enablement, and demand-generation programs provide continuing support and opportunities for partner-led efforts.

With revenue growth, profitability, and cost reduction the top priorities for SMBs, it’s no surprise that over two-thirds of them also choose to partner with managed service providers to handle some or all of their security and IT. And Fortinet is the hands-down preferred security partner for the MSSP community as well. Their strong focus on developing essential service provider-oriented features, such as centralized management, multitenancy, and administrative domains, combined with open APIs for back-end provisioning and custom portals, has enabled Fortinet to foster critical relationships with key MSSPs around the world.

Enterprise-class Solutions for SMB Budgets

For SMBs, purpose-built hardware continues to offer industry-best performance and value while consolidating networking and simplifying administration. Tight integration (and automation) of the Fortinet UTM solution into the Fortinet Security Fabric extends that protection and ease of use out to the endpoint and into the cloud with ease.

Conclusion

Unified Threat Management solutions often serve as the security and networking backbone of an SMB environment. Securing today’s evolving SMB environments, however, also requires tying that UTM platform to their extended and continually changing networks and the evolving digital marketplace. Mobile users and smart devices, remote offices, multi-cloud environments, IoT adoption, and web-based applications and services require today's UTM solution to integrate seamlessly, and as effortlessly as possible, across a variety of networked environments—and Fortinet is the only solution able to meet those demands. Because of its broad portfolio, commitment to constant innovation, and sensitivity to bottom-line concerns, Fortinet continues to demonstrate its commitment to today’s evolving SMB organizations through the ongoing development of its market-leading UTM and Security Fabric solutions.

Read more about the announcement and our history of innovation with UTM for SMBs. Also read the news release.

Access a complimentary copy of the Gartner Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls).

[1] “Threat Landscape Report Q2 2018,” Fortinet, August 2018.

[2] “2018 Data Breach Investigations Report,” Verizon, July 2018.

[3] "Threat Landscape Report Q2 2018,” Fortinet, August 2018.


資料來源:

https://www.fortinet.com/blog/business-and-technology/fortinet-recognized-by-gartner-as-a-leader-in-utm-mq-.html

]]>
2018-11-28
<![CDATA[The Dialogic BUZZ UC Platform Swiss Army Knife]]> http://www.phitech.com.tw/news/index.php?news_id=879  

buzz-branded-swiss-army-knifeSeveral weeks ago I wrote a blog that documented my time from a fledgling start-up company based in the UK to joining the Dialogic family. In that musing, I referenced the exciting experience over the last couple of years as the company reinvented itself into one that is lean, agile, and ready and able to succeed in the new world of virtualization and cloud. Remaining on the same theme, this blog delves a little deeper into the world of Dialogic to reveal exactly how we have remodelled the very core of the company from the ground up though our product offerings.

I remember as a young man the landmark day I was permitted to own a Swiss Army knife – a long time ago. As someone who grew up in the countryside, it was the perfect accompaniment to many adventures and its multiple tools were used for tasks ranging from bow and arrow construction to building camp fires. But what relevance does this nostalgic day dreaming have to the topic at hand, you ask?

Dialogic is very much analogous to a software version of a Swiss Army knife. Contained within its multifunctional core are tailored software components that can either be used in isolation or in combination to solve modern day problems – just like my childhood adventures and prized Swiss Army knife. There is no better example than Dialogic’s recent addition to the portfolio, the highly impressive and disruptive Dialogic BUZZ Unified Communication (UC) platform. Not only does it provide a wealth of new technology and innovation, but it also leverages complimentary, established Dialogic products to achieve architectural goals – much in the same way the trusted Swiss Army knife was used to complete my childhood adventures. The following illustration provides a very simplistic view:

 15156-diagram-buzz

Clearly shown are the new, exciting core components that have the Unified Communications industry talking (or BUZZing), such as Dialogic BUZZ clients and Dialogic BUZZ UC Server solution.  Additional key components of the solution are drawn from Dialogic’s broad portfolio, namely:

  • The Dialogic Media Resource Function (MRF), known as Dialogic PowerMedia XMS, which provides best-of-breed mixing and transcoding component for all sophisticated conference activities, such as voice, video and screen sharing,
  • The Dialogic Media Resource Broker (Dialogic PowerMedia MRB), which seamlessly compliments the solution, providing scaling of conference activities for larger and/or critical conference resources, including high availability
  • The cloud-native Dialogic BorderNet Session Border Controller (SBC), which is a perfect fit  for all security and interworking needs
  • The Dialogic Load Balancer, which provides the final tool in our Swiss Army Knife armoury by supporting all general protocol scaling requirements and redundancy across a range of protocols such as Session Initiation Protocol (SIP) and Hypertext Transfer Protocol (HTTP)

Dialogic BUZZ UC solution is an exciting new addition to the Dialogic software portfolio and provides reassurance that at its core, are components that the communications industry has come to trust. More Dialogic BUZZ UC detail to follow – stay tuned.

Topics: Media Server Software, Internet and Web, Unified Communications and Collaboration

資料來源:

http://blog.dialogic.com/blog/the-dialogic-buzz-uc-platform-swiss-army-knife?utm_source=hs_email&utm_medium=email&utm_content=66941478&_hsenc=p2ANqtz--FARWa0QQd8OXCEzI8lbm1tUdGBWQsrT2tk1Au7pquuEqVQ4Iu4Tn7F8PKYtz3F-0AbhfzUrSleXXNzBP8Vdcr5cVPa9NMxoYSItApVH9R2pkGSQs&_hsmi=66941478
 

]]>
2018-11-21
<![CDATA[Rapid7 Adds Automation, Orchestration Capabilities to Insight Platform]]> http://www.phitech.com.tw/news/index.php?news_id=872 Rapid7 announced on Thursday that its Insight Platform now features automation and orchestration capabilities through a new tool called InsightConnect.

The new capabilities, which Rapid7 obtained following the acquisition of security automation and orchestration provider Komand in July 2017, should help security, development and IT teams reduce manual workloads and streamline their tasks.

Rapid7 says there are many potential use cases for InsightConnect. For instance, teams can connect their existing tools using a library of more than 200 plugins. The vulnerability patching process can also be improved through orchestration, and so can threat detection, containment and response processes by connecting threat detection to containment tasks.

Rapid7 improves Insight Platform

The new capabilities can also make it easier for IT teams to address threats, vulnerabilities and misconfigurations by automatically creating service tickets.

Rapid7’s Insight Platform has several components, including for vulnerability management (InsightVM), secure application development (InsightAppSec), phishing (InsightPhish), incident detection and response (InsightIDR), and operational control centers (InsightOps).

The company announced that InsightVM and InsightIDR will soon include pre-built automation functionality that will enable organizations to implement automation and orchestration processes for vulnerability remediation, threat containment and other tasks.

“Technology is being deployed faster than organizations can secure it, and that has placed an enormous burden on security, IT, and development teams that are often understaffed and overwhelmed by the sheer volume of manual work that needs to get done,” said Lee Weiner, chief product officer at Rapid7. “We believe automation and orchestration capabilities are vital for these teams, and will allow them to be more strategic and effective in securing their environments.”

InsightConnect and the new automation features for InsightVM and InsightIDR will be available in the U.S. starting October 1. They are expected to become available globally throughout the rest of 2018 and into 2019.

Related: Rapid7 Adds Hardware Testing Capabilities to Metasploit

Related: Rapid7 Appointed CVE Numbering Authority


資料來源:

https://www.securityweek.com/rapid7-adds-automation-orchestration-capabilities-insight-platform?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29
 

]]>
2018-11-14
<![CDATA[Fortinet Addressing Security Challenges Around 5G]]> http://www.phitech.com.tw/news/index.php?news_id=871

Fortinet Addressing Security Challenges Around 5G

 
9/14/2018
 





 
 
 
 
2:05
/
4:41
 
 
 
 
 
 
 
Get Link to this Video
Get HTML to Embed this Video
 
 
50%
50%
 
 
 
 
 
inShare
 
 
Ronen Shpirer, Senior Manager of Solutions Marketing, EMEA at Fortinet, discusses how customers are dealing with a lot of change and uncertainty that is being brought about by digital transformation. Fortinet provides solutions to the challenges that Communication Service Providers and Managed Security Service Providers face, including some of the biggest security challenges expected to come with 5G

資料來源: https://www.lightreading.com/mobile/5g/fortinet-addressing-security-challenges-around-5g/v/d-id/741282?_mc=RSS_LR_EDT
]]>
2018-11-07
<![CDATA[DialogicONE - IoT Solutions]]> http://www.phitech.com.tw/news/index.php?news_id=878 There is currently a lot of momentum behind IoT (Internet of Things) and IIoT (Industrial Internet of Things).  We’ve looked at the consumer IoT situation in a previous installment of this blog series, now let’s have a peak at the non-consumer side of the fence – the IIoT acronym adopted by the industry.

Before we begin, the next few years are slated to be extremely exciting - smart city, smart healthcare, smart farming, smart factories, smart buildings, and smart manufacturing are just some of the areas where “smart” will transform these verticals. Industries and environments are moving into the next generation with an automated, efficient, real time, fast, agile, and dynamic pace.  Analysts project that the IoT “revolution” is just beginning. They predict that by 2020 it will reach 20B devices and $2.9 trillion in overall revenue based on future predictions by Gartner.  Once the next generation wireless connectivity of 5G becomes mainstream allowing for additional speed and bandwidth, connected things will accelerate in deployment.  Service providers, like Deutsche Telecom, are already gathering momentum with their 1 euro / year / connected device. It is apparent that this industry is on the verge of an explosion.

blog-iot-img01

There are quite a few IoT platforms out there now, with some of the initial leaders being companies like Cisco with their Jasper platform, and PTC with their ThingWorx offering. Other big players include Samsung, ARM, and Intel, making sure you have easy kits to inject IoT capabilities into your toasters, washing machines, sprinkler systems, and farming combines.  There are also a few IoT platforms coming from your trusted equipment vendors like Ericsson, NOKIA, and HP. Plus, let's not discount Amazon AWS, Microsoft, IBM, and SAP who are all making sure they try to capture a slice of the IoT market.  It is a very busy market, but based on the future growth predictions, it’s quite understandable.

Each of the above IoT platforms have their advantages and disadvantages.  A number of publications compare the leaders, identify the up and comers, and highlight which are the platforms to consider for different industries.

But what about the end user?  The IoT platforms do not usually give you the ability to bring specific end user functionality because the IoT platforms tend to focus on connecting, managing, updating, consolidating, and monitoring millions of IoT devices.  What if you wanted to build an application for a smart city where city workers would get consolidated input from road conditions, traffic patterns, energy consumption, garbage, and recycling operation efficiencies. You’d want to give them visibility from IoT platforms, but also be able to connect those IoT events, outcomes, consolidations, patterns, and triggers. Plus, you’d want additional functionality to take automated actions on modern or legacy systems in machine-to-machine manner, performing machine-to-human interaction via applications, voice, video, or messaging, in order to provide the user with exceptional user experience. You’d build a system that learns over time, finds additional patterns from those M2M and M2H activities in order to continue to make things better, faster, and stronger.

blog-iot-img02

What if you wanted to gather inputs from thousands of different IoT sensors and devices in a smart farming scenario?  Having an IoT platform manage these thousands, or hundreds of thousands of entities, consolidate and analyze output, and gather large device datasets to understand deeper insight is a beautiful thing.  But to deliver an exceptional user experience that enables users to ask complex questions by voice, messages, or dynamic visualizations, or allow the overall systems to trigger actions, make adjustments, initiate calls, pictures, video feeds, tracking of livestock or heavy machinery, altering routes due to potential accidents or severe weather patterns — that requires an application orchestration platform.

DialogicONE is an application orchestration and integration platform.  We have integrated with many of the IoT platforms via great partnerships, along with many systems that live in telecom domain (voice, video, messaging, location, transcoding and conferencing to list a few) as well as many systems that live in the digital world (Big Data, Presence, Availability, and Smart Speakers to list a few).  To those integrations we added a modern event bus, rules engine, and service creation environment that allows you to rapidly prototype and deploy solutions. We arrived at a platform where unique end user solutions can be created extremely quickly.

Building the DialogicONE platform for the past 3 years, we have been implementing solutions with some of the largest service providers around the world and would be extremely happy to show you how you can leverage all your assets to accelerate deployment of the next generation of solutions that take advantage of the incredible IoT growth.

In our next DialogicONE blog installment, we will look at abstraction layer of the two Smart Speaker camps (Google and Amazon). We’ll also look at a way to bring those two camps in line with your mobile applications that leverage conversational user interfaces.  We were tired of doing things multiple times, which is why we developed a set of services in DialogicONE to solve that problem once and for all.  I think you will enjoy our elegant solution and be able to consider it as a foundation to accelerate your deployments of solutions that leverage these technologies.

資料來源:
http://blog.dialogic.com/blog/dialogicone-blog-iot-solutions?utm_source=hs_email&utm_medium=email&utm_content=66905031&_hsenc=p2ANqtz-_CVnavuwkvIY_4RxnnVmZaZ9eDLnbzgQfF5_eAYbfBngx6IPbDXP80AiTaUUIrAdI0qjQsx9iCINKvfRYSUhJOCig4wdskxbWoITrboIIFpd_o3yc&_hsmi=66905031
 

]]>
2018-10-31
<![CDATA[Fortinet 報告:家用物聯網設備為劫持挖礦的首要攻擊目標]]> http://www.phitech.com.tw/news/index.php?news_id=870

Fortinet 報告:家用物聯網設備為劫持挖礦的首要攻擊目標

王智仁
Fortinet公佈其最新的全球網路威脅概況報告。該報告顯示,網路犯罪分子在如何利用漏洞創造優勢方面,變得更加聰明和迅速。還藉由不斷擴大的攻擊面,採用迭代的方法進行軟體開發,來促進攻擊方法的進化,創造最大的功效。
Fortinet資安長Phil Quade表示,網路罪犯是無情的,越來越能自動化攻擊所需的工具,並改造已知漏洞的變種。最近,在鎖定攻擊目標方面也更精確,更少依賴亂槍打鳥一籃子的嘗試來尋找可利用的受害者。 

企業組織迫切需要的則是,調整安全策略來解決這些問題。應該利用自動化和整合的防禦,來解決速度和規模的問題;利用取決於行為的高效能偵測,並依靠基於AI的威脅情資洞察能力,將其工作重點放在修補重要的漏洞上。 

報告的摘要如下: 

• 幾乎沒有公司可以從嚴重漏洞中免疫:針對關鍵和高嚴重性威脅的偵測分析,呈現一種令人擔憂的趨勢,96%的公司至少經歷過一次嚴重的漏洞攻擊。此外,近四分之一的公司發現劫持挖礦(cryptojacking)加密貨幣的惡意軟體,只有六種惡意軟體變種,散播到超過10%的企業組織。 

• 劫持挖礦加密貨幣的攻擊目標轉移到家用物聯網(IoT)設備:網路犯罪分子將IoT設備(包括家中的媒體設備)添加到其核武庫清單中。它們是一個特別有吸引力的目標,因為這些設備始終處於啟動狀態而且連線網際網路。同時,這些設備的控制界面採用經修改的Web瀏覽器,這增加了漏洞與攻擊面向。隨著此趨勢的延續發展,對於連接到企業網路的設備,內網隔離的實施將變得越來越重要。 

• 殭屍網路的趨勢展現網路犯罪分子的創造力: WICKED是一種新的Mirai殭屍網路變種,它增加了至少三種漏洞攻擊武器,鎖定未經更新修補的物聯網設備。 

VPNFilter是一個由民族國家資助的先進攻擊,透過監控MODBUS SCADA協議來攻擊SCADA / ICS環境,這無疑是一個重大威脅。它特別危險的原因,在於它不僅可以執行資料滲出(data exfiltration)的惡意活動,還可以使設備完全無法運作,無論是單獨還是群組執行。 

Bankbot家族的Anubis變種則引入了幾項創新。它能夠執行勒索軟體、鍵盤記錄、遠端木馬RAT功能、SMS簡訊攔截、鎖定螢幕和來電轉接。隨著網路威脅創造力的延展,藉由可操作的威脅情資密切關注變形攻擊是非常重要的。 

• 惡意軟體開發人員利用敏捷開發:GandCrab發佈了許多新版本,其開發人員繼續快速更新此惡意軟體。惡意軟體攻擊的自動化意味著新的挑戰,敏捷開發也一樣,因為這些技術和流程能讓攻擊方法有新的逃避方式。為了跟上網路犯罪分子正在使用的敏捷開發步伐,企業組織也需要先進的威脅防護和檢測功能,以協助他們查明這些漏洞攻擊。 

• 有效瞄準漏洞:攻擊者有選擇地決定他們所要鎖定的漏洞。利用從相關漏洞的流行程度和數量的角度,分析所偵測的漏洞,只有5.7%流行中的已知漏洞被鎖定用來攻擊。如果絕大多數漏洞不會被利用,企業組織應該考慮採取更加主動和策略性的方法來修復漏洞。 

本季度報告中的威脅數據再次印證了FortiGuard Labs全球研究團隊2018年初公佈的諸多趨勢預測。整個攻擊面和每個安全元素之間整合的安全架構至關重要。這種方法可以在速度和規模上共享可操作的威脅情報,縮小必要的檢測窗口,並提供面對當今多面向攻擊所需的自動修復能力。 


資料來源:
http://www.netadmin.com.tw/article_content.aspx?sn=1808300002
]]>
2018-10-24
<![CDATA[SANGOMA ANNOUNCES TRANSFORMATIVE ACQUISITION OF DIGIUM]]> http://www.phitech.com.tw/news/index.php?news_id=869

 

NEWS RELEASE

SANGOMA ANNOUNCES TRANSFORMATIVE ACQUISITION OF DIGIUM

MARKHAM, ON, Aug. 24, 2018 – Sangoma Technologies Corporation (TSX VENTURE: STC), a trusted leader in delivering Unified Communications solutions for SMBs, Enterprises, OEMs, and Service Providers, both on-premises and in the cloud, has entered into a definitive agreement on August 23, 2018 to acquire all of the outstanding shares of Digium, Inc. The deal is expected to close on or about August 31, 2018, subject to customary closing conditions.

Digium is the creator of Asterisk, the most widely used open source communication software in the world, along with Sangoma’s FreePBX. The company offers a comprehensive product portfolio including Digium’s cloud-based UCaaS (Unified Communication as a Service) platform, the Switchvox premise-based phone system, a complete range of IP phones, and a full suite of Asterisk software and connectivity products. Founded in 1999, Digium is a true pioneer in the communications market, launching the open source segment of telecom, and is one of the industry’s best known, most respected brands.  It is headquartered in Huntsville, Alabama, is privately held and venture-backed, with over 40% of sales in recurring services revenue to a huge customer base around the world.

Reaching a New Milestone in Scale

“Sangoma and Digium have a long history of working together, while also competing in the marketplace, and have gotten to know each other very well over the years.  Our relationship and mutual respect allows us both to know that the strategic fit between the two businesses really is excellent”, said Bill Wignall, President and CEO of Sangoma. Wignall continued, “This transaction will add very meaningful sales, create market leadership in our segment, increase recurring revenue materially, and allow us to nicely leverage our complementary businesses.  During a time of industry consolidation, this transformative merger is another bold step for us in implementing our strategy to scale up and increase shareholder value, by augmenting our organic growth with complementary M&A opportunities.  To the new staff that will be joining us, I’d like to welcome you to the growing Sangoma family.  To our Digium customers and partners around the globe, I’d like to assure you that everyone here at Sangoma remains committed to you, to the Digium products you rely upon, and to further contributing to your success.  And of course, to the Asterisk community, I would like to reassure you that Sangoma recognizes the value of Asterisk and is committed to keeping it open source.  We will continue to invest in its development and to seek input from the broad base of developers that has led to its outstanding success.”

The acquisition, Sangoma’s seventh in seven years, provides the combined company with several strategic advantages, including:  increased scale via significantly higher sales, expanded recurring revenue percentage, stronger gross margins, market leadership in our category, a more complete product portfolio, a larger team of excellent employees during a time when competition for talent is high, a much wider network of complementary channel partners around the world, and a larger base of enterprise and SMB customers. After closing, the merged company will have a combined workforce of over 300 employees.

“I created Asterisk and Digium to be disruptive in the communications industry”, said Mark Spencer, Founder and Chairman of Digium. Spencer continued, “I am really proud that it has grown under its current ownership and management to a very successful point, and it is now time to take it to the next stage as part of a larger, public company. Given the involvement of both companies in the history of Asterisk dating back to its creation in 1999, Sangoma is the natural home for the Asterisk project. For many years both companies have had teams working to improve Asterisk and make it more accessible.  I believe Sangoma’s commitments should reassure the Asterisk community that Sangoma is dedicated to the project.  I look forward to seeing the results of tighter collaboration between those teams, and the benefits to the community, now that they will be part of a single company.”

Transaction Details

Under the terms of the agreement, Sangoma expects to pay a total purchase price of US$28 million on a debt-free and cash-free basis, subject to customary working capital adjustments.  The purchase price consists of US$24.3 million in cash and 3,943,025 Sangoma common shares (representing US$3.7 million based on a ten (10) day volume weighted average price of $1.2214 per common share).  Digium generated approximately US$30 million in revenue in its fiscal year ended December 31, 2017, with consolidated assets (net of cash) of approximately US$11 million, no debt and a net loss of approximately US$4 million. Further, for the most recently completed quarter ending June 30, 2018, Digium is operating at about EBITDA breakeven.

The cash portion of the consideration will be funded through a combination of cash on hand and, in order to minimize dilution, a new credit facility of approximately $21 million from Sangoma’s existing Canadian Tier 1 bank, bringing Sangoma’s total credit facilities to about $28 million, of which approximately $25 million will be outstanding at Closing.  The new credit facility will be drawn in US dollars, be repaid over 7 years and is expected to have an interest rate of 6.0% to 6.5% per annum at closing.

Transaction Advisors

INFOR Financial Inc. acted as the exclusive financial advisor to Sangoma in connection with the transaction.

Conference Call Information

Management will discuss this planned acquisition more fully on a conference call at 8:30am EDT today, Friday August 24, 2018.  The dial-in number for the call is 1-800-319-4610 (International 1-604-638-5340) and investors are requested to dial in 5 to 10 minutes before the scheduled start time and ask to join the Sangoma call.

About Sangoma Technologies Corporation

Sangoma Technologies is a trusted leader in delivering Unified Communications solutions for SMBs, Enterprises, OEMs, Carriers and service providers. Sangoma’s globally, scalable offerings include both on-premises and cloud-based phone systems, telephony services and industry leading Voice-Over-IP solutions, which together provide seamless connectivity between traditional infrastructure and new technologies.

Sangoma’s products and services are used in leading PBX, IVR, contact center, carrier networks and data-communication applications worldwide. Businesses can achieve enhanced levels of collaboration, productivity and ROI with Sangoma. Everything Connects, Connect with Sangoma!

Founded in 1984, Sangoma Technologies Corporation is publicly traded on the TSX Venture Exchange (TSX VENTURE: STC). Additional information on Sangoma can be found by visiting www.sangoma.com.

About Digium

Digium®, Inc. provides Asterisk® software, telephony hardware, and on-premises and hosted Switchvox business phone systems that deliver enterprise-class Unified Communications (UC) and UC as a Service (UCaaS) solutions at an affordable price. Digium is the creator, primary developer and sponsor of the Asterisk project; the world’s most widely used open source communications software. Asterisk turns an ordinary computer into a feature-rich communications server. A community of more than 80,000 developers and users worldwide uses Asterisk to create VoIP communication solutions in more than 170 countries. Since 1999, Digium has empowered developers to create innovative communications solutions based on open standards and open source software, providing an alternative to proprietary phone systems. Digium Switchvox Cloud and other cloud-based products and services are offered through Digium Cloud Services, LLC, a wholly owned subsidiary of Digium, Inc. Digium’s business communications products are sold through a worldwide network of reseller partners. More information is available at www.digium.com and www.asterisk.org.

Cautionary Statement Regarding Forward Looking Statements

This press release contains forward-looking statements, including statements regarding the future success of our business, development strategies and future opportunities.

Forward-looking statements include, but are not limited to, statements concerning estimates of future revenue, expected expenditures, expected future production and cash flows, and other statements which are not historical facts. When used in this document, the words such as "could", "plan", "estimate", "expect", "intend", "may", "potential", "should" and similar expressions indicate forward-looking statements.

Readers are cautioned not to place undue reliance on forward-looking statements, as there can be no assurance that the plans, intentions or expectations upon which they are based will occur. By their nature, forward-looking statements are based on the opinions and estimates of management on the date that the statements are made and involve numerous assumptions, known and unknown risks and uncertainties, both general and specific, that contribute to the possibility that the predictions, forecasts, projections and other events contemplated by the forward-looking statements will not occur or will differ materially from those expected. Although Sangoma believes that the expectations represented by such forward-looking statements are reasonable based on the current business environment, there can be no assurance that such expectations will prove to be correct as these expectations are inherently subject to business, economic and competitive uncertainties and contingencies. Some of the risks and other factors which could cause results to differ materially from those expressed in the forward-looking statements contained in the management’s discussion and analysis include, but are not limited to changes in exchange rate between the Canadian Dollar and other currencies, the variability of sales between one reporting period and the next, changes in technology, changes in the business climate in one or more of the countries that Sangoma operates in, changes in the regulatory environment, the rate of adoption of the company’s products in new markets, the decline in the importance of the PSTN and new competitive pressures. The forward-looking statements contained in this press release are expressly qualified by this cautionary statement and Sangoma undertakes no obligation to update forward-looking statements if circumstances or management’s estimates or opinions should change except as required by law.

Readers are directed to Sangoma’s filings on SEDAR with respect to Management’s Discussion and Analysis of Financial Results for the basis of Sangoma’s reconciliation of EBITDA to net income as calculated under IFRS

###

Neither the TSX Venture Exchange nor its Regulation Services Provider (as that term is defined in policies of the TSX Venture Exchange) accepts responsibility for the adequacy or accuracy of this release.

 

Sangoma Technologies Corporation
David Moore
Chief Financial Officer
(905) 474-1990 Ext. 4107
dsmoore@sangoma.com
www.sangoma.com


資料來源:
https://www.sangoma.com/press-releases/sangoma-announces-definitive-agreement-to-acquire-digium-inc/

]]>
2018-10-17
<![CDATA[Fortinet與IBM簽署網路威脅情資共享協議]]> http://www.phitech.com.tw/news/index.php?news_id=868
Fortinet與IBM簽署網路威脅情資共享協議  
 

 

【CTIMES/SmartAuto 報導】   2018年08月15日 星期三

瀏覽人次:【334】
   

Fortinet宣佈與IBM Security協同合作,雙向共享彼此的網路威脅情資。

 

IBM Security威脅情報副總裁Caleb Barlow表示,「透過和Fortinet等值得信賴的合作夥伴建立關係,IBM能夠更清晰地了解全球威脅形勢。現今,駭客威脅技能高超,組織嚴密,資源充足,能在全球迅速展開他們的威脅活動。為了有效防禦,我們必須以同樣的速度運作,並訂定明智準確的反制措施。我們與Fortinet建構的集體防禦,有助於IBM更佳地保護客戶和社群,為我們提供額外的情資,使我們能夠更快、更全面地因應新的網路威脅。」

 

Fortinet的資安長Phil Quade則指出,「每個組織都得面對不斷變化的網路威脅、不斷擴大的攻擊面,以及持續惡化的網路安全技能短缺情況。具有全球視野且可執行的威脅情資,能讓這些組織化被動為主動。你無法保護或針對看不到的內容採取行動,這就是為什麼值得信賴的業界合作夥伴之間,威脅情資的共享是協助企業因應全球網路威脅重要的一部分。」

 

該協議的目標是藉由共享Fortinet旗下 FortiGuard Labs威脅研究團隊,和IBM Security的X-Force研究團隊所產出的威脅語境訊息,主動抵禦全球性的網路和隱私威脅。

 

IBM Security和Fortinet將採用安全通道,直接協同合作雙向共享威脅情報。共享的威脅資訊將提供深入的安全研究專業知識,以及全球的威脅情資,以加強對雙方客戶的安全保護。

 

IBM Security和Fortinet全球威脅研究團隊將會監控和分析各種來源的安全威脅,提供有價值近乎即時的威脅情報。透過整合雙方的威脅情報來源,客戶將能因威脅資料更加全面而受益。

 

雖然該協議正式確定了Fortinet與IBM Security在威脅資訊共享方面的合作,但事實上兩家公司早已在安全保護各方面進行合作一段時間。

 

自2017年以來,IBM Security一直是Fortinet Fabric-Ready的合作夥伴。Fortinet開放式的方法能透過設計良好的API,將其安全織網架構廣泛的可見性、整合的威脅防禦,以及自動化回應擴展到IBM,以實現統一的安全管理和安全事件的應變。

此外,Fortinet今年稍早宣布與IBM合作,開展其IBM X-Force威脅管理服務。這項合作讓雙方能夠進一步為共同客戶提供威脅洞察資訊、攻擊檢測和預防,以及一個整合的縱深防禦策略,無縫地涵蓋整個組織的受攻擊面。

資料來源:

https://www.ctimes.com.tw/DispNews-tw.asp?O=HK28F04CEB4SAA00PQ

]]>
2018-10-10
<![CDATA[Fortinet Threat Landscape Report Reveals IoT Devices in the Home Are the Latest Target for Cryptojacking]]> http://www.phitech.com.tw/news/index.php?news_id=867 Fortinet Threat Landscape Report Reveals IoT Devices in the Home Are the Latest Target for Cryptojacking

96% of Firms Experienced at Least One Severe Exploit

Sunnyvale, California - Aug 13, 2018
 
 

Phil Quade, chief information security officer, Fortinet

“Cyber adversaries are relentless. Increasingly, they are automating their toolsets and creating variations of known exploits. Of late, they are also more precise in their targeting, relying less on blanket attempts to find exploitable victims. Urgently, organizations must pivot their security strategy to address these tactics. Organizations should leverage automated and integrated defenses to address the problems of speed and scale, utilize high-performance behavior-based detection, and rely on AI-informed threat intelligence insights to focus their efforts on patching vulnerabilities that matter.”

News Summary:

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity solutions, today announced the findings of its latest Global Threat Landscape Report. The research reveals cyber criminals are becoming smarter and faster in how they leverage exploits to their advantage. They are also maximizing their efforts by targeting an expanding attack surface and by using iterative approaches to software development facilitating the evolution of their attack methodologies. For a detailed view of the findings and some important takeaways for CISOs read the blog. Highlights of the report follow:

  • Virtually No Firm is Immune from Severe Exploits: Analysis focused on critical and high-severity detections demonstrates an alarming trend with 96% of firms experiencing at least one severe exploit. Almost no firm is immune to the evolving attack trends of cyber criminals. In addition, nearly a quarter of companies saw cryptojacking malware, and only six malware variants spread to over 10% of all organizations. FortiGuard Labs also found 30 new zero-day vulnerabilities during the quarter.
  • Cryptojacking Moves to IoT Devices in the Home: Mining for cryptocurrency continues, cyber criminals added IoT devices, including media devices in the home to their arsenals. They are an especially attractive target because of their rich source of computational horsepower, which can be used for malicious purposes. Attackers are taking advantage of them by loading malware that is continually mining because these devices are always on and connected. In addition, the interfaces for these devices are being exploited as modified web browsers, which expands the vulnerabilities and exploit vectors on them. Segmentation will be increasingly important for devices connected to enterprise networks as this trend continues.
  • Botnet Trends Demonstrate the Creativity of Cyber Criminals: Data on botnet trends gives a valuable post-compromise viewpoint of how cybercriminals are maximizing impact with multiple malicious actions. WICKED, a new Mirai botnet variant, added at least three exploits to its arsenal to target unpatched IoT devices. VPNFilter, the advanced nation-state-sponsored attack that targets SCADA/ICS environments by monitoring MODBUS SCADA protocols, emerged as a significant threat. It is particularly dangerous because it not only performs data exfiltration, but can also render devices completely inoperable, either individually or as a group. The Anubis variant from the Bankbot family introduced several innovations. It is capable of performing ransomware, keylogger, RAT functions, SMS interception, lock screen, and call forwarding. Keeping tabs of morphing attacks with actionable threat intelligence is vital as creativity expands.
  • Malware Developers Leverage Agile Development: Malware authors have long relied on polymorphism to evade detection. Recent attack trends show they are turning to agile development practices to make their malware even more difficult to detect and to counter the latest tactics of anti-malware products. GandCrab had many new releases this year, and its developers continue to update this malware at a rapid pace. While automation of malware attacks presents new challenges, so does agile development because of the skills and processes to roll out new evading releases of attack methods. To keep pace with the agile development cyber criminals are employing, organizations need advanced threat protection and detection capabilities that help them pinpoint these recycled vulnerabilities.
  • Effective Targeting of Vulnerabilities: Adversaries are selective in determining what vulnerabilities they target. With exploits examined from the lens of prevalence and volume of related exploit detections, only 5.7% of known vulnerabilities were exploited in the wild. If the vast majority of vulnerabilities won’t be exploited, organizations should consider taking a much more proactive and strategic approach to vulnerability remediation.
  • Education and Government Application Usage: When comparing application count usage across industries, government use of SaaS applications is 108% higher than the mean and is second to education in the total number of applications used daily, 22.5% and 69% higher than the mean, respectively. The likely cause for the higher usage in these two industry segments is a greater need for a wider diversity of applications. These organizations will require a security approach that breaks down silos between each of these apps, including their multi-cloud environments, for transparent visibility and security controls.

Combating Evolving Attacks Requires Integrated Security Powered by Threat Intelligence

The threat data in this quarter’s report once again reinforces many of the prediction trends unveiled by the FortiGuard Labs global research team for 2018. A security fabric that is integrated across the attack surface and between each security element is vital. This approach enables actionable threat intelligence to be shared at speed and scale, shrinks the necessary windows of detection, and provides the automated remediation required for the multi-vector exploits of today.

Report Methodology
The Fortinet Global Threat Landscape Report is a quarterly view that represents the collective intelligence of FortiGuard Labs drawn from Fortinet’s vast array of sensors during Q2 2018.  Research data covers global, regional, industry sector, and organizational perspectives. It focuses on three central and complementary aspects of that landscape, namely application exploits, malicious software, and botnets. It also examines important zero-day vulnerabilities and infrastructure trends to add context about the trajectory of cyber attacks affecting organizations over time. To complement the report, Fortinet publishes a free, subscription-based Threat Intelligence Brief that reviews the top malware, virus, and web-based threats discovered every week, along with links to valuable FortiGuard Labs threat research.


資料來源:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2018/fortinet-threat-landscape-report-2018-q2.html
 

]]>
2018-10-03
<![CDATA[Fortinet Security Shines in SD-WAN Study]]> http://www.phitech.com.tw/news/index.php?news_id=866 While its popularity is growing, SD-WAN is still in its infancy, which means there’s still a fair amount education needed for this rapidly maturing technology. Taking a cross section of the industry is vital to deliver the level of insight required for digital-first firms to make intelligent decisions when moving into the modern era.

 
 

Last week, I reported on NSS Labs’ SD-WAN Group Test, a first of its kind industry exploration. Digging a little deeper, we put the focus on Fortinet’s (News - Alert) FortiGate SD-WAN  today as its security expertise was showcased within the report.

Three statistics stick out for the SD-WAN provider. The FortiGate SD-WAN promises the lowest TCO per Mbps at $5@749 Mbps. Fortinet innovation deserves the credit here, owing kudos to custom-built security processors. Secondly, the SD-WAN solution features Native NGFW security, which during testing blocked 100 percent of evasions and saw a 99.9 percent security effectiveness rate. Last but certainly not least, FortiGate SD-WAN touts the highest QoE, with a score of4.26 out of 4.53 for video application delivery and 4.38 out of 4.41 for voice applications.

“Fortinet continues to perform well in NSS Labs group testing. FortiGate SD-WAN delivers a high quality of experience for voice and video, excellent VPN performance and good total cost of ownership. Fortinet’s FortiGate SD-WAN should be considered by any organization looking for an affordable and effective offering that combines NGFW security and high performance SD-WAN,” explained  Vikram Phatak, chief executive officer of NSS Labs.

Enterprise security is nothing to shake a stick at, neither is network performance. The WAN is in the midst of a software-defined makeover, offering a path to the cloud and driving a new day.

What’s in your WAN?

Curious to learn more about SD-WAN? SD-WAN Expo 2019 will be here before you know it to introduce attendees to the market leaders, what lies ahead and most importantly, what this up-and-coming technology can offer.

Already an SD-WAN expert? Interested in speaking at SD-WAN Expo 2019? Shoot me an email at mnagle@tmcnet.com. 




Edited by Maurice Nagle

資料來源:

https://www.sdwanresource.com/articles/439112-fortinet-security-shines-sd-wan-study.htm]]>
2018-09-26
<![CDATA[Fortinet安全織網支援Google雲端平台 提供混合雲環境安全防護]]> http://www.phitech.com.tw/news/index.php?news_id=865
Fortinet安全織網支援Google雲端平台 提供混合雲環境安全防護  
 

Fortinet日前宣佈其安全織網(Security Fabric)已擴大支援Google雲端平台,讓客戶能更佳地保護混合雲環境不斷延展的受攻擊面。

 

Fortinet產品與解決方案資深副總裁John Maddison表示,「隨著企業基礎架構逐漸發展並採用雲端運算,他們也希望所選擇的安全平台能有隨時轉移的彈性。Fortinet能讓Google 雲端平台的客戶完整存取Fortinet Security Fabric,不論何時何地,當安全架構師要部署安全控制時都能為其提供靈活性。」

 

Fortinet現在於Google雲端平台上,除了既有的FortiGate新世代防火牆之外,還提供FortiManager、FortiAnalyzer和FortiWeb,從新世代防火牆、Web應用安全到安全分析,拼接成多層式的安全防護。

 

進一步建立在Fortinet最近宣佈的Fabric連接器(Fabric Connectors)合作夥伴計劃上,Fabric Connectors現已在Google 雲端平台上提供,允許企業組織透過一鍵式整合功能,在多個虛擬實例(instance)中套用一致的安全策略。

 

無論在本地端還是雲端,Fortinet的所有安全產品都能輕易整合,讓客戶更輕鬆地在多個環境中擴充安全防護。

 

FortiGate和FortiWeb的結合,使客戶能透過一套統一的安全政策來保護他們的雲端基礎架構和Web應用程式,打造一個不易出現人為錯誤的安全防護狀態。

 

隨著企業組織進行數位轉型,工作負載量逐漸由本地端轉移到公有雲基礎架構,以享有靈活性和擴展性帶來的好處。彈性的容量和按需求定價的方式,使他們能夠快速上下新的和現有的應用程式。然而隨著網路的迅速擴展,他們易受攻擊的面向也越來越廣,因此需要能輕鬆跨越多個環境,而不會帶來複雜性的安全解決方案。彈性是企業組織走向雲端的另一個關鍵因素,這使得安全解決方案也必須像Web應用程式一樣,能快速地建立和撤除。

 

為了協助客戶跟上數位轉型的趨勢,並減少工作負載轉移的難題,Fortinet已在Google雲端平台上增加Security Fabric和Fabric Connector產品。除FortiGate新世代防火牆外,企業現在還可以選購FortiManager和FortiAnalyzer的虛擬實例用於NOC-SOC安全,以及FortiWeb應用程式防火牆。Google雲端市集的FortiGate和FortiWeb,現採用新的實用實付(pay-as-you-go)價格選項,結合叢集和擴充Fortinet實例的能力,確保安全防護可清楚掌控,同時不會拖慢數位企業的速度。Fabric Connector現也已在Google Cloud Platform上提供,能一鍵整合,自動在Google雲端和本地端之間同步和自動化,進而跨多個虛擬實例輕易套用一致性的安全政策。

 

除了在統一的中控台提供單一窗格的安全政策之外,Fortinet Security Fabric還為Google雲端用戶提供FortiGuard安全防護中心先進的威脅情資,以及領先業界的FortiOS作業系統,同時跨實體、虛擬和雲端環境提供全方位的安全控管、工作負載可見性和管理功能。

 

Google雲端平台是Fortinet Fabric-Ready合作夥伴計劃的成員,該計劃是Fortinet技術聯盟合作夥伴關係的一個重要類別,也是Fortinet Security Fabric關鍵的一部分,它讓Fortinet與合作夥伴的產品能協同整合並提供端到端的安全性。


資料來源:

http://www.ctimes.com.tw/DispNews-tw.asp?O=HK27V9YM6HMSAA00NL
 

]]>
2018-09-19
<![CDATA[Fortinet:勒索病毒GandCrab 4.0才推出兩天就釋出4.1,小心盜版網站的假破解工具]]> http://www.phitech.com.tw/news/index.php?news_id=864

對於外傳勒索病毒GandCrab會透過SMB漏洞主動傳染一事,資安業者Fortinet提到,這消息純屬推論,企業不要過度恐慌,重要的是應盡速更新修補該漏洞。

 
 

資安業者Fortinet揭露,勒索軟體GandCrab距上個版本發布才兩天,現在又釋出了新版本,並且增加了過去他們不曾觀察到的網路通訊策略。至於外傳GandCrab新版本將會透過伺服器訊息區塊(Server Message Block,SMB)漏洞主動傳染,Fortinet對此表示,經過他們研究後,認為這個說法只是推測,他們並無實際找到任何相關的功能,微軟已修補該漏洞,企業應該要盡速更新。

GandCrab發布4.0版本後的兩天又再度釋出了4.1版本,這兩個版本都是透過埋伏在盜版網站中,偽裝成破解應用程式的下載網址以誘騙受害者。Fortinet提到這個新版本的GandCrab,增加了過去沒看過的通訊策略,其中包含了一份寫死的感染網站列表,紀載了數量多達近千個不同的主機,GandCrab會連接到這些網站上傳資料。

為產生完整的主機的網址,駭客使用隨機演算法,以http://{主機}/{字1}/{字2}/{檔案名稱}.{擴充}格式樣板生成不同的網址,最前面的主機會填入寫死的列表主機位置,後面的選項都有預定義的字詞。在成功連結網址後,惡意程式會傳送受害者的資料到所有的主機,其中包括IP位置、網路域名、作業系統以及GandCrab內部訊息等多項資訊。

Fortinet認為,將資料傳送到所有主機的動作很不尋常,因為通常傳送一次應該就代表成功了,但重複近千次的目的令人匪夷所思,Fortinet推論,這個動作可能是駭客在實驗某種功能,或是單純的進行轉移分析。GandCrab會主動關閉許多常用應用程式的程序,以確保加密檔案攻擊不會意外地被中斷,這些程序包含常用的Office、瀏覽器或是資料庫等,而也因為這些目標文件通常對受害者來說價值較高,勒索成功率也比較高。

由於去年肆虐一時的勒索病毒WannaCry、Petya/NotPeta,使用SMB漏洞進行傳染。而外界最近也一直流傳,GandCrab惡意軟體會透過SMB漏洞主動傳染一事,造成不少企業恐慌。Fortinet提到,他們並沒有在GandCrab上,找到可以實際使用SMB漏洞的功能,GandCrab感染主要是透過網路分享而非漏洞傳播。

Fortinet表示,目前並沒有證據證明GandCrab能透過SMB漏洞傳染,所以那僅是推測而已,一旦他們有所新發現,會即時對外發布相關消息,但他們也認為,GandCrab過去一星期積極發展,假設未來駭客真的增加了新功能,也不會特別令人感到意外。但重點是微軟的MS17-010更新早已修補了該漏洞,企業應該確保自己的系統已經獲得適當的更新。
 

 資料來源:
https://www.ithome.com.tw/news/124627]]>
2018-09-12
<![CDATA[Fortinet 網路威脅報告顯示,勒索軟體轉向劫持電腦進行挖礦]]> http://www.phitech.com.tw/news/index.php?news_id=862 全方位整合與自動化網路安全廠商 Fortinet,日前公布了 2018 年第一季全球網路威脅報告。該研究指出,網路犯罪份子不斷升級攻擊手法,以提高成功率並加速感染的擴散。雖然勒索軟體持續嚴重影響企業組織,但有跡象顯示,一些網路犯罪份子現在更喜歡劫持電腦系統,將其用於加密貨幣挖礦,而不是直接勒索贖金。


 

Fortinet 資安長 Phil Quade 表示,「我們正面臨資安領域令人不安的趨勢融合。網路惡行者利用不斷擴大的受攻擊面,藉由新發布的零日威脅與擴大惡意軟體的散布,來展現其攻擊的效率和敏捷性。此外,IT 和 OT(操作技術)團隊通常沒有所需的資源,得以適當地強化和保護系統。因此,建置一個安全織網(security fabric)架構,能夠依序優先處理效能、整合、先進分析與風險決策,就能提供全方位的安全防護。」

Fortinet 亞太區網路安全策略師 Gavin Chow 指出,「2018 年第一季,台灣地區最普遍的攻擊,是針對包括執行於 Apache Struts、Oracle WebLogic Server 和較舊的 IIS 6.0 網站系統上的已知漏洞;另外則是物聯網設備上的舊漏洞,例如 Linksys 和 D-Link 家用路由器。傳統 Windows 執行檔和 PowerShell 的惡意軟體,則是此區域最流行的惡意軟體;另外則是利用微軟 Office 已知漏洞,取得受害系統控制權執行其他惡意行為的惡意軟體。」

更多詳細的研究發現與重點可造訪 Fortinet 的部落格。以下是 2018 年第一季網路威脅報告的重點摘要:

網路攻擊手法不斷進化以確保在速度與規模上成功

資料顯示,網路犯罪份子越來越熟練使用惡意軟體,能利用新發布的零日漏洞在攻擊速度和規模上獲得成功。儘管 2018 年第一季每家公司檢測到的漏洞下降了 13%,但獨特的漏洞卻增加超過 11%,而 73% 的公司都遭受過嚴重的漏洞攻擊。

  • 劫持挖礦(cryptojacking)激增:惡意軟體不斷進化,越來越難以預防和檢測。劫持電腦進行挖礦的勒索軟體相較前一季倍增,從 13% 上升至 28%。此外,劫持挖礦病毒在中東、拉丁美洲和非洲非常普遍。此種相對較新的威脅,卻顯示出令人難以置信的多樣性。網路犯罪份子正在建立更隱蔽的無檔案攻擊手法,能將遭感染的程式碼直接注入到瀏覽器中,大大降低被偵測出的機率。礦工現在針對多種作業系統,同時挖掘不同的加密貨幣,包括比特幣(Bitcoin)、達世幣(Dash)和門羅幣(Monero)。他們同時也會根據攻擊成功率,調整和採用遞送和傳播的技術。
  • 目標化攻擊造就最大的衝擊:破壞性惡意軟體帶來的衝擊仍然很大,特別是將它與精心設計的攻擊結合的時候。對攻擊目標發送攻擊之前,進行深入的偵查,有助於提升攻擊的成功率。一旦滲透到網路之後,攻擊者就會在網路中橫向擴散,然後觸發計劃攻擊中最具破壞性的部分。奧運毀滅者(Olympic Destroyer)惡意軟體和最近的 SamSam 勒索軟體,都是網路犯罪份子將精心設計的攻擊與破壞性有效載荷(payload)相結合,以造就最大衝擊的例子。
  • 勒索軟體持續破壞:勒索軟體數量和複雜性的成長,仍然是企業面臨的重大安全挑戰。勒索軟體不斷進化,利用社交工程等新興傳播管道,以及多階段攻擊等新技術來逃避檢測,加速感染系統。1 月份所出現的 GandCrab 勒索軟體,是第一個要求以 Dash 加密貨幣付款的勒索軟體。 BlackRuby 和 SamSam 則是另外兩種勒索軟體變種,在 2018 年第一季成為主要威脅。
  • 多種攻擊媒介:儘管在第一季, Meltdown 和 Spectre 的旁路攻擊(Side Channel Attack)占據了新聞版面,但一些主要的攻擊針對的則是行動裝置,或是路由器、Web 或 Internet 技術上的已知漏洞。21% 的企業組織回報行動惡意軟體增加了 7%,這顯示物聯網設備仍然被鎖定攻擊。網路犯罪份子也持續了解到尚未修補的已知漏洞價值,以及利用新發現的零日漏洞增加攻擊機會。此外,微軟繼續成為攻擊的頭號目標,路由器在攻擊總量中占第二位。內容管理系統(CMS)和 Web 導向技術也成為主要目標。
  • 潔淨網路,而不僅是修補:依據持續通訊的連續天數,來測量殭屍網路的感染時間,顯示網路的潔淨不僅只涉及修補漏洞。第一季的資料顯示,58.5% 的殭屍網路在感染同一天被發現和清理。17.6% 連續存在兩天,7.3% 會存在 3 天,大約 5%則 會存在一個星期以上。例如,2017 年第四季,仙女座殭屍網路(Andromeda botnet)被取締,但今年第一季的資料顯示,它在數量和流行率仍展現其頑強的生命力。
  • 針對操作技術(Operational Technology,OT)的攻擊:儘管 OT 攻擊在整個攻擊環境中所占比例較小,但趨勢不容忽視。工業生產網部門越來越多與互聯網相連,對安全產生嚴重的潛在影響。目前,絕大多數攻擊活動針對兩種最常見的工業通信協議,因其被廣泛部署,具有高度針對性。資料顯示,亞洲比其他地區在針對工業控制系統(ICS)的網路攻擊活動更為普遍。

對抗不斷演化的網路犯罪需要整合的安全防護

本季報告中的威脅資料,與 FortiGuard 安全防護中心所發布的 2018 年預測趨勢相吻合。這顯示針對智慧與自動化威脅的最佳防禦,應是一個整合、廣泛的自動化安全織網架構,具備高度意識與主動安全防禦的系統,才能因應新一代自動與人工智慧化的攻擊。

研究方法

Fortinet 的全球網路威脅報告,整合了 FortiGuard Labs 團隊於 2018 年第一季所收集的情報,資料來源涵蓋 Fortinet 廣泛的網路設備和感測器,遍布全球、各地區、各行業和不同組織。報告專注於 3 個核心方面:應用程式漏洞、惡意軟體和殭屍網路。

(首圖來源:pixabay

資料來源:
http://technews.tw/2018/06/20/fortinet-report-ransomware/
 

]]>
2018-09-05
<![CDATA[Fortinet Discovers Microsoft Windows Webservices Library Denial of Service Vulnerability]]> http://www.phitech.com.tw/news/index.php?news_id=861

Summary

Fortinet's FortiGuard Labs has discovered a Denial of Service vulnerability in Microsoft Windows Webservices Library.

Microsoft Windows is a group of graphical operating system families, all of which are developed and sold by Microsoft.

A Denial of Service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target Windows system to stop responding.

Solutions

Users should apply the solution provided by Microsoft.

Additional Information

Following Windows versions are affected:

Windows 10

Windows 7

Windows 8.1

Windows RT 8.1

Windows Server 2008

Windows Server 2012

Windows Server 2016

Windows Server

 

Timeline

Fortinet reported the vulnerability to Microsoft on January 5, 2018.

Microsoft confirmed the vulnerability on March 30, 2018.

Microsoft patched the vulnerability on June 12, 2018.

 

Acknowledgement

This vulnerability was discovered by Honggang Ren of Fortinet's FortiGuard Labs.

IPS Subscription

Fortinet customers who subscribe to Fortinet's intrusion prevention (IPS) service should be protected against this vulnerability with the appropriate configuration parameters in place. Fortinet's IPS service is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and antispam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate, FortiMail and FortiClient products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat's lifecycle.

資料來源:
https://fortiguard.com/zeroday/2117
]]>
2018-08-29
<![CDATA[Fortinet完成購併Bradford Networks 強化安全織網架構]]> http://www.phitech.com.tw/news/index.php?news_id=860 Fortinet宣佈完成購併Bradford Networks,未來將藉由整合存取控制與物聯網安全解決方案,進一步強化Fortinet的安全織網架構,提供大型企業更寬廣的可視性(visibility)與安全性。

Fortinet創辦人、董事長暨執行長謝青表示,「大型企業的網路流量持續快速增加,存取網路的使用者和設備亦同速增長,相對地遭入侵的風險也就大幅提高。根據Forrester最近的研究顯示,82%的受訪企業甚至無法辨識出所有存取網路的設備。Bradford Networks的技術與Fortinet安全織網的結合,將能提供大型企業持續的可視性、微分區(micro-segmentation) ,以及所需的存取控制技術,來遏制網路威脅和封阻網路中未受信任的裝置。」

大型企業因此得以擁有更寬廣的可視性與安全性的複雜網路。

不管是端點、使用者、受信任與未受信任的裝置,以及存取網路的應用程式,包括物聯網和無頭(headless)設備,都能有完整、持續,不需代理(agentless)程式的可視性。

藉由設備微分區增強物聯網安全性,根據類型、配置,動態分類無頭設備,以及自動指派政策,進而能夠僅透過簡單的Web使用者界面精細地來隔離不安全的設備。

透過防止橫向移動的自動化工作流程的整合,迅速準確地進行事件分類和威脅控制。

* 由於高度可延展的架構,能輕易執行高經濟效益的部署,不需要在多站點的每個位置進行安裝。

由於Gartner和Forrester的廣泛肯定,Bradford Networks贏得了無數的獎項,深受全球大型企業的信任,以保護和抵禦不斷增加的受攻擊面。

Bradford Networks執行長Rob Scott表示,「我們很高興能與網路安全領導廠商Fortinet合作,為大型企業組織提供卓越的可視性和安全性。Bradford Networks的技術已經與Fortinet的安全織網架構(包括FortiGate、FortiSIEM、FortiSwitch和FortiAP產品)整合,即使在最嚴苛的安全環境中,例如重要基礎設施-電力、石油和天然氣,以及製造業,也能將網路威脅的風險和影響降到最低。」

Fortinet預計該交易不會對2018年5月3日所公佈的第二季度或全年2018年財務資訊產生重大影響。

資料來源:
http://www.ctimes.com.tw/DispNews-tw.asp?O=HK26B8L17TYSAA00N5
 

]]>
2018-08-22
<![CDATA[Fortinet:企業必須加強網路安全以因應歐盟GDPR]]> http://www.phitech.com.tw/news/index.php?news_id=859 Fortinet建議企業組織應做好最終準備,以遵守甫於日前(2018年5月25日)生效的歐盟「一般資料保護規定」(GDPR; General Data Protection Regulation)。該法律保護歐盟所有公民的個人資訊,並藉由罰款、制裁和受害方賠償來執法。

 

受GDPR影響的產業必須審查涉及個人身份資訊(PII; Personally Identifiable Information)的所有流程,並評估其組織的因應狀況,以符合72小時資料洩露報告的要求。

 

GDPR適當地兼顧「歐盟公民掌控個人資料」,以及「企業責任」這兩方面的權益,能同時在正常營運和資料洩露的情況下保護這些資料。新的歐盟個人資訊重要保護措施,包括明確批准個人資料的使用權,以及「被遺忘權(right to be forgotten)」,讓民眾可以要求企業組織清除任何有關他們的個人資料。雖然實際身在歐盟區的企業和政府需要遵守GDPR,但也能施行於那些擁有重要歐盟客戶或客戶群的公司。

 

儘管期即已到,但大部分服務歐盟市場或需要獲取個人身份資訊以進行重大交易的企業,仍未做好充分準備。根據之前安永會計師事務所(Ernst & Young)舉辦的第三屆雙年度鑑識資料分析調查顯示,亞太地區只有12%的企業制定了GDPR合規計畫。

 

Fortinet認為,GDPR對民營和公部門如何處理個資有所影響,但某些主要產業會因為個資的處理數量和業務性質,而有更高的曝露風險。這些包括全球營運的電子商務企業,以及為大量來自歐盟的遊客、旅客或外籍人士提供服務的公司。

 

Fortinet列舉受GDPR影響的前三大行業包括零售業、醫療保健、金融服務。

 

零售業-最有可能處理GDPR相關個資的零售業,包括跨境電子商務、零售連鎖業、酒店業、旅遊和餐飲服務。為歐盟客戶提供服務的實體企業,也會發現自己有責任採取GDPR PII的保護措施。使用信用卡或簽帳卡來支付、提供送貨地址資訊,或是參與客戶忠誠計畫,這些都屬於GDPR的保護範圍。

醫療保健 -GDPR將其涵蓋範圍,擴展到儲存或處理歐盟人民醫療資訊的非歐盟組織。GDPR為處理特定個資類型的醫療資訊,提供了特別嚴格的保護和流程。一般而言,只有在需要患者治療和診斷時,以及在患者明確同意的情況下,醫療單位才可以蒐集和處理個人醫療資訊。 GDPR也提及基因資料是一個值得關注的領域。

金融服務-金融機構往往擁有帳戶持有者大量的個資,也因為他們消費而不斷累積高度的個人行銷資料,來支援金融服務的銷售,同時評估企業和個人客戶的信用狀況。

 

要符合GDPR的規範,企業組織必須重新配置其業務流程和IT架構,並降低PII個資的曝露程度。

Fortinet建議企業採取以下步驟,來符合GDPR的規範:1. 聘請協力廠商評估資料保護措施,以及對GDPR的曝露風險。2.進行全面的資料審計,瞭解資料的來源、收集和處理。它應包括記錄受GDPR影響資料的存儲位置、網域內系統間的通訊方式,以及任何外部雲端或協力廠商資料保管人。3.確定資料洩漏時偵測和緩解所需的時間,以及為符合GDPR要求而改進這些流程的必要條件。這部分的行動計畫還應包括詳細的安全評估。

 

總結而言,遵守GDPR能保護企業組織相關者的隱私和權益。GDPR看起來似乎很繁絮,但它邁出了重大的一步,意即恢復公眾對「企業能帶來社會福祉」的信心,同時遏制社會風險。

資料來源:
https://www.ctimes.com.tw/DispNews-tw.asp?O=HK25T9KDMMYSAA00NI

]]>
2018-08-15
<![CDATA[Telestax® Announces RestcommONE™ Message Exchange For Broadsoft’s Broadworks UC-One Platform]]> http://www.phitech.com.tw/news/index.php?news_id=858 RestcommONE Federated Messaging Enables Sending And Receiving SMS Texts From Inside Broadworks UC-ONE Unified Communications Platform

AUSTIN, Texas, May 25, 2018 /PRNewswire/ -- Telestax®, the Restcomm™ company, today announced availability of RestcommONE Message Exchange targeted at professionals needing to communicate, by standard SMS text, with business constituents residing outside of the Broadworks UC-One platform. Broadworks UC-One is a rich UC platform that supplies a unified messaging capability to individuals residing within its community. Message Exchange now extends unified messaging to individuals residing outside of the Broadworks UC-One platform.

There are big benefits to be gained by users and organizations that have deployed Broadworks UC-One. UC-One users no longer need to use their personal mobile devices to send and receive work related texts. Organizations keep all business related messaging on their network and business contacts are kept within the company, increasing privacy and security. Further, Broadsoft UC-One service providers can now offer an additional revenue generating service that increases customer satisfaction and perceived value in the services provided by their network operator.

Message Exchange is a key part of Telestax's CPaaS enablement strategy. Quickly CPaaS enable our service provider partners and give them immediate access to revenue generating SMS enabled services. Once up and running, service providers also gain access to powerful programmable messaging, voice and video APIs offered by the RestcommONE platform. The ultimate goal is to give service providers the tools and features they need to be innovative leaders and keep pace with market opportunities.

15 Minutes To Message Exchange
Telestax's objective to make Message Exchange implementation straightforward - and easy and quick to configure was successful. Only six steps are required for the first user in a given domain:

  1. Access to Broadsoft UC server available to receive a SMS text
  2. Have a valid SSL in place
  3. Have a RestcommONE account in place
  4. Point the SMS URL to RestcommONE
  5. Obtain the user's XMPP address
  6. Add a new RestcommONE contact in their UC-One client

Once this process is followed for the first user, all remaining users in the same domain simply add a new RestcommONE contact in their UC-One client. Learn more about RestcommONE Message Exchange by Registering for the upcoming Message Exchange Webinar or go to the RestcommONE Message Exchange web page.

Message Exchange Is In Production
RestcommONE Message Exchange is currently in use by Veracity Networks and MetTel. Both service providers have successfully launched the product into their enterprise customer base.

"Competition in the UCaaS market forces Veracity to continue to be innovative and look for new features and services that help our customers," said Drew Peterson, Veracity Chief Revenue Officer. "With the RestcommONE Message Exchange we are able to quickly and seamlessly integrate SMS into our offering, helping us to deliver a more robust product that our customers need. And it provides a new revenue stream from our installed base. Combined with the Telestax's Programmable SMS, it gives Veracity a great competitive advantage over other UCaaS SMS only offerings."

Message Exchange really is just a 15-minute integration process to push messages in and out of UC-One," said Ed Fox, MetTel VP of Network Services. "The great thing is that we can SMS-enable our customer's phone numbers for them so everything stays on our network, giving both MetTel and our customers full control over how the services get deployed. Message Exchange, combined with our other SMS enablement initiatives, helps MetTel deliver innovative services for enterprise communications."

Message Exchange Future Plan
Broadworks UC-One is the first platform to be SMS enabled through Message Exchange. Against various opinions, SMS continues to be the standard for business messaging. RestcommONE Message Exchange will solidify its dominant position by connecting it to OTT business chat platforms and additional UC platforms. The goal with RestcommONE Message Exchange is to federate key business messaging platforms, enabling frictionless communication between business partners no matter which platform an organization has standardized on.

"With the myriad of closed messaging platforms that exist in the market and new platforms being introduced, Telestax believes federation is critical to enable frictionless communication," said Jean Deruelle, Telestax CTO and cofounder. "SMS is the lingua franca for business messaging making it the natural choice for seamlessly connecting these disparate systems together."

About Telestax
Telestax is quickly becoming the catalyst for bringing cloud communications into the mainstream. Our carrier grade RestcommONE platform is scalable, highly available and is the only WebRTC platform that supports full stack CPaaS. RestcommONE is the platform of choice for rapidly building enterprise grade real-time messaging, voice and video applications. Utilizing RestcommONE, Telestax provides service provider partners a new strategic business model by CPaaS enabling them in less than 8 weeks. CPaaS enabled service providers now compete aggressively and effectively against commercial CPaaS providers, they maintain a loyal customer base and increase their revenue opportunities. The RestcommONE platform is generating a positive disruption in the real-time communications market by changing the way organizations acquire and utilize their business software. Telestax is a privately held global company with headquarters in Austin, TX.

Media Contact:
Nancy Colwell
nancy.colwell@telestax.com

SOURCE Telestax

Related Links

http://www.telestax.com

資料來源

https://newswire.telecomramblings.com/2018/05/telestax-announces-restcommone-message-exchange-broadsofts-broadworks-uc-one-platform/

]]>
2018-08-08
<![CDATA[美超微在2018 OpenStack峰會上展示全新雲級企業系統]]> http://www.phitech.com.tw/news/index.php?news_id=857 - 這些多節點BigTwin™、SuperBlade®和1U雲端存儲配置已在要求最苛刻的電商、社交和雲端環境中得到驗證,為當今的數據中心打造靈活的雲端運算效率和性能

不列顛哥倫比亞省溫哥華2018年5月22日電 /美通社/ -- 企業運算、存儲和網絡解決方案以及綠色運算技術領域的全球領導者美超微電腦股份有限公司(Super Micro Computer, Inc.) (NASDAQ: SMCI)今天宣佈,該公司出席2018年OpenStack峰會,展示成熟的雲級企業系統配置,包括多節點BigTwin和SuperBlade,以及1U雲端存儲系統(B9展臺)。

美超微幫助企業雲端數據中心加速部署
美超微幫助企業雲端數據中心加速部署

美超微可靠的雲端系統配置已部署到各種數據中心環境中,包括雲端服務提供商(CSP)、流媒體、電子商務、社交、電訊、半導體、OpenStack、人工智能,內容分發網絡(CDN)以及超融合基礎架構(HCI)等。這些系統針對雲端特點進行了優化,便於橫向擴展、實現高性能和最高密度,以及使用軟件定義存儲的方式。

美超微總裁兼行政總裁梁見後(Charles Liang)表示:「美超微正在幫助企業加速部署,為他們提供的雲端系統配置在各方面都是可靠的,並且已經大規模部署到大型雲端數據中心。在機架層面的優化上,美超微機架規模設計2.1 (RSD 2.1)管理分解式服務器、存儲和網絡設備機架,與OpenStack等其他數據中心管理軟件層緊密集成,所採用的Restful Pod Manager應用程式界面(API)支持端到端雲端基礎架構部署。在美超微RSD 2.1的支持下,我們配備了32個熱插拔NVMe固態硬盤(SSD)的1U全閃存NVMe存儲系統提供容量高達0.5PB的高性能存儲,12台主機可同時共用。已經有多個數據中心部署了這些採用32個驅動器的系統,其中包括一家全球最成功的汽車公司。」

對於橫向擴展雲端應用而言,美超微最新推出的4節點2U BigTwin系統利用共享式高效率電源和大型共享式散熱風扇,不僅降低了每個節點的功耗,還減少了數據中心的空調成本,大大節約了總體擁有成本(TCO)。美超微6029BT-HNC0R構建出一個靈活、經濟高效、密度大且易於維護的基礎架構平臺,能夠更好地服務橫向擴展雲端部署項目。

如果以最高密度和最低成本為核心考慮因素,美超微的4U SuperBlade®,搭載了14個雙英特爾®(Intel®)至強®(Xeon®)可擴展處理器服務器刀片和雙10G交換機,便是最好的選擇。除節省機架空間之外,SuperBlade還可大大減少所需的電纜數量,讓部署和維護變得更加輕鬆簡單。由於採用的是開放式管理界面,SuperBlade不是專有的,確保了最大的靈活性和成本節約。

最後,在雲端存儲方面,美超微的1U存儲服務器(SSG-6019P-ACR12L)支持12個熱插拔3.5英寸存儲驅動器和4個前置7毫米NVMe或SATA固態硬盤。由於僅佔用1U的機架空間,這款存儲服務器提供了一個強大的雙英特爾至強可擴展處理器平臺,存儲容量大,非常適合數據分析和對象存儲應用。

美超微的這些雲級系統中有很多都採用了英特爾®C622芯片組,每個節點標配了集成式雙10G端口,因此形成了高度可靠、成本效益高、能效高且速度快的英特爾10G網絡性能。由於支持附加卡和美超微靈活的超級輸入/輸出模塊(SIOM),這些服務器還可提供100/40/25G高速網絡選項。詳情請瀏覽https://www.supermicro.com/solutions/Cloud.cfm

美超微的雲端解決方案採用知名開源技術提供商的軟件進行驗證和測試,詳情請瀏覽http://www.supermicro.com/

美超微在大會上展示了一系列適應不同OpenStack工作負載的平臺,包括新的全閃存NVMe 32驅動器1U JBOF、頂載式45托架4U存儲系統和4節點2U BigTwin™系統,以及新的48端口25G SFP28乙太網交換機和52端口1G二層交換機。

敬請在FacebookTwitter上關注美超微,以瞭解該公司的最新新聞和公告。

美超微電腦股份有限公司(NASDAQ: SMCI)簡介

領先的高性能、高效率服務器技術創新企業美超微®(NASDAQ: SMCI)是用於數據中心、雲端運算、企業IT、Hadoop/大數據、高性能運算和嵌入式系統的先進服務器Building Block Solutions®的全球首要供應商。美超微致力於透過其「We Keep IT Green®」計劃來保護環境,並且向客戶提供市面上最節能、最環保的解決方案。

Supermicro、BigTwin、SuperBlade、SuperServer,Server Building Block Solutions和We Keep IT Green是美超微電腦股份有限公司的商標和/或注冊商標。

所有其他品牌、名稱和商標均是其各自所有者的財產。

資料來源:
https://n.yam.com/Article/20180522659979
 

]]>
2018-08-01
<![CDATA[Fortinet Discovers Joomla! Cross-Site Scripting Vulnerability]]> http://www.phitech.com.tw/news/index.php?news_id=856

Summary

Fortinet's FortiGuard Labs has discovered a Cross-Site Scripting (XSS) vulnerability in Joomla! CMS.

Joomla! is one of the world's most popular content management system (CMS). It enables users to build Web sites and powerful online applications. More than 3 percent of Web sites are running Joomla! and it accounts for more than 9 percent of CMS market share.

A XSS vulnerability has been discovered in Joomla! 3.8.7 and earlier versions. It is caused by inadequate input filtering of line feed character which leads to XSS vulnerabilities in various components.

Solutions

FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:

FG-VD-18-035_Joomla!.0day
Released Mar 27, 2018 

Users should apply the solution provided by Joomla!.

Timeline

Fortinet reported the vulnerability to Joomla! on March 26, 2018.

Joomla! confirmed the vulnerability on March 27, 2018.

Joomla! patched the vulnerability  on May 22, 2018.

Acknowledgement

This vulnerability was discovered by Zhouyuan Yang of Fortinet's FortiGuard Labs.

IPS Subscription

Fortinet customers who subscribe to Fortinet's intrusion prevention (IPS) service should be protected against this vulnerability with the appropriate configuration parameters in place. Fortinet's IPS service is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and antispam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate, FortiMail and FortiClient products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat's lifecycle.

資料來源:
https://fortiguard.com/zeroday/2160
 
]]>
2018-07-25
<![CDATA[Fortinet competing to provide cybersecurity for Thai banks]]> http://www.phitech.com.tw/news/index.php?news_id=855

With Thailand making serious strides towards creating a digital economy United States-based cybersecurity firm Fortinet is striving to capture a bigger bite of the Thai cybersecurity market, particularly among the Kingdom’s banks and telecoms companies, as recent security breaches have Thai firms seeking additional defenses for their cyber operations.

“Cyber attacks have become the number one threat to many Thai businesses because their systems are accessible and vulnerable,’’ said Prathan Phongthiproek, Cyber Security Manager at KPMG in Thailand. “In the past two or three years we’ve seen an increasing number of cyber attacks, including those using ransom-ware, and so the issue is gaining in importance.”

Thailand is the fifth-largest market for cybersecurity in Southeast Asia, according to Global research firm Frost & Sullivan, but Thai spending on cybersecurity has lagged behind many other countries in the region. Fortinet executives believe that makes Thailand a potentially high-growth marketplace for cybersecurity solutions. Thai firms spent an estimated $68 million on cybersecurity in 2017, the company said.

Chanvith Iddhivadhana, Fortinet’s Thailand country manager, said that many Thai firms have created what he calls a “Frankenstructure” of cybersecurity, a play on the term Frankenstein’s monster. As companies expand their cyber-defenses to different departments with different functions and needs, they source different security products from different firms. This patchwork is often difficult to manage and not always effective, he said.

He believes Fortinet can excel in the Thai market by offering customized and comprehensive cybersecurity solutions to replace those patchworks. He refers to these solutions as a ‘fabric’ woven from different security products into a tightly knit platform.

The fabric can include between 30 and 100 of the leading cybersecurity products favored by corporate customers in Thailand and around the world. Among them are products from IBM Security, McAfee, Micro Focus and NEC Corporation.

“With the cybercrime landscape becoming increasingly complex, collaboration between cybersecurity leaders is more important than ever,” Rich Telljohann, IBM Security’s director of business and corporate development, told the Bangkok Post.

“The creation of open API ecosystems like Fortinet’s Fabric-Ready Partner program makes it easier for cybersecurity teams to create a more seamless line of cybersecurity defense,” he added.

Before 2015, large cybersecurity providers like Fortinet and Cisco were losing market share to small niche players. But that has changed during the past three years. More firms have been searching for comprehensive solutions, and the five largest security vendors should increase their share to 40 percent of the market, translating to an average growth rate of 20-30 percent, according to Morgan Stanley.

資料來源:
http://thaiembdc.org/2018/05/14/fortinet-competing-to-provide-cybersecurity-for-thai-banks/

]]>
2018-07-18
<![CDATA[網路攻擊將隨世界盃足球賽升溫而加劇,Fortinet 提供 5 技巧防威脅]]> http://www.phitech.com.tw/news/index.php?news_id=863 正值世界盃足球賽進入 16 強淘汱賽階段,整合與自動化網路安全廠商 Fortinet 提醒台灣球迷在世足賽戰況逐漸升溫之際,仍要小心謹慎勿隨意點擊宣稱現場直播的網路連結。


 

Fortinet 亞太區網路安全策略師 Gavin Chow指 出,「像國際足總世界盃這類的大型運動賽事,一向都是網路攻擊的主要目標,即使對象是一般的普通人。駭客知道電腦用戶在關心最新賽況和比分時,經常忘了原本應該保有的良好電腦習慣。」

Fortinet 預計世足賽進入 16 強淘汱賽之後,在賽況逐漸升溫之際,網路詐騙和網釣攻擊也將隨之飆升。Fortinet 整理了 5 個常見小技巧,希望協助使用者避開世足賽期間的網路威脅。

  1. 觀看現場直播時要小心:無論是觀看現場直播、賽事重播,或是線上查看數據統計,切記只瀏覽信任的網站。大眾和媒體有興趣的活動,往往是垃圾郵件或魚叉式網釣(spear-phishing)的誘餌。惡意的駭客也可能假造網站和域名,讓它們看起來像是官方的新聞和報導,可在用戶瀏覽該網站時將惡意軟體注入。也稱為偷渡式(drive-by download)或水坑攻擊(watering hole)。
  2. 當心網釣攻擊:用戶可能會收到垃圾郵件,宣稱他們是世界盃決賽門票抽獎的幸運獲勝者。雖然「您贏得了兩張世界盃決賽門票」的電子郵件連結非常誘人,但要小心一旦點擊後,就可能被帶到一個受感染的網站,該網站會將惡意軟體下載到你的電腦,進一步竊取個人的資料和訊息。
  3. 慎防網路商店提供的便宜商品:若遇到以罕見的低價所提供的門票或商品時,請確認它是否為合法店家,而不是隨時會帶走你信用卡資料而消失的造假商店。
  4. 隨時更新軟體:保持作業系統、安全軟體、應用程式和 Web 瀏覽器在最新的版本,無疑是防範惡意軟體、病毒和其他網路威脅的最佳選擇。網路攻擊者通常針對過時瀏覽器和附加程式中的漏洞來攻擊,因此最好能自動更新安全軟體和瀏覽器,減少暴露在已知的威脅下。
  5. 避免使用無安全性的公共 Wi-Fi 熱點:世界盃比賽在台灣時間晚上舉行,很多人可能會到外面酒吧觀賽,但儘量避免連接未知的 Wi-Fi 熱點。不安全的熱點使得惡意駭客更容易攔截登錄名稱和密碼、電子郵件、附加文件,以及其他個人與機密資訊。如果一定要使用 Wi-Fi,務必使用有密碼保護的熱點。

(首圖來源:pixabay

資料來源:
http://technews.tw/2018/06/29/world-cup-fortinet-cyber-security-tips/

]]>
2018-07-04
<![CDATA[低調的網路資安龍頭 Fortinet,怎麼看未來資安的趨勢]]> http://www.phitech.com.tw/news/index.php?news_id=854

低調的網路資安龍頭 Fortinet,怎麼看未來資安的趨勢

作者  | 發布日期 2018 年 05 月 02 日 17:47 分類 AI 人工智慧 , 資訊安全follow us in feedly
 

談起網路資安業者 Fortinet,可能大家不是那麼熟悉,畢竟網路沒有被駭客入侵,網路還仍能正常運作,大家並不會特別注意網路設備狀況。Fortinet 在防火牆市占中排第一名,被 Gartner 以及 IDC 評為企業防火牆的領先廠商。Fortinet 創辦人暨 CEO 謝青生性低調,喜愛以技術語言向外界說明他們產品有多優質,少談 Fortinet 在公開市場的股價表現。《科技新報》趁謝青來台參加 Fortinet 活動時專訪,談談他對於網路資安的看法,以及未來新的網路資安趨勢。

 

 

 

低調但對產業有相當的見地

謝青生性低調,儘管已經是市場龍頭,但不大喜歡談論股價表現,或是公司策略,而是一再強調專注在技術上面。謝青的謹慎反應在公司不大接受訪問,也就不大有機會跟外界說明他們產品以及公司理念。

謝青曾在不同的演講或是面對媒體的場合,解釋不同世代的資安產品。並且用搭飛機買飛機票的例子來舉例,謝青認為現在美國邊境檢查要外國人附上社群媒體帳號,或是去以色列,邊境檢查的移民官會針對乘客審閱他飛過來前去了那裡,審察為何要飛到以色列的動機。美國和以色列的邊境檢查做法,就是謝青第三代的資安,要搞清楚各方的動機,做好針對整個架構的防護,詳實做背景檢查。

而所謂第一代的資安則是有防火牆,設 VPN,就是類似買了機票就能自由通行;第二代則是防火牆防毒,有 UTM 或是下一代的防火牆,就像行李過 X 光機檢查有沒有攜帶可疑物品。謝青表示,老實說現在不論是資安防護還是搭飛機,都主要還是第二代的防護方式。

來到創業天堂美國,幸運趕上網路起飛的年代

謝青自己創立 3 家公司,原先在中國受到的教育要求好好讀書進大公司,但到了國外留學卻有了改變。他自己當年大學讀資訊工程,很幸運剛好趕上 1990 年代網路發展的風潮。網路創業者受惠於網路效應,越多人連網,每個節點之間的連線數量就越多,相關的發展機會也多。只要越多人連網,因為連線數量增加,商機也從中產生。

謝青自己創立 3 家公司,觀察他先前賣出的公司現狀,感嘆不同性質公司之間要整合是相當辛苦的過程。話題轉回到 Fortinet 身上,Fortinet自己本身編制有相當數量的研發人員,能夠從容做好垂直整合的方案,這也是他們自豪的地方。

重視資安認證,讓客戶打從心裡佩服

Fortinet 重視第三方認證,因為自己誇口說自己好並不公正,而且如同 Fortinet CEO 謝青的個性,並不喜歡誇大自己產品的效果。Fortinet 手上產品具有十幾個資安認證,而其他友商產品數量上並沒有那麼多。

網路安全產業行銷所占的比例相當高,甚至超過化妝品所需要的行銷預算。資安領域是否該有類似醫藥產業中,FDA 的角色,從中評斷產品是否達成宣稱的效果。謝青說資安領域發展太快了,政府的腳步沒那麼快跟上。即便政府拿到資安產品審視產品的原始碼,太曠日廢時了,審完可能一、兩年就過去,市場早就改變,產品也不必賣了。

AI 的未來很有發展性,資安防護也會受益

從一般的單機防毒時,不少廠商聲稱運用 AI 找出行跡可疑,未知的病毒。不過這類運用 AI,很有未來性的作法,像是沙盒誘發惡意程式運作的方法,仍只占 30%,剩下 70% 是傳統比對特徵值的方式,從中找出惡意程式。希望未來數據和資料的累積,能更有效的偵測未知的惡意程式。

畢竟人跟機器比,重覆性的工作仍是機器比較擅長處理。AI 技術進來之後,利用觀察資料拿來建立模型,變成能預測未來,資料傳輸過程是不是有問題。其中這些 AI 運作,還不能擋掉沒問題的應用軟體連線。

另外資料在雲端跑來跑去,不在一個地方的機器裡。除了避免資料外洩,資安廠商也得怎麼確保資料的安全性。歐盟即將施行 GDPR,資料處理需要更嚴謹的處理方式。即便資安公司不是處理毆盟公司的資料,仍得為客戶著想,確保資料的隱私保護夠充足。

參與資安聯盟,交換情報共同維護產業共同利益

Fortinet 是 Cyber Threat Alliance的一員,與業界其他友商共同成立聯盟。謝青談到為何成立聯盟的重要性,以及在資安界發揮的作用。謝青說以資訊架構的資安防護方案來說,這一領域不同公司有不同的業務重點,像是有些廠商著重終端設備防護、有些廠商著重雲端設備防護,各家廠商在世界各地不同區域,也各有不同的強項。

網路是全球架構,要保護網路的安全,單靠一家廠商不可能全方位防護。Fortinet 加入 Cyber Threat Alliance,都是為了客戶全方位的安全著想,與友商共同交換資安情報。

金業、醫療的資安需求將提高

謝青則預期在金融業,還有醫療產業的資安保護需求將要上升。像是銀行往往連線要求通常是實體分隔,但是要引進越來越多資訊科技工具的同時,不可避免得具備程度更高的網路連線需求。另外醫療業的儀器往往是性命相關,如果聯網也必須做好防護。而在一般的辦公室場景,BYOD 的狀況下,員工的終端連到辦公室網路,增加網路管理複雜性,意味著資安防護方案的機會也增加。

Fortinet 的網通設備是不少人必選的網路產品,而且預設具備資安防護功能。CEO 謝青看網路資安產業,覺得相當有趣。我們也預期在網路資安產業上面,Fortinet 的會端出受到歡迎的產品或方案,繼續確保客戶手上需要保護的設備有足夠的安全防護。

(首圖來源:Fortinet 提供)

資料來源:
http://technews.tw/2018/05/02/fortinet-ceo-ken-xie-interview/
 

]]>
2018-06-27
<![CDATA[Fortinet資料中心入侵防護系統獲NSS Labs推薦]]> http://www.phitech.com.tw/news/index.php?news_id=853 首頁 > 產業快訊

Fortinet資料中心入侵防護系統獲NSS Labs推薦

作者:本篇文章內容由廠商提供,不代表資安人科技網觀點 -2018 / 04 / 12 列印 加入我的最愛 分享 將這篇文章分享到 Plurk 噗浪
 
全方位整合與自動化網路安全領導廠商Fortinet? (NASDAQ: FTNT),日前在NSS Labs的年度資料中心入侵防護系統測試報告中,獲得出色的成績。Fortinet的FortiGate IPS 3000D和FortiGate IPS 7060E,無論在效能、整體擁有成本和安全效用方面皆表現傑出,因此獲得NSS Labs的推薦評等。 

  Fortinet產品與解決方案資深副總裁John Maddison表示,「我們總是建議客戶在投資網路安全設備之前,必須根據他們特定的環境加以測試。但對許多企業組織來說,這幾乎是不可能的,這時就可參考第三方出具的中立報告。這些報告要能反映真實世界的需求才有價值,因為資料中心的入侵防護系統(IPS ; intrusion prevention system)擔負保護應用程式的要務,在任何測試中都必須滿足效能與效用的要求。Fortinet很高興能在NSS Labs最新的資料中心IPS測試中,贏得這得來不易的推薦評等。 

 Fortinet之前已陸續在次世代防火牆(NGFW)和資料中心安全閘道設備贏得推薦評等,此次獲推薦的產品特點如下 : 
? 根據NSS Labs的資料中心IPS安全價值圖(SVM ; security value map),FortiGate IPS 3000D在每秒Megabit的資料防護效能中,能提供最佳的安全效用與價值。 
? FortiGate IPS 3000D的表現超越產品規格表所載明的IPS總吞吐量。 
? FortiGate IPS 3000D封阻了98.73%的漏洞攻擊(exploit)與100%的躲避企圖(evasion)。 
? NSS Labs的資料中心IPS報告,提供了業界最完整的效用與效能的測試結果,這些結果有助於協助客戶為他們的資料中心選擇最佳的解決方案。 
? IPS保護的總吞吐量:IPv4 – 28,743 Mbps;IPv6 – 24,756 Mbps。 

  NSS Labs執行長Vikram Phatak表示,「NSS Labs致力於協助企業以中立的實際測試結果做出明智的決策。我們非常激賞Fortinet多年來在測試中的卓越表現。在2018的 DCIPS集體測試中,獲得推薦評等的Fortinet,是希望加強資料中心安全架構的企業,一個值得考慮的理想選擇。」 

更多有關Fortinet的資訊,請瀏覽:www.fortinet.comFortinet Blog,或是FortiGuard Labs。 

資料來源:
https://www.informationsecurity.com.tw/article/article_detail.aspx?tv=11&aid=8602
 
]]>
2018-06-20
<![CDATA[Fortinet 第三代網路安全 革新其安全織網架構]]> http://www.phitech.com.tw/news/index.php?news_id=852 隨著企業希望將所有業務營運模式轉型為服務交付的方式,正採用諸如行動運算、物聯網和多雲網路等技術,來達成業務敏捷性、自動化和規模。企業組織日益增長的數位連結,同時也推動安全轉型的需求,促使安全必須整合到應用程式,設備和雲端網路中,以保護在這些複雜環境中傳遞的企業資料。

Fortinet創辦人、總裁暨技術長謝華表示,數位轉型(digital transformation)創造了新的營運和服務交付模式,藉由物聯網、行動運算和雲端服務等技術,為用戶提供不可否認的價值,也因此衍生了巨大的網路受攻擊面。FortiOS 6.0提供了數百種新特性和功能,它們專門設計用來為數位企業提供廣泛的可視性、整合的威脅情報,以及自動化的回應。

Fortinet的Security Fabric是一個整合與自動化的安全框架(framework),設計用來保護現今的動態網路。它提供了廣泛的可視性、對先進威脅的整合檢測與自動化回應,並結合持續性的信任評估來保護現今的數位企業。

2018年第一季推出的FortiOS 6.0版本,提供了保護數位轉型衍生的受攻擊面所需的重要功能。整個Security Fabric解決方案的一些重要新功能包括:

網路安全:增強的SD-WAN路徑控制器,能針對重要企業應用程式測量程式交易。這些細緻的交易處理,對於SaaS、VoIP和其他具有內建自動故障轉移功能的企業應用程式,在獲得更佳程式效能方面至關重要。

多雲端安全:Security Fabric內擴展的雲端連接器,現在包括多雲端的可見性、跨私有雲連接器、公共雲連接器,以及帶有CASB連接器的SaaS雲端。這些雲端連接器能讓企業在所有雲端網路中,全面了解其安全狀況,並藉由統合的安全管理控制台,依情況開啟和關閉網路流量。

物聯網安全:擴展對Linux作業系統的支援,並在Security Fabric內分享這些系統可操作的洞察與建議。FortiClient還將提供有關所有類型端點更豐富的資訊,包括每台設備上的應用程式清單。

先進威脅防護:2018年5月的GDPR法規將進一步提高全球企業的監管要求,使企業安全網路中自動化審查的最佳實作變得至關重要。新的FortiGuard安全評等服務提供了擴展的審查規則、基於網路環境的客制化審查,以及依需求自訂的監管和合規性報告。

電子郵件與Web應用程式:FortiMail現在支援新的FortiGuard VOS和CDR服務。新服務可防止突然出現的攻擊的迅速散播,並擷取現行內容來封阻使用嵌入式執行代碼的攻擊。

安全管理與分析:新的事件反應(IR; incident response)生命週期功能,能允許用戶根據預先定義的觸發器(系統事件、威脅警報、用戶和設備狀態),或透過直接與ITSM整合自動執行事件反應。例如隔離、通知、組態調整或自訂報告等回應方式,為企業組織提供即時工作流程環境的控制。

統一存取:藉由FortiOS 6.0,Fortinet交換器和無線AP的整合安全功能,可在受感染的交換器或AP違反組態策略時,自動針對事件進行反應,例如隔離、分區或封阻。

Fortinet推出藉由標記採行的企業精確分區功能,為企業提供基於意圖的網路安全所需的組件。企業組織可依業務、實體和網路級別標記設備、界面和物件,並能在網路上建立新物件時設置自動執行的通行政策。這種標記級別是基於意圖的網路安全架構的基礎,因為它可以實現業務企業的精確分區,自動管理和控制所有網路要件。

資料來源:
http://www.netadmin.com.tw/article_content.aspx?sn=1803200003]]>
2018-06-13
<![CDATA[FortiGuard AI]]> http://www.phitech.com.tw/news/index.php?news_id=851

FortiGuard Artificial Intelligence

Cybercriminals are adopting automated and scripted techniques that increase the speed and scale of attacks, while at the same time lowering their costs. To counter this, enterprises need to increase the costs for attackers trying to compromise their data. FortiGuard's AI (artificial intelligence) program is a giant leap in achieving that goal. In development and machine training for over half a decade, FortiGuard AI has continuously evolved to analyze and identify threats with increased speed, volume, and accuracy. Today, FortiGuard AI provides proactive threat detection at machine speed and scale which frees our threat analysts to focus on critical threat research, while at the same time helping Fortinet customers flip the economies of a cyberattack in their favor.

  • FortiGuard AI is a self-evolving threat detection system in development for over five years that leverages machine learning and continuous training to autonomously collect, analyze, and classify threats, then automatically develop new defensive signatures with a high degree of accuracy and at machine speed.
     
  • FortiGuard AI is integrated into Fortinet’s threat intelligence backend to power all of the advanced threat detection capabilities that FortiGuard services share across the Security Fabric.
     
  • Fortinet’s FortiGuard Labs is the largest and most mature threat intelligence group in the world, with over 215 expert researchers, analysts, and engineers in 31 countries leveraging cutting-edge technology to analyze threat data from a global network of more than three million security sensors.
blog icon
 

Executive Insights on Artificial Intelligence

Read Now
pr icon
 

FortiGuard AI Delivers Proactive Threat Detection at Machine Speed and Scale

Read Now
 

FortiGuard Labs Artificial Intelligence (AI) Program FAQs

How is Artificial Intelligence (AI) applied to Fortinet technology?

Artificial Intelligence is applied to our threat intelligence gathering and processing. All the outcomes from our AI malware analysis feeds into our signatures that we deploy within our product portfolio. 

 

There is a lot of talk around using machine learning to combat cybercrime, how is it actually done?

Often there is specific information that can link one cyberattack with another. Cyberattacks leak elements that can help us link one attack with another. Sometimes it is similar code, or other footprints that we can use to tie one event to another. This helps cluster attacks according to similarities that can be attributed to a threat actor. Artificial Intelligence can help do the analysis to find these links. 

 

Are hackers using Artificial Intelligence?

We cannot say definitively if they are or are not. We would be naïve to think that they aren’t. Hackers are often on the forefront of technology. 

 

Is Artificial Intelligence going or is already replacing human analysts?

Not at all. Artificial Intelligence is helping us keep pace with the ongoing increase of malware volume and complexity.

 

How is the work that is being done by the analysts being leveraged into the machine learning models?

Analysts research, review and refine signatures. This research and outcome of this is used to improve our machine learning capabilities and performance, and lessens the false positive rate and drives better detection ratios.

 

How is machine learning applied to threat intelligence collection and processing?

Machine learning is critical to our threat intelligence gathering and processing. We utilize various techniques, including big data mining to collect threat intelligence. For processing, we utilize supervised learning to detect malware, unsupervised learning to cluster the malware into families, and reinforcement learning in order to utilize information gathered from both supervised and unsupervised models in order to create virus signatures that perform well. This allows us to have low false positive and high detection rate.

 

How is machine learning being leveraged to do attribution to threat actors?

Patterns of similar programming and constructed malware can be found at more efficient rate which could potentially lead multiple attack campaigns to the same threat actor. Threat actors can be traced by linking information they leave behind after each attack. Machine learning can help us better and faster correlate and search for similarities in code, tactics and techniques. 

資料來源:
https://www.fortinet.com/fortiguard/threat-intelligence/fortiguard-ai.html

]]>
2018-06-06
<![CDATA[Fortinet Delivers Third Generation of Network Security with the Evolution of its Security Fabric]]> http://www.phitech.com.tw/news/index.php?news_id=850 FortiOS 6.0 delivers more than 200 new capabilities across Security Fabric to automate security operations and protect the digital attack surface

LAS VEGAS, Nevada – Accelerate 18 - Feb 27, 2018
 
 

Michael Xie, founder, president and chief technology officer at Fortinet
“Digital transformation is creating new operating and service delivery models that provide undeniable value to users through technologies such as IoT, mobile computing and cloud-based services, generating a vast digital attack surface. As the speed and scale of cyber threats expands, security must take on its own transformation by integrating into all areas of digital technology and be able to translate user intent into automated business response. FortiOS 6.0 delivers hundreds of new features and capabilities that were designed to provide the broad visibility, integrated threat intelligence and automated response required for digital business.”

News Summary
Fortinet (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced at its global partner and user conference, Accelerate 18, the evolution of its Security Fabric architecture with the release of FortiOS 6.0, the world’s most deployed network security operating system. With more than 200 new features and capabilities, enterprises will benefit from new levels of security operations automation and advanced protections for their expanding digital attack surfaces.

  • Fortinet introduces new security capabilities across the key solution areas within its Security Fabric architecture, including management and analytics, multi-cloud, network, advanced threat protection, unified access, web applications, email, IoT and endpoint security. 
  • Industry-leading secure SD-WAN functionality, threat detection services, and expanded visibility from IoT to multi-cloud networks protect the vast attack surface resulting from digital transformation (DX) strategies.
  • New automated lifecycle workflows, attack surface hardening services, with customized ranking and industry benchmarking, deliver the next level of NOC/SOC management.
  • Business, network and entity level tagging functionality enable business precise segmentation, providing the critical building blocks for intent-based network security. 

Broad Visibility, Integrated Detection and Automated Response
According to a Gartner survey, in EMEA, 47 percent of the CIO respondents have a dedicated digital business team. It also revealed that few of these teams (16 percent) are made up of IT associates only. "While IT delivery is still a responsibility of the CIO, achieving revenue growth and developing digital transformation were identified most often as top business priorities for organizations in 2018," according to Gartner.*

As companies look to transform everything from their business operating models to service delivery methods, they are adopting technologies such as mobile computing, IoT and multi-cloud networks to achieve business agility, automation and scale. The increasing digital connectedness of organizations is driving the requirement for a security transformation, where security is integrated into applications, devices, and cloud networks to protect business data spread across these complex environments.

The Fortinet Security Fabric is an integrated and automated security framework designed to protect today’s dynamic networks. It provides the broad visibility, integrated detection of advanced threats, and automated response, combined with the continuous trust assessment required to secure today’s digital business.

Available in Q1 2018, the FortiOS 6.0 release provides critical capabilities required to secure the growing attack surface spurred by digital transformation. Some key new features and capabilities across the Security Fabric solution areas include:

Network Security:

  • Enhanced SD-WAN path controller measures application transactions for business-critical applications. These granular transactions are key in achieving better performance for SaaS, VoIP and other business applications with built-in automated fail-over capabilities. New one-touch VPN and zero-touch deployment further reduce complexity and rapidly enable enterprise branches.

Multi-Cloud Security:

  • Expanded Cloud Connectors within the Security Fabric now include visibility of multiple clouds, spanning private cloud connectors (support for VMware NSX, Cisco ACI and Nokia Nuage), public cloud connectors (support for AWS, Microsoft Azure, Google Cloud Platform, and Oracle Cloud), and SaaS clouds with CASB connectors (support for Salesforce.com, Office 365, Dropbox, Box, AWS and more). These Cloud Connectors enable organizations to have complete visibility of their security posture across all cloud networks to correlate both on and off network traffic through a unified security management console.
     
  • FortiCASB 1.2 delivers Fabric integration with AV and ForitCloud Sandbox, extended protection and detection capabilities, as well as shadow IT discovery reporting. Additionally, FortiCASB offers expanded support for AWS to provide advanced compliance, reporting and analysis tools for enhanced visibility and control for AWS users.

IoT Endpoint Security:

  • FortiClient 6.0 will include expanded operating system support for Linux, sharing actionable insight about these systems with the Security Fabric. FortiClient will also provide richer intelligence about all types of endpoints, including the application inventory on each device.
     
  • A new Fabric Agent can send telemetry data from the endpoint to the Security Fabric for deeper insight on what is running on a network’s endpoint devices and quickly identify vulnerabilities. It is also certified compatible to work with a range of Fabric-Ready endpoint security partners. 

Advanced Threat Protection (ATP):

  • GDPR regulations in May 2018 will further increase regulatory mandates on global businesses, making automated audit best practices across an enterprise’s security network critical. The new FortiGuard Security Rating Service provides expanded audit rules, customized auditing based on network environments, and on-demand regulatory and compliance reports.
     
  • New FortiGuard Virus Outbreak Service (VOS) closes the gap between antivirus updates with FortiCloud Sandbox analysis to detect and stop malware threats discovered between signature updates before they can spread throughout an organization.
     
  • New FortiGuard Content Disarm and Reconstruction Service (CDR) proactively strips potentially malicious content embedded in Microsoft Office and Adobe files to sanitize the most common file formats used to spread malware and help close the opportunity for infection from social engineering or human error.
     
  • New FortiGuard Indicators of Compromise (IOC) Service uses a continuously updated list of known bad elements and scans devices connected to the Security Fabric to identify compromised devices for immediate action.
     
  • FortiSandbox ATP for Amazon Web Services, available as on-demand and BYOL, allows organizations to defend against advanced threats natively in the cloud, working alongside network, email, endpoint and other security, or as an extension to their on-premises secure architecture.

Email & Web Applications:

  • FortiMail now supports the new FortiGuard VOS and CDR Services. These new services prevent the spread of fast emerging attacks and extract active content to thwart attacks using embedded code execution.
     
  • New widgets provide a comprehensive, centralized view of all email and web applications on a network, with advanced threat protection integrated into the apps within the Fabric.

Security Management & Analytics:

  • New Incident Response (IR) lifecycle capabilities across the Security Fabric allow users to automate responses based either on predefined triggers (system events, threat alerts, user and device status) or through direct ITSM integration. Response methods such as quarantine, notifications, configuration adjustments, and custom reports provide organizations with real-time control of their workflow environments.
     
  • Automated attack surface hardening feature provides recommendations and trending data on security compliance and best practice adoption, with benchmarking that ranks organizations against similar firms in terms of size, industry and region.

Unified Access:

  • With FortiOS 6.0, integrated security in Fortinet switches and wireless access points enables automation of security response to events, such as quarantine, segment or block, when an infected switch or access point is in violation of a configured policy.

Business Precise Segmentation Delivers Foundation for Intent-Based Network Security
Fortinet introduces business precise segmentation through tagging, delivering the building blocks enterprises need to move towards intent-based network security. Organizations can tag devices, interfaces and objects at the business, entity, and network level and set global policies for automatic enforcement when new objects are created on the network. This level of tagging is foundational to intent-based network security architecture as it enables business precise segmentation, automated management and control of all network elements.

Fortinet Accelerate 18 Global Partner and User Conference
Fortinet also announced today at its annual global partner and user conference, Accelerate 18, its FortiGuard Artificial Intelligence (AI) advanced threat detection system.

Supporting Quotes
“We know our customers demand reliability, speed and a high level of service. We chose Fortinet in our move to an SD-WAN based network because of their combination of cutting-edge networking capabilities and world-class security, all through one management interface for both LAN access and SD-WAN. And most importantly, with Fortinet’s Security Fabric, we know we’ll stay protected against evolving security risks from the local area network to the cloud, thanks to proactive threat detection and mitigation. With Fortinet as our partner and its commitment to security innovation as demonstrated with its FortiOS 6.0 release, we know we’ll have secure power for today and be powerful enough for tomorrow.”
- Jonathan Merrell, chief information officer at Alorica

“Our customers’ already find managing their IT environments a challenge.  With deployment of multi-cloud environments, technologies like SD-WAN making waves in the industry, and the influx of IoT devices onto corporate networks, the task of management is only increasing in complexity. Ensuring consistent visibility, effective control, and seamless management across these ever-expanding environments has become a top priority for many IT leaders.  Fortinet is a leader in the security space, and a trusted partner, who brings a high level of value to the equation with their unique Security Fabric Architecture approach; an architecture which allows for unification of management panes, and integration into not just Fortinet technology, but third party technologies as well. With their latest release of FortiOS 6.0, we can now more effectively meet the evolving demands of our customer base, by providing technologies that enable more advanced, integrated and certainly automated security capabilities into their dynamic environments.”
- Josh King, director of Security Solutions at Carousel Industries

“Using a single partner for integrated protection across multiple threat vectors, from public cloud workloads to email SaaS applications, is a key priority for ShipServ. Fortinet is an all-in-one cyber security company with a common, intuitive security management interface across all the Fortinet Security Fabric solutions, making it much easier to support. Protecting a hybrid cloud and on-premise environment can be very complex and we couldn’t achieve this level of integrated, automated security without the Fortinet Security Fabric solutions we’ve implemented.”
- Dominic Aslan, vice president of IT operations at ShipServ

Additional Resources

*Gartner Press Release, “Gartner Survey Shows Digital Business Is Turning CIOs Into Business Leaders,” 7 November 2017. https://www.gartner.com/newsroom/id/3824763.

資料來源:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2018/third-generation-network-security.html

]]>
2018-05-30
<![CDATA[Fortinet Doubles Down on Mobile Core Security and Managed Security Services at Mobile World Congress]]> http://www.phitech.com.tw/news/index.php?news_id=849

he Mobile Security and Managed Security Services Zone area that we’re setting in up in our booth at this year’s Mobile World Congress (MWC) places Fortinet at the center of one of the most innovation-intensive sectors of Communication Service Providers (CSPs). The dawning era of 5G is about much more than speeds and availability. Rather, it opens a new era of much richer applications, services, and user experience. While it would be great to have the specifics when it comes to what will be possible, these are still developing—namely, we must remain vague in terms of what 5G will ultimately deliver because it is impossible to predict what will emerge from it. In short, when it comes to 5G, the future is unwritten.

Although 5G standards are still being defined and wide-scale commercial deployments are not expected before 2020, one safe bet is that paving the way to the market acceptance and success of 5G services will require a step-function improvement in security safeguards. Any perception that 5G rests on uncertain security foundations will eat away at user confidence and expose system operators and service providers to disappointing investment returns, not to mention legal and regulatory repercussions.

So, what are some of the 5G security challenges? Following are some of the most prevalent:

  • How to secure an agile and virtual mobile core with 5G.

  • How to integrate security services in the innovative new services offered with 5G such as Mobile Edge Computing (MEC) and network slicing. 

  • How to provide a complete ecosystem of security services to generate new revenue, create competitive advantage, and increase customer loyalty.

5G holds the promise for increased bandwidth, multitenant-edge computing, and a multitude of innovative services, that will likely empower immersive virtual reality, autonomous ground and air vehicles, machine learning, and artificial intelligence. To successfully launch and maintain customer confidence in these new capabilities, 5G infrastructures will require security that is powerful, scalable, integrated, and agile.

Digital transformation at the CSP and their customers also amplifies the role of managed security service providers CSPs and MSSPs in safeguarding organizations infrastructures, applications,  and services. The complexity and dynamic nature of the threat landscape, the pace of adversary innovation, and the global security practitioner shortage provide CSPs and MSSPs an opportunity to provide more managed security services that add value and generate savings for their customers while enabling their digital transformation. To do so, MSSPs need to leverage a security-fabric infrastructure that enables the provisioning of a wider range of integrated and automated managed security services in a variety of delivery and consumption modes to satisfy their customers’ requirements.

In addition to engaging visitors to the Fortinet booth in productive conversations about the future of mobile core security and managed security services, we’re planning practical demonstrations of some core capabilities such as:

·LTE and 5G mobile core security

·Security service chaining

·Ways in which MSSPs can leverage the Fortinet Security Fabric as part of their services-delivery framework

We also plan formal presentations in our booth theater on topics focused on delivering services for next-generation mobile networks:

Security in LTE/5G Mobile Core

Synopsis: The mobile core network requires high performance security solutions to ensure service level attainment without compromising security. With the move to 5G and the virtualization of mobile infrastructure, bandwidth and data volumes will grow, and new services and technologies will take hold. Security must meet all these changes and provide an answer in this new environment. This presentation will briefly touch on the challenges and solutions in securing the mobile core.

Security Services for Mobile Edge Computing

Synopsis: Enabled by 5G and driven by the digital economic/social transformation, MEC will drive innovation in many industries and market segments. The promise of the mobile edge to provide multitenant, high bandwidth and low latency computing, cloud services, machine learning and more, can fully blossom only when security services are part of this environment. This presentation will look at different security services that cellular service providers must take into effect when delivering MEC.

The ABCs of Delivering Security as a Service (SECaaS)

Synopsis: The growing complexity and sophistication of threats and threat actors, stringent new government regulations, and a growing security practitioner shortage, pose significant challenges to organizations in achieving their security and posture goals. Organizations looking to CSPs/MSSPs to provide a growing number of security services, value-add, and knowledge, all in an integrated and automated fashion to meet needs for agility and security. This presentation will describe basic building blocks for delivering a powerful and competitive security-as-a-service (SECaaS) to enterprises and organizations of all sizes.

These presentations will take place once daily over the four main days of the Congress, February 26, 27, 28 and March 1, in the Fortinet Booth, Hall 7, Stand 91 at the Congress. For full details on Fortinet’s appearance at the 2018 Mobile World Congress, visit our webpage dedicated to this subject. You can also use this site to review to see our presentation schedule and set up meetings with Fortinet representatives. The Mobile World Congress website contains, of course, official information on the event itself.

Barcelona is one of the great cities of the world and should be on everyone’s “bucket list.” By visiting Fortinet at this year’s Mobile World Congress, you can combine business, pleasure, and cultural enrichment. And who can beat that kind of value proposition?



Source:
https://www.fortinet.com/blog/business-and-technology/fortinet-doubles-down-on-mobile-core-security-and-managed-security-services-at-mobile-world-congress.html

]]>
2018-05-23
<![CDATA[Fortinet Named a 2018 Gartner Peer Insights Customers' Choice for Enterprise Network Firewall]]> http://www.phitech.com.tw/news/index.php?news_id=848

Fortinet is proud to announce that we have been named a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Network Firewall. The Gartner Peer Insights Customers’ Choice is based on the ranking of vendors by verified end-user professionals, taking into account both the number of end-user reviews and the vendor’s overall user ratings.

We take special pride in this distinction as it is based entirely on feedback from customers. 707* Fortinet customers of all sizes  submitted reviews from across the spectrum of industries, including healthcare, education, government, and financial services. We believe that this recognition reflects our ongoing commitment to providing the highest quality security solutions and services possible.

While the Gartner Peer Insights Customers’ Choice distinction is based solely on end user reviews, Gartner analysts have also recognized Fortinet in six Gartner Magic Quadrants since June 2017, including, Magic Quadrant for Enterprise Network Firewalls, Magic Quadrant for Endpoint Protection Platforms, Magic Quadrant for Security Information and Event Management, Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls), Magic Quadrant for Web Application Firewalls, and Magic Quadrant for Wired & Wireless LAN Access Infrastructure**.

Here is a small sample of the comments and feedback posted by Fortinet customers on the Gartner Peer Insights website:

Financial Services

"Fortinet Provided An End-To-End Security Solution For Our Global Financial Business," CISO, $3-10B company

“Fortinet has been a partner in building out our security strategy. They have become part of the team and are viewed as a resource rather than a vendor. The technology is innovative, efficient, and provides an end-to-end solution that has advanced our security program tremendously in a very short time.”

"Our Implementation Went Flawlessly And Fortinet's Sales Team Was Available The Whole Time," Infrastructure and Operations Professional, $3-10B company

“Sales reps were responsive and knowledgeable. Sales engineers took a personal interest in making sure our onboarding went smoothly. We have open communication and solid relationships with our sales rep and the sales engineer. Our sales rep always intercedes on our behalf when we have any issues.”

"Great Product, Great Price!!!," CTO, 10-30B USD company

“Fortinet has been a great partner to work with. Wish I had known about them before.”

Government

"The Implementation Was Successful And Smooth," Technology Infrastructure Engineer

“The administration interface is very intuitive, easy to manage, it is possible to configure in a very easy way each functionality incorporated by the equipment, [including] effective control of IPS functionalities, antivirus, web filtering and application control.”

Fortinet Significantly Improves Security And Manageability At A Lower Cost," Information Security Senior Analyst

“Our experience with Fortinet has always been very positive. In recent years, they have stepped up their game with the market offerings in terms of product functionality and offerings. Sales and pre-sales support have been great. Our most recent purchases and upgrades were part of a major focus on Information Security and the FortiGate UTM features were a huge bonus. An all in one solution with the FortiGate allowed us to remove legacy products that were being maintained for the sake of "not changing." The cost savings were tremendous for our client.”

Healthcare

"Product Had Key Features Needed To Support Our AWS Virtual Private Cloud Design," Enterprise Architecture and Technology Innovation Professional

“The FortiGate firewall has specific features which were needed to support our [AWS] cloud design. We were already a Fortinet customer prior to developing our virtual private cloud architecture, so it made sense to evaluate the FortiGate firewall for its compatibility with our proposed network design. Within the last year, we have been assigned a new Fortinet account team, who been very responsive to our questions and concerns regarding new deployments and upgrades for both on premise and AWS cloud deployments, so we're happy about that.”

Excellent, Easy To Manage Firewalls," Director IT

“Fortigate Firewalls have been reliable and are constantly being improved via software updates. I would have implemented more of the offered features. For example, use the Fortigate end-point software rather than using a separate vendor.”

Education

"Excellent Product With Innovative Features," CTO

“The implementation was on time, with the complete accomplishment of our objectives and in the costs. The product is excellent, high performance, and completely transparent for the users and applications.”

"Fortinet products ease the burden of complicated routing configuration and changes," Vice President, IT

“Fortinet support is knowledgeable, reliable, and an extension of our team. Our Fortinet Account Manager is constantly in touch with us about roadmaps and any other changes. The Fortinet Engineer assigned to our account is always available to our in-house system engineers for a quick conversation or a site visit if necessary.”

We’re proud to have been able to play such a valued role in helping protect the valuable assets of these and so many other organizations, and are honored to be recognized as a 2018 Gartner Peer Insights Customers’ Choice for Enterprise Network Firewall. We strongly encourage IT professionals in any industry to consult Gartner Peer Insights before making a decision on a solution to help take the guesswork out of the selection and procurement process.

Learn more about Fortinet solutions

*Reviews as of Feb 7, 2018.

** Magic Quadrant for Enterprise Network Firewalls, July 10, 2017

Magic Quadrant for Endpoint Protection Platforms, January 24, 2018

Magic Quadrant for the Wired and Wireless LAN Access Infrastructure, October 17, 2017

Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls), June 20, 2017

Magic Quadrant for Web Application Firewalls, August 7, 2017

Magic Quadrant for Security Information and Event Management, December 4, 2017

 

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Gartner Peer Insights reviews constitute the subjective opinions of individual end-users based on their own experiences, and do not represent the views of Gartner or its affiliates.

The Gartner Peer Insights Customers’ Choice Logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights Customers’ Choice distinctions are determined by the subjective opinions of individual end-user customers based on their own experiences, the number of published reviews on Gartner Peer Insights and overall ratings for a given vendor in the market, as further described here and are not intended in any way to represent the views of Gartner or its affiliates.

by RSS Trish Borrmann  |  Feb 12, 2018  |  Filed in: Business and TechnologyIndustry Trends

資料來源:

https://blog.fortinet.com/2018/02/12/fortinet-named-a-2018-gartner-peer-insights-customers-choice-for-enterprise-network-firewall
]]>
2018-05-16
<![CDATA[Fortinet Highlights Agile Security at Mobile World Congress]]> http://www.phitech.com.tw/news/index.php?news_id=847

With Fortinet’s first-ever appearance at the Mobile World Congress (MWC) coming up in late February, we’re getting quite excited about the solutions we’ll be showing in our booth and the tutorial presentations we have scheduled over the four days of the event. Given the strengths and adaptability of the Fortinet Security Fabric architecture, we’ll have plenty to talk about when it comes to applying Fortinet technologies, products, and solutions to the task of building security into the next generations of mobile and managed security services provider (MSSP)infrastructures.

Three Fortinet Stories at Mobile World Congress

The Fortinet story will be framed around three topics at the event:

  • Agile Security. Security for empowering the global digital transformation of communication service providers (CSPs) and their customers, showcasing Fortinet’s solutions and capabilities in agile, automated, and self-provisioned service environments.
  • Advanced Security. Focusing on building in security as a standard and expected attribute of industrial, operational, and Internet-of-Things environments.
  • Mobile Security and Managed Security Services. The challenges and solutions in delivering security-as-a-service (SECaaS) within 4G and 5G networks and as a managed security services (MSS) delivery infrastructure.

In this blog post, I’d like to zero in on what we’re planning around the Agile Security theme. In two subsequent blog posts, I’ll expand on our Advanced Security and Mobile Security-Managed Security Services themes.

Agile Security for the Global Digital Transformation

Agile Security is critical in addressing the security needs, challenges, and solutions of communications service providers in a world where digital transformation is changing the way internal and external services are architected, implemented, delivered, and consumed. From physical to hybrid and virtual, from on-premise to the cloud, from the core to the edge of the network, from manual to zero-touch provisioning, from CSP to customer self-management, these changes are profound, and security must be transparently integrated into these new environments right from the start.

For MWC, we’ve set up an Agile Security Zone in the Fortinet booth with the tagline, “Securing Digital Transformation. For You and Your Customers.” The blunt reality is that we’re witnessing a wholesale transformation of the economy, public services, and social relationships. In other words, the MWC’s scope has expanded far beyond cell phones and related devices. The mobilization of digital technologies is becoming a primary vehicle for the digital transformation megatrend.

In the Fortinet booth (Hall 7, Stand 91), the Agile Security Zone will offer visitors an opportunity to talk to Fortinet technologists and thought leaders serving on the front lines of developing and delivering our Agile Security product and services portfolio for CSP environments. We’ll also be demonstrating:

  • A zero-touch security deployment that enables customer-self service via an ETSI-based Network Function Virtualization (NFV) environment, jointly delivered with Ubique, a Fortinet technology partner.
  • A secure SD-WAN (Software Defined Wide Area Network) solution.
  • A TOSCA-based (Topology and Orchestration Specification for Cloud Applications) security Orchestration solution jointly delivered with Cloudify, a Fortinet technology partner.

We’ll also be delivering two Agile Security-themed presentations in the presentations space built into our booth environment. These map directly to capabilities we’ll be demonstrating in the Agile Security Zone:

The Benefits of TOSCA-Based Security Orchestration

Synopsis: In the NFV framework, security solutions are part of a larger ecosystem to safely deliver agility and automation in communications service provider networks as well as in service delivery to their customers. This presentation will provide an overview on orchestrating security services via a TOSCA-based orchestration, and on the use of blueprints for rapid design and deployment of cloud-based security services.

Providing Secure SD-WAN

Synopsis: With the accelerated growth of multi-cloud enterprise environments, SD-WAN provides mechanisms for agile and efficient WAN usage. But SD-WAN alone is an incomplete service that needs to evolve to Secure SD-WAN, combining connectivity efficiency, agility, and security into an integrated offering. This presentation will provide an overview of Fortinet’s solution as a platform for delivering a Secure SD-WAN service.

These presentations will take place once daily over the four main days of MWC, February 26, 27, 28 and March 1, in the Fortinet Booth located in Hall 7, Stand 91 at the Congress.

For full details on Fortinet’s appearance at the 2018 Mobile World Congress, visit our web page dedicated to this subject. You can also use this site to review our presentation schedule and set up meetings with Fortinet representatives. The Mobile World Congress website contains, of course, official information on the event itself.

Needless to say, we look forward to seeing you in Barcelona!

by RSS Ronen Shpirer  |  Feb 07, 2018  |  Filed in: Business and Technology

資料來源:
https://blog.fortinet.com/2018/02/07/fortinet-highlights-agile-security-at-mobile-world-congress
 
]]>
2018-05-09
<![CDATA[Fortinet Security on the Google Cloud Platform: The Future is Multi-Cloud]]> http://www.phitech.com.tw/news/index.php?news_id=844

Fortinet Cloud Security Now Available Across Top Five Cloud Providers 

We’re excited to announce that our flagship FortiGate virtual machine is now available for Google Cloud Platform (GCP) through the Cloud Launcher marketplace. The FortiGate VM helps Google Cloud customers securely achieve the scale and elasticity of the public cloud with the integrated security, control, and visibility of on-premises infrastructure. This announcement also marks the first time that a single enterprise firewall solution is available across the top 5 cloud providers.

Protecting corporate and consumer data and users is critical, not just for those organizations adopting cloud computing models, but for our increasingly Internet-connected lives. Which is why providing critical firewalling, intrusion prevention, and other Layer 7 threat protection for the users of Google’s infrastructure-as-a-service (IaaS) and PaaS platforms – one of the top tier public clouds being used by leading enterprises and startups today – is critical.

Google Cloud Platform has been one of the pioneers and innovators in cloud computing, with key innovations such as per-second billing, container services, and machine learning.  All of these serve to enhance the scalability and elasticity of the cloud, and are helping to drive and accelerate digital transformation and digital business initiatives in enterprises large and small.  Also noteworthy is that Google Cloud was one of the fastest-growing public clouds in 2017, in year-over-year percentage terms, increasing their enterprise penetration by 50% compared to 2016. 

As public cloud adoption increases, and organizations gain confidence in migrating workloads and applications to the public cloud, they have begun to aggressively adopt a multi-cloud model for their workloads and infrastructures because they are choosing to use more than one IaaS/PaaS provider. In fact, a recent survey found that enterprises now use an average of 1.8 infrastructure-as-a-service (IaaS) clouds, while another discovered that companies use an average 16 cloud-based software-as-a-service (SaaS) applications to help run their business. While these organizations often leverage one provider for specific functionality and another for location or cost, often choosing to use the right cloud for the right application, cloud diversification also provides a measure of redundancy, which also helps enterprises meet their business continuity commitments while avoiding cloud vendor lock-in.

Of course, migrating to a multi-cloud model raises additional security concerns for many organizations. Enterprises already grappling with securing their hybrid cloud environments, i.e. both on-premises data centers and public clouds, now have to deal with an expanded digital attack surface that spans across multiple IaaS clouds. Furthermore, they also need to consider their multiple SaaS application providers as part of their multi-cloud model as well, as SaaS is really just another form of public cloud with enterprise data in a hosted and shared multi-tenant environment.

While many cloud providers like Google have a variety of security measures in place, they generally apply to the security of the cloud itself. Subscribers usually bear the responsibility for their activities in the cloud, especially when data and workloads span multiple cloud environments. Which is another reason why this latest Fortinet announcement is an important milestone: it marks the first time that a single enterprise firewall has been made available across all five top public cloud platforms!

Fortinet is proud to be unique in offering the same FortiGate security in the marketplaces of ALL of the top public cloud platforms of choice, including single pane-of-glass management and orchestration through the Fortinet Security Fabric, to consistently protect the entire digital attack surface, including physical, virtual, and multi-cloud environments.

Read the full news release online.

Download our paper on securing dynamic cloud environments.

 

 

]]>
2018-05-02
<![CDATA[Rapid7 Previews InsightPhish for Phishing Email Security]]> http://www.phitech.com.tw/news/index.php?news_id=846

The new service brings phishing simulation, analysis and defense to security operations teams.

BEC Email Scam

Security firm Rapid7 announced a beta release of its new InsightPhish service on Feb. 6, providing organizations with a way to incorporate phishing defense into Security Operations (SecOps).

The InsightPhish service provides phishing simulation, analysis and investigation capabilities and is built on top of the Rapid7 Insight platform, which provides security analytics.

"InsightPhish is purpose-built for SecOps teams to drive phishing awareness among employees and improve the efficiency of security analysts," Lee Weiner, Chief Product Officer at Rapid7, told eWEEK.

 

 
 

 

Weiner added that the concept and technology behind InsightPhish was developed by the same team that helps to build Rapid7's Metasploit products. The Metasploit framework is an open-source penetration testing framework, with Rapid7 selling commercial versions that provide enhanced enterprise capabilities. Metasploit has long provided multiple tools to help organizations test for email security and phishing. Weiner noted that Metasploit Pro is for testing the likelihood of exploitation, which is somewhat different than what the purpose is for the new InsightPhish service.

"We worked with various customers throughout the development of InsightPhish and believe these two tools complement one another," Weiner said. 

InsightPhish provides multiple capabilities, including the ability to 'cast' or conduct phishing simulations. Weiner said that InsightPhish can also enable users to catch potential attackers and classify indicators of phishing. 

"It does not capture credentials, infect targets, or support phishing simulation on email domains that the user's organization does not own," Weiner said. "InsightPhish makes it easy for even the most time-constrained employees to report suspected phishing emails to catch the potential attacker with one-click reporting for G Suite, Office 365 and Outlook users."

Weiner added that InsightPhish does not actually block phishing messages at the email gateway. That said, he noted that InsightPhish provides Indicators of Phishing (IOPs), which includes context about the messages being reviewed, allowing security teams to take action by quickly highlighting potentially malicious messages.

Business Email Compromise

Among the most costly types of phishing attacks are Business Email Compromise (BEC), which aim to trick users into paying fraudulent invoices. In May 2017, the Federal Bureau of Investigation's Internet Crime Complaint Center (IC3), reported that BEC scams have led to $5.3 billion in financial loses globally since October 2013.

"Since BEC is a more targeted phishing approach we believe that the ability for users to share insight on what is happening within their environment and or their vertical industry will be critical," Weiner said. "One of the goals for InsightPhish is not simply to help organizations with this critical challenge, but to also allow for the sharing of trends and analysis to help people in the same industry."

The market for security technologies that protect against phishing is very competitive with multiple vendors actively developing services including Symantec, Knowbe4, Trend Micro and Barracuda Networks among others. Weiner said that security operations (SecOps) teams are increasingly looking to be more efficient through the use of technology and automation. 

"Customers have told us that there is a strong need to increase visibility into the risk of phishing and reduce the time it takes to analyze potential phishing attempts," Weiner said. "We saw an opportunity to do that with our technology and domain expertise, while providing customers with a superior user experience."

While there is no shortage of competition in the phishing security space, there also is no slowdown in the continued volume of phishing attacks either.

"Phishing is the most common attack vector through which threats enter organizations," Weiner said. "We don’t expect this to change dramatically in the future, and we anticipate publishing research that reflects our development experience with InsightPhish."

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

資料來源:

http://voip.eweek.com/security/rapid7-previews-insightphish-for-phishing-email-security

]]>
2018-04-25
<![CDATA[Innovation Insights: The Industry’s Fastest 100 Gbps+ Next-Generation Firewall Appliance]]> http://www.phitech.com.tw/news/index.php?news_id=845 The impact of digital transformation on the NGFW

Digital transformation is changing the way enterprises access, process, and share information. The convergence of IoT, mobility, and cloud – combined with a growing reliance on SaaS applications – are driving new digital business models. This has resulted in massively increased volumes of information and transactions extending out to the cloud that have also been encrypted to ensure privacy.   

This combination of increasing volume, performance, and processing requirements places new stringent demands on the next generation firewalls deployed at the enterprise edge. Threat protection, SSL inspection, and capacity are now table stakes for any high end NGFW looking to protect the enterprise. 

The question that IT teams are wrestling with is, what constitutes adequate security performance levels so that we can be confident that we can conduct business at the speed and volume the market requires, without compromising the security that user and regulatory bodies demand?   

The requirement is straightforward: all traffic (clear and encrypted) traversing the network needs to be inspected, and security controls need to be applied, without degrading network performance. However, most NGFW solutions on the market today simply aren’t up to the task.

Providing full threat protection (TP) without slowing down the network can only be accomplished if that protection is applied at rates that match or exceed network speed. With many WAN speeds approaching or even exceeding 40G to 100G, NGFWs deployed at the edge must be able to deliver threat protection at near wire rates. And unlike the solutions being provided by many vendors, organizations can’t afford to disable essential TP functions or SSL decryption in order to meet performance requirements. Threat Protection throughput must be measured with firewall, application control, intrusion prevention (IPS), and antimalware/antivirus functions enabled using an enterprise traffic mix. And SSL inspection functions must be fully enabled to secure a real world mix of enterprise traffic.  

It’s about a lot more than just speed

Capacity is another critical requirement. Most NGFW appliances today top out session capacity at a few million sessions.  With the increasing volume of traffic and devices connecting to the network, maintaining high session capacity to accommodate peak connectivity is important. 

With nearly 80% all web traffic now encrypted, SSL inspection is one of the most important capabilities for a NGFW. It’s really the only way to reduce the risk of a data breach resulting from advanced threats hiding in SSL traffic. To do this, NGFWs must perform deep packet inspection of SSL traffic and apply security controls without compromising network performance. The challenge, however, is that SSL inspection introduces significant overhead and latency that can seriously impact network performance.

For this reason, many NGFW vendors do not even publish their SSL inspection numbers. Claiming high levels of threat protection throughput that drops to its knees when SSL inspection is turned on is not acceptable, especially when the majority of the traffic is encrypted. For example, a claim of 30G of Threat Protection with an SSL inspection throughput of 6.5 Gbps really means you are only getting 6.5 Gbps of security performance for the majority of your network traffic, which is woefully inadequate.

Introducing the world’s first NGFW appliance built to meet the true demands of today’s digital enterprises

Given the new realities of today’s networks (extension to the cloud, more traffic volume, and growing numbers of connected users, devices, and IoT), NGFWs placed at the enterprise edge are under pressure to perform at capacity, resiliency, and connectivity levels that have only ever been seen before in data center firewalls. But because IT expertise has been spread so thin, edge solutions also require ease of deployment, use, and management. Which means that a traditional chassis is not an optimal choice here.

What’s needed is the performance, scale, and capacity of a high-performance chassis in a small, efficient, and highly scalable appliance footprint. Which is why Fortinet has just announced a new class of ultra-high performance security appliances – the 6000F-series NGFWs that have been engineered to meet the real demands of digital business by completely resetting the bar for threat protection (TP) throughput, SSL inspection, connectivity, and capacity.

The 6500F, for example, ensures that customers can confidently inspect and secure all their traffic without the network slowing down by delivering:

  • 170 million concurrent sessions
  • 130 Gbps of SSL inspection
  • 100 Gbps of threat protection performance
  • A streamlined 3U form factor
  • All at a price point that no one in the industry can match

A look inside the Fortinet 6000F-series hardware architecture

With an industry first for a security appliance, Fortinet’s NGFW hardware architecture leverages a new, compact internal processing card technology that dramatically scales performance while reducing size, allowing them to fit within an appliance form factor. These new processing cards are miniaturized versions of the blades typically used in cutting-edge modular security chassis.

This new design provides dedicated processing power in order to accelerate each step in the inspection and protection process. To accomplish this, each processing card combines multiple 12-core CPUs with Fortinet’s proprietary Security Processing Units (SPUs), Content Processors (CP9), and Network Processors (NP6) into a single, discrete unit. And the FortiGate 6000F series devices are able to support up to ten of these discrete processing cards in a single 3RU-sized appliance.

To accelerate the power and performance of these appliances even further, these processing cards are managed using custom load balancing Distribution Processors (DP3) that intelligently assign and coordinate tasks between the different processing cards. This innovative design enables high resilience, session scale, and advanced security capabilities – benefits traditionally only available in a chassis-based configuration – at breakthrough speeds never before seen in a compact appliance form-factor.

Advanced security capabilities and performance: The 6000F series are the industry’s fastest NGFW appliances, delivering advanced threat protection and SSL inspection performance to handle the massive volumes of traffic at the network edge.

Comparison of the FortiGate 6300F with the PAN 5260 appliance

High Speed and Flexible Interfaces: High density SFP28 and QSFP28 interfaces support 10G, 40G, and 100G data rates, as well the new 25G data rate standard, to provide high speed connectivity and increased flexibility as enterprises migrate to higher density designs.

With this latest NGFW innovation in place, Fortinet has once again widened the performance and security gap between our closest competitors and us. And our ongoing commitment to an engineering-driven architectural approach to security ensures that this gap will only continue to widen, ensuring that customers always have access to the cutting edge security tools they need to enable their continued success in the new digital economy.

FortiGate’s 6000F series Next-Generation Firewalls will be available on March 30th, 2018.

Additional Resources

Read the FortiGate 6000F news release or visit the FortiGate 6000F series web page to learn more about the FortiGate 6500F and 6300F Next-Generation Firewalls.

For more information, download our paper and learn about the top threats that enterprise security leaders are being forced to address and the security approaches to evalutate to protect against them.

]]>
2018-04-18
<![CDATA[Why the Fortinet Security Fabric Is the "Secret Sauce" for Managed Security Services Providers]]> http://www.phitech.com.tw/news/index.php?news_id=843

To cut to the chase, the technical features of Fortinet solutions are only half the story when it comes to the Fortinet Security Fabric's unmatched ability to deliver managed security services. Its secret sauce for managed security services providers (MSSPs) is really about adaptability, integration, and automation, as expressed through six properties of Fortinet-based managed security solutions:

  1. Security Control Breadth. MSSPs are often required to combine offerings from several different security manufacturers to create an effective defense. This can be an expensive and difficult prospect to scale, especially when it requires building and maintaining custom tools that bridge the gap between separate solutions. The Security Fabric provides broad capabilities for defense across the attack surface from a single vendor, which reduces support costs and complexity.
  2. Single-Pane-of-Glass Visibility and Control. MSSPs and their clients can see and control all of their significant security vital signs across their infrastructure from a single, central interface. This unified visibility and control function extends beyond Fortinet-branded elements to include third-party security solutions integrated into the Security Fabric, as well as customer infrastructure.
  3. Shared Threat Intelligence and Automated Security Updates. Sharing threat intelligence between different Fortinet security technologies through telemetry reduces enterprise-wide response times while expanding breadth of coverage. Consolidating the update process speeds the change cycle, improves thoroughness and first-pass-success levels, and builds greater confidence that desired changes have in fact taken hold on remediated assets.
  4. Single Network Operating System. Service providers can use a common language to configure, control, and customize Fortinet solution elements.
  5. Native Multi-Tenancy. The Fortinet Security Fabric treats multi-tenancy as a matter of course, making it easier to set up and administer multi-client solutions while maintaining assured client confidentiality and compartmentalization.
  6. Scalability. Along with multi-tenancy, MSSPs can deliver solutions for client infrastructures of any size, from small-medium businesses to global multinational enterprises.

Note that four of the six MSSP secret sauce ingredients share “single” as a common theme. The “single” theme enables high degrees of process consolidation and unification. This reduces redundant wheel spinning in solution operations, increases operator/administrator productivity and effectiveness, and enables greater clarity of action in solution operations processes.

When MSSPs tap the varied possibilities offered by the Fortinet Security Fabric, a number of service outcomes emerge. These include:

Increased Situational Awareness. The ability to see what’s going on in an infrastructure in a near real-time basis serves as a precondition for detecting, diagnosing, and remediating behavioral anomalies that signal malfeasance in an infrastructure. This is increasingly important in a rapidly evolving threat environment where the most dangerous attacks are the ones that no one has seen before.

Broad Solution Reach. Native multi-tenancy and scalability work together to enable solutions for client infrastructures that cover private and public cloud environments, Internet of Things (IoT) devices and networks, and everything in between (e.g., data center, endpoint, mobile, etc.).

Rapid Attack Response. Today’s exploits can infiltrate an infrastructure, do their damage, and then disappear within minutes. Unfortunately, the vast majority of infrastructures suffer from detection and response latencies that are measured in weeks, months, or even years. Needless to say, radically stepping up the speed of detection, including inspecting secure sockets layer (SSL) traffic, and response is critical to enabling effective cybersecurity solutions.

Pervasiveness. Defenders need assurances that changes and updates execute quickly and completely, both on dedicated security solution elements and protected infrastructure. Incomplete execution of changes and updates can create unknown coverage gaps. Defenders can also waste a lot of time and resources re-validating and re-installing changes that should have executed when they were first distributed.

Inherent Security. At the very least, security solutions should never introduce new points of vulnerability into an infrastructure, whether through sloppy user access processes or unintentional backdoors. More positively, MSSP managed elements should be architected to facilitate least-privilege approaches to solution sign-on and resource access.

Developmental Headroom. In the here-and-now timeframe of MSSP design, implementation, operation, and maintenance solution elements should be easily adapted to meet customer requirements. Longer term, security solutions should anticipate the need to keep pace with dynamic (and often surprising) changes in the threat environment.

For clients of MSSPs, these service outcomes contribute to more cost-effective solutions and higher returns-on-expenditure. For MSSPs, these benefits translate to competitive advantages in winning new business, client satisfaction, and optimal profitability.

There’s one final X-factor that sets the course for MSSP solutions that use the Fortinet Security Fabric. Fortinet backs MSSPs with a strong partner program that we actively evangelize to customers and prospects. From the very beginning, Fortinet has demonstrated an unwavering commitment to a partner-centric sales and service business model and serves as a pillar of its customer value proposition.

With the Fortinet Security Fabric at the foundation of their strategy, MSSPs have a tremendous opportunity to enable their clients to turn security from an inhibitor of digital transformation to an enabler. For more information on how MSSPs can ride the service wave of digital transformation, check out our white paper, “How Digital Transformation Is Impacting MSSPs.” It’s truly an exciting time for MSSPs.

 

by RSS Stephan Tallent  |  Jan 30, 2018  |  Filed in: Business and Technolog


資料來源:
https://blog.fortinet.com/2018/01/30/why-the-fortinet-security-fabric-is-the-secret-sauce-for-managed-security-services-providers

 


 

 

 
]]>
2018-04-11
<![CDATA[Fortinet Certified by ICSA for Advanced Threat Defense]]> http://www.phitech.com.tw/news/index.php?news_id=842 The start of 2018 provided an important reminder about the duality of cyber attacks. On the one hand, the Spectre and Meltdown vulnerabilities highlight yet again that there will always be new ways for cybercriminals to enter organizations. On the other, frequent news of data loss at businesses or government organizations reminds us that existing avenues of attack – like email – rarely go away. In fact, you might recall that in the 2017 Verizon Data Breach Investigations Report (DBIR) the most common attack vector, responsible for 66% of installed malware, was in fact email.

That’s why Fortinet continues to urge organizations to look closely at their email security effectiveness, and respected analysts note that “Advanced threats (such as ransomware and business email compromise) are easily bypassing the signature-based and reputation-based prevention mechanisms that a secure email gateway (SEG) has traditionally used.” They then recommend that organizations “supplement gaps (if replacement is not an option) in the advanced threat defense capabilities of an incumbent SEG by adding a specialized product that is tailored for this purpose.”

The challenge is that most all email security vendors say the same thing: “99.9% catch rate, no false positives, easy to manage” and so forth, which is why Fortinet is firmly committed to regular participation in independent testing. Consider, for example, the Advanced Threat Defense certification testing conducted by ICSA Labs.

For much of this year their sample set, collected from in-progress campaigns each quarter, has contained a healthy dose of ransomware and a common technique of compressed archives.

And Fortinet Advanced Threat Protection closed out the year by demonstrating 100% detection with 0% false positives against these advanced email threats. You can see the full results here.

Specific results aside, the true importance of this analysis is that:

  1. ICSA runs one of only two independent and recurring tests of email security effectiveness that I know of. (The other is run by Virus Bulletin.)
  2. ICSA has been running this test quarterly for more than a year, and only two solutions (kudos to Trend Micro as well) have earned their certification for Advanced Threat Defense for Email.
  3. Fortinet views this and similar independent testing as a critical decision making resource for customers, as well as an important input process to help us continually improve our products.

Late last month, Fortinet released a new version of FortiMail. It includes improvements to previous enhancements, like our Virus Outbreak Service that speeds protection against emerging cybercriminal campaigns (that incidentally came out of findings from ICSA testing), as well as significant new features like Content Disarm and Reconstruction. This capability effectively neutralizes email attacks that embed malicious code into otherwise benign document formats by removing the active content and then delivering a safe attachment. To learn more about Fortinet’s FortiMail secure email gateway offering, please visit our product resource center.    

Going forward, I hope that all organizations are able to keep their two eyes on the duality of the threat landscape, both the brand new as well as the existing and recurring/morphing. And that they will leverage the insights and resources available through truly independent third-party testing to guide them through the process of selecting or replacing essential security tools.

Read important takeaways about the threat landscape in our Global Threat Landscape Report. Also, view our video (above) summarizing valuable data points from our most recent report.

Sign up for our weekly FortiGuard intel briefs or to be a part of our open beta of Fortinet’s FortiGuard Threat Intelligence Service.

For more information, download our paper and learn about the top threats that enterprise security leaders are being forced to address and the security approaches to evalutate to protect against them.

 

]]>
2018-04-04
<![CDATA[Fortinet Security Fabric Earns NSS Recommendation for Breach Prevention ]]> http://www.phitech.com.tw/news/index.php?news_id=841 NSS Labs recently unveiled a new test of Breach Prevention System (BPS) technologies in December 2017, designed to assess the ability of security solutions to not only simply detect, but also actually prevent unknown (and little known) threats within 15 minutes. This is a critical capability for organizations concerned with today’s sophisticated threats, especially for IT teams that are accountable for securing business initiatives and yet are understaffed to provide continuous monitoring, investigating, and manual response to security incidents.

What this new testing process found (among other things) is that the Fortinet Security Fabric – with its integration of advanced threat detection into a broad set of security solutions deployed across the distributed attack surface – dramatically changes the game from traditionally time consuming detection and response to automated and highly granular detection, prevention, and response. Specifically, the Fortinet solution – comprised of FortiSandbox, FortiGate, FortiMail, and FortiClient – demonstrated a block rate of 99.6%, with 0 false positives.  Combined with outstanding performance and exceptional TCO, Fortinet earned another NSS Recommended rating. This Recommended rating for BPS is in addition to existing 2017 NSS recommendations for NGFW, DCFW, WAF, NG-IPS, BDS, and AEP.

Threats Evolve

Failure is the Mother of Success. How true that is when applied to cyber threats. Every failed and half-baked cyber campaign contributes to the evolution of these attacks, both in terms of sophistication and persistence. Which is why attacks today are so difficult to detect and repel. We are now increasingly seeing complex, exploit-driven malware combined with automated, self-evolving, and persistent attacks delivered via a wide range of attack vectors, including phishing, malvertising, worms, infected watering-holes, and more to establish a toehold within an organization. In fact, Verizon’s’ 2017 DBIR shows that 99% of all malware are distributed over email and web. Combine this with a rapidly evolving network ecosystem of clouds, mobile devices, IoT, and applications and today’s understaffed IT Security teams have their hands full with managing a multitude of disparate security policies, isolated security products, management consoles, and alerts. It can certainly be overwhelming at times. To effectively respond, defense systems need to evolve as well.

So Does Technology

Fortinet built the Security Fabric to augment an organization’s security architecture to correlate threat intelligence to quickly identify sophisticated and highly evasive threats, simplify threat response management, and accelerate threat response times. This begins by providing protection across a broad set of threat vectors through the integration of Fortinet and non-Fortinet products so they can share local and global threat intelligence through a central intelligence hub. Second, fully automating the prevent-detect-mitigate lifecycle across the entire attack surface not only provides an effective mechanism to counter even highly automated attacks, it also goes a long way towards solving the cyber security talent shortage.

Breach Prevention vs. Detection

The advent of this new group test from NSS is a reflection of the fundamental maturation of advanced threat capabilities, requiring security to expand beyond detection to detection and prevention. Over the past four years of BDS testing we have seen solutions improve significantly in terms of accuracy and efficacy as well as in affordability. The maturation of this technology is reflected in the results of this new Breach Prevention test.

Keep in mind, an organizations security posture determines how prevent-detect-mitigate threat response lifecycle is applied. There are organizations that have a higher risk tolerance while focusing more on user productivity/experience and there are others that are more risk adverse while fully aware the small burden of inconvenience placed on its users. Fortinet ATP solutions such as email and endpoint security integrated with sandbox by default allow users to run their day-to-day applications and based on sandbox detections to automatically apply mitigating actions. However, a good security practice to eliminate "patient zero", is to allow pre-inspection before users have access and this is easily enabled via one-click “hold for sandbox” option in our solutions.

An important nuance between BPS and BDS

The BDS group test measures the detection of exploits, malware and evasions within 24 hours, which is used to calculate the security effectiveness in the BDS Security Value Map (SVM). The BPS group test, on the other hand focuses on blocking exploits, malware and evasions within a 15 minute window that is used to calculate the security effectiveness in the BPS Security Value Map (SVM). Furthermore, the BPS total cost of ownership calculations factors in samples that were additionally detected by the solution since it helps reduce the operational burden associated with the cost of remediating infections and breaches.

BDS v4.0 Test methodology

BPS v1.1 Test methodology

Proven Technology.

For this new, rigorous BPS test, Fortinet submitted FortiGate, FortiMail, FortiClient, and FortiSandbox, which are all part of the Fortinet Security Fabric solution. Based on the default configurations of our solution, the NSS Labs BPS result highlights include:

  • 99.6% Block rate
  • 100% in blocking and additionally detecting across all malware categories except HTTP (at 99.8%)
  • 0% for False Positives
  • Low 3-year TCO

FortiSandbox had already proven itself effective in the 2017 BDS test with a 99% Breach Detection rate, earning a Recommended rating four out of four years. And now, integrated with other Security Fabric components – namely, FortiGate, FortiMail, and FortiClient – it has achieved another NSS Recommended award with this latest 2017 BPS test. This latest accolade, combined with our growing list of Recommended awards for other Fortinet solutions, is a testament not only to Fortinet’s commitment to independent testing, but also an assurance that we are committed to continually evolving Fortinet’s Security Fabric technologies to enable organizations to securely achieve their digital transformation objectives.

Report: The full BPS report can be downloaded here.

Learn more about Fortinet’s Security Fabric. See how customer’s benefit from adopting the Security Fabric. To understand how Fortinet’s ATP solution works, read more.

Also, for more information, download our paper and learn about the top threats that enterprise security leaders are being forced to address and the security approaches to evalutate to protect against them.

資料來源:

https://blog.fortinet.com/2018/01/08/fortinet-security-fabric-earns-nss-recommendation-for-breach-prevention

]]>
2018-03-28
<![CDATA[How Financial Services Firms Can Protect Against DDoS Attacks]]> http://www.phitech.com.tw/news/index.php?news_id=840 Distributed denial-of-service (DDoS) attacks are becoming increasingly common across the financial services industry. DDoS attacks occur when a portion of the network is targeted, typically at the networking, transport, or application layer, with a flood of requests that overwhelm network bandwidth, causing it to slow or crash completely. 

Traditionally, DDoS attacks are associated with hacktivists or nation-state backed cybercriminals who leverage the attacks for political means. However, as organizations become more reliant on the internet and web-based transactions, these attacks have evolved as a way to target businesses, especially those in the finance space, to make money. In fact, data shows that DDoS attacks are the most common type of cyberattack used against financial services firms, making up 32 percent of analyzed attacks.

Consequences of DDoS

Regardless of how they are carried out, DDoS attacks result in downtime. This is especially impactful as organizations undergo digital transformation and move core business capabilities online to meet consumer demands. Estimates figure that financial institutions can lose up to $100,000 per hour as a result of the downtime brought on by DDoS attacks. 

However, more than just downtime, DDoS attacks are also being used to extort organizations. Cybercriminals now have been known to threaten businesses with DDoS unless they are paid a fee. In addition to cyber extortion, DDoS attacks are commonly used as a distraction tactic to divert IT and security resources while cybercriminals install malware or other malicious programs that assist in the exfiltration of data. 

Wanting to protect consumer data, the bottom line, and business reputation, banks stand to lose a lot in the event of a DDoS attack, especially as they are expected to grow in frequency and size in the coming years.

Larger, More Frequent Attacks on the Horizon

In past years, we have seen large DDoS attacks target financial institutions at between 200 – 300 gigabytes per second. However, 2016 saw DDoS attacks that reached one terabit per second. Deloitte predicts that these larger attacks will continue on a greater scale, with at least one attack per month reaching the one terabit mark, and an expected 10 million DDoS attacks to be carried out throughout 2017.

Factors Enabling DDoS

This growth in DDoS attacks is largely attributed to the increased number IoT devices being deployed along with the ease with which DDoS capabilities can be obtained.

  • IoT Devices: The number of connected devices is rapidly increasing across the financial sector, and while they offer many conveniences and benefits to consumers, they are also largely insecure. Waves of vulnerable IoT devices are now being corrupted with malware and turned into bots. These devices are then networked to create a botnet, which might span hundreds of thousands of infected devices. These botnets are used to flood networks with malicious traffic, resulting in high volume DDoS attacks that are often able to take an entire site offline.
  • Accessibility: At the same time, it has become increasingly simple to purchase malware, malware as a service, DDoS as service, and more on the dark web. This means that even without coding skills, people can launch sophisticated, effective attacks that leverage complex botnets.

Types of DDoS Attacks

As financial services institutions seek to mitigate these growing threats, they must be aware of the most common types of DDoS attacks - those that occur at the network, transport, and application layer.  

Volumetric attacks are those that inundate the network with requests from various devices and computers, flooding the available bandwidth. Among the most common types of volumetric attacks is DNS amplification, in which a query is sent using a false target IP address.

Next, protocol attacks exploit vulnerabilities that exist in the third (network) and fourth (transport) networking layers. These exploits allow the attacker to deny access to a targeted server, website, etc.

Finally, application layer attacks target applications with requests that appear to come from legitimate users until the application in knocked offline by the inundation of requests. These types of attacks are considered the most difficult for security teams to detect and mitigate.

Securing Against DDoS Attacks 

To mitigate the risks that DDoS attacks pose, financial services companies must employ a robust DDoS defense that protects against each of these attack vectors.

FortiDDoS defends organizations against bulk volumetric attacks, layer 7 application attacks, SSL-based attacks, DNS-based attacks, and IoT botnet attacks using behavior-based analysis rather than a signature-based approach. This is done by building an adaptive baseline of standard network activity using hundreds of thousands of parameters, which can then be monitored for abnormal activity.

FortiDDoS also includes comprehensive reporting that allows IT teams to monitor top attackers, top attacked IP addresses, top attacked protocols, and more.

Final Thoughts  

As financial services institutions move more of their critical operations online as a part of their digital transformation strategy, they are becoming increasingly susceptible to DDoS attacks. As these attacks become more frequent and sophisticated, threatening consumer privacy, the bottom-line, and reputation, financial services firms have to ensure they have security measures in place to protect themselves from these attacks at each networking layer.

Read more about how Fortinet secures financial services organizations.

For more information, download our paper and learn about the top threats that enterprise security leaders are being forced to address and the security ap