<![CDATA[Phitech]]> http://www.phitech.com.tw/news/index.php UTF-8 20210128 04:04:47 20210128 04:04:47 YBlog RSS Generator 5​​ <![CDATA[Fortinet Hits the Accelerator as Official Partner of Formula E’s BMW i Motorsport]]> http://www.phitech.com.tw/news/index.php?news_id=973 Fortinet Teams Up with ABB Formula E Championship Team BMW i Andretti Motorsport, Reinforcing Commitment to Acceleration, High Performance and Energy Efficiency

SUNNYVALE, Calif., Jan. 22, 2020 (GLOBE NEWSWIRE) --

John Maddison, EVP of products and CMO at Fortinet
“Fortinet’s involvement in Formula E is a natural fit as it strongly aligns with our focus on engineering and high performance. To accelerate the processing of security and networking functions, we design our own unique security processors. These purpose-built Fortinet SPUs radically increase the speed, scale and performance of our solutions, setting industry Security Compute Rating records. We’re excited to be part of Formula E and to join forces with BMW i Andretti Motorsport team.”

News Summary 
Fortinet® (FTNT), a global leader in broad, integrated and automated cybersecurity solutions, has joined BMW i Andretti Motorsport as the official partner for their Formula E team as part of Fortinet’s commitment to accelerate innovation, high performance and energy efficiency.

The ABB FIA Formula E Championship is the world’s first racing series for fully-electric single-seater cars. These electric cars deliver immense acceleration and performance while pushing the development of e-mobility forward. Like Formula E, Fortinet drives digital innovation through our breadth of offerings that make up the Fortinet Security Fabric. Fortinet’s products powered by Fortinet SPUs are engineered with the same emphasis on acceleration, high performance and energy efficiency. Given these synergies, Fortinet has partnered with the BMW i Andretti Motorsport team, marking the most significant engagement with a motorsports team in the company’s history.

Accelerating CPU Performance with Fortinet SPUs 
Similar to the Formula E series, Fortinet continues to digitally innovate and set industry records for performance and speed. Fortinet SPUs outpace what is available in the market with the highest Security Compute Ratings for the following benchmarks:

  • Stateful Firewall throughput
  • IPsec VPN performance
  • Concurrent sessions
  • Sessions per second

The Fortinet Family of SPUs are specially designed security processors that provide unmatched performance at a fraction of the cost of traditional CPUs, providing accelerated network security, accelerated graphics rendering and accelerated AI in the cloud. Fortinet’s FortiGate Next-Generation Firewall appliances are powered by the following security processors:

  • Content Processor 9 (CP9): The CP9 protects applications while optimizing user experience with the least performance degradation. The CP9 works as a CPU co-processor, taking on resource-intensive security functions such as SSL/TLS decryption – including TLS1.3 – IPS and antivirus.
     
  • System-on-a-Chip 4 (SoC4): Fortinet’s SoC4 is a purpose-built security processor that has achieved the highest Security Compute Ratings in the industry to support customers’ WAN Edge transformation. SoC4 consolidates network and content processing functions on a single chip to deliver fast application identification, steering and overlay performance. 
     
  • Network Processor 6 (NP6): Fortinet’s NP6 works with FortiOS functions delivering superior firewall performance for IPV4, IPV6 and multicast traffic with ultra-low latency down to three microseconds.

About the ABB FIA Formula E Championship

BMW i Andretti Motorsports and Fortinet will be participating in the ABB FIA Formula E Championship. Races will take place at various locations around the globe, including Rome, Paris and Seoul. The most recent Formula E race was on January 18 in Santiago, Chile, with the season running through July 2020. Fans can stay up-to-date on the team’s drivers and schedules, along with the entire race season, here.

Supporting Quotes

“There’s a clear alignment between Fortinet and BMW i Motorsport centered around our shared focus on digital innovation, accelerated technology and high performance. The cooperation between our brands creates promising marketing potential on and off the racetrack and we are proud to name Fortinet as our new partner.”
- Jens Thiemer, Senior Vice President Customer & Brand BMW

Additional Resources

About Fortinet
Fortinet (FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 425,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.    

FTNT-O

Copyright © 2019 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiCare, FortiManager, FortiAnalyzer, FortiOS, FortiADC, FortiAP, FortiAppMonitor, FortiASIC, FortiAuthenticator, FortiBridge, FortiCache, FortiCamera, FortiCASB, FortiClient, FortiCloud, FortiConnect, FortiController, FortiConverter, FortiDB, FortiDDoS, FortiExplorer, FortiExtender, FortiFone, FortiCarrier, FortiHypervisor, FortiInsight, FortiIsolator, FortiMail, FortiMonitor, FortiNAC, FortiPlanner, FortiPortal, FortiPresence , FortiProxy, FortiRecorder, FortiSandbox, FortiSIEM, FortiSwitch, FortiTester, FortiToken, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLCOS and FortiWLM.

source:
https://finance.yahoo.com/news/fortinet-hits-accelerator-official-partner-140010752.html

]]>
2021-01-27
<![CDATA[Fortinet provides cloud security to online payment solutions Yedpay]]> http://www.phitech.com.tw/news/index.php?news_id=972 Fortinet, a security firm that offers integrated and automated cybersecurity solutions, announced recently that merchant payment solutions company Yedpay has deployed an end-to-end Fortinet Security Fabric to help bolster security as it moves its infrastructure to the cloud.

Fortinet’s cloud security solutions enable Yedpay to protect its current operations, stay ahead of cyberattacks and confidently expand service offerings to grow the business.

Established in Hong Kong in 2014, Yedpay provides a platform for e-commerce payments for thousands of small- and medium-sized businesses (SMBs) that are underserved by other financial services providers. Its infrastructure connects merchants with payment issuers and supports marketing and analytics tools. Like other organizations in the financial services sector, Yedpay is now leveraging virtualization and cloud computing to help it deliver applications and services with greater speed and flexibility.

 

Have you read “Fortinet predicts use of AI, swarm tech in cyberattacks”?

 

Digital innovation

Fortinet is able to power Yedpay’s speed of digital innovation with an equally agile security strategy achieved through the Fortinet Security Fabric. All Fortinet solutions seamlessly work together, are easily managed and also integrate smoothly with Yedpay’s existing security solutions to ensure consistent and secure connectivity across complex multi-vendor networks and different hardware, virtual environments, and cloud environments.

With expertise in working with fintech startups and other financial services companies around the world, Fortinet helped Yedpay accelerate its cloud migration journey and reduce management and operational overheads without compromising security.

“We deployed Fortinet Network Firewalls five years ago to protect our on-premise network infrastructure. Fortinet was the clear choice to help us move our workloads to a public cloud environment with their Fortinet Security Fabric offerings,” said Alva Wong, co-founder and chief information security officer, Yedpay. “Every component of the Fortinet Security Fabric is fully integrated into the entire network and every part of the security architecture is visible via a single console that is user-friendly and easy to operate. With Fortinet, a secure cloud migration that would normally take a year took us only a month.”

The Fortinet Security Fabric is an intelligent platform that unifies various security solutions across the network to detect, block and remediate attacks. It reduces and manages the attack surface through broad visibility, stops advanced threats with artificial intelligence-driven breach prevention, and reduces complexity via automated operations and orchestration across endpoints, access points, network elements, the data center, applications, cloud, and data.

Fortinet Security Fabric

The Fortinet Security Fabric offerings deployed by Yedpay includes:

The FortiGate Next-Generation Firewall, with vendor-agnostic interoperability and advanced threat prevention built in to provide outstanding network visibility.

The FortiWeb Web Application Firewall (WAF) provides Yedpay with AI-based behavioral scanning for threat detection and protection from the OWASP top ten most critical web app security risks. This includes cross-site scripting (XSS) and SQL injection attacks.

The FortiSIEM provides Yedpay cross-correlation of the Security Operations Centre and Network Operations Center (SOC-NOC) analytics and automated workflows. It also provides single-pane-of-glass management to speed up and improve threat response, free time up for critical business operations and stop breaches before they occur.

“Migrating to cloud environments adds extra complexity and risks if security isn’t part of an organization’s cloud strategy from the onset. Customers like Yedpay rely on Fortinet to provide advanced security for all their deployments as they’re moving to cloud environments. In addition to protecting the expanded attack surface, Fortinet’s dynamic cloud security offerings, which are part of the Fortinet Security Fabric, simplify operations with single-pane-of-glass management and don’t compromise network performance,” John Maddison, EVP of products and CMO at Fortinet.

“Fortinet provides us with an end-to-end security solution and a single point of contact with deep multi-vendor integration. This not only gave us peace of mind during the migration but continues to give us an easy way to secure our network architecture that is also highly scalable, incredibly powerful and cost-effective,” Mr. Wong added.


Source:
https://backendnews.net/2020/01/18/fortinet-provides-cloud-security-to-online-payment-solutions-yedpay/
 

]]>
2021-01-20
<![CDATA[GTT Expands SD-WAN Portfolio by Adding Fortinet Secure SD-WAN]]> http://www.phitech.com.tw/news/index.php?news_id=971 MCLEAN, Va.--(Business Wire)--GTT Communications, Inc. (NYSE: GTT), a leading global cloud networking provider to multinational clients, announced it has expanded its SD-WAN service offering by adding Fortinet Secure SD-WAN as a technology option. GTT delivers Fortinet Secure SD-WAN as a managed service and supports any last-mile access solution to meet specific client requirements for advanced security, application performance and cost efficiency. The addition of Fortinet enhances GTT’s existing managed SD-WAN service offerings for enterprise clients.

 

The GTT SD-WAN offering that uses Fortinet technology includes integrated next generation firewall and unified threat management functionality combined with an SD-WAN edge device and router, providing an attractive return on investment with robust security features. The GTT SD-WAN service offering with Fortinet is particularly suitable for distributed enterprises and branch networking applications in industries such as retail, quick service restaurants, hospitality and financial services.

“Clients rely on GTT to securely connect their locations across the world and to every application in the cloud,” stated Rick Calder, GTT president and CEO. “Our broad portfolio of SD-WAN service options, that now includes Fortinet, ensures that clients can run their applications with superior security, performance and reliability to support their business goals.”

“Fortinet Secure SD-WAN allows GTT to build a smart connectivity platform that delivers additional value to customers through security, analytics and cloud-acceleration services,” stated John Maddison, Fortinet SVP of products and CMO. “The combination of GTT’s Tier 1 global IP network and Fortinet Secure SD-WAN enables high-performing and differentiated services for GTT clients worldwide. We’re pleased to partner with GTT to deliver our carrier-grade secure SD-WAN solution to global enterprise organizations.”

“By adding Fortinet as another vendor platform, GTT has enhanced and broadened its SD-WAN service to offer enterprises even greater networking agility and integrated security capabilities,” commented Mike Sapien, vice president & chief analyst US for enterprise services at Ovum. “The integration of SD-WAN technology with GTT’s Tier 1 IP network offers performance and efficiency advantages when leveraging the core network for internet traffic destined for the cloud.”

Source:
http://www.digitaljournal.com/pr/4556587

]]>
2021-01-13
<![CDATA[Fortinet predicts advanced AI, counter threat intelligence to evolve]]> http://www.phitech.com.tw/news/index.php?news_id=970 Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity solutions, today unveiled predictions from the FortiGuard Labs team about the threat landscape for 2020 and beyond. These predictions reveal methods that Fortinet anticipates cybercriminals will employ in the near future, along with important strategies that will help organizations protect against these oncoming attacks. 

 


Organizations need to adopt security strategies that maximize integration, advanced AI, and actionable threat intelligence to proactively protect against modern attacks.
Highlights of the predictions follow:

 

Changing the Trajectory of Cyberattacks

 

 Cyberattack methodologies have become more sophisticated in recent years magnifying their effectiveness and speed. This trend looks likely to continue unless more organizations make a shift as to how they think about their security strategies. With the volume, velocity, and sophistication of today’s global threat landscape, organizations must be able to respond in real time at machine speed to effectively counter aggressive attacks. Advances in artificial intelligence and threat intelligence will be vital in this fight.

 

The Evolution of AI as a System

 

 One of the objectives of developing security-focused artificial intelligence (AI) over time has been to create an adaptive immune system for the network similar to the one in the human body. The first generation of AI is designed to use machine learning models to learn, correlate and then determine a specific course of action. The second generation of AI leverages its increasingly sophisticated ability to detect patterns to significantly enhance things like access control by distributing learning nodes across an environment. The third generation of AI is where rather than relying on a central, monolithic processing center, AI will interconnect its regional learner nodes so that locally collected data can be shared, correlated, and analyzed in a more distributed manner. This will be a very important development as organizations look to secure their expanding edge environments.

 

Federated Machine Learning

 

In addition to leveraging traditional forms of threat intelligence pulled from feeds or derived from internal traffic and data analysis, machine learning will eventually rely on a flood of relevant information coming from new edge devices to local learning nodes. By tracking and correlating this real-time information, an AI system will not only be able to generate a more complete view of the threat landscape, but also refine how local systems can respond to local events. AI systems will be able to see, correlate, track, and prepare for threats by sharing information across the network. Eventually, a federated learning system will allow data sets to be interconnected so that learning models can adapt to changing environments and event trends and so that an event at one point improves the intelligence of the entire system.

 

 Combining AI and Playbooks to Predict Attacks

 

 Investing in AI not only allows organizations to automate tasks, but it can also enable an automated system that can look for and discover attacks, after the fact, and before they occur. Combining machine learning with statistical analysis will allow organizations to develop customized action planning tied to AI to enhance threat detection and response. These threat playbooks could uncover underlying patterns that enable the AI system to predict an attacker's next move, forecast where the next attack is likely to occur, and even determine which threat actors are the most likely culprits. If this information is added into an AI learning system, remote learning nodes will be able to provide advanced and proactive protection, where they not only detect a threat, but also forecast movements, proactively intervene, and coordinate with other nodes to simultaneously shut down all avenues of attack.

 

 The Opportunity in Counterintelligence and Deception

 

 One of the most critical resources in the world of espionage is counterintelligence, and the same is true when attacking or defending an environment where moves are being carefully monitored. Defenders have a distinct advantage with access to the sorts of threat intelligence that cybercriminals generally do not, which can be augmented with machine learning and AI. The use of increased deception technologies could spark a counterintelligence retaliation by cyber adversaries. In this case, attackers will need to learn to differentiate between legitimate and deceptive traffic without getting caught simply for spying on traffic patterns. Organizations will be able to effectively counter this strategy by adding playbooks and more pervasive AI to their deception strategies. This strategy will not only detect criminals looking to identify legitimate traffic, but also improve the deceptive traffic so it becomes impossible to differentiate from legitimate transactions. Eventually, organizations could respond to any counterintelligence efforts before they happen, enabling them to maintain a position of superior control.

 

 Tighter Integration with Law Enforcement

 

 
 Cybersecurity has unique requirements related to things like privacy and access, while cybercrime has no borders. As a result, law enforcement organizations are not only establishing global command centers but have also begun connecting them to the private sector, so they are one step closer to seeing and responding to cybercriminals in real-time. A fabric of law enforcement as well as public and private sector relationships can help in terms of identifying and responding to cybercriminals. Initiatives that foster a more unified approach to bridge the gaps between different international and local law enforcement agencies, governments, businesses, and security experts will help expedite the timely and secure exchange of information to protect critical infrastructure and against cybercrime.

 

 Cyber Adversary Sophistication is Not Slowing Down

 

 Changes in strategy will not go without a response from cyber adversaries. For networks and organizations using sophisticated methods to detect and respond to attacks, the response might be for criminals to attempt to reply with something even stronger. Combined with more sophisticated attack methods, the expanding potential attack surface, and more intelligent, AI-enabled systems, cybercriminal sophistication is not decreasing.

 

 Advanced Evasion Techniques

 

 A recent Fortinet Threat Landscape report demonstrates a rise in the use of advanced evasion techniques designed to prevent detection, disable security functions and devices, and operate under the radar using living off the land (LOTL) strategies by exploiting existing installed software and disguising malicious traffic as legitimate. Many modern malware tools already incorporate features for evading antivirus or other threat detection measures, but cyber adversaries are becoming more sophisticated in their obfuscation and anti-analysis practices to avoid detection. Such strategies maximize weaknesses in security resources and staffing.

 

 Swarm Technology

 

 Over the past few years, the rise of swarm technology, which can leverage things like machine learning and AI to attack networks and devices has shown new potential. Advances in swarm technology, have powerful implications in the fields of medicine, transportation, engineering, and automated problem solving. However, if used maliciously, it may also be a game changer for adversaries if organizations do not update their security strategies. When used by cybercriminals, bot swarms could be used to infiltrate a network, overwhelm internal defenses, and efficiently find and extract data. Eventually, specialized bots, armed with specific functions, will be able to share and correlate intelligence gathered in real-time to accelerate a swarm’s ability to select and modify attacks to compromise a target, or even multiple targets simultaneously.

 

 Weaponizing 5G and Edge Computing

 

 The advent of 5G may end up being the initial catalyst for the development of functional swarm-based attacks. This could be enabled by the ability to create local, ad hoc networks that can quickly share and process information and applications. By weaponizing 5G and edge computing, individually exploited devices could become a conduit for malicious code, and groups of compromised devices could work in concert to target victims at 5G speeds. Given the speed, intelligence, and localized nature of such an attack, legacy security technologies could be challenged to effectively fight off such a persistent strategy.

 

 A Change in How Cybercriminals Use Zero-day Attacks

 

 Traditionally, finding and developing an exploit for a zero-day vulnerability was expensive, so criminals typically hoard them until their existing portfolio of attacks is neutralized. With the expanding attack surface, an increase in the ease of discovery, and as a result, in the volume of potentially exploitable zero-day vulnerabilities is on the horizon. Artificial Intelligence fuzzing and zero-day mining have the ability to exponentially increase the volume of zero-day attacks as well. Security measures will need to be in place to counter this trend.


Source:

https://www.manilastandard.net/index.php/tech/business0/314549/fortinet-predicts-advanced-ai-counter-threat-intelligence-to-evolve-.html]]>
2021-01-06
<![CDATA[Organizations Leverage Fortinet SaaS Offerings for Advanced Security and Simplified Management]]> http://www.phitech.com.tw/news/index.php?news_id=1016 As organizations look to enhance their on-premises and cloud security, they need the proper tools in place that don’t introduce risks and complexities. A study from IDG found that 48 percent of respondents believe that increased complexity is a primary downside in using multiple clouds. Additionally, it’s difficult for organizations to fill critical cloud security roles, with a recent Fortinet survey finding that the most commonly cited position that is hard to hire for is the cloud security architect role. Fortinet is addressing these challenges for its customers with its Security-as-a-Service (SECaaS) offerings delivered through FortiCloud.

Among Fortinet’s customers, Continent 8 Technologies, Illinois State Treasurer, and SuperCare Inc. are leveraging FortiCloud’s SECaaS offerings to As a result, these customers have confidently adopted various cloud environments without worrying that it will slow down their operations or introduce security risks.

Continent 8 Secures Web Apps and APIs Leveraging FortiCloud

Continent 8 Technologies is a leading provider for hosting, networking, security, and cloud infrastructure managed services. As Continent 8 was looking to expand its managed security services to further secure customers’ web applications and APIs, it turned to Fortinet. Continent 8 uses Fortinet FortiWeb Cloud, which is delivered through FortiCloud, to offer Continent 8 Cloud WAF.

This web application and API security offering seamlessly integrates with Continent 8's IP Transit and DDoS protection services to further protect sensitive information and mission-critical applications. MSSPs like Continent 8 can expand their security services with the broadest set of SECaaS offerings to effectively protect customers’ entire attack surface.

Illinois State Treasurer Enhances Cybersecurity

When the Illinois State Treasurer’s IT team was looking to upgrade its legacy security environment, it selected Fortinet to implement new solutions that integrated security visibility and improved usability. By using FortiGate Cloud, part of the FortiCloud offering suite, the Treasurer’s Office was able to manage its FortiGate Next-Generation Firewalls from the cloud to achieve greater visibility into their network and isolate network traffic to a particular endpoint or application.

The Treasurer’s Office now has an easy-to-use, single-user interface, making it easy to make configurations and run analytics off-premises. Security reports provided by FortiGate Cloud have been a critical resource, providing the hard data necessary to answer auditors’ questions and demonstrate compliance with required security controls.

SuperCare Inc. Simplifies Security Management

SuperCare Inc. was seeking new solutions to simplify how it remotely managed security policies for their customers and enhance its own network security. Through FortiCloud’s SECaaS offerings, SuperCare Inc. now can use a single sign-on to manage multiple security appliances. As SuperCare Inc. looked to adopt new cloud environments, it needed easy deployment and setup, which is exactly what Fortinet provided through FortiCloud. SuperCare Inc. has been able to install solutions that it can customize to its needs and easily adjust security policies and profiles.

Dynamic Cloud Security Solutions for Any Environment

Organizations want to confidently roll out their cloud strategy without concerns of cloud-specific security vulnerabilities. This is why it is important that security solutions protect any cloud environment from multiple threat vectors and the entire range of exploits, both old and new. 

Meanwhile, the cyber threat landscape continues to become more sophisticated, making it hard for organizations to keep up. Many organizations do not have the tools they need to provide the visibility and control they require across their various workloads and applications. Fortinet’s customers are finding that through its Dynamic Cloud Security offerings, including FortiCloud, they are able to reap the benefits promised by the cloud—such as agility and scalability—without compromising security.

Learn how Fortinet Dynamic Cloud Security solutions provide increased visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.

Source:

https://www.csoonline.com/article/3568128/organizations-leverage-fortinet-saas-offerings-for-advanced-security-and-simplified-management.html

]]>
2020-12-30
<![CDATA[Fortinet Customers Use FortiCloud’s SaaS Offerings to Eliminate Complexity and Ensure Cloud Security]]> http://www.phitech.com.tw/news/index.php?news_id=1015 FortiCloud Delivers the Industry’s Most Comprehensive Cloud-Delivered Security-as-a-Service Portfolio

SUNNYVALE, Calif., July 21, 2020 (GLOBE NEWSWIRE) --
John Maddison, EVP of products and CMO at Fortinet 
“As our customers continue to rely more on cloud environments and applications, Fortinet offers the broadest and most integrated portfolio to secure all of their workloads. Customers need to secure their applications and cloud environments with as little management overhead as possible. FortiCloud simplifies security management while enhancing security both on-premises and in the cloud.”

News Summary
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced it is helping Continent 8 Technologies, Illinois State Treasurer and SuperCare Inc. secure and centralize management of their cloud environments through its Security-as-a-Service delivery platform, FortiCloud

  • Through FortiCloud, Fortinet delivers many of its Security Fabric’s products and solutions as Security-as-a-Service (SECaaS) offerings. This has made it easy for customers ranging from small businesses to enterprises and managed security service providers (MSSPs) to secure their users, applications and critical data in the cloud.
  • FortiCloud enables customers to access and manage a range of Fortinet solutions and services from an online portal with a common user experience. Customers are able to centralize the management of multiple Fortinet devices and quickly make on-premises configurations from anywhere.
  • FortiCloud delivers the industry’s most comprehensive Security-as-a-Service portfolio, including FortiGate Cloud, FortiWeb Cloud and FortiCWP, through a single sign-on. FortiCloud also provides access to FortiCare services, which includes global support for all Fortinet products.

Removing Cloud Complexities and Security Risks
In IDG’s 2020 Cloud Computing Survey, 48 percent of respondents cited that increased complexity is a primary downside in using multiple clouds. The issue is that many organizations don’t have tools in place that provide the visibility and control they need across their networks, introducing security risks as the number of sophisticated threats continue to increase. This is coupled with the cybersecurity skills gap that is even more prevalent for cloud security roles requiring specialized cloud expertise, making it difficult for organizations to properly manage security without exhausting their cloud resources.

Organizations like Continent 8, Illinois State Treasurer and SuperCare Inc. have benefited from FortiCloud’s delivery of SECaaS offerings by eliminating complexity and enabling advanced security and centralized cloud-based management. All this while preventing their cloud adoption from slowing down their operations and introducing security risks.

Customers Secure and Manage Dynamic Cloud Environments Through FortiCloud
Fortinet’s customers are using FortiCloud to simplify how they’re securing and managing their applications or clouds, to create new managed security services that expand business opportunities or to enhance on-premises security, among other advantages. Below is an overview of how Continent 8, Illinois State Treasurer and SuperCare Inc. are using FortiCloud’s SECaaS offerings to maximize the benefits of adopting cloud environments.

Continent 8 Technologies
As a leading provider for hosting, networking, security and cloud infrastructure managed services, Continent 8 Technologies seeks to secure their customers’ applications irrespective of whether they are hosted within or outside their global network. To help achieve this, Continent 8 Technologies is leveraging Fortinet’s FortiWeb Cloud—delivered through FortiCloud—to protect their customers’ applications easily and seamlessly. As a result, the company has expanded its managed security services to offer Continent 8 Cloud WAF for securing customers’ web applications and APIs.

“Continent 8 Technologies leverages FortiWeb Cloud, part of the FortiCloud family of offerings, to deliver Continent 8 Cloud WAF,” said Leon Allen, Innovation Director at Continent 8. “As a result, our web application and API security offering seamlessly integrates with Continent 8's IP Transit and DDoS protection services to further protect sensitive information and mission-critical applications.”  

FortiCloud makes it simpler for MSSPs like Continent 8 to expand their security services and offer the broadest set of SECaaS offerings, delivering the security their customers need to effectively protect across the entire attack surface.

Illinois State Treasurer
When the Illinois State Treasurer’s IT team was looking to upgrade its legacy security environment, it turned to Fortinet to implement new solutions that integrated security visibility and improved usability. By using FortiGate Cloud, part of the FortiCloud offering suite, the Treasurer’s Office was able to manage its FortiGate Next-Generation Firewalls from the cloud to achieve greater visibility into their network and isolate network traffic to a particular endpoint or application. Additionally, the Treasurer’s Office also uses FortiAnalyzer—also from the FortiCloud suite—to obtain a much deeper dive into its network, which has improved overall visibility and security analytics.

Joseph Daniels, Chief Information Officer at the Illinois State Treasurer said, “Fortinet’s Security-as-a-Service offerings through its FortiCloud suite enables us to streamline management and integrate security across all our environments. We deployed FortiGate Cloud to manage Fortinet’s next-generation firewalls from the cloud through an easy-to-use, single user interface, making it easy for our team to make configurations and run analytics off-premises. The weekly security reports provided by FortiGate Cloud have been a critical resource, providing us with the hard data necessary to answer auditors’ questions and demonstrate compliance with required security controls.”

SuperCare Inc.
SuperCare Inc. has been able to simplify how it remotely manages security policies for their customers through FortiCloud’s SECaaS offerings, including FortiGate Cloud. FortiGate Cloud provides SuperCare Inc. with a single sign-on to manage multiple security appliances.  

“FortiCloud is easy to use,” shared Di Wang, Infrastructure Manager at SuperCare Inc. “Specifically, FortiGate Cloud is very critical when it comes to initial deployment, setup and ongoing management of the NGFW we have installed—all which can be done from the cloud. It’s great that it can be customized to our needs and we could adjust our security profiles and firewall policies after analyzing data from the last few months. We have also scheduled the reports to be emailed to us periodically, which is very convenient. I believe that the FortiCloud offerings greatly enhance the network security of our company, and would definitely recommend it to others.”

Soruce:
https://www.globenewswire.com/news-release/2020/07/21/2064916/0/en/Fortinet-Customers-Use-FortiCloud-s-SaaS-Offerings-to-Eliminate-Complexity-and-Ensure-Cloud-Security.html

]]>
2020-12-23
<![CDATA[Fortinet Receives Industry Awards for Transforming the SD-WAN Market]]> http://www.phitech.com.tw/news/index.php?news_id=968 Legacy WAN Solutions Fail to Deliver on Digital Transformation

Digital transformation at the branch office, including remote retail locations, school campuses, and healthcare and financial offices, is fundamental if today’s distributed workforce is going to be able to keep up with evolving business and consumer demands. Conducting digital business today requires access to critical services and applications located in the cloud. And many of these business-critical applications, such as unified communications, are highly sensitive to bandwidth limitations or things like jitter or lag times that often result from unreliable connections, which becomes an obstacle for efficient operations.

Historically, these remote locations were all connected to business applications and services through a single connection back to the core network. An MPLS connection and WAN router provided reliable, yet static connectivity for millions of offices. However, because this hub-and-spoke model means that all applications and access to online resources need to be backhauled through the core network, local servers are being overwhelmed with huge volumes of traffic, along with the capacity of the fixed MPLS and router combination at the branch office. As a result, productivity and user experience are severely impacted.

Traditional SD-WAN Still Leaves Organizations Vulnerable

While SD-WAN solutions address this challenge with a more flexible and dynamic connectivity strategy, early-to-market solutions failed to consider the security needs of these connections. The one thing that the traditional model had going for it was that all traffic was at least inspected and secured using the full stack of enterprise-grade security solutions deployed at the core. Direct access to cloud and internet services from the branch means that protection is no longer available. Unfortunately, the vast majority of SD-WAN solutions on the market provide little more than a VPN and a stripped down firewall to protect this critical link in today’s distributed networks, which leaves organizations poorly protected and highly vulnerable.

Fortinet is Positioned as a Challenger in Gartner WAN Edge Infrastructure Magic Quadrant

Fortinet believes that our focus on Secure SD-WAN innovation contributed to our placement of highest ability to execute and highest completeness of vision in the Challengers Quadrant of the November 2019 Gartner Magic Quadrant for WAN Edge Infrastructure. Unlike many SD-WAN solutions, we think Fortinet Secure SD-WAN is one of the few solutions on the market that addresses the FULL range of challenges being faced by organizations, combining advanced connectivity and traffic and application management functionality with a full suite of integrated security solutions, including NGFWIPS, antivirus/anti-malware, web filtering, a full range of VPN options, and advanced threat protection solutions such as sandboxing.

In fact, in the November 2019 Gartner analyst research report, “Critical Capabilities for WAN Edge Infrastructure,” Fortinet received the highest score in the “Security-Sensitive WAN” use case, and ranked within the five highest for all remaining WAN Edge use cases. Gartner went on to recommend that “users consider the set of critical capabilities as some of the most important criteria for [WAN Edge infrastructure] acquisition decisions.”

Secure SD-WAN Recognized with Top Industry Awards

The marketplace is taking notice. For example, Fortinet’s Secure SD-WAN just received CRN’s 2019 Tech Innovator award in the “Networking – SD-WAN” category, as well as CRN’s 2019 Product of the Year in the Security-Network – Technology subcategory. These awards are just a small reflection of the impact that Fortinet’s Secure SD-WAN solution is having on transforming the market.

We have also been recognized for our work with MEF, the group responsible for defining SD-WAN certifications and standards. In addition to winning two MEF 3.0 Proof of Concept awards – one for developing security standards for secure connections between separate SD-WAN devices, and the other for ensuring application security for SD-WAN services – we also lead a key Initiative in the MEF Applications Committee on Application Security for SD-WAN Services (MEF88).

Additionally, Fortinet’s secure SD-WAN solution has received two consecutive NSS Labs “Recommended” ratings and showcased the lowest total cost of ownership (TCO), resilient high availability for better user experience, and high WAN performance for cloud applications.

Secure SD-WAN Protects Innovation Through Security-Driven Networking

With over 21,000 Fortinet Secure SD-WAN customers and counting, organizations are quickly learning that digital transformation without security is a dead end. Instead, manufacturers and businesses alike need to take an aggressive security-first approach that ensures that all innovation includes security-driven networking to ensure that flexibility and adaptability don’t leave organizations exposed to today’s increasingly aggressive – and successful – cybercriminals.

Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution.

Read more about Fortinet's recent customer momentum to learn why global service providers such as Orange Business ServicesSoftBank Corp, and Ooredoo Kuwait choose Fortinet Secure SD-WAN.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.


Source:

https://www.fortinet.com/blog/business-and-technology/fortinet-receives-industry-award-transforming-sdwan-market.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblogs+%28Fortinet+All+Blogs%29

]]>
2020-12-16
<![CDATA[Fortinet Leapfrogs Cisco With 21,000 SD-WAN Customers]]> http://www.phitech.com.tw/news/index.php?news_id=967 Fortinet says its FortiGate Secure SD-WAN technology has been adopted by 21,000 customers, leapfrogging Cisco by about 1,000 businesses.

“Customers continue to recognize the importance of integrated security and SD-WAN as they select Fortinet’s Secure SD-WAN solution to reduce complexity and enhance their organization’s security posture,” said John Maddison, EVP of products and CMO at Fortinet, in a statement. “As a leading SD-WAN vendor, Fortinet empowers organizations to achieve optimal user experience, visibility, and security at their WAN edge to enable digital innovation.”

The company’s customer count lines up with the findings of Gartner’s latest magic quadrant WAN edge report, which estimated Fortinet had approximately 21,000 WAN edge customers. However, the report suggested that these customers were primarily leveraging the company’s next-generation firewall (NGFW) or unified threat management (UTM) capabilities.

But the company’s customer count reflects organizations that have specifically deployed the company’s SD-WAN technology, according to Nirav Shah, senior director of products and solutions at Fortinet.

“We have a number of customers in distributed enterprise just using us for next-generation firewall functionality, but 21,000 customers are leveraging FortiGate for Secure SD-WAN,” he wrote in an email to SDxCentral.

Fortinet’s claim places the rising SD-WAN vendor ahead of Cisco, which by some metrics is considered to be the market leader in the SD-WAN space.

Late last month Cisco announced it had 20,000 SD-WAN customers spread across its Viptela and Meraki SD-WAN platforms.

Source:
https://www.sdxcentral.com/articles/news/fortinet-leapfrogs-cisco-with-21000-sd-wan-customers/2019/12/
 

]]>
2020-12-09
<![CDATA[Fortinet’s Latest Firewall Integrates Networking and Security in a Single Platform to Protect Any Edge and Large Remote Workforces]]> http://www.phitech.com.tw/news/index.php?news_id=1034
Fortinet, Inc.
Thu, October 29, 2020, 9:00 PM GMT+8·7 mins read
 
 

FortiGate 2600F offers up to 10x higher performance enabled by Fortinet SPUs, allows customers to replace multiple point products to reduce cost and complexity

SUNNYVALE, Calif., Oct. 29, 2020 (GLOBE NEWSWIRE) --

John Maddison, EVP of Products and CMO at Fortinet
“Enterprise organizations are accelerating their digital innovation initiatives while also having to secure a remote and hybrid workforce. In this complex environment, deploying enterprise-class security anywhere is essential. Fortinet’s security-driven networking approach accelerates the convergence of networking and security to protect any edge, including enterprise data center, WAN, and cloud edges - all from a single network firewall platform.”

News Summary
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced the FortiGate 2600F, Fortinet’s latest network firewall that enables security-driven networking to protect multiple edges including hybrid data centers, multi-cloud environments and large-scale remote workforces. Powered by Fortinet’s purpose-built security processing units (SPUs), NP7 and CP9, the FortiGate 2600F offers some of the highest performance figures in the industry with Security Compute Ratings of up to 10 times higher than competitor solutions to enable the following use cases for large enterprises:
  • Highspeed cloud on-ramps: The FortiGate 2600F enables highly secure and extremely fast cloud on-ramps to connect enterprise data centers to multiple cloud environments, allowing organizations to effectively use cloud-based applications to analyze big data.

  • Protect any edge at any scale: The FortiGate 2600F provides full visibility with SSL inspection (including TLS1.3), detects unauthorized applications and threats, and protects users and data that traverse through hybrid data center environments to manage external risks. FortiGate 2600F offers hardware-accelerated resiliency through IPv4 and IPv6 DDoS (Distributed Denial of Service) metering for flooding attacks to ensure business continuity for services edge.

  • Flexibility to empower large remote workforces: The FortiGate 2600F is engineered for flexibility to enable a large remote workforce to come online with speed and productivity. The FortiGate 2600F ensures confidentiality and integrity of sensitive company data in transit and monitoring to align with an organization’s existing cybersecurity. The FortiGate 2600F offers an average of 9x faster IPsec VPN to allow organizations to implement business continuity while sustaining ongoing operations.

  • Simplify operations and realize better ROI: A recent Fortinet survey of cybersecurity leaders showed almost 70% of organizations are concerned about insider threats. FortiGate 2600F combines segmentation, SD-WAN and network firewall capabilities in a single compact platform to help large enterprises reduce complexity, simplify operations and take advantage of ROI benefits. The 2600F also reduces the attack surface through segmentation and protects corporate data and business applications with AI/ML-powered FortiGuard Labs Services. FortiGate 2600F enables hardware-accelerated VXLAN segmentation to enable secure and super-fast communication within hybrid IT architectures leveraging Virtual Extension LAN (VXLAN).

FortiGate 2600F vs. Competitors
Below is a comparison of the top network firewalls on the market against the FortiGate 2600F series. Security Compute Rating is a benchmark (performance multiplier) that compares FortiGate performance versus the industry average of competing products across various categories that fall within the same price band.

Specification

FortiGate
2601F

Industry 
Average

Security
Compute
Rating

Palo Alto
Networks
PA-5220

Check
Point

SG-6700

Cisco
FPR-
2140

Juniper
Networks
SRX4100

Firewall

198Gbps 

29Gbps

7x

N/A

26Gbps

20Gbps

40Gbps

IPsec VPN

55Gbps 

5.9Gbps

9x

11Gbps

4.61Gbps

3.2Gbps

5Gbps

Threat Protection 

20Gbps

7.9Gbps

2.5x

10Gbps

5.8Gbps

N/A

N/A

SSL Inspection 

20Gbps

1.7Gbps

10x

1.9Gbps1

N/A

1.4Gbps

N/A

Concurrent
Sessions

24M

3.5M

7x

4M

2M

3M

5M

Connections Per Second

900k

167k

5x

180k

164k

75k

250k

1NSS Labs NGFW 2019 Performance Comparative Report

Powered by Security-Driven Networking and the Fortinet Security Fabric
Fortinet security processing units (SPUs), including the NP7 and CP9, are engineered to radically increase the speed, scale, performance, efficiency and value of Fortinet solutions while greatly improving user experience, reducing footprint, and lowering power requirements. Fortinet solutions, including the FortiGate 2600F, deliver security-driven networking and a platform approach via the Fortinet Security Fabric, which converges networking and security across the entire connected environment and provides protection whether on-premise, virtual or cloud-based environments using any device or application.

Source:
https://www.google.com.tw/search?sxsrf=ALeKk00kPqzH8huRPDYMA9AEmiGGiKNEXQ%3A1604025807276&source=hp&ei=z32bX7axDsaXr7wP-tyk-AU&q=linux+network+manager+service&oq=linux+network+manager+service&gs_lcp=CgZwc3ktYWIQAzIFCAAQywEyBggAEAgQHjIGCAAQBRAeMgYIABAIEB4yBggAEAgQHjIGCAAQCBAeOgcIIxDqAhAnOgQIIxAnOgUIABCxAzoICAAQsQMQgwE6AggAOgQIABAeOgYIABAKEB5QxRRYwm5giHNoAXAAeACAAUCIAdsJkgECMjmYAQCgAQGqAQdnd3Mtd2l6sAEK&sclient=psy-ab&ved=0ahUKEwj21M3jpdvsAhXGy4sBHXouCV8Q4dUDCAk&uact=5

]]>
2020-12-02
<![CDATA[Fortinet Recognized as a Visionary in the 2020 Gartner Magic Quadrant for Wired and Wireless LAN Access Infrastructure]]> http://www.phitech.com.tw/news/index.php?news_id=1037 SUNNYVALE, Calif., Nov. 10, 2020 (GLOBE NEWSWIRE) --

John Maddison, EVP of Products and CMO at Fortinet
“LAN Edge connectivity is foundational to digital innovation, but complexity often makes it difficult to support and secure. Fortinet technology simplifies management while increasing the security of the network by tightly integrating an organization’s network infrastructure and security architecture. We believe that our ability to execute our Security-driven Networking approach enables us to offer customers a simplified, secure, accelerated network and user experience. More, we also believe our Security-driven Networking approach is why Fortinet is placed as one of two companies in the Visionary Quadrant in the 2020 Gartner Wired and Wireless LAN Access Infrastructure Magic Quadrant.”

News Summary
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced its position as a Visionary in the 2020 Gartner Magic Quadrant for Wired and Wireless LAN Access Infrastructure.

  • Gartner defines a vendor in the Visionaries Quadrantas one that “demonstrates an ability to increase features in its offering to provide a unique and differentiated approach to the market. A Visionary will have innovated in one or more of the key areas of access layer technologies within the enterprise (for example, security, management or operational efficiency). The ability to apply differentiating functionality across the entire access layer will affect its position.”
  • Fortinet believes this placement, coupled with the cybersecurity provider’s legacy as an innovator, is further reinforcement that Fortinet and its Security-driven Networking strategy delivers a unique and differentiated approach to the infrastructure market. 
  • Fortinet’s Security-driven Networking approach to wired and wireless networking provides customers with a feature-rich offering that is secure by design and not by add-on, integrates into a larger platform to reduce complexity, and increases features without additional licensing to best address IT’s long-term TCO goals

Fortinet’s vision is based upon the key tenets of:

  • Reduced Cost: Fortinet LAN Edge solutions reduce overall TCO and eliminates overlays by bundling features into FortiGate Next-generation Firewalls without the need for licenses. No additional license or cost is required to enable LAN Edge management, and even Network Access Control (NAC) features can be enabled and leveraged without the need for additional costly licenses.
  • Simplified Management: Fortinet LAN Edge solutions simplify management by utilizing a single management platform for LAN and network security. IT cycles are minimized by having a consolidated location to manage various aspects of the network.
  • Reduced Complexity: Fortinet LAN Edge solutions reduce complexity by centralizing LAN management and security functions into the FortiGate Next-generation Firewall. A single view of complex LAN networks makes for easier management with less worry about unintended disruptions​.

Fortinet’s approach enables a unique take on the LAN edge that leverages FortiGate Next-generation Firewall capabilities as a network controller, offering consolidated visibility and centralized management and reporting to ease management and simplify deployment and provisioning.

Fortinet Solves Customers’ Biggest LAN Challenges
Fortinet has been named a Gartner Peer Insights Customers’ Choice for Wired and Wireless LAN Access Infrastructure1 for three years in a row. This Gartner Customers’ Choice recognition is based on the ranking of vendors by verified end-user professionals – both the number of end-user reviews and the vendor’s overall user rating are considered when determining these rankings. Fortinet believes that this additional customer validation further highlights that Fortinet’s simple, secure, and scalable approach to LAN Edge resonates with customers. Building off the power of Security-driven Networking and our industry-leading FortiGate Next-generation Firewall, Fortinet offers a LAN Edge solution that can scale to any deployment’s needs, from campus to branch to the remote worker.

  • Campus Networks: Fortinet’s LAN Edge solution creates a single consolidated configuration reducing the chance for error, and a common platform for day-to-day management of network and security. Security-driven Networking eliminates the need for additional “bolt on” solutions to integrate management and security functions.
  • SD-BranchSecurity-driven Networking approach to LAN Edge allows consolidation of the three main components of the branch network (SD-WAN, Firewall/Security, and the network layer) into a single standard platform for all branches. This simplifies remote oversight and administration of distributed sites to a single converged solution per site.
  • TeleworkerFortinet’s Security-driven Networking approach to LAN Edge works for remote wireless Access Points as well. Leveraging a central FortiGate at headquarters reduces configuration and management complexity for IT while allowing remote users to have the same experience as connecting at a corporate office.

Supporting Quote
“Fortinet’s secure and scalable infrastructure solutions enable us to offer our customers a highly proven and differentiated LAN edge solution that easily enables them to securely and cost-effectively deploy network equipment in a secure framework through Security-driven Networking.”
-- Dave McMorrow, Principal & Co-Founder, NuSpective Solutions


Source:

https://www.globenewswire.com/news-release/2020/11/10/2124202/0/en/Fortinet-Recognized-as-a-Visionary-in-the-2020-Gartner-Magic-Quadrant-for-Wired-and-Wireless-LAN-Access-Infrastructure.html

]]>
2020-11-25
<![CDATA[Fortinet Again Named as a Leader in the 2020 Gartner Magic Quadrant for Network Firewalls]]> http://www.phitech.com.tw/news/index.php?news_id=1040 Eleventh Consecutive Year Fortinet Recognized in Gartner Magic Quadrant for Network Firewalls

SUNNYVALE, Calif., Nov. 13, 2020 (GLOBE NEWSWIRE) --

John Maddison, EVP of Products and CMO at Fortinet
“We believe Fortinet delivers the broadest and most complete security platform in the industry. We have pioneered the Security-driven Networking approach, integrating security into every element of the network and enabling customers to protect any edge, at any scale. Fortinet has been named a Leader in this year’s Gartner Magic Quadrant for Network Firewall. Fortinet also recently announced its placement as a Leader in the 2020 Gartner Magic Quadrant for WAN Edge Infrastructure. We credit our continued successes to our ongoing commitment to innovation, unique and flexible security platform, and approach to securing the entire attack surface – whether on-prem or in the cloud.”

News Summary
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced it has been recognized as a Leader in the 2020 Gartner Magic Quadrant for Network Firewalls. This marks the 11th time Fortinet has been recognized in the 2020 Gartner Magic Quadrant for Network Firewalls for completeness of vision and ability to execute.

Fortinet’s FortiGate Next-generation Firewalls (NGFWs) are an integral component of Fortinet’s Security Fabric platform, which provides broad visibility and protection across the entire attack surface. Fortinet FortiGate NGFWs protect any edge and at any scale because they are powered by purpose-built Security Processing Units (SPUs) resulting in the industry’s highest Security Compute Rating. Fortinet continues to drive innovation with its Secure SD-WAN offering as well, with advanced routing and industry’s most flexible security options via an integrated NGFW or SASE-based cloud-delivered security.

Fortinet believes its placement in the Leaders quadrant is largely due to the company’s ongoing commitment to offer a Security-driven Networking approach, which integrates security into every element of the network and enables customers to:

  • Manage operational and security risks for better business continuity: Digital transformation offers tremendous opportunities for businesses to create value and realize efficiencies. However, it also creates new security risks, such as expanding the attack surface for would-be cyber adversaries. With Fortinet NGFWs, customers can achieve full visibility into their networks, applications, and potential threats. Fortinet offers the industry’s highest Security Compute Rating through the power of the company’s purpose-built Secure Processing Units (SPUs - e.g. NP7) to deliver optimal user experience at any scale.
  • Reduce Cost and Complexity: As the digital attack surface expands, security teams must also expand their defense capabilities. Fortinet NGFWs allow customers to build defense in depth through segmentation, dynamic trust, and advanced security inspection to keep operations running. FortiGate NGFWs protect business applications with AI-powered and ML-powered FortiGuard services, eliminating the need of point products and resulting in optimal total cost of ownership (TCO).
  • Improve Operational EfficienciesA single-pane-of-glass management enabled by Fabric Management Center provides a complete and consolidated view across a variety of network edges, on-prem or in the cloud. Fabric Management Center provides automation, and orchestration for the Security Fabric that extends to 400+ ecosystem integrations. This simplifies enterprise-wide workflows across FortiGate, FortiManagerFortiAnalyzer, and Ecosystem Partners.

Building off the power of Security-driven Networking and our industry-leading FortiGate NGFWs, Fortinet also offers industry’s most flexible and hyperscale security solutions to meet escalating and often unpredictable capacity needs that can quickly outpace an organization’s security solution performance capabilities.

In addition to being recognized as a Leader in the 2020 Gartner Magic Quadrant for Network Firewalls, Fortinet was named a 2020 Gartner Peer Insights Customers’ Choice for Network Firewalls. Fortinet believes that this additional customer validation further highlights that Fortinet’s simple, secure, and scalable platform approach resonates with customers across all industries.

SUPPORTING QUOTE
“Fortinet’s continuous leadership in the network firewall market and continued innovation enables us to offer a highly flexible and secure offering that we can scale to meet our customers’ escalating needs. The combination of FortiGate Network Firewalls and the Fortinet Security Fabric platform allows us to offer our customers high-performance security solutions that protect across the entire attack surface.”
 Justin, Tibbs, National Security Practice CSO, Presidio

Source:

https://www.globenewswire.com/news-release/2020/11/13/2126767/0/en/Fortinet-Again-Named-as-a-Leader-in-the-2020-Gartner-Magic-Quadrant-for-Network-Firewalls.html

]]>
2020-11-18
<![CDATA[FortiWeb Cloud WAF-as-a-Service for Google Cloud]]> http://www.phitech.com.tw/news/index.php?news_id=966

Today, Fortinet is announcing the availability of FortiWeb Cloud WAF as Service for the Google Cloud Platform. FortiWeb Cloud WAF-as-a-Service (FWCWaaS) is a cloud-based SaaS web application firewall (WAF) that protects public cloud-hosted web applications from the OWASP Top 10, zero day threats, and other application layer attacks. Also available on AWS and Azure, FWCWaaS enables organizations to protect their web applications deployed to any of these public cloud platforms against known and unknown threats with the same robust protection. Whether you’re looking for protection against the OWASP Top Ten to meet PCI-DSS compliance requirements or need to defend against sophisticated attackers using the latest zero-day exploits, FortiWeb Cloud WAF as a Service offers the protection your business-critical applications require.

Organizations increasingly rely on web applications to interact with customers, enhance collaboration and productivity, manage data and workflows, and put critical information and services at everyone’s fingertips. As a result, increasingly strategic applications are being built by DevOps teams to support their organization’s mainline business and impact more strategic initiatives in the company.

The challenge is that the increasing use of, and reliance on web applications also expands the potential attack surface that security teams need to defend. And because these applications and services are under constant development, this constantly changing attack surface demands something more than a simple signature-based approach to detecting threats. FortiWeb addresses this challenge by using Machine Learning (ML) to dynamically learn each application using live traffic analysis as a baseline and then continuously building a model for detecting anomalous behavior that requires deeper inspection. Using ML, FortiWeb tailors a unique defense for protecting each specific application, blocking threats while minimizing the false positives that drive administrative overhead and that can interfere with the end user experience.

How FortiWeb Cloud WAF as a Service Can Help

With FortiWeb Cloud WAF delivered as a SaaS solution, DevOps teams do not have any hardware or software to maintain, which means they can remain focused on their most critical job, developing and refining business-critical applications. And because FortiWeb Cloud WAF is provided as a cloud SaaS, deployment can be done in minutes, with minimal initial configuration.

FortiWeb provides complete protection against the OWASP Top 10 Threats, combined with a continuously updated security posture, ensuring that applications that rely on it are always able to address the latest threats.

FortiWeb Cloud WAF’s Critical Differentiators

FortiWeb Cloud WAF has a number of key differentiators that can be critical for DevOps teams to consider:

First, it leverages the public cloud to deliver a SaaS solution rather than requiring DevOps teams to stand up their own infrastructure in their own data centers. This approach delivers maximum scalability because it’s delivered as a true SaaS solution in a public cloud (rather than simply spinning up separate VMs for each customer), provides low latency for performance-sensitive applications, as well as potential bandwidth savings when an application is hosted in the same cloud region (so organizations only pay intra-region bandwidth rates.)

The next differentiator is simplified onboarding. True SaaS solutions do not have an infrastructure to deploy, configure, or manage. In addition, FortiWeb Cloud WAF also includes a simplified default configuration right out of the box, with access to advanced configurations for customers who need them. And by taking advantage of public cloud elasticity, it can be deployed in minutes – which means it is ready to go by the time the DNS changes that redirect traffic to the WAF have propagated.

Finally, it provides robust protection backed by the same detection techniques we use in other FortiWeb form factors. As can be seen in the following image, FortiWeb secures applications using more than just rules and signatures. It is also enhanced with Machine Learning behavioral validation to detect unknown threats that evade other detection techniques. 

Source:
https://www.fortinet.com/blog/business-and-technology/fortiweb-cloud-waf-for-google-cloud.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblogs+%28Fortinet+All+Blogs%29

]]>
2020-11-11
<![CDATA[Fortinet Named a Leader in the 2020 Gartner Magic Quadrant for WAN Edge Infrastructure]]> http://www.phitech.com.tw/news/index.php?news_id=1031 Placed Higher in Ability to Execute and Further in Completeness of Vision Than its Position the Previous Year

SUNNYVALE, Calif., Sept. 29, 2020 (GLOBE NEWSWIRE) --

John Maddison, EVP of Products and CMO at Fortinet
“A few years back while the entire industry was thinking about SD-WAN as a siloed product, at Fortinet we took a Security-driven Networking approach, combining networking and security to be the first vendor to deliver Secure SD-WAN. We’re pleased to be placed in the Leaders quadrant of the 2020 Magic Quadrant for WAN Edge Infrastructure, something we feel is another strong indicator of Fortinet’s ability to deliver better user experience with consistent security for our customers. We believe Fortinet will continue to disrupt the industry with solutions rooted in Security-driven Networking principles, next by delivering the most flexible security via SASE.”

News Summary
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced it has been positioned in the Leaders quadrant of the Gartner September 2020 Magic Quadrant for WAN Edge Infrastructure, placing higher in ability to execute and further in completeness of vision than its position the previous year.

Fortinet Delivers the Industry’s Most Flexible SD-WAN Solution
Fortinet continues to drive innovation of Fortinet Secure SD-WAN to deliver an organically developed solution that consolidates advanced routing, self-healing SD-WAN capabilities, and intuitive orchestration with the industry’s most flexible security options via integrated next-generation firewall or SASE-based cloud-delivered security. Fortinet’s dedication to SD-WAN innovation has also resulted in the industry’s most extensive and secure SD-WAN solution, able to be deployed across the home, branch, campus and multi-cloud. Fortinet Secure SD-WAN helps customers realize significant benefits, including:

  • Better user experience: Fortinet customers can dynamically learn and overcome WAN impairments at all edges through comprehensive self-healing SD-WAN capabilities, which are powered by purpose-built ASICs for higher performance. AI and ML-powered application learning provides visibility and control to deliver the best application performance possible.
  • Reduced costs and complexity: Fortinet’s Security-driven Networking approach converges networking and security into a unified Secure SD-WAN solution with centralized orchestration, enabling customers to reduce point products and operational complexity and achieve the best possible total cost of ownership (TCO).

Earlier this year, Fortinet was named a 2020 Gartner Peer Insights Customers Choice for WAN Edge Infrastructure. This distinction is based on feedback and ratings from end-user professionals who have experience purchasing, implementing or using Fortinet Secure SD-WAN.

Fortinet was also named the fastest growing SD-WAN vendor by Omdia, which noted 247% year-over-year growth in Fortinet’s SD-WAN revenue from 1Q19 to 1Q20. Fortinet believes this additional accolade showcases Fortinet’s ability to deliver one of the top SD-WAN solutions on the market.

Fortinet Showcases a Clear Vision of the Future of SD-WAN
Customers who choose Fortinet Secure SD-WAN are able to futureproof their investments by extending SD-WAN to address emerging use cases with new cloud-delivered security innovations providing flexible SASE solutions for today’s diverse workforce anytime and anywhere. With the broadest availability for multi-cloud, continued innovations in unified cloud orchestration will enable end-to-end visibility and control anywhere. Fortinet was one of the first vendors to showcase the SD-WAN to SD-Branch expansion and continues to innovate to provide tighter integration, security and analytics between the LAN Edge and WAN Edge.

Supporting Quotes
“Fortinet Secure SD-WAN helped us accelerate cloud services with automated cloud on-ramps. We were also able to consolidate branch services by extending to Fortinet Secure SD-Branch using both their wireless and switching solutions. The entire operation successfully enabled secure direct communication for our 1,600 employees.”
-Ricardo Girardelli, Network Architect, Creditas

“Fortinet Secure SD-WAN is flexible in the deployment models that it supports and reduces cost and complexity for customers. The combination of SD-WAN, security, SD-Branch, reporting, and automation make Fortinet's Secure SD-WAN a compelling full-stack solution for branches and campuses.”
-Robert Short, Vice President-Strategic Services at Liquid Networx

 



source:
https://www.globenewswire.com/news-release/2020/09/29/2100799/0/en/Fortinet-Named-a-Leader-in-the-2020-Gartner-Magic-Quadrant-for-WAN-Edge-Infrastructure.html

]]>
2020-11-04
<![CDATA[Fortinet Tightens Partnership with Google Cloud to Provide Advanced Cloud Security and Accelerate the Cloud On-Ramp]]> http://www.phitech.com.tw/news/index.php?news_id=964 SUNNYVALE, Calif., Dec. 16, 2019 (GLOBE NEWSWIRE) --

John Maddison, EVP of product and CMO at Fortinet
“Distributed cloud and on-premises infrastructures introduce new risks to the expanding digital attack surface. This is why it’s especially crucial for organizations to implement consistent security and centralized management across the entire infrastructure. Fortinet provides this through the Fortinet Security Fabric and today we’re announcing extending our Security Fabric’s cloud security offerings to Google Cloud. Through our extended collaboration, we’re providing customers advanced cloud security across regions, office locations and environments.”

News Summary 
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced extended integration of its cloud security portfolio with Google Cloud to offer customers migrating to Google Cloud Platform (GCP) advanced security for their workloads and applications. The tightened integration is comprised of a new reference architecture helping customers connect distributed branches to GCP with Fortinet’s Secure SD-WAN solution and the availability of Fortinet’s FortiWeb Cloud WAF-as-a-Service in the Google Cloud Marketplace.

Gartner expects that by the end of 2019, more than 30 percent of technology providers’ new software investments will shift from cloud-first to cloud-only. As cloud continues to become mainstream for organizations, security can’t be an afterthought. Organizations adopting cloud face the reality of their digital attack surface widening, which introduces new risks if multi-cloud security isn’t consistent across the network infrastructure. This is coupled with fragmented management systems that compromise visibility across on-premises and cloud environments.

Fortinet is collaborating with Google Cloud to alleviate these challenges for end users by integrating its cloud security solutions with GCP. Fortinet’s cloud security portfolio is managed by a single management system as part of its Fortinet Security Fabric, providing IT teams with comprehensive visibility and consolidated management across the growing attack surface.

Advancing Security and Accelerating the Cloud On-Ramp

Working with Google Cloud, Fortinet will provide the following:

  • Fortinet has introduced a reference architecture for customers to connect facilities to GCP with Fortinet’s Secure SD-WAN solution. Fortinet’s unique Secure SD-WAN approach tightly integrates security and SD-WAN functionality into a single offering. Using this reference architecture, customers can design and build cloud on-ramp solutions for GCP, providing secure high-speed connectivity across Google Anthos deployments on-premise and in GCP, as well as SSL inspection for office connectivity through the Fortinet Secure SD-WAN solution. Fortinet’s Secure SD-WAN solution gives customers enhanced user experience and optimized WAN management across various locations at a lower cost without compromising security. 
     
  • Fortinet FortiWeb Cloud WAF-as-a-Service is now available on Google Cloud Platform. FortiWeb WAF-as-a-Service offers easy and effective machine learning-enabled security for GCP based web applications and offers advanced zero-day attack protection, as well as easy fine-tuning of security policies and protection of web resources. Customers can now rapidly protect applications through instant activation of Fortinet’s Cloud WAF solution directly from the GCP marketplace. Fortinet already provides the FortiGate Next-Generation FirewallFortiManagerFortiAnalyzer and FortiWeb products on GCP as part of its cloud security portfolio. 
     
  • Fortinet’s FortiCWP will integrate with GCP’s Cloud Security Command Center to provide advanced workload protection and visibility. Leveraging Fortinet’s FortiGuard-based threat intelligence, FortiCWP will conduct deep analysis of activities and data in GCP to enable customer to detect threats or anomalies. This will allow IT teams to respond with instant remediation. Google Cloud Security Command Center integration with FortiCWP is expected to be available in early Q1 2020.

Google Cloud Platform is a member of the Fortinet Fabric-Ready Partner program, a premium category of Fortinet’s technology alliance partnerships and a key part of the Fortinet Security Fabric. In addition, Fortinet joined the Google Cloud Advanced Security Specialization to further collaborate in enabling customers to take advantage of cloud security’s benefits. 

Fortinet is attending the Google Cloud Security Forum at Google Event Center (MP7) in Sunnyvale, CA on Monday, December 16, 2019.

Supporting Quotes

“We’re delighted to expand our partnership with Fortinet to deliver tightly integrated security solutions to our joint customers. With Fortinet’s new SD-WAN reference architecture and support for Anthos, customers will be able to securely move their data from on-prem to the cloud, between data centers, or to a hybrid environment with the highest levels of security and protection.”
-Manvinder Singh, Director, Partnerships at Google Cloud.

Additional Resources

About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 425,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.


Source:
https://www.globenewswire.com/news-release/2019/12/16/1961138/0/en/Fortinet-Tightens-Partnership-with-Google-Cloud-to-Provide-Advanced-Cloud-Security-and-Accelerate-the-Cloud-On-Ramp.html

]]>
2020-10-28
<![CDATA[McAfee MVISION Cloud for Containers: A CASB and CSPM integrated security platform]]> http://www.phitech.com.tw/news/index.php?news_id=963 McAfee, the device-to-cloud cybersecurity company, announced McAfee MVISION Cloud for Containers, thereby becoming the first unified cloud security platform to integrate container security with its Cloud Access Security Broker (CASB) and Cloud Security Posture Management (CSPM) security solution.

McAfee MVISION Cloud for Containers

Leveraging NanoSec’s zero trust application visibility and control capabilities for container-based deployments in cloud environments, the solution provides customers with the ability to speed up application delivery while enhancing the governance, compliance and security of their container workloads.

Container security has long been treated as separate from other Infrastructure as a Service (IaaS) security solutions, requiring evaluation, investment and management of multiple, niche products thus increasing total cost of ownership and complexity and reducing security.

McAfee MVISION Cloud for Containers integrates Cloud Security Posture Management (CSPM) and Vulnerability Scanning for container workloads into the existing McAfee MVISION Cloud platform to give customers a unified cloud security solution where consistent security policies can be implemented across all forms of cloud IaaS workloads.

McAfee MVISION Cloud integrates with DevOps tools, helps users “shift-left” to pre-emptively improve compliance and secure container workloads by running security audits in the DevOps pipeline and providing security incident data directly back to the development teams.

Additionally, McAfee MVISION Cloud also continuously monitors the production deployments of these container workloads to ensure configuration drift does not compromise the security of the applications.

McAfee MVISION Cloud for Containers provides:

  • Cloud Security Posture Management (CSPM): integrate Configuration Audit checks for containerized workloads to ensure the container platforms run in accordance with CIS and other best practice compliance standards. This is designed to ensure security checks for the complete container stack including the configuration of the virtual machine the container runs on, as well as the storage, network, and other Platform as a Service (PaaS) services the container may be accessing.
  • Vulnerability Scanning of container images: identify and prevent the use of weak or exploitable components of the container images. This reduces the overall risk profile of the application by minimizing the attack vectors.
  • “Shift Left” DevOps Integration: perform CSPM and Vulnerability Scanning checks earlier in the application development lifecycle. Identify risk and provide meaningful feedback to developers within the build process. Additionally, continuously monitor and prevent configuration drift on production deployments of the container workloads.

“McAfee MVISION Cloud for Containers extends our leading data security, threat prevention, governance, and compliance capabilities of the MVISION Cloud platform to now cover containers in addition to SaaS, IaaS, and PaaS environments,” said Rajiv Gupta, senior vice president of Cloud Security, McAfee.

“By delivering consistent security across an organization’s cloud stack and by integrating that security natively into DevOps processes and toolsets to discover and address security issues before applications are deployed, McAfee is further extending its leadership in the cloud security space and providing more proof of its commitment to help customers leverage the power and security of the cloud.”

“MVISION Cloud gives our company the freedom to choose the best application architecture without having to develop and implement new security tools,” said Robert Fish, Enterprise Security Architect at Electronic Arts (EA). “We also utilize its security capabilities for the non-container aspects of IaaS Security, including compute, storage and networking.”

Source:
https://www.helpnetsecurity.com/2019/12/12/mcafee-mvision-cloud-for-containers/
 

]]>
2020-10-21
<![CDATA[Fortinet Acquires SOAR Provider CyberSponse]]> http://www.phitech.com.tw/news/index.php?news_id=962 Security Orchestration, Automation and Response Addition to Fortinet Security Fabric Further Empowers Security Operations Teams to Achieve Higher Efficiencies and Accelerate Incident Response
December 12, 2019 09:00 ET Source: Fortinet, Inc.
 
 

SUNNYVALE, Calif., Dec. 12, 2019 (GLOBE NEWSWIRE) --

Ken Xie, Founder and CEO at Fortinet
“The growing number of security tools being deployed by enterprises have introduced operational complexities that make organizations more vulnerable to breaches. With the integration of CyberSponse’s powerful SOAR platform into the Fortinet Security Fabric, we will offer customers accelerated incident response and the ability to standardize and scale processes that will enhance security posture and reduce business risk and associated costs.”

News Summary 
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced that it has completed the acquisition of CyberSponse, a leading Security Orchestration, Automation and Response (SOAR) platform provider based in Arlington, Virginia. CyberSponse, already a Fortinet Security Fabric partner, will further extend the automation and incident response capabilities of FortiAnalyzerFortiSIEM and FortiGate, for example, and further simplify security operations.

Simplifying Security Operations
Today’s cyberthreat landscape is constantly evolving. Furthermore, the increasing number of point security products adds to alert fatigue that exacerbates an already complex security operations environment that is set against the backdrop of a cybersecurity skills shortage. To combat this complexity enterprises and service providers seek to simplify their operations and maximize the efficiency of today’s security operations centers (SOCs) by consolidating and triaging alerts from a wide range of security products, automate the analysis and the repetitive tasks to save valuable resources, and leverage well-defined playbooks to enable real time incident response.

The combination of Fortinet and CyberSponse will equip security analysts across organizations of all sizes with a powerful, patented solution that is unique and differentiated, including:

  • Enterprise-grade scalable architecture with distributed multi-tenancy that augments streamlined SOC operations and enables MSSPs to deliver managed detection and response (MDR) services with ease.
  • Over 325 connectors to easily integrate with all major security vendors and technologies and offers a single, centralized point of visibility and control.
  • More than 200 out-of-the-box easy-to-configure playbooks to automate incident response action sequence and routine tasks.
  • The most advanced case management modules with incident timeline and asset correlation views, plus an automated ROI or savings measurement tool.
  • Ensuring granular role-based access control to secure user-related data.

“Organizations are still looking for advanced incident response (IR) capabilities that can help them be more efficient. To meet these goals, large organizations will gladly embrace a SOAR solution from Fortinet that can help them enhance automation, orchestration and response capabilities and maximize efficiencies, savings, and speed.”
Jon Oltsik, Senior Principal Analyst and Fellow at Enterprise Strategy Group (ESG)

“This is an ideal match. CyberSponse’s mission has always been to make security operations management effortless and effective with innovative yet disruptive technology. The combined powerhouse of Fortinet’s Security Fabric and CyberSponse’s SOAR technology will ensure customers are protected by the most sophisticated global security operations platform that includes hundreds of integrations enabling streamlined out-of-the-box playbook execution.”
Joseph Loomis, Founder and CSO at CyberSponse

Terms of the deal were not disclosed.

Additional Resources

About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 425,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.

Source:
https://www.globenewswire.com/news-release/2019/12/12/1959912/0/en/Fortinet-Acquires-SOAR-Provider-CyberSponse.html

]]>
2020-10-14
<![CDATA[Fortinet Placed Highest in Ability to Execute in the Challengers Quadrant of the 2019 Gartner Magic Quadrant for WAN Edge Infrastructure]]> http://www.phitech.com.tw/news/index.php?news_id=961 Fortinet's Secure SD-WAN Solution Simplifies Operations, Reduces Costs and Enables a Cloud-Ready Branch December 04, 2019 11:00 ET Source: Fortinet, Inc.
 
 

SUNNYVALE, Calif., Dec. 04, 2019 (GLOBE NEWSWIRE) --

John Maddison, EVP of products and CMO at Fortinet
“As one of the highest ranked vendors in enterprise SD-WAN market share worldwide with one of the fastest growing revenue shares, we believe enterprise organizations recognize that Fortinet delivers the best approach to SD-WAN. Based on industry validation, customers can feel confident in knowing that Fortinet Secure SD-WAN, powered by the only purpose-built SD-WAN ASIC in the industry, provides the fastest application steering and best user experience. We believe our position in the 2019 Gartner Magic Quadrant for WAN Edge Infrastructure1 further highlights Fortinet’s leadership in the SD-WAN market.”

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced its position as a Challenger with the highest ability to execute and furthest completeness of vision in the 2019 Gartner Magic Quadrant for WAN Edge Infrastructure. Fortinet was also recently named by Gartner as one of the highest three vendors in worldwide market share for enterprise SD-WAN equipment by revenue for 2Q19, experiencing 234% growth in revenue quarter-over-quarter between 1Q19-2Q19 to reach $46M in 2Q19.2 Fortinet believes its placement in the Gartner Magic Quadrant and market share placement is largely due to its commitment to helping customers reduce WAN complexity and cost while enhancing application experience by delivering advanced security and SD-WAN functionality in a single easy-to-use offering available in an appliance or virtual machine in all six major cloud providers.

Fortinet Solves Customers’ Biggest WAN Challenges
Fortinet Secure SD-WAN helps customers tackle some of the biggest challenges facing WAN deployments by enabling three key use cases:

  • Simplify Operations: Enterprises deploying SD-WAN often experience complexity as they try to manage disparate point-products that aren’t inherently built to work together. Fortinet delivers routing, SD-WAN and advance security in a single offering to simplify operations and allow for unified management. Fortinet Secure SD-WAN’s deep API support enables advanced analytics for network health monitoring and automates compliance reporting to meet industry regulations and security standards. Zero-touch provisioning further reduces complexity and allows customers to deploy a new branch in minutes instead of weeks. Customers can also extend the security of Fortinet Secure SD-WAN to the enterprise branch via Fortinet Secure SD-Branch.
     
  • Reduce Costs: Choosing FortiGate Secure SD-WAN allows customers to consolidate point-products into one enterprise-grade solution to significantly reduce capital costs. Augmenting MPLS with broadband reduces operational costs while a full stack of integrated security functions – including NGFW, IPS, anti-virus and anti-malware, web filtering, SSL inspection (including TLS 1.3), and sandboxing – ensures security without compromise and limits the potential costs related to a security breach.
     
  • Enable a Cloud-Ready Branch: Customers are often challenged with poor user experience, which is often a result of backhauling traffic back to the data center, leading to ineffective connectivity to their multi-cloud environment. On-ramping branch offices and other remote locations to the cloud through Fortinet Secure SD-WAN enhances customers’ application experience and extends the cloud’s power, flexibility, and productivity gains to all users. An integrated CASB service protects SaaS applications and traffic to prevent problems related to Shadow IT and is enhanced via Fortinet’s custom-built SD-WAN ASIC to allow for faster application prioritizing and steering to further enhance user experience and accelerate cloud connectivity.

Fortinet Secure SD-WAN is Recognized by Customers 
Fortinet’s NGFW solution has received the most reviews of all vendors in the Gartner Peer Insights WAN Edge Infrastructure Market as of December 3, 2019. Fortinet believes that this customer recognition further highlights Fortinet’s leadership in the SD-WAN market.

Additional Third Party Recognition of Fortinet’s SD-WAN Innovation
The FortiGate Next-Generation Firewall, an integral part of the Fortinet Secure SD-WAN solution, was recently named a Leader in the 2019 Gartner Magic Quadrant for Network Firewalls3. Additionally, Fortinet Secure SD-WANFortiGate Next-Generation Firewall and FortiGate Next-Generation IPS have all received “Recommended” ratings from NSS Labs. Fortinet believes this additional recognition underscores its commitment to SD-WAN innovation and focus on delivering the best performance and advanced security to truly transform our customers’ WAN edge.

Supporting Quotes:
“Fortinet Secure SD-WAN enables us to quickly and cost-effectively introduce differentiated services to help our customers realize their digital ambitions. Masergy has embedded the Fortinet Secure SD-WAN edge devices into our Managed SD-WAN portfolio delivering security, advanced routing, and SD-WAN functionality in a single offering including a single portal. Simplified operations including zero-touch provisioning and the ability to enable a cloud-ready branch have been key to our success in leveraging Fortinet Secure SD-WAN."
- James Parker, CEO, Masergy

“Fortinet Secure SD-WAN was the only solution we found that enables simplified operations and full provision of routing, SD-WAN and advance security across all of our branches—using a single device. Because the solution is integrated into the FortiGate Next-Generation Firewall, Fortinet Secure SD-WAN allows us to reduce capital and operational costs without expanding the attack surface. We estimate that we will achieve 100% return on investment within five years.”
- Sébastien Griet, Infrastructure Director, HR Path

“Fortinet’s carrier-grade solution allows us to deliver one of the Nordic Region’s first secure SD-WAN services. The ability to tightly integrate advanced security into a flexible and cost-effective SD-WAN managed service offering was a huge factor for choosing to partner with Fortinet. Simplified operations and integrated next-gen firewall capabilities ensure we’ll have the level of visibility, control and security needed to effectively protect our customers’ data and applications using our SD-WAN service.”
- Tomas Flodin, Product Manager, Telenor Sweden

Additional Resources

1Gartner, Magic Quadrant for WAN Edge Infrastructure, Jonathan Forest, Mike Toussaint, Neil Rickard, 26 November 2019.

2Gartner, Market Share: Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 2Q19, Joe Skorupa, Christian Canales, Nareesh Singh, 20 September 2019.

3Gartner, Magic Quadrant for Network Firewalls, Rajpreet Kaur, Adam Hils, Jeremy D'Hoinne, John Watts, 17 September 2019.

Gartner Disclaimers
Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences, and do not represent the views of Gartner or its affiliates.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 425,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.    

Source:
https://www.globenewswire.com/news-release/2019/12/04/1956335/0/en/Fortinet-Placed-Highest-in-Ability-to-Execute-in-the-Challengers-Quadrant-of-the-2019-Gartner-Magic-Quadrant-for-WAN-Edge-Infrastructure.html

]]>
2020-10-07
<![CDATA[Spirent integrates CyberFlood Data Breach Assessment with Fortinet Security Fabric]]> http://www.phitech.com.tw/news/index.php?news_id=960 Spirent Communications has announced that it has integrated its CyberFlood Data Breach Assessment solution with the Fortinet Security Fabric. The integration was achieved through Spirent’s participation in the Fortinet Fabric-Ready Interoperability Program and provides Fortinet customers with automated security policy recommendations, enabling them to respond proactively to security vulnerabilities, misconfigurations, and other weaknesses discovered during the on-going assessments powered by Spirent CyberFlood.

“With constantly evolving security threats and ever-changing networks and infrastructure, time-to-action is a critical capability for keeping networks secure and optimized. Integration with the Fortinet Security Fabric provides customers with a wealth of knowledge and visibility, connecting CyberFlood’s continuous assessments to an organization’s security infrastructure – a connection that produces important policy and heuristic change recommendations in real time. We are pleased to become a Fortinet Fabric-Ready Technology partner and make security more proactive, closing gaps that can be exploited by attackers,” said Jurrie van den Breekel, vice president of business development and product management at Spirent.

The Spirent-Fortinet technology alliance enables threats emulated by CyberFlood to be correlated with events identified by Fortinet, highlighting security holes. CyberFlood can then recommend changes that fortify network defenses against threats of all kinds and address faulty or incomplete configurations. These recommendations are provided automatically, reducing response times while maximising security team productivity.

The integration is available in the most recent release of CyberFlood and is already supported with the Fortinet Security Fabric. Spirent continues to integrate with other vendor products and services to extend automated security policy and heuristics recommendations across a wide variety of solutions.

Source:
https://www.crn.in/security/spirent-integrates-cyberflood-data-breach-assessment-with-fortinet-security-fabric/

]]>
2020-09-30
<![CDATA[Orange Business Services引进Fortinet Secure SD-WAN解决方案]]> http://www.phitech.com.tw/news/index.php?news_id=959 全球通信解决方案提供商与数字服务集成商Orange Business Services以及全球领先的集成自动化网络安全解决方案提供商Fortinet于18日共同宣布:Fortinet Secure SD-WAN将为Orange Business Services旗舰产品Flexible SD-WAN提供更丰富的安全解决方案。Flexible SD-WAN解决方案向企业用户提供敏捷的多云就绪型网络连接功能,以使终端用户获得更为优越的使用体验。随着FortinetSecure SD-WAN这一项新技术的加入,企业用户选择使用这项技术,就能获得更好的端到端性能表现、弹性以及下一代防火墙安全功能。

  Orange Business Services与Fortinet在安全托管服务方面已有多项合作,Fortinet的FortiGate下一代防火墙产品也已经入驻Orange Business Services的NextGenHubs。该产品作为Flexible SD-WAN原生多云支柱的关键使能技术,能保障用户从边缘到云端的安全连接。扩充后的产品组合将一并配置SD-WAN功能和下一代防火墙安全功能,为用户提供安全的SD-WAN解决方案。在满足中端市场和大型客户关键需求的同时,提高性能,提升投资回报率(ROI)。

11.jpg

  Orange Business Services企业业务线副总裁Anne-Marie Thiollet表示:“将双方的合作领域扩展到SD-WAN解决方案,是我们作为全球集成商来完善产品线的重要措施。这也有助于我们更好地为全球范围内日益增长的企业用户提供服务,满足他们多样化的行业与应用场景需求。Fortinet能很好地将SD-WAN技术与下一代防火墙安全功能在单一产品中融合或作为虚拟功能融合,是我们在考虑扩大产品线时首选的合作伙伴。Fortinet带来的这项新技术让我们的旗舰产品Flexible SD-WAN得以满足中端市场的关键需求,从而由此显著地从竞争对手种脱颖而出。”

  “SD-WAN技术的价值取决于其安全性、经济效益以及能否加速云端连接。Orange Business Services旗下这款融合了Fortinet Secure SD-WAN的产品融合了以上三项条件。” Fortinet产品执行副总裁兼CMO John Maddison表示,“Fortinet和Orange都坚信真正有效的网络,其应用程序接口表现与网络安全自动化对运营效率具有同样重要的意义。Fortinet的Secure SD-WAN技术为业内许多用户提供了安全计算评级最高的广域网(WAN)终端转型支持。我们期待与Orange继续合作,共同赋能SD-WAN,在全球包括新兴市场在内的各个领域实现广域网边缘转型。”

  与全球市场领导者共同创新

  在全球著名咨询机构Gartner2019年2月发布的全球网络服务魔力象限(Magic Quadrant)报告中,Orange Business Services作为市场的“领导者”(“Leader”)获得了“执行能力”(“ability to execute”)的最高分;而在Gartner2018年10月发布的广域网边缘基础架构报告中,Fortinet作为业内的“挑战者”(“Challenger”)在“前瞻性”(“completeness of vision”)上获得了最高分。如今,这两个企业进一步加强联合,共同实现具有创造性和经济性的托管SD-WAN服务。Orange Open Lab把共同创新作为指导企业执行基础架构转型项目的重要优先事项,有利于与客户进行共同研发。而Fortinet的全新SD-WAN技术将完全整合到Orange Open Lab环境中。


Source:
https://news.hqew.com/info-351825

]]>
2020-09-23
<![CDATA[Fortinet Introduces the World’s First Hyperscale Firewall]]> http://www.phitech.com.tw/news/index.php?news_id=1020 FortiGate 4400F is the Only Firewall Capable of Securing Hyperscale Data Centers and 5G Networks, Delivering the Industry’s Highest Performance with Security Compute Ratings of up to 13x

SUNNYVALE, Calif., Aug. 06, 2020 (GLOBE NEWSWIRE) -- John Maddison, EVP of products and CMO at Fortinet 
“Fortinet continues to push the boundaries of hardware-accelerated performance to enable the convergence of security and networking – what we call Security-driven Networking. The FortiGate 4400F Network Firewall delivers unprecedented scale and performance that is up to 13 times better than comparable products. As the only network firewall capable of securing hyperscale data centers and 5G networks, FortiGate 4400F leads the industry in what is possible for data center security.”

News Summary
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced the world’s first hyperscale firewall, FortiGate 4400F, setting new milestones for Security Compute Ratings to deliver unparalleled performance, scalability and security in a single appliance to meet escalating business needs. FortiGate 4400F is powered by Fortinet’s latest seventh generation network processor (NP7) to offer hardware-acceleration, making it the only network firewall that is fast enough to secure hyperscale data centers and 5G networks.

Hyperscale Data Centers Require Hyperscale Security
Today’s most digitally innovative organizations face escalating and often unpredictable capacity needs that are quickly outpacing their security solution’s performance capabilities. As a result, security has become the choke point for traffic entering and exiting most hyperscale data centers, adversely affecting user experience, and bringing productivity to a crawl, causing many network admins to feel pressured by business demands to forego security safeguards. Allowing all traffic to flow freely into and out of an organization’s network without security opens organizations up to the risk of cyberattacks, which can severely damage their brand reputation and cause potential loss in revenue due to extended downtime. While many organizations have successfully deployed hyperscale network architectures, achieving hyperscale security has been a significant challenge. To-date, some vendors claim to implement hyperscale security through multiple firewalls orchestrated together to achieve a hyperscale architecture, which has proven to be cumbersome and expensive. The hardware acceleration via purpose-built NP7 network processors of FortiGate 4400F uniquely delivers the first single compact appliance with security performance and scale that keeps up with the growth of today’s hyperscale data centers and enables the following use cases:

  • High Velocity e-Retail: Allows high-velocity e-retail businesses to deliver the best possible user experience for their customers by supporting tens of millions of connections per second, enabling essential layer 4 security, and delivering hardware-accelerated prevention of distributed denial of service (DDoS) attacks.
  • Cutting-edge research: Enhances productivity for cutting-edge research facilities and other verticals like oil and gas by supporting the secure transfer of extremely large datasets – also known as elephant flows – of up to 100Gbps. For situations that require encrypting at high speeds, IPsec can be turned on non-intrusively to support high-bandwidth IPsec tunnel flows.
  • Financial institutions, cloud providers and other large enterprises: Allows businesses to launch services in the most agile and secure fashion possible to increase productivity and revenue. By accelerating VXLAN-based segmentation, FortiGate 4400F enables super-fast communication between massively scaled services (such as compute, storage, or apps) that are co-hosted on physical and virtualized domains. These large scale segments can be protected with essential Layer 4 or advanced Layer 7 security.

5G Speeds Need Security at Scale that Can Keep Up
Today’s hyperconnected world allows user-to-user, user-to-machine, and machine-to-machine communication, which in turn puts huge demands on security to be delivered at massive scale. As 4G transitions to 5G, these demands will be pushed to their limits as network operation teams must ensure both security and business continuity. Most solutions lack the required scale to overcome IPv4 address scarcity, growing mobile bandwidth demands, and increasing numbers of encrypted tunnels connecting infrastructure, which in turn holds carriers back from being able to support a large set of  customers. FortiGate 4400F uniquely addresses these pain points, delivering:

  • Carrier-grade network address translation (CGNAT) that enables hyperscale Packet Delivery Network (PDN) while preserving user experience with hardware-accelerated user session setup rates, low latency and hardware-assisted logging for audit and control.
  • Critical scale for Security Gateway (SecGW) at 4G and 5G mobile for Radio Access Network (RAN) control to enable services providers to build high capacity networks that maximize return on investment.
  • Allows service providers to differentiate their customer offerings by delivering additional value-added services such as parental control with technologies like URL filtering.

FortiGate 4400F vs. Competitors
Below is a comparison of the top firewalls on the market against the FortiGate 4400F series. Security Compute Rating is a benchmark (performance multiplier) that compares FortiGate Network Firewall performance versus the industry average of competing products across various categories that fall within the same price band.

Specification FortiGate 4401F Industry
Average
Security Compute Rating Palo Alto
PA-70502
Checkpoint
CP28000
Cisco
FPR-4145
Juniper
SRX54003
Firewall 1.2Tbps 165Gbps 7x N/A 145Gbps 80Gbps 270Gbps
Concurrent Sessions 600M1 46M 13x 32M 32M 30M 91M
Connections per Second 10M1 0.822M 12x 623K 615k 350k 1.7M
IPsec VPN  420Gbps 39Gbps 11x 28Gbps 49Gbps 18Gbps 60Gbps
Threat Protection  70Gbps 34Gbps 2x 37Gbps 30Gbps N/A N/A
SSL Inspection 65Gbps 10Gbps 6.5x N/A N/A 10Gbps N/A
  1. Target values - Enabled by a Hyperscale License
  2. PAN: Calculated with 1-NPC (100G-NPC) cards, no services and support​
  3. ​Juniper: SRX5400E-B2-AC

FortiGate 4400F showcases the industry’s highest performance with Security Compute Ratings up to 13x better than the competition. As a result, organizations can enjoy far greater headroom for digital innovation with Fortinet TCO savings and have the resources to respond to unexpected events. 

Powered by Security-driven Networking
FortiGate 4400F leverages security-driven networking principals to enable ultra-scalable, secure distributed networks and hyperscale data centers. Security-driven Networking solutions are not only faster and scale further than the competition, they are also much more cost-effective, delivering the industry’s best price/performance in a compact form factor for additional lower costs associated with lower rack space, power and cooling requirements. Fortinet also offers industry leading automation and orchestration capabilities as part of Fabric Management Center and FortiOS. Additionally, Fortinet continues to be a proponent of Open APIs and is committed to support industry initiatives like OpenConfig with the goal of delivering automation to streamline operations.

The FortiGate 4400F, as a part of an integrated security platform via the Fortinet Security Fabric, also provides security for hybrid data centers as follows:

  • Protection from known attacks with AI-powered FortiGuard services including web filtering and intrusion prevention system services.
  • Proactive threat detection for any segmentation that a customer plans to adopt with a Security Compute Rating of 2x.
  • Full visibility into threats and removes blind spots with SSL inspection including TLS 1.3 that is 6.5x better than competing products.
  • Protection of business critical applications and servers by offering virtual patching using high performance consolidated IPS.

Supporting Quotes
“Fortinet’s highly differentiated high-end firewalls enable us to deliver security-driven networking for our customers to protect IT systems, platforms, and applications. FortiGate is a long-term advanced security solution that consolidates point-products and reduces cost and complexity. FortiGate 4400F will uniquely allow us to provide hyperscale security solutions that preserve user experience and business growth for our largest customers.”
- Mike McGlynn, Vice President, Global Security at WWT

“Security has long been an issue for organizations with the largest capacity needs - it simply hasn’t been able to keep up, causing many network admins to make the tradeoff between meeting business demands and maintaining a strong security posture. Hyperscale data centers and 5G networks have the biggest need for security that can keep pace with unprecedented user and enterprise demands. Fortinet is delivering security performance figures that far exceed those of competitor solutions to finally give hyperscale organizations the ability to efficiently and effectively secure their business.”
-  Zeus Kerravala, Founder and Principal Analyst at ZK Research


Source:
https://www.globenewswire.com/news-release/2020/08/06/2074284/0/en/Fortinet-Introduces-the-World-s-First-Hyperscale-Firewall.html

]]>
2020-09-16
<![CDATA[Fortinet Now Integrates with AWS CloudFormation Registry and CLI to Enhance Cloud Security]]> http://www.phitech.com.tw/news/index.php?news_id=955 By Ali Bidabadi | November 18, 2019

Many organizations have adopted Infrastructure as Code (IaC) methodologies and are now leveraging IaC tools to create and manage complex deployments that would otherwise take days or weeks to implement. With the REST APIs and integration with popular IaC tools such as Terraform, Fortinet has enabled organizations to automate the provisioning of security services to various virtualization and cloud platforms.

Recently, Fortinet became an official Terraform provider, allowing users to directly create and manage Fortinet-specific resources, such as system interfaces and firewall policies. Additionally, Fortinet has taken advantage of cloud native IaC tools such as AWS CloudFormation service to build solutions, including CloudFormation templates, that allow automatic deployment of its products along with the required AWS resources. While those ready-made templates automate provisioning of the AWS resources, organizations often need to rely on AWS services and constructs such as User Data and AWS Lambda Function to create third-party specific resources.

Now, with the integration of its newly-launched AWS CloudFormation third-party resource provider framework, Fortinet has taken its IaC and AWS automation offerings to the next level.

What is the AWS CloudFormation Third-Party Resource Provider Framework?

Today, if customers want to automate the configuration of their third-party security services running in AWS accounts, they either rely on User Data and custom scripts to push the configuration during the bootstrapping process, also known as day 0. Or, they need to leverage services such as AWS Lambda Function to interact with third-party resources via an API at some later stage of the application lifecycle.

For example, in order to create a new firewall admin account, after the VM boots up, AWS users would have to run a custom script. However, the recent enhancement to the AWS CloudFormation service allows vendors to model and automate third-party resources, such as a FortiGate admin account, by enabling them as resource providers for the CloudFormation service.

Resource providers are treated as first-class citizens within CloudFormation. One can use CloudFormation capabilities to create, provision, and manage these resources in a safe and repeatable manner, just as you would any AWS resource. Using resource providers for third-party resources provides users a way to reliably manage these resources using a single tool, without having to resort to error-prone and time-consuming methods like manual configuration or custom scripts. An end user would only need to declare these resources in the same manner as they would declare native AWS resources such as EC2 instances.

Third-Party Vendors Can Build Resource Providers Within CloudFormation

A resource provider includes a resource type specification, as well as handlers that control API interactions with the underlying AWS or third-party services. There are three major steps in developing a resource provider:

Model – create and validate a schema that serves as the definition of a resource. The first step in creating a custom resource is modeling that resource, which involves generating a schema that defines the resource, its properties, and their attributes.

Develop – add logic that controls what happens to the resource at each stage in its lifecycle. Once a resource type is modeled its schema is validated, the next step is to develop the resource which consists of implementing “Create”, “Read”, “Update”, and “Delete” handlers.

Register – register the resource provider with CloudFormation in order to make it available for use in CloudFormation templates. Once registered, custom resource providers can be viewed in the CloudFormation registry section of the AWS CloudFormation console.

Additionally, runtime logging via AWS CloudWatch can be enabled. This enables the accessing of resource logs to help diagnose and debug any issues.

uluru

Fortinet is Now an Official AWS CloudFormation Provider

As automation has long been one of the main pillars of the Fortinet cloud security strategy, we have now integrated our offerings with the AWS CloudFormation third-party resource provider framework.  The goal is to provide organizations with a seamless experience in automating the creation of Fortinet-specific resources such as system interfaces, and admin accounts.

CRUD handlers for each of these resources have also been implemented to ensure full support for every stage of the lifecycle of a resource. For example, “Create” stack applied to a CloudFormation template that includes a FortiGate (Fortinet Next Generation Firewall) DNS System as a declared resource, will invoke the create handler of that resource. Similarly, “Update” stack operation will result in the invocation of the update handler of the System DNS resource provider.

This new integration simplifies many use cases that have historically relied on manual and/or custom invocation of third-party resources. In the first release, creating three FortiGate resources within the CloudFormation will be supported. These resources are System Interface, System DNS, and Admin Account.

For example, customers can now take advantage of the Fortinet “Admin Account” resource provider to directly create admin accounts on a FortiGate. In the future we plan to support creating Tunnel interfaces on a FortiGate to provision VPN IPsec tunnels between FortiGate devices and AWS-managed services such as the AWS Transit Gateway. Without this resource provider, users would have to write error-prone User Data scripts or custom Lambda Functions triggered by certain events in their AWS accounts.

How This Offering Helps Your Organization

Fortinet’s CloudFormation resource provider support provides organizations with a seamless way to create, update, and delete firewall resources in AWS accounts. It abstracts away the underlying complexity, thereby allowing customers to deploy Fortinet firewall resources in the same way as they would deploy any native AWS resource.

Read about how Fortinet integrates with HashiCorp Terraform.

Visit our AWS resources on GitHub here and read this post on the AWS blog for more information on this integration.

Learn more about how Fortinet’s multi-cloud solutions provide visibility and control across cloud infrastructures to secure applications and connectivity. 

Source:
https://www.fortinet.com/blog/business-and-technology/fortinet-now-integrates-with-aws-cloud-formation.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblogs+%28Fortinet+All+Blogs%29

]]>
2020-09-09
<![CDATA[Fortinet:今年全球病毒活動量增加131%,影響層級達「國家級」]]> http://www.phitech.com.tw/news/index.php?news_id=1027 強調深化台灣在地經營

Fortinet透過旗下威脅情報中心FortiGuard Labs公布最新《全球威脅型態報告》,顯示今年在全球地區的病毒活動量相比過往增加131%,其中主要與今年因為新型冠狀病毒疫情影響,許多人必須在家中透過網路遠距工作,因此也成為許多駭客攻擊對象,甚至影響層級更達「國家級」。

 

而在攻擊形式中,手法不僅更加複雜,同時也變得更具目標針對性,除了鎖定居家工作使用裝置攻擊之外,針度物聯網裝置、營運設備的勒索攻擊更是不減反增。

報告中同時指出,台灣在2020年上半年相比亞太地區和全球地區面臨更嚴重威脅,包含病毒攻擊,或是透過殭屍網路 (Botnet)發動攻擊均有明顯增加,同時企業部署的入侵防禦系統也有較高觸發率。

FortiGuard Labs安全洞察及全球威脅聯盟負責人Derek Manky 表示,「2020年上半年我們見證了前所未有、高度敏捷的網路威脅型態,他們的攻擊策略跟著疫情而迅速調整。網路上的『社交距離』在此時更需被重視,企業和組織需更加認識各種風險、積極布局並調整防禦策略,以充分確保延伸到家庭甚至是各類型終端設備的網路安全性。」

在台灣經營近20年之下,Fortinet表示除了在台灣設置專屬FortiGuard Labs實驗室之外,更比照美國同時在台設置研發及物流中心,並且在台營運範圍涵蓋完整在地服務,包含研發中心、物流中心、威脅情報中心、業務銷售到技術支援等,藉此提供更深入的全方位服務。

就Fortinet北亞區總經理陳鴻翔表示,「Fortinet在台灣擁有擁有近200位員工人數,包含超過百人的研發中心員工,以及800多家在地經銷夥伴,可見Fortinet對台灣科技人才培育的信心與市場投資的承諾。未來,Fortinet也將持續投資台灣,並與台灣產官學界協力,以Fortinet獨有的威脅防禦技術,持續為各界提供最完整的資訊安全服務,提高台灣資訊安全能力的水平,共同建構完善的資安生態圈。」

另外,Fortinet也強調旗下產品超過75%以上在台灣製造與出口,並且讓台灣代工廠的年收益達新台幣150億元,同時也強調未來將更深入經營台灣市場。


Fortinet北亞區總經理陳鴻翔

目前Fortinet在全球擁有超過660個智慧財產權專利,相較競爭對手達成三倍左右,並且提供Fortinet Security Fabric、Fortinet Secure Access、Fortinet Secure SD-WAN、FortiSASE與FortiEDR在內服務,藉此確保企業自動化安全基礎架構,並且透過整合式防火牆、交換器、無線基地台強化企業內網防護能力,同時確保居家工作環境、分支機構與企業雲端安全,以及擴充彈性,而防護技術也能透過特徵學習以自動化形式阻斷攻擊行為。

Source:
https://mashdigi.com/fortinet%EF%BC%9A%E4%BB%8A%E5%B9%B4%E5%85%A8%E7%90%83%E7%97%85%E6%AF%92%E6%B4%BB%E5%8B%95%E9%87%8F%E5%A2%9E%E5%8A%A0131%EF%BC%8C%E5%BD%B1%E9%9F%BF%E5%B1%A4%E7%B4%9A%E9%81%94%E3%80%8C%E5%9C%8B%E5%AE%B6/

]]>
2020-09-02
<![CDATA[Orange Business Services Selects Fortinet to Offer Secure SD-WAN]]> http://www.phitech.com.tw/news/index.php?news_id=954 Orange Business Services Selects Fortinet to Offer Secure SD-WANImage Credit: Fortinet

Orange Business Services has chosen Fortinet Secure SD-WAN to enrich its flagship Flexible SD-WAN offering.

This global SD-WAN solution, which provides businesses with an agile, multicloud-ready connectivity solution to ensure superior end-user experience, will integrate Fortinet’s Secure SD-WAN solution as a new technology option. The new option gives businesses an additional choice for agile SD-WAN solutions with end-to-end top-level performance, resiliency and next-generation firewall security.

Building on an already-established partnership between Orange Business Services and Fortinet around managed security services, the Fortinet FortiGate Next-Generation Firewall is also already present in the NextGenHubs deployed by Orange Business Services. This is a key enabler of the native multicloud pillar of Flexible SD-WAN that ensures customers benefit from secure connectivity from the edge to the cloud. The extended scope will now provide enterprises with a secure SD-WAN solution that integrates next-generation firewall security and SD-WAN functionality in a single offering. This will deliver higher performance and improved return on investment (ROI), a key requirement for many midmarket and large customers.

Source:
https://www.thefastmode.com/technology-solutions/15908-orange-business-services-selects-fortinet-to-offer-secure-sd-wan

]]>
2020-08-26
<![CDATA[Fortinet Introduces Self-Learning Artificial Intelligence Appliance for Sub-Second Threat Detection]]> http://www.phitech.com.tw/news/index.php?news_id=980 FortiAI Leverages Deep Neural Networks to Automate Threat Detection and Remediation, Expanding Fortinet’s AI-driven Security Offerings

SAN FRANCISCO, Feb. 24, 2020 (GLOBE NEWSWIRE) --

John Maddison, EVP of products and CMO at Fortinet
“Fortinet has invested heavily in FortiGuard Labs cloud-based, AI-driven threat intelligence, allowing us to detect more threats, more quickly and more accurately. FortiAI takes the artificial intelligence knowledge from FortiGuard Labs and packages it specifically for on-premises deployments. This gives customers the power of FortiGuard Labs directly in their environment, with self-learning AI to identify, classify and investigate sophisticated threats in sub-seconds.”

News Summary 
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced FortiAI, a first-of-its-kind on-premises appliance that leverages self-learning Deep Neural Networks (DNN) to speed threat remediation and handle time consuming, manual security analyst tasks. FortiAI’s Virtual Security Analyst™  embeds one of the industry’s most mature cybersecurity artificial intelligence – developed by Fortinet’s FortiGuard Labs – directly into an organization’s network to deliver sub-second detection of advanced threats.

Organizations Face an Uphill Battle
Security architects confront many challenges when it comes to discovering and remediating threats, including:

  • Cybercriminals are becoming more sophisticated. While traditional cyber threats continue, sophistication of advanced attacks – often enabled by artificial intelligence, machine learning and open source communities – are increasing. As a result, organizations and their defenses are challenged to keep pace with threat evolution.
     
  • The attack surface is expanding. Millions of new applications, growing cloud adoption and the increase in connected devices are creating billions of edges that security teams need to properly protect and manage. Organizations are challenged to keep pace with the threat volume resulting from many potential entry points.
     
  • Security teams are constrained due to the cyber skills shortage. The cybersecurity industry faces a skills gap that has become a top emerging risk for organizations. There are not enough skilled professionals available to properly triage, investigate and respond to the growing number of threats – potential and actual – making it easier for cybercriminals to outpace legacy security processes and tools.

Self-Learning AI Adapts Organizations’ Threat Protection 
To address these challenges faced by security professionals today, Fortinet is unveiling FortiAI Virtual Security Analyst™ to accelerate threat remediation. FortiAI handles many of the time consuming, manual tasks currently expected of security professionals, preserving their time for higher value security functions. FortiAI’s self-learning capabilities continue to get smarter once deployed in an organization’s network.

FortiAI leverages Deep Learning known as Deep Neural Networks, which mimic neurons in the human brain, to make complex decisions based on its scientific analysis of threats specific to the organization where it is deployed. As FortiAI’s artificial intelligence continues to mature, organizations benefit from having FortiAI’s Virtual Security AnalystÔ effectively transform and adapt threat protection.

FortiAI Levels the Playing Field 
Fortinet’s Deep Neural Networks (DNN) approach enables FortiAI to revolutionize threat protection by:

  • Automating time-consuming manual investigations to identify and classify threats in real time: Organizations using legacy security processes combined with limited security staff find it difficult to perform manual investigations for each threat alert. This creates additional risks including a data breach or security incident due to slow response time. To solve this, FortiAI automates investigations using DNN to identify the entire threat movement and uncover patient zero and all subsequent infections in a sub-second.
  • Transforming security processes for instant detection and remediation of attacks: FortiAI’s Virtual Security Analyst™ significantly reduces the time organizations are exposed to threats by scientifically analyzing characteristics of threats and generating an accurate verdict to accelerate threat response.
  • Delivering tailored threat intelligence to significantly reduce false positives: False positives are a burden for security analysts to investigate and it is time consuming to determine threats versus non-threats. Through tailored threat intelligence, FortiAI learns new malware features as it adapts to new attacks instantaneously and reduces false positives. 

On-premises Protection for Air Gapped Networks
Another key distinction of FortiAI is that it offers on-premises AI suitable for organizations that have air gapped networks. Operational technology environments, government agencies and some large enterprises must adhere to strict compliance regulations and/or security policies that limit their network’s connection to the internet. FortiAI with its self-learning AI model does not require internet connectivity to learn and mature, enabling organizations with closed environments or stringent security policies to stay ahead of threats.

Fortinet’s AI-driven Technologies Automate Threat Protection
Fortinet has a longstanding history of helping customers strengthen their security posture by leveraging artificial intelligence. Some of the existing Fortinet offerings and services, complemented by the new FortiAI, that leverage various forms of AI, such as least squares optimization and Bayesian probability metrics, include:

  • FortiGuard Labs Threat Intelligence: FortiGuard Labs uses proven advanced AI and machine learning to gather and analyze over 100 billion security events every day. This threat intelligence produced by FortiGuard Labs is delivered to customers through its subscription services available for a range of Fortinet’s products, including the flagship FortiGate NGFWs. As a result, customers benefit from artificial intelligence deployed in global labs for faster threat prevention.
     
  • FortiSandbox: Fortinet is the first security vendor to introduce AI to sandboxing to automate breach protection. FortiSandbox includes two machine learning models to its static and dynamic analysis of zero-day threats, improving the detection of constantly evolving malware, such as ransomware and cryptojacking. Through the use of a universal security language to categorize malware, FortiSandbox also connects discussions between network and security teams, leading to more integrated and improved security operations.
     
  • FortiEDR: Fortinet’s FortiEDR uses machine learning to automate the endpoint protection against advanced threats with real time orchestrated incident response functionalities. Customers also benefit from more control of network, user and host activity within their environments. 
     
  • FortiInsight: FortiInsight uses machine learning analytics to effectively monitor endpoints, data movements and user activities to detect unusual, malicious behavior and policy violations attributed to insider risk.
     
  • FortiWeb: To better protect web applications and APIs, FortiWeb applies machine learning to tailor a unique defense for each application. As a result, FortiWeb can quickly block threats while minimizing the false positives that may interfere with end user experience.
     
  • FortiSIEMFortiSIEM leverages machine learning to recognize patterns in typical user behavior like location, time of day, devices used and specific servers accessed. FortiSIEM can then automatically notify security operations teams when anomalous activities occur, like concurrent logins from separate locations.             

As cyber criminals look to exploit the expanding digital attack surface with sophisticated attacks, the breadth and depth of the Fortinet Security Fabric’s AI-driven technology provides customers with unparalleled threat prevention, detection and response that can be instant and automated.

Supporting Quotes
“Deploying FortiSandbox to protect our organization against zero-day threats was seamless through Fortinet’s Security Fabric platform. FortiSandbox secures our perimeter, client and mail servers, and ultimately is protecting our assets from advanced unknown threats. Leveraging FortiSandbox’s AI-driven capabilities has helped us keep pace with AI-driven threats, all while providing an easy and simplified way to configure and manage our security.” 
- Dario Palermo, System and Network Administrator at Ente Autonomo Volturno

Additional Resources

About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers our customers with complete visibility and control across the expanding attack surface and the power to take on ever-increasing performance requirements today and into the future. Only the Fortinet Security Fabric platform can address the most critical security challenges and protect data across the entire digital infrastructure, whether in networked, application, multi-cloud or edge environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 440,000 customers trust Fortinet to protect their businesses. Both a technology company and a learning company, the Fortinet Network Security Expert (NSE) Institute has one of the largest and broadest cybersecurity training programs in the industry. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.    

Source:
https://www.globenewswire.com/news-release/2020/02/24/1989284/0/en/Fortinet-Introduces-Self-Learning-Artificial-Intelligence-Appliance-for-Sub-Second-Threat-Detection.html

]]>
2020-08-19
<![CDATA[Fortinet Recognized as Winner of Microsoft’s 2020 Commercial Marketplace Partner of the Year]]> http://www.phitech.com.tw/news/index.php?news_id=1014 Fortinet Recognized as Winner of Microsoft’s 2020 Commercial Marketplace Partner of the Year Award Underscores Fortinet’s Commitment to Enable Easy and Secure Deployment of SaaS, VM or Container Security Solutions to Protect Azure Workloads and Applications

News Summary
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced it has won Microsoft’s 2020 Commercial Marketplace Partner of the Year award. Fortinet was honored among a global field of top Microsoft partners for demonstrating excellence in innovation and implementation of customer solutions based on Microsoft technology.

As organizations are strained with limited cloud security resources and expertise, there’s growing preference to consume certain security functionalities as Security-as-a-Service and through pay-as-you-go models. Recognizing this, Fortinet offers the broadest set of security solutions that are natively integrated with Azure and available on Azure Marketplace. Products available through Azure Marketplace include Fortinet’s award-winning FortiGate Next-Generation Firewall (NGFW) and FortiWeb Cloud as a Service.

“This award reflects the proven growth and success of Fortinet’s offerings on Azure Marketplace as we continue to see significant customer demand,” said John Maddison, EVP of Products and CMO at Fortinet. “We look forward to building on our shared commitment to ensuring customers can use the cloud with confidence by enabling fast and simple deployment of new security services.”

Microsoft’s 2020 Commercial Marketplace Partner of the Year award recognizes Fortinet for excelling in the marketplace journey. The Microsoft Partner of the Year Awards recognize Microsoft partners that have developed and delivered exceptional Microsoft-based solutions during the past year. Awards were classified in several categories, with honorees chosen from a set of more than 3,300 submitted nominations from more than 100 countries worldwide.

“It is an honor to recognize the winners and finalists of the 2020 Microsoft Partner of the Year Awards,” said Gavriella Schuster, corporate vice president, One Commercial Partner, Microsoft. “These partners go above and beyond, delivering timely solutions that solve the complex challenges that businesses around the world face – from communicating and collaborating virtually to helping customers realize their full potential with Azure cloud services, and beyond. I am proud to honor and congratulate each winner and finalist.”

Additional Resources

About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers our customers with complete visibility and control across the expanding attack surface and the power to take on ever-increasing performance requirements today and into the future. Only the Fortinet Security Fabric platform can address the most critical security challenges and protect data across the entire digital infrastructure, whether in networked, application, multi-cloud or edge environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 455,000 customers trust Fortinet to protect their businesses. Both a technology company and a learning organization, the Fortinet Network Security Expert (NSE) Institute has one of the largest and broadest cybersecurity training programs in the industry. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.

Source:
https://www.globenewswire.com/news-release/2020/07/16/2063384/0/en/Fortinet-Recognized-as-Winner-of-Microsoft-s-2020-Commercial-Marketplace-Partner-of-the-Year.html

]]>
2020-08-12
<![CDATA[Fortinet, Siemens pair up to better secure operational technology]]> http://www.phitech.com.tw/news/index.php?news_id=953

Fortinet also landed a SD-WAN deal from SoftBank ahead of its first investor day.

Recommended Content:
Big Data is a term that resounds across various business realms involving diverse organizational aspects such as finance, marketing and information technology. Tech Pro Research conducted a survey in August to examine Big Data trends in the...
 
 

Fortinet and Siemens unveiled a partnership designed to better secure operational technology networks in markets such as utilities, transportation and oil and gas.

The announcement comes as Fortinet holds an analyst meeting in New York on Monday. The investor meeting is Fortinet's first in its decade as a public company. Fortinet competes with Palo Alto Networks, Checkpoint, and Cisco among others.

Under the alliance, Siemens will integrate its industrial and operational technologies and control systems with Fortinet's cybersecurity platform and Fortinet Security Fabric. The aim is to better secure edge computing and Internet of Things devices. The two companies also entered a global resell agreement.

fortinet-security-fabric.png

Fortinet's security fabric. 

 

The first effort from Fortinet and Siemens will be the integration of the FortiGate Next-Generation Firewall with the Ruggedcom Multi-Service Platform family of switches and routers. The Siemens gear is typically used in industrial settings such as electrical substations. Siemens will also bundle Fortinet's FortiGate Next-Generation firewall with its equipment.

Fortinet Chief Marketing Officer John Maddison said in an interview that edge computing and IoT are increasingly critical growth markets for Fortinet now and in the future. "Edge computing will need low latency compute and be built out in factories and other industrial areas. Coupled with 5G there will be a need for a new security model," said Maddison.

For now, Fortinet is growing at a rapid clip courtesy of its SD-WAN security portfolio. To that end, Fortinet announced that SoftBank will use Fortinet SD-WAN to expand its managed security services. SoftBank in Japan provides SD-WAN services to enterprise customers.

SoftBank will provide advanced security services, network analytics, and cloud on-ramp connectivity to enterprises. Maddison said Fortinet's SD-WAN portfolio for carriers is faring well as many are choosing to pull back from software-defined approaches to integrated hardware and software security appliances to improve performance.

 

In its just reported third quarter, Fortinet delivered a net income of 46 cents a share on revenue of $547.5 million, up 21% from a year ago.  Ken Xie, CEO of Fortinet, said that the company saw strong growth in its security fabric, cloud, and SD-WAN offerings.

For fiscal 2019, Fortinet projected revenue between $2.13 billion and $2.15 billion with non-GAAP earnings between $2.39 and $2.41 a share.


Source:
https://www.zdnet.com/article/fortinet-siemens-pair-up-to-better-secure-operational-technology/

]]>
2020-08-05
<![CDATA[Fortinet Underlines Importance Of Promoting Cybersecurity Awareness To Protect Children Online]]> http://www.phitech.com.tw/news/index.php?news_id=952

Fortinet’s shares a few best practices to incorporate into every child’s internet usage to ensure they are safe, secure and maintain their privacy online:

 

 

 

Fortinet, integrated and automated cyber security solutions, today reminded  how important it has become to make sure  children fully understand their digital profile, as well as the devices and applications they use daily as internet-based devices  put them at risk of being compromised by cyber criminals.  

With a wide array of fun games and educational material just one click away the internet has become such an important resource in every child’s life. Many aspects of a child’s life, including school and communicating with friends, are dependent on devices that are connected to the internet. Unfortunately, cyber criminals are aware of this and oftentimes target kids for their own gain.

Fortinet’s shares a few best practices to incorporate into every child’s internet usage to ensure they are safe, secure and maintain their privacy online:

The Importance of Online Privacy: Discuss online security with children, start by explaining the importance of keeping information private to strengthen their online security and to keep their family’s data safe. As many online activities require personally identifiable information (PII) such as name and date of birth, children must know where and when they should share this type of information. For older children, this extends to banking information as well. It’s crucial that the child understands that they should never share their account details with anyone online, outside of official and verified representatives and should minimize the amount of PII they share overall.

Create Online Guidelines: We cannot always control what children do online, however, establishing a set of rules to follow while online will help to protect them. Having specific lists of websites and applications children can use allows parents to determine how they use the internet, guaranteeing their safety. The same principles can be applied to social media, where parents can create guidelines for what is acceptable to share and whom they can connect with.

Secure their Devices: Personal devices and online accounts have become prime targets for cyber criminals looking to steal personal information. It is of paramount importance that parents make sure their own devices and the child’s devices, are secure. Learning the security features that are built into the websites and applications children use, as well as applying additional security layers to their devices will make it more difficult for cyber criminals to breach their profiles.

Defend Against Cyber Threats:. For online accounts, security starts with using a strong password. Some best practices to follow include making a new password for every account, as well as avoiding the use of common phrases. Enabling multi-factor authentication (MFA) is the next step in bolstering account security. MFA works by adding an extra step to the login process to verify identity. This is usually done in the form of a unique code being sent over email or text to a user-confirmed mobile phone number attached to the account that must be entered before the account is logged into. 

Unsecure networks, such as public Wi-Fi are often used by cyber criminals as a way to gain access to devices that are connected to it. When using public wi-fi confirm the network name and exact login credentials with the appropriate staff before logging in.

Monitor Online Activity: It is important to monitor the online activity of children to make sure they are not overstepping into areas that could put them at risk. Keeping the computer in a public area, allows parents to easily intervene if the child misuses online resources.

Parents of older kids should be careful to monitor their online purchases are made from secure sites. Furthermore, recent threat research from FortiGuard Labs shows that ecommerce platforms have been under increased attack and that there has been an increase in card skimming scams to steal financial data. Monitoring your children’s online purchases ensures you can step-in if you see suspicious activity that may indicate your child’s personal information has been compromised.

“With the internet becoming a mainstay in every child’s life, protecting them online has become a necessity for all parents. Protecting a child online encompasses aspects of both owning and securing their internet usage. Ultimately, maintaining an understanding of what children do online, as well as making sure they are secure, culminates in online safety.”, said Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet.

source:
http://bwcio.businessworld.in/article/Fortinet-Underlines-Importance-Of-Promoting-Cybersecurity-Awareness-To-Protect-Children-Online/13-11-2019-178887/

]]>
2020-07-29
<![CDATA[Review: The Fortinet FortiGate 60E Gives Small Agencies High-Level Security]]> http://www.phitech.com.tw/news/index.php?news_id=951 Designed for drag-and-drop protection at satellite and regional offices, this security device punches above its weight.

When people think of the federal government, the images that come to mind are of massive marble buildings in Washington, D.C., that span city blocks. But the government exists all over, not just inside the Beltway.

The thousands of smaller remote and branch offices scattered throughout the country need the same high level of cybersecurity as those centralized digital fortresses.

The Fortinet FortiGate 60E security appliance might be a good way to offer that protection. It’s a tiny, under-1U-sized appliance designed for installation at the gateway to a remote or small office.

MORE FROM FEDTECH: Find out how to choose between software-defined perimeters and VPNs.

FortiGate 60E Provides Expansive Cybersecurity

It offers anti-virus ana­lysis, application filtering, ASIC VPN, firewall protection, an intrusion prevention system, URL filtering, VPN support and web threat protection, and it works almost as soon as it’s plugged in and connected to the wired gateway.

Most firewalls and next-generation security appliances are difficult to manage, especially ones that pack multiple features into a single box. Fortinet simplified those functions, using a unified operating ­system called FortiOS 5 that drives each component, paired with a graphical user interface that is easy to control. 

It’s also simple to create unique firewall rules for the equipment and user needs of each office, and the 60E can store as many as 5,000 of them. 

The fact that each feature shares a common interface means learning how to program one equals proficiency with all the others as well.

The Fortinet FortiGate 60E

 

Handle Massive Amounts of Session Traffic 

The FortiGate 60E proved more than capable of handling the kind of traffic generated by a small or even a medium-sized office

In stress testing, it was able to process 25,000 new ­sessions per second and more than half a million ­concurrent TCP sessions with no hint of slowdown, and it’s actually rated to go higher. 

The total maximum throughput is 3 gigabits per second, which is probably more than any small government outpost will need. 

Given the capacity, however, agencies could configure and protect up to 10 virtual domains, which could come in handy if different agencies share space in the same branch office and need protection that’s tightly configured for their specific missions.

For good protection and ease of use, agencies with small facilities will find the Fortinet FortiGate 60E a good fit.

MORE FROM FEDTECH: Read about how federal agencies are training employees to spot phishing attacks.

Reinforcements Are Ready to Assist the FortiGate 60E

The Fortinet FortiGate 60E next-generation security appliance is a powerful defensive tool designed to be dropped into a small or branch office and provide robust protection against a variety of threats — and it does. But it’s also part of a family of appliances designed to work together for even greater security.

I happened to have some Fortinet gear in the lab from previous reviews, including an email and a sandboxing tool. Like the FortiGate 60E, they were built around a common architecture that streamlines throughput and prioritizes quick protective actions.

It’s conceivable that the branch offices of extremely security-minded feds might want a little more protection than the 60E offers; for example, the ability to sandbox files. Thankfully, the common interface makes it easy to add in other Fortinet appliances if needed.

Using the graphical interface on the FortiGate 60E, it was easy to set up an automatic process that sent certain files over to the sandbox for deeper analysis. And it was similarly simple to send them back once complete, or to program automatic actions on the 60E if any threats were found. 

Realistically, the commonality between Fortinet devices these days means that adding new appliances almost feels no more difficult than adding a software module

Offices that don’t mind losing a little bit of the baseline simplicity of the FortiGate 60E can easily add more protection to their defenses, and then still manage almost everything from a central location.

FORTINET FORTIGATE 60E

Data Transfer Rate: 3Gbps
Max Concurrent TCP Sessions: 1.3 million
Supported New Sessions: 30,000 per second
Firewall Rules Capacity: 5,000
Max Concurrent SSL VPN Sessions: 100
Dimensions: 6.3x8.5x1.5 inches
Weight: 1.98 pounds 


Source:
https://fedtechmagazine.com/article/2019/11/review-fortinet-fortigate-60e-gives-small-agencies-high-level-security

]]>
2020-07-22
<![CDATA[TCTS and Fortinet launch secure SD-WAN managed services for Microsoft Azure Virtual WAN]]> http://www.phitech.com.tw/news/index.php?news_id=958 Tata Communications Transformation Services (TCTS), a wholly owned subsidiary of Tata Communications, and Fortinet, working with Microsoft Azure, have launched a fully managed SD-WAN offering for Azure Virtual WAN. The TCTS SD-WAN offering will help service providers create solutions to further enable enterprises with seamless migration to Azure, thereby helping to accelerate their revenue in IT migration to public clouds. This joint offering will also enable inter-branch connectivity for customers using the Microsoft backbone and help them to meet SLAs while securing access to applications running on Azure.

In collaboration with Azure, Fortinet and Equinixi, TCTS has augmented Azure’s current Virtual WAN offering in which application policies can be centrally configured using Fortinet’s SD-WAN technologies integrated with Equinix Network Edge to create Virtual Network Services that deliver enhanced performance and security protection.

Madhusudhan Mysore, Executive Chairman and CEO of TCTS said, “TCTS’s Cloud Networking-as-a-Service was developed to address the most complex real-world enterprise IT migration to the cloud. It offers a best-in-class white-labeled managed service provider (MSP) offering for operators worldwide to help them accelerate their MSP revenues through Microsoft’s worldwide enterprise customer base. TCTS has a significant set of highly skilled CNaaS technical consultants to provide white-labeled services to operators worldwide, thereby supporting the easy adoption and ongoing use of Microsoft Azure.”

“Wide Area Network (WAN) requirements for the enterprise are becoming more cloud centric. Microsoft Azure Virtual WAN (VWAN) is addressing these needs by allowing devices and sites to connect to Azure’s public cloud more easily and globally. TCTS’ SD-WAN managed services over Azure’s VWAN, will enable service providers worldwide to deliver CNaaS managed services,” added Ross Ortega, Partner Program Manager, Microsoft Azure Networking at Microsoft Corp.

Through this offering, enterprises at any given site can use a hybrid deployment of MPLS and Internet to steer the traffic between mission critical traffic (MPLS and Carrier Ethernet) and non-mission critical traffic (Internet), which further connects directly to Azure via Azure ExpressRoute. This connection can be established leveraging TCTS’ highly commended platform, ‘Virtual Cloud exchange,’ for building within native service provider environments or white-labeled options using the Equinix’ Cloud Exchange Fabric (ECX Fabric) and Network Edge solution offerings within their data centers globally.

Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet said, “Enterprise cloud adoption is driving a global WAN transformation by leveraging SD-WAN technology, but this increases security risks. Fortinet’s Secure SD-WAN offers best-of-breed SD-WAN, next-generation firewall security, advanced routing and WAN optimization capabilities integrated into a single offering. TCTS’ Managed SD-WAN offering with Fortinet provides communication service providers with a turn-key solution to deliver robust, secure and low latency connectivity services.”

TCTS’ Virtual Cloud exchange (US patent pending) automates connection and management to Azure and other public cloud delivered via a fully managed turn-key white-label solution for CSPs worldwide. With this service from TCTS, service providers can enable Azure enterprise customers to choose either a standard offering that needs no further SD-WAN Virtual Network Function (VNF) in Azure, or a more advanced option that places a SD-WAN VNF in Azure to deliver SD-WAN application traffic steering and security protection.

TCTS will provide customers with professional services for Azure CNaaS capabilities in planning, deployment and operations.

Source:
https://www.crn.in/news/tcts-and-fortinet-launch-secure-sd-wan-managed-services-for-microsoft-azure-virtual-wan/

]]>
2020-07-15
<![CDATA[Safe-T Joins Fortinet as a Fabric-ready Technology Alliance Partner]]> http://www.phitech.com.tw/news/index.php?news_id=957 HERZLIYA, Israel, Dec. 2, 2019 /PRNewswire/ -- Safe-T® Group Ltd. (NASDAQ: SFET) (TASE: SFET), a provider of Secure Access solutions for on-premises and hybrid cloud environments, today announced that it has joined the Fortinet Fabric-Ready Technology Alliance Partner program with its Software Defined Perimeter solution, to help organizations create a secure and agile remote access suit, based on Zero-Trust concepts. The integration with Fortinet delivers an advanced Zero Trust Network Access solution to control who can access internal and cloud services and how access is granted.

The joint solution grants access to applications on a need-to-know basis, while giving users fast and seamless access to the resources they need. This creates a "verify-first, access-second" Zero-Trust approach across an organization's applications, enabling enhanced security, greater visibility, and better user experience.

Safe-T's SDP solution controls the access to internal services and utilizes Fortinet FortiAuthenticator to authenticate each user. The joint solution can be deployed either by using Safe-T's on-premises SDP deployment or with Safe-T's cloud SDP service.

"Unlike the traditional approach to IT network security, Zero-Trust security means that no one from inside or outside the network is trusted by default, and verification is required from everyone trying to gain access to resources on the network. By implementing this methodology, the organization can guarantee that its' applications and files are exposed only to those who are really supposed to have access to such data, thus prevent and reduce breaches," said Eitan Bremler, VP Products & Technology at Safe-T. "Joining the Fortinet Fabric-Ready Partner Program allows us to expand our eco-system of identity providers and integrate with the leading FortiAuthenticator solution. Through this integration, organizations can now create a 'verify-first, access-second' Zero-Trust approach across organizations' applications to minimize the attack surface ad reduce risk, as well as the complexity and costs associated with the growing need to protect enterprise systems and data."

Fortinet's technology alliance partner program is built on Fortinet products and solutions to help customers get even more value from their security deployments. Technology alliance partners are a key part of the Fortinet Security Fabric, which enables the development and delivery of truly comprehensive, end-to-end security solutions that can dynamically adapt to the evolving network architecture as well as the changing threat landscape. Alliance solutions provide customers with more effective security, and are pre-integrated, saving time and resources in deployment, operations, and support. Please visit the Fortinet Technology Alliances Ecosystem  page for more information about this program.

About Safe-T®

Safe-T Group Ltd. (Nasdaq, TASE: SFET) is a provider of Zero Trust Access solutions which mitigate attacks on enterprises' business-critical services and sensitive data, while ensuring uninterrupted business continuity.

Safe-T's cloud and on-premises solutions ensure that an organization's access use cases, whether into the organization or from the organization out to the internet, are secured according to the "validate first, access later" philosophy of Zero Trust. This means that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network or in the cloud.

Safe-T's wide range of access solutions reduce organizations' attack surface and improve their ability to defend against modern cyberthreats. As an additional layer of security, our integrated business-grade global proxy solution cloud service enables smooth and efficient traffic flow, interruption-free service, unlimited concurrent connections, instant scaling and simple integration with our services.

With Safe-T's patented reverse-access technology and proprietary routing technology, organizations of all size and type can secure their data, services and networks against internal and external threats.

At Safe-T, we empower enterprises to safely migrate to the cloud and enable digital transformation.

Safe-T's SDP solution on AWS Marketplace is available here.

For more information about Safe-T, visit www.safe-t.com.

Forward-Looking Statements

This press release contains forward-looking statements within the meaning of the "safe harbor" provisions of the Private Securities Litigation Reform Act of 1995 and other Federal securities laws. Words such as "expects," "anticipates," "intends," "plans," "believes," "seeks," "estimates" and similar expressions or variations of such words are intended to identify forward-looking statements. For example, Safe-T is using forward-looking statements in this press release when it discusses the advantages of its SDP solution, the advantages of the joint solution and its potential to address market need and/or demand. Because such statements deal with future events and are based on Safe-T's current expectations, they are subject to various risks and uncertainties and actual results, performance or achievements of Safe-T could differ materially from those described in or implied by the statements in this press release. The forward-looking statements contained or implied in this press release are subject to other risks and uncertainties, including those discussed under the heading "Risk Factors" in Safe-T's annual report on Form 20-F filed with the Securities and Exchange Commission ("SEC") on March 26, 2019, and in any subsequent filings with the SEC. Except as otherwise required by law, Safe-T undertakes no obligation to publicly release any revisions to these forward-looking statements to reflect events or circumstances after the date hereof or to reflect the occurrence of unanticipated events. References and links to websites have been provided as a convenience, and the information contained on such websites is not incorporated by reference into this press release.

PRESS CONTACT: 
Karin Tamir 
Karin.Tamir@safe-t.com 
+972-9-8666110

Source:
https://www.prnewswire.com/news-releases/safe-t-joins-fortinet-as-a-fabric-ready-technology-alliance-partner-300967108.html

]]>
2020-07-08
<![CDATA[Carrier-Class Dialogic BUZZ™ UCaaS Platform Wins Industry Award from Capacity Media]]> http://www.phitech.com.tw/news/index.php?news_id=949 PARSIPPANNY, N.J., Nov. 5, 2019 /PRNewswire-PRWeb/ -- Dialogic, a cloud-optimized applications and infrastructure solutions provider for service providers, enterprises, and developers, announced today that the Dialogic® BUZZ™ UCaaS platform offered as a collaboration between Dialogic and Epsilon, a cloud-centric global connectivity and communications service provider, was the recipient of the Best Unified Communications Innovation Award at the Capacity Europe 2019 Global Carrier Awards ceremony held in London on October 30, 2019 and hosted by Capacity Media.

The BUZZ UCaaS offering combines the features of the Dialogic BUZZ UC platform with Infiny by Epsilon to create a powerful, fully managed and hosted carrier-class UCaaS platform that delivers unmatched UC and software-defined networking (SDN) capabilities.

Dialogic BUZZ delivers a single UC platform for all business communication needs, including video conferencing, unified communications, and PBX functionality. It is a multi-tenancy, brandable, full-stack, cloud-scale solution that raises the bar for both innovation and usability.

Infiny by Epsilon is an on-demand connectivity platform, that gives enterprises and service providers a suite of high-performance network services at the click-of-a-button. Users can access Epsilon's carrier-class network and interconnect to over 220 data centers, providing optimized voice and video QoS levels to customers.

"We are delighted to be chosen for this award, which recognized our efforts to give service providers and channel partners an accelerated path to competitive and innovative UCaaS cloud offerings," said Bill Crank, President & CEO of Dialogic. "With an API-driven, microservices architecture, Dialogic BUZZ is able to continually evolve and incorporate new, cutting-edge functionalities without disrupting existing deployments."

"This award validates the powerful combination of Dialogic BUZZ and Infiny to deliver a one-stop UCaaS platform for all unified communications and connectivity needs," added Jerzy Szlosarek, Chief Executive Officer, Epsilon. "It is a compelling offer, opening new revenue lines for the wholesale market, and which can now provide a complete UC solution leveraging our global network fabric."

Visit the Dialogic website for more information on Dialogic BUZZ. For more information on the UCaaS offering with Epsilon, see the press release announcing the collaboration.

About Dialogic

Dialogic is a leading cloud-optimized solutions provider for real-time communications media, applications, and infrastructure to service providers, enterprises, and developers around the globe. Based in Parsippany, NJ with offices worldwide, Dialogic works with 48 of the world's top 50 mobile operators, and nearly 1,000 application developers build and deploy on agile networks. Learn more about how Dialogic is enabling agility by following us on Twitter @Dialogic, and visiting dialogic.com and the Dialogic Blog for the latest industry news, trends and advice.

Dialogic and Dialogic BUZZ are either registered trademarks or trademarks of Dialogic Corporation or a subsidiary thereof ("Dialogic"). Other trademarks mentioned and/or marked herein belong to their respective owners.

About Epsilon

Epsilon is a cloud-centric global connectivity and communications service provider, connecting to 220 data centres in 39 cities. The company's SDN platform, Infiny by Epsilon, combines on-demand connectivity, a web-based portal and APIs to give partners simple and effective solutions. All Epsilon services are powered by a carrier-grade, hyper-scalable global backbone that connects the world's communications and technology hubs. Epsilon is headquartered in Singapore with offices in London, New York, Dubai and Sofia.

]]>
2020-07-01
<![CDATA[Fortinet Expands Integration of Cloud Security Offerings with Microsoft Azure to Provide Advanced Protection]]> http://www.phitech.com.tw/news/index.php?news_id=948 SUNNYVALE, Calif., Nov. 04, 2019 (GLOBE NEWSWIRE) -- 

John Maddison, EVP of product and CMO at Fortinet
“Fortinet is helping our customers protect, consume and deliver cloud through our dynamic cloud security offerings. Using Microsoft Azure allows our customers to implement broad protection across their cloud deployments as well as on-premises infrastructure. Today’s announcement strengthens our collaboration as we work together to provide end-to-end security across the expanding digital attack surface.”

News Summary 
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced the expansion of the Fortinet Security Fabric’s dynamic-cloud security offerings with Microsoft Azure, providing customers with an easier way to connect, manage and protect their cloud workloads on Microsoft Azure.    

Organizations turning to Azure want to take advantage of the public cloud benefits without compromising security. While Microsoft secures the Azure infrastructure and isolates the tenants, customers are responsible making sure their cloud configuration is secure. Fortinet provides customers that utilize Azure with the confidence to deploy any application in the cloud while maintaining a consistent operational model and managing risks. The Fortinet Security Fabric’s dynamic cloud solutions help Azure users connect and protect their cloud workloads and offers security capabilities that are delivered from the cloud.

Delivering dynamic-cloud security solutions

Fortinet is working with Microsoft to enable joint customers to reap the benefits provided by cloud environments without compromising security. Today’s announcement includes:

  • FortiGate Secure SD-WAN now integrates with Azure Virtual WAN to accelerate their cloud on-ramp by improving customer QoE and security. This is done through product integration and automation that simplifies connectivity to Azure Virtual WAN using Fortinet’s Secure SD-WAN offering. This integration automates the creation and tear down of branches connected to Azure Virtual WAN and provides centralized management of connected clouds across offices and regions. FortiGate Secure SD-WAN’s integration with Azure Virtual WAN also ensures optimal performance and security at the branch for customers accessing applications on Azure. 
     
  • Fortinet FortiCWP’s integration with Azure provides customers with increased visibility into their cloud workloads activity and configurations, as well as the ability to conduct deep analysis of data stored in Microsoft Azure blobs. By leveraging deep integration with Azure as well as utilizing FortiGuard-based threat intelligence, customers get comprehensive and most up-to-date threat information pertaining to their cloud workloads. FortiCWP works across clouds and leverages cloud providers’ APIs to gain a comprehensive view across workloads in any cloud region, enabling customers to detect threats and subsequently deploy necessary protection to mitigate these risks.
     
  • Fortinet is also delivering FortiWeb Cloud WAF-as-a-Service from Microsoft Azure Marketplace. Organizations protecting their web applications are struggling to find a working balance between operational overhead and security effectiveness. Fortiweb WAF-as-a-Service offers the ideal combination by exposing pertinent configuration parameters, while automating provisioning of protection resources and fine-tuning security policies. Customers can now activate Fortinet’s WAF solution instantaneously and have the Software-as-a-Service (SaaS) solution automatically provision resources through the Azure marketplace. Fortinet’s WAF SaaS solution does not require administrators to possess specific web application security skills, enabling rapid application deployment. Other products already available on the marketplace include FortiGate VM Next-Generation Firewall, FortiWeb VM, FortiMail VM, FortiManagerFortiAnalyzer & FortiSandbox for Azure.

As organizations increase their adoption of Azure to build or migrate applications their technology footprint diversifies and expands. As a result, organizations are increasing their attack surface and risk. To mitigate these risks and properly secure workloads and applications, organizations need to securely connect their organization to the cloud. This can be done with the implementation of cloud security for their web applications and cloud platforms that is managed easily and seamlessly.  

Tightened integration through the Fabric-Ready program

The Fortinet Security Fabric’s dynamic cloud security solution set provides Azure customers with an extensive portfolio of integrated security solutions to address this need. By implementing the Fortinet Security Fabric on Azure, customers can deploy a fully integrated security solution that seamlessly spans dynamic clouds, which consist of on-premises and hybrid cloud environments.

Fortinet has a broad range of Security Fabric integrations with Microsoft products, including the extensive solutions with Azure referenced above, as well as FortiNAC integration with Microsoft InTune and SCCM, and FortiMail integration with Microsoft 365. By integrating its solutions, Fortinet and Fabric-Ready Partner Microsoft provide customers with end-to-end security that is pre-validated, saving time, costs and resources in systems integration, deployment, operations and support.

Supporting Quotes

“We are pleased to expand our collaboration with Fortinet through the integration of their Secure SD-WAN solution and Microsoft Azure’s Virtual WAN offering. As customers look to simplify branch connectivity and extend application workloads on Microsoft Azure, FortiGate Secure SD-WAN offers a rich branch and corporate connectivity solution for customers looking to secure and optimize their cloud on-ramp requirements." 
-Reshmi Yandapalli, principal product manager at Microsoft Azure


Source:
http://www.globenewswire.com/news-release/2019/11/04/1940531/0/en/Fortinet-Expands-Integration-of-Cloud-Security-Offerings-with-Microsoft-Azure-to-Provide-Advanced-Protection.html

]]>
2020-06-24
<![CDATA[Fortinet Rated Top End-to-End Healthcare Cybersecurity Solution in Client Experience, 2019 Book Market Research User Survey]]> http://www.phitech.com.tw/news/index.php?news_id=947 Hospital system and physician organizations ranked cybersecurity firms by industry client satisfaction and loyalty scores via independent key performance indicators.

Press Release – updated: Nov 4, 2019 09:00 EST

TAMPA, Fla., November 4, 2019 (Newswire.com) – ​Black Book Market Research LLC’s annual poll of healthcare cybersecurity products, services, outsourcing and consulting clients spanned 17 functional areas of cybersecurity including: Authorization and Authentication Solutions; Blockchain Solutions; Compliance and Risk Management Solutions; Cybersecurity Advisors and Consultants; Cybersecurity Training and Education; DDoS Attack Prevention; End Point Security Solutions; Access Management; Firewall Networks; Data Encryption; Intrusion Protection Solutions; Threat Detection and Prevention; Network Security; Email Protection; and Cybersecurity Data Analytics.

The full listing of cybersecurity rankings in each category can be found at Black Book’s website https://blackbookmarketresearch.com/health-data-security-and-privacy.

“It is imperative that cybersecurity leaders continue to focus on and execute the fundamentals of patient privacy and data protection as many hospital C-Suites are still diverted by other IT initiatives in 2019 like EHR optimization, analytics and revenue cycle management transformation,” said Doug Brown, founder of Black Book and lead researcher on the Q3 2019 study.

Black Book anticipates demand for outsourced information security, consulting and support to increase faster than security technology products and software purchases as security job vacancies exceed qualified candidates and weak security training programs keep the majority of healthcare provider organizations vulnerable.

Black Book Market Research LLC measures customer satisfaction across eighteen copyrighted key performance indicators: Strategic Alignment of Vendor Offerings to the Client’s Mission and Goals; Innovation and Optimization; Training and Education; Client Relationships and Cultural Fit; Trust, Accountability, Ethics and Transparency; Breadth of Offerings; Deployment and Implementation; Customization; Integration and Interfaces, Interoperability and Connectivity; Scalability and Client Adaptability, Vendor Staff Expertise and Performance; Reliability; Brand Image and Marketing Communications; Marginal Value Adds; Vendor Financial Viability and Managerial Stability; Data Storage Services; Support and Customer Care; and Best of Breed Technology and Process Improvement.

“As investments in comprehensive, enterprise-wide solutions increase, it is critical that IT leaders validate to the entire management team that cybersecurity expenditures transcend basic data protection to truly shielding patient safety and ensuring financial strength,” said Brown.

In total, 2,876 cybersecurity system users and senior-level managers participated over the nine-month crowdsourced survey.

Source:
https://www.thechestnutpost.com/news/fortinet-rated-top-end-to-end-healthcare-cybersecurity-solution-in-client-experience-2019-book-market-research-user-survey/

]]>
2020-06-17
<![CDATA[Government Healthcare Entity Expands Secure COVID-19 Testing Sites with Fortinet]]> http://www.phitech.com.tw/news/index.php?news_id=1002 For many healthcare organizations, the COVID-19 pandemic created a sudden need for temporary testing and treatment facilities. This, in turn, required an expansion of secure network connectivity. However, the expansion associated with COVID-19 that one national government healthcare entity experienced was larger than most healthcare organizations.

During normal operations, this healthcare entity was responsible for operating over 130 hospitals and treatment locations. During the COVID-19 pandemic, the organization needed to open over 20 additional sites as quickly as possible in order to cope with the crisis. By creating new locations, the government entity could work to curb the spread of the virus by providing a local treatment option to infected citizens.

The organization already had a trusted relationship with Fortinet and leveraged the Fortinet Security Fabric to manage network security for their hospitals scattered across the country. When the need arose to securely connect the testing sites to the existing network, the organization trusted Fortinet to provide a solution that would arrive in time to open the new facilities.

A Sudden Need for New Healthcare Locations

The government healthcare entity was already using the secure software-defined wide area network (SD-WAN) capabilities integrated into FortiGate next-generation firewalls (NGFW) to securely network over 130 sites and improve user experience for business critical applications.

The new treatment locations created during the COVID-19 pandemic needed to deploy the same SD-WAN connectivity as quickly as possible to send test data for processing. These new sites were often repurposed hotels and conference centers with limited networking or security infrastructure. Every site required a FortiGate NGFW to provide a secure connection to the existing healthcare network.

In many locations, the remote site was capable of connecting over the public internet. However, in some rural locations, broadband internet was not available. In both types of locations, FortiExtender 3G/4G WAN extenders enabled healthcare providers to use mobile networks, either as a backup option or the primary means of connecting over the WAN.

Rapid Deployment of Security Solutions

Because the virus was spreading rapidly, the government entity needed to work with a vendor that it trusted, rather than engaging in a lengthy request for proposal (RFP) and proof of concept (PoC) process. It also required expedited delivery of the Fortinet solutions.

Operating within the healthcare entity’s three-day delivery window, Fortinet coordinated with a number of trusted Fortinet distributors in the area. These organizations had provided distribution assistance during the healthcare entity’s initial Fortinet deployment and could ensure that the new FortiGate Secure SD-WAN and FortiExtender WAN extenders reached their destinations in time.

After the devices were delivered, the government healthcare entity also needed them to be quickly configured. Since many of the new sites were in remote locations, sending trained IT staff to configure them was not a workable solution. However, with FortiDeploy zero-touch deployment, the devices automatically connected to the FortiManager centralized management platform deployed on the government entity’s main network. This platform led the device through any additional configuration steps required. Finally, Fortinet Professional Services helped onboard the IT staff and developed standard operating-procedure documentation.

Flexible Security Solutions Support Rapid Evolution

The government healthcare entity had previously integrated their network security using Secure SD-WAN. This enabled it to rapidly expand its secure WAN by deploying FortiGate NGFWs to its 20 brand-new sites. During theD COVID-19 pandemic, and during business as usual, Fortinet is committed to going the extra mile to ensure that its customers have the network security solutions that they need when they need them.

Discover how Fortinet Teleworker Solutions enable secure remote access at scale to support employees with a wide array of access requirements.

Learn more about enabling the latest advances in patient care while protecting against cyberattacks with Fortinet healthcare cybersecurity solutions.

Find out how Echoenergia and New Zealand Red Cross used Fortinet’s Security Fabric for protection from the network edge to core.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.

Source:

https://www.fortinet.com/blog/business-and-technology/government-healthcare-provider-expands-covid-19-testing-sites

]]>
2020-06-10
<![CDATA[Fortinet帶給網路防火牆市場前所未有的擴充性與效能]]> http://www.phitech.com.tw/news/index.php?news_id=1004 全方位整合與自動化網路資安領導廠商Fortinet宣布推出業界最高效能的產品,奠定另一個新里程碑。FortiGate 4200F採用Fortinet客製化的第七代網路處理器NP7,並具備可達成今日及未來網路擴充與效能要求的工程設計。

 

Fortinet產品執行副總裁暨行銷長John Maddison表示,這幾個星期以來,整合型防火牆與VPN解決方案的低效能和低擴充性導致許多企業組織無法擴大提供安全的遠端存取服務。部署傳統防火牆的企業因無法在多個應用程式上擴充防火牆功能而被迫升級或安裝另一套設備。

 

採用第七代網路處理器(Network Processor,NP7)的FortiGate 4200F以同樣的價格提供比競爭對手高10倍的效能,為網路安全效能樹立新標竿。透過市場上最佳效能的防火牆,客戶可以同樣價格獲得超乎期望的擴充性或以更少的成本得到所需的效能。不管怎樣,我們的客戶都是贏家。

 

企業組織必須具備可因應業務變化即時擴充與調整網路安全性的能力。不論是重新規劃網路以支援突發性的遠距工作需求,或是推動數位創新計劃,效能與擴充性都是關鍵要素。然而,大多數的安全解決方案都無法以合理價格提供企業所需的速度與擴充性。原因就在於安全產品廠商並未積極開發可以經濟實惠的方式滿足今日數位工作場所需求的技術。在這種情況下企業組織只能購買具有最低效能與擴充餘裕的安全解決方案。因此,當重大事件發生或市場需要進行數位創新時,防火牆就從助力成了阻力。

 

為了讓安全性跟上今日資料中心的擴充與效能需求的腳步,Fortinet在高階網路防火牆產品組合中推出FortiGate 4200F。作為Fortinet安全織網(Security Fabric)架構的元件之一,FortiGate 4200F經過特殊的工程設計,利用創新、安全的網路技術將網路與安全性緊密結合。

 

透過Fortinet NP7第七代網路處理器的硬體加速功能,FortiGate 4200F可以達到比競爭產品高5至10倍的安全運算評級(Security Compute Ratings)。

Source:
https://www.chinatimes.com/realtimenews/20200602002106-260410?chdtv

]]>
2020-06-03
<![CDATA[Fortinet’s Commitment to Healthcare Enables Scalable COVID-19 Testing and Care Solution]]> http://www.phitech.com.tw/news/index.php?news_id=1001 For many organizations, the COVID-19 pandemic has caused operations to slow down or come to a halt. However, the opposite is true for the healthcare industry, where an influx of COVID-19 patients has strained the capacity of hospitals and other existing healthcare infrastructure.

One regional hospital system, serving over 1 million residents and multiple hospital locations, decided to move COVID-19 testing off-site. This enabled them to protect patients from infection and save hospital space for confirmed cases.

By deploying a “network in a box” from Fortinet, this hospital system was able to quickly scale its secure network to multiple temporary testing sites located in parking lots and school gymnasiums. The enterprise-level Fortinet security allowed medical personnel working at these locations to maintain compliance with the Health Information Portability and Accessibility Act (HIPAA).

The Need for a Flexible Solution

When deploying remote testing sites for COVID-19, the priority was on selecting sites with the capacity to meet demand. Patients needed to be able to maintain social distance while waiting for their test results. Additionally, the testing sites may need to be converted to field hospitals if cases exceeded the capacity of existing infrastructure. The healthcare provider required a flexible solution that could be deployed anywhere.

Since Fortinet solutions can operate using power over Ethernet (PoE), only a single power outlet or generator was needed to power the entire solution. The core components of the “network in a box” consist of a FortiGate next-generation firewall (NGFW), a FortiSwitch, and a third-party wireless access point, providing a secure connection to the home office. FortiExtender provides a backup connection to the enterprise network, enabling the system to connect via 4G/LTE cellular data if an Ethernet connection is unavailable.

Quick Deployment with Fortinet

Hospitals commonly maintain contingency plans for pandemics; however, in recent cases such as Ebola, the need to implement them has not arisen. When the COVID-19 pandemic started, this hospital system needed to deploy its remote testing sites as quickly as possible.

Since the organization had an existing relationship with Fortinet, they reached out to determine how quickly they could deploy a “network in a box” to multiple test centers. When the order suddenly shifted from a “possibility” to “send as soon as possible”, Fortinet was ready. As an order from a healthcare provider, it was given top priority, and was shipped as soon as the order was received.

The open application program interface (API) architecture of the Fortinet Security Fabric further smoothed the deployment process. The organization was accustomed to using third-party wireless access points and telephony products and wanted that familiarity during this crisis. Fortinet’s commitment to seamless integration with third-party products meant that the hospital system was able to easily deploy a solution that they were comfortable with.

Maintaining Compliance with HIPAA

While the ability to deploy rapidly to remote testing sites was a priority, the hospital system could not compromise on regulatory compliance. Information collected from patients anywhere—even at temporary testing locations—is covered under HIPAA, and healthcare providers’ responsibility to protect this information from exposure has not diminished during the crisis.

Deploying FortiGate NGFWs at the remote sites, and enabling secure VPN connectivity between them in the main office addresses the confidentiality requirement of HIPAA compliance. This ensures that patient data traveling over untrusted networks is not exposed to eavesdroppers.

The Fortinet Security Fabric as a whole, which enabled centralized visibility and management of the appliances at these remote sites, addressed the remainder of the healthcare providers’ compliance requirements. Fabric Management Center (FortiManager and FortiAnalyzer) solution deployed at headquarters enabled the team to manage and monitor the remote sites’ “networks in a box.”

Fortinet Supports Healthcare Security

Throughout this crisis, Fortinet has shown that it is committed to going “above and beyond” to ensure that healthcare professionals have the necessary tools to keep themselves and their patients secure during this crisis. Fortinet solutions have also enabled other industries to continue to operate during this challenging time by enabling them to rapidly transition to support a remote workforce at scale.

Source:
https://www.fortinet.com/blog/business-and-technology/fortinets-commitment-to-healthcare-enables-scalable-covid19-testing-and-care-solution.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblogs+%28Fortinet+All+Blogs%29

]]>
2020-05-27
<![CDATA[Fortinet資安鐵三角協助企業快速建立遠端辦公模式 同時滿足資安需求]]> http://www.phitech.com.tw/news/index.php?news_id=995  影響遍及全球的公衛危機事件,對世界經濟造成前所未有的衝擊。企業也啟動緊急應變計畫,如遠端辦公、居家辦公、分流辦公、異地辦公等營運模式因應大環境的變化。Fortinet資安鐵三角業界唯一具備完整資安防護功能的SD-WAN解決方案,具備安裝簡便、操作簡易、防護周全等優點,成為企業於短時間內快速建立備援辦公室或新據點的最佳選擇。

 台灣Fortinet業務協理廖肇恆指出,現今企業在打造遠端辦公或居家辦公時,最常見的做法是引進VPN、SD-WAN等機制,雖然部分企業會同步添購相對應資安設備,但是若與原有防火牆分屬不同品牌,不僅容易導致現有資安防護機制產生破口,更可能徒增管理上的困擾。Fortinet資安鐵三角方案,包含整合式防火牆(FortiGate)、交換器(FortiSwitch)以及無線基地台(FortiAP)等三大產品,可迅速提供員工安全無虞的行動辦公環境,確保企業營運不中斷。

 對於某些必需特別強化資安防護的企業研發或設計部門,可以搭配FortiToken Mobile這一款應用程式,安裝於員工的手機,利用現有的FotiGate作為身分驗證伺服器,使用雙因子身份驗證機制,就可以有效管控資安問題。

 近幾年,隨著雲端服務盛行,不少產業在考量成本支出下,早已運用SD-WAN取代傳統網路專線,加快資料傳輸速度同時降低成本支出。面對多雲環境趨勢衍生的新資安問題,Fortinet 很早就在FortiGate中提供原生SD-WAN解決方案,具備應用程式感知能力、提供自動WAN路徑控管,並支援多寬頻連線的應用,可全方面提升整體資安防護力。

 廖肇恆指出,對某些中小型傳統產業及分支點較多的企業來說,IT人員通常有限,且可能由總務或其他職務的人兼任,讓公司面臨極大資安防護挑戰及管理上的不易。Fortinet資安鐵三角,因其簡明易懂的網路拓樸圖及流量可視化功能,不僅大幅降低IT人員管理的困難,加上FortiSwitch與FortiAP不需要額外的授權或學習成本,讓流通、傳產及製造業在推動數位轉型專案時更加順利成功。

 另外,隨著愈來愈多企業開始允許員工攜帶自有設備工作,各種惡意軟體或蠕蟲因可躲過防火牆偵測,反而讓公司面臨更嚴峻的威脅。FortiGate搭配自家交換器FortiSwitch、無線基地台FortiAP的Fortinet資安鐵三角方案,可將偵測能力從閘道端延伸到內部網路,協助企業能在第一時間發覺潛藏的惡意軟體,並立即阻斷相關連線,避免其他設備遭到感染外,並保護商業機密或客戶個資的安全。

 整體而言,Fortinet資安鐵三角方案在解決多品牌資安設備的部署與管理問題外,還可強化企業的內、外網防禦能力,預先將有資安風險的用戶端阻斷於交換器上,並用防火牆封鎖外部高資安風險的主機IP位址。此外,資訊人員還可運用功能強大的FortiView工具,監控網路流量與進行統計分析,輕鬆掌握最完整資訊安全與獲得全面保障。

 公衛危機事件之後,無論是遠端辦公或居家辦公模式,都可能會成為維持商業運作的新模式。而防護能力強大且全面的Fortinet資安鐵三角方案,正是企業營運不中斷的最佳後盾。

Source:

https://news.sina.com.tw/article/20200505/35065148.html]]>
2020-05-20
<![CDATA[Enghouse Interactive provides contact centre technology to Admiral Seguros during COVID-19 crisis]]> http://www.phitech.com.tw/news/index.php?news_id=990 n light of the situation created by COVID-19, Admiral Seguros wanted to protect all its phone agents of its contact centre; 270 of them, as well as all of its staff and their families. In addition, it would contribute to help fight the illness. 

To achieve this, Admiral Seguros needed to create an infrastructure in order to maintain its activity and continue offering to clients the same service with the same quality.

To speed up the process, the company relied on Enghouse Interactive’s contact centre technology and Amazon Workspace.

The result

The result was that not only did the company accomplish its goal, but also did it in record time; managing to disassociate the tasks of the agents with the physical workplace, and also providing the right tools for teleworking.

Apart from this main objective, it also obtained side benefits:

A backup solution to avoid loss of information during the migration process by using technology it already had, and therefore, making it easier to maintain all its business layers.

Absolute security for its clients and their data in all voice communications, virtual desktop interface and corporate information.

Team management is more efficient because the desktops are now homogeneous. 

Source:
https://www.itweb.co.za/content/KzQenvjVdzyvZd2r

]]>
2020-05-13
<![CDATA[Fortinet Announces Next-generation Firewall FortiGate 60F]]> http://www.phitech.com.tw/news/index.php?news_id=946 With over 1.5 million units sold worldwide, the FortiGate 60 series is the next-generation firewall.

 

Fortinet, integrated and automated cybersecurity solutions, today announced the FortiGate 60F next-generation firewall. With over 1.5 million units sold worldwide, the FortiGate 60 series is the next-generation firewall and now includes Fortinet’s purpose-built system on a chip 4 (SOC 4) security processor to achieve the high security compute ratings in the industry to support customers’ WAN edge transformation. 

Digital innovation and rapid cloud adoption is changing the face of today’s business and has created significant challenges for organizations, such as poor user experience due to network bandwidth constraints and increased security risks with branches connected to the internet. Software-defined wide area networks (SD-WANs) have emerged as the favoured solution to solve these issues while also reducing the costs associated with MPLS connections. However, not all SD-WAN solutions have risen to the requirements of today’s WAN edge. Many SD-WAN solutions on the market are incomplete and do not adequately provide the right performance, visibility, or security to ensure a secure connection and high quality of user experience.  

To continue its focus on supporting enterprises’ WAN edge transformation and delivering Secure SD-WAN, Fortinet is announcing the latest next-generation firewall to include its patented SOC4 security processor: the FortiGate 60F. Key features include: 

FortiGate 60F consolidates SD-WAN, advanced routing, and advanced security capabilities into a single appliance that enables network leaders to deploy Secure SD-WAN quickly and easily, while also reducing complexity by consolidating point products into a single offering. This allows high performance and improved user experience at an optimal total cost of ownership (TCO).  

To help customers maintain high-quality user experience for their business-critical traffic (be it SaaS, multi-cloud, or unified communications), FortiGate 60F delivers best-in-class application steering, giving visibility to all traffic (even if encrypted) without impacting performance and ensuring all critical applications are routed to their best path.  

FortiGate 60F leverages security-driven networking principals – powered by Fortinet’s patented SOC4 security processor – to deliver the fastest deep inspection of SSL/TLS encrypted traffic (including the industry’s first support for TLS 1.3) at 750Mbps, 11 times greater than the industry average. The FortiGate 60F offers comprehensive threat prevention with IPS, application control, and anti-malware at 700Mbps, four times greater than the industry average, to help customers protect their network without impacting performance. 

Fortinet security processors radically increase the performance, scalability, and value of Fortinet solutions while greatly improving user experience and shrinking space and power requirements.  

Security Compute Rating is a benchmark that compares the performance of Fortinet’s purpose-built ASIC-based next-generation firewall appliance to other NGFW and SD-WAN vendors in that same price range that utilize generic CPUs for networking and security capabilities. 

The FortiGate 60F offers the best price/performance in its class and lays the groundwork for network leaders to easily migrate to Secure SD-Branch by extending security from the WAN to the access edge in an integrated and automated fashion from a single console. 

The solution is also backed by third-party validation, receiving two consecutive “recommended” ratings in the NSS Labs SD-WAN Group Test Reports. 

Source:
http://bwcio.businessworld.in/article/Fortinet-Announces-Next-generation-Firewall-FortiGate-60F-/04-11-2019-178474/

]]>
2020-05-06
<![CDATA[Yedpay 推數碼革新藉 Fortinet 遷移數據至雲端 ]]> http://www.phitech.com.tw/news/index.php?news_id=945 企業要捨棄現有基建,大舉將應用和服務遷移至雲端這個決定並不容易。尤其 Yedpay 始於 2014 年,數據中心可說尚新,將一切推倒重來的勇氣實在可嘉。Yedpay 聯合創辦人兼技術總監 Alva Wong 就表示,當初花了差不多一年才完成數據中心所有部署和基建配置,因此確曾擔心遷移又得重新花一年時間進行部署,還好最後只需大半個月至一個月時間已完成整個遷移過程。

「這個決定當然不容易,但考慮到未來要配合更多網上業務,遷至雲端是必須的。」Alva 透露雖然目前尚未獲發虛擬銀行牌照,但公司已密鑼緊鼓,預計未來將推出更多基於網上的服務。

▲(左起) Fortinet 香港、澳門及蒙古區域總監馮玉明、Yedpay 市場策劃總監鄔家麟、Yedpay 創辦人兼技術總監黃韋皓,及 Fortinet 香港、澳門及蒙古區網絡安全方案經理吳維穎。

Fortinet「保安纖維」提供同步數碼革新

除針對中小企機構提供電子支付平台,Yedpay 亦支援市場推廣及分析工具,客戶層面由傳統企業到的士、街市以至花園街排檔等,可謂相當多元化。Alva 強調,Yedpay 不僅提供電子支付平台,同時亦可取代銀行擔當結算的角色,為那些無法滿足銀行中小企開戶條件的商戶提供較低門檻的交易結算選擇。

涉及交易和電子支付平台,對數據保安要求就不能因對象主要屬中小企而稍有鬆懈。是次部署 Yedpay 採用了建基於端對端功能的 Fortinet「保安纖維」 (Fortinet Security Fabric)進行數碼革新,以確保公司在將基建轉移至雲端的過程中,能同時提高網絡安全性。Yedpay 採納了 Fortinet 的方案,令公司在準備擴展旗下電子支付服務和發展業務的同時, 能確保現有電子支付系統的安全性,亦能避免潛在的網絡風險。


資料來源:

https://unwire.pro/2019/11/04/yedpay-fortinet/security/

]]>
2020-04-29
<![CDATA[Dialogic Announces Successful Interoperability Testing Between the Dialogic BorderNet SBC and the OrecX Oreka Audio Capture Platform]]> http://www.phitech.com.tw/news/index.php?news_id=944 Tuesday, September 17, 2019

BorderNet SBC provides secure scalability for Oreka Audio Capture platform

Parsippany, NJ (September 17, 2019) - Dialogic, a cloud-optimized applications and infrastructure solutions provider for service providers, enterprises, and developers, announced today that interoperability testing has been completed between the Dialogic® BorderNet™ SBC and the Oreka Audio Capture platform from OrecX, a world-leading open source call recording solution provider. 

The BorderNet SBC, a software-only, cloud-native SBC, secures connectivity to OrecX deployments, while simultaneously enabling high-quality call delivery and real-time call recording. The BorderNet SBC and OrecX solutions can be deployed both on-premises and in the cloud, including private, public, and hybrid cloud environments, without compromising performance, availability, and scalability.

“OrecX's interoperability with the Dialogic BorderNet SBC enables our enterprise customers, platform partners, and AI-fueled ecosystem to securely scale the Oreka audio capture platform and leverage it to meet their evolving real-time and post-call digital transformation initiatives,” said Steve Kaiser, OrecX CEO. 

“OrecX customers using the BorderNet SBC are leveraging its flexible licensing and deployment options to help them achieve their unique business objectives,” added Bill Crank, President and CEO of Dialogic. “This successful interoperability testing gives OrecX platform users confidence when choosing the BorderNet SBC for their security and session control needs.”

About Dialogic

Dialogic is a leading cloud-optimized solutions provider for real-time communications media, applications, and infrastructure to service providers, enterprises, and developers around the globe. Based in Parsippany, NJ with offices worldwide, Dialogic works with 48 of the world’s top 50 mobile operators, and nearly 1,000 application developers build and deploy on agile networks. Learn more about how Dialogic is enabling agility by following us on Twitter @Dialogic, and visiting www.dialogic.com and the  Dialogic Blog for the latest industry news, trends and advice. 

Dialogic and BorderNet are either registered trademarks or trademarks of Dialogic Corporation or a subsidiary thereof (“Dialogic”). Other trademarks mentioned and/or marked herein belong to their respective owners.

About OrecX

OrecX’s modern, open, and modular call recording platform meets the diverse requirements of call centers, communication platforms, platforms as a service, large enterprises, and small business at a fraction of the cost and complexity of proprietary closed-end solutions. The quality, access, and control of OrecX’s open design enables a broad ecosystem of third-party speech analytics, voice biometrics and workforce optimization solutions to extend the value of their software for their partners and clients. OrecX is the primary developer and sponsor of the Oreka GPL, an open source call recording project hosted on GitHub, with more than 200,000 unique downloads and tens of millions of users in over 200 countries. https://orecx.com https://github.com/orecx


Source:
https://www.dialogic.com/2019-09-17-interoperability-testing-between-bordernet-sbc-and-orecx-oreka-audio-capture-platform

 

]]>
2020-04-22
<![CDATA[Fortinet’s Latest Security Processor Accelerates the Industry’s Best-Selling Next-Generation Firewall]]> http://www.phitech.com.tw/news/index.php?news_id=943 FortiGate 60F Sets a New Benchmark for Security Compute Ratings and Delivers High-Performance for Integrated Security and SD-WAN
October 31, 2019 09:00 ET Source: Fortinet, Inc.
 
 

SUNNYVALE, Calif., Oct. 31, 2019 (GLOBE NEWSWIRE) --

John Maddison, EVP of Products and CMO at Fortinet
“We hear from an increasing number of customers who are struggling to achieve the required level of user experience, visibility, and security at their WAN edge to support key business applications. With today’s introduction of the FortiGate 60F powered by our latest security processor, Fortinet continues its commitment to security innovation, setting industry records for performance to empower network leaders to truly transform their WAN edge. Our rapidly growing marketshare underscores the need for Fortinet’s Security-Driven Networking approach to SD-WAN, which consolidates SD-WAN, advanced routing, and advanced security capabilities into a single appliance.”

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced the FortiGate 60F Next-Generation Firewall, the fastest, most powerful desktop Secure SD-WAN appliance. With over 1.5 million units sold worldwide, the FortiGate 60 series is the best-selling next-generation firewall and now includes Fortinet’s purpose-built system on a chip 4 (SOC4) security processor to achieve the highest Security Compute Ratings in the industry to support customers’ WAN edge transformation.

Digital innovation and rapid cloud adoption is changing the face of today’s business and has created significant challenges for organizations, such as poor user experience due to network bandwidth constraints and increased security risks with branches connected to the internet. Software-defined wide area networks (SD-WANs) have emerged as the favored solution to solve these issues while also reducing the costs associated with MPLS connections. However, not all SD-WAN solutions have risen to the requirements of today’s WAN edge. Many SD-WAN solutions on the market are incomplete and do not adequately provide the right performance, visibility, or security to ensure a secure connection and high quality of user experience.

To continue its focus on supporting enterprises’ WAN edge transformation and delivering Secure SD-WAN, Fortinet is announcing the latest next-generation firewall to include its patented SOC4 security processor: the FortiGate 60F. Key features include:

  • FortiGate 60F consolidates SD-WAN, advanced routing, and advanced security capabilities into a single appliance that enables network leaders to deploy Secure SD-WAN quickly and easily, while also reducing complexity by consolidating point products into a single offering. This allows high performance and improved user experience at an optimal total cost of ownership (TCO). 
     
  • To help customers maintain high quality user experience for their business critical traffic (be it SaaS, multi-cloud, or unified communications), FortiGate 60F delivers best-in-class application steering, giving visibility to all traffic (even if encrypted) without impacting performance and ensuring all critical applications are routed to their best path. 
     
  • FortiGate 60F leverages Security-Driven Networking principals – powered by Fortinet’s patented SOC4 security processor – to deliver the fastest deep inspection of SSL/TLS encrypted traffic (including the industry’s first support for TLS 1.3) at 750Mbps, 11 times greater than the industry average. The FortiGate 60F offers comprehensive threat prevention with IPS, application control, and anti-malware at 700Mbps, four times greater than the industry average, to help customers protect their network without impacting performance.

Fortinet security processors radically increase the performance, scalability, and value of Fortinet solutions while greatly improving user experience and shrinking space and power requirements. Security Compute Rating is a benchmark that compares the performance of Fortinet’s purpose-built ASIC-based next-generation firewall appliance to other NGFW and SD-WAN vendors in that same price range that utilize generic CPUs for networking and security capabilities. The FortiGate 60F powered by Fortinet’s SOC4 security processor highlights the security processor advantage, enabling the following Security Compute Ratings:

Specification  FortiGate
60F (SOC4
ASIC) 
Industry
Average 
Security
Compute
Rating
Palo Alto
Networks
PA 220
Check Point
1550
Security
Gateway
Cisco
Meraki
MX 67
VMware
VeloCloud
520V
Cisco
Viptela
vEdge
100
Firewall  10 Gbps 0.65 Gbps 15x 0.5 Gbps 1 Gbps 0.45 Gbps N/A N/A
IPSEC VPN 6.5 Gbps 0.38 Gbps 17x 0.1 Gbps 1.3 Gbps 0.2 Gbps 0.2 Gbps 0.1 Gbps
Threat Prevention 0.70 Gbps 0.18 Gbps 4x 0.15 Gbps 0.45 Gbps 0.3 Gbps N/A N/A
SSL Inspection 0.75 Gbps 0.065 Gbps 11x 0.065 Gbps N/A N/A N/A N/A
Concurrent sessions 700,000 15,000 47x 64,000 14,000 N/A N/A N/A

Source: FortiGate results from Fortinet tests. Other vendor information from datasheets. N/A reflects that vendor does not publish performance specifications.
* Industry average is calculated using similar price point solutions from Palo Alto Networks, Check Point, Cisco Meraki, Cisco Viptela, VMware VeloCloud, and other vendors.

The FortiGate 60F offers the best price/performance in its class and lays the groundwork for network leaders to easily migrate to Secure SD-Branch by extending security from the WAN to the access edge in an integrated and automated fashion from a single console.

Today’s announcement reinforces Fortinet’s commitment to Secure SD-WAN and aligns with Fortinet’s recent positioning among the top three vendors in worldwide market share for SD-WAN equipment by revenue in 2Q19, showing a 234% quarter-over-quarter growth rate.

The solution is also backed by third party validation, receiving two consecutive “recommended” ratings in the NSS Labs SD-WAN Group Test Reports. This additional validation underscores Fortinet’s focus on delivering the best performance and advanced security to deliver true WAN edge transformation to its customers.

Supporting Quotes:
“Fortinet significantly reduces complexity for customers because SD-WAN functionality is delivered on the FortiGate appliance, which means MSPs only have to manage one device with one team. With other SD-WAN solutions, the customer might have to bounce back and forth between the firewall team and the SD-WAN team to resolve an issue. With Fortinet Secure SD-WAN, everything is on one box and managed by one team, so MSPs are able to more seamlessly get their customers’ WAN connectivity back up and running without the risk of compromising their security posture.”
-Erik Nordquist, Sr. Product Manager, TPx Communications

“Fortinet provides solutions that are flexible enough to accommodate future changes in our network and will allow us to deploy SD-WAN with the right security requirements. In Fortinet we found a vendor with an excellent global reputation, a strong product offering, and a record of continuous innovation, including the new FortiGate 60F, that can support our needs now and in the future.”
-Keith, Head of IT, Marina Developments Limited 

Additional Resources

About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 415,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.    

Source:
https://www.globenewswire.com/news-release/2019/10/31/1938845/0/en/Fortinet-s-Latest-Security-Processor-Accelerates-the-Industry-s-Best-Selling-Next-Generation-Firewall.html

]]>
2020-04-15
<![CDATA[Fortinet Acquires enSilo, Boosts MDR Security for MSSP Partners]]> http://www.phitech.com.tw/news/index.php?news_id=942 Fortinet has acquired enSilo, setting the stage for MSSP (managed security services provider) partners to gain more advanced MDR (managed detection and response) capabilities that protect networks and endpoints. Financial terms were not disclosed.

Fortinet already has a strong MSSP partner program. enSilo, meanwhile, offers Endpoint Detection and Response (EDR) services to partners. Going forward, that EDR technology will integrate with the FortiSIEM solution, FortiInsight UEBA (user entity behavior analytics) features, and the FortiNAC solution, the two companies say.

The MDR-focused acquisition is somewhat similar to Sophos acquiring both Rook Security and DarkBytes earlier this year; and SolarWinds acquiring Trusted Metrics in 2018. All of those deals aim to arm MSSPs and MSP partners with MDR capabilities.

 

Fortinet Acquires enSilo: Executive Perspectives

Fortinet CEO Ken Xie

In a prepared statement about the enSilo acquisition, Fortinet CEO Ken Xie said:

“As businesses become more networked and operations extend from the cloud to the edge and Internet of Things, the digital attack surface has expanded exponentially and has become more complex to secure. Manual threat hunting or point security solutions are ineffective when managing or securing these new environments. Instead security and the network need to be integrated and orchestrated to enable advanced threat containment at network speeds. In acquiring enSilo, we add automated, real-time detection, protection, and response enhancements to our Fortinet Security Fabric to further protect endpoints and corresponding edge data.”

Added enSilo CEO Roy Katmor:

“Together, enSilo and Fortinet share the commitment to solve customers’ most difficult challenges and to protect the endpoint and their corresponding operations and data. Now, enSilo brings its patented approach for advanced endpoint protection and response to Fortinet and its broad security portfolio.”

 

Fortinet Acquires Ensilo: MSSP and MDR Services Converge

The line between MSSP and MDR service providers has been blurring. In fact, many of the world’s Top 200 MSSPs for 2019also rank among the world’s top MDR service providers.

Meanwhile, Fortinet will be on-hand at this week’s ConnectWise IT Nation Connect 2019 conference in Orlando. The company has close, growing relationships with multiple MSP-friendly business software providers — particularly ConnectWise and Continuum, among others.


資料來源:
https://www.msspalert.com/investments/fortinet-acquires-ensilo/

]]>
2020-04-08
<![CDATA[Enghouse Vidyo Unit Helps Health Systems Scale Telemedicine To Mitigate Coronavirus Risk]]> http://www.phitech.com.tw/news/index.php?news_id=985 Resilient Video Platform Ensures Health Systems Can Provide 
Remote Diagnoses and Effective Patient Care

MARKHAM, ON, March 20, 2020 /PRNewswire/ - Enghouse Systems Limited (TSX:ENGH) today announced its Vidyo, Inc. subsidiary has developed a program to help its telemedicine clients dramatically scale to combat the Coronavirus pandemic.

The program allows for new or existing clients to increase the time or bandwidth they use by multiples of up to 10 to meet needs as they arise. The new program is available as an on-premise, hybrid or cloud-based solution.

"As the world responds to the COVID-19 coronavirus outbreak, Vidyo is committed to doing its part to support health systems' essential efforts to maintain services," said Reuben Tozman, General Manager, Enghouse Vidyo. "We have put a unique program in place for our clients that provides them increased access to our technology to combat the disruptions many are experiencing."

In recent weeks, many organizations have exponentially increased their demand for video communication platforms. Vidyo's proven track record of supporting large health organizations, as well as major financial corporations, government agencies and educational institutions, positions it as an ideal solution for rapidly evolving contingency plans.

Specifically, the Vidyo Telehealth solution enables clinics and hospitals to protect front-line staff and patients by supporting self-isolation and quarantine scenarios, and ensures clinicians, nurses and physicians can provide remote diagnoses and treatments, often with existing technology.

"While we hope the impact of the COVID-19 outbreak will be short lived, the potential strain on health systems could be severe. We know many health organizations are evaluating how best to deliver patient care under difficult circumstances over potentially extended periods of time," said Tozman.

"Vidyo excels at delivering resilient virtual care services. As health systems prepare for the next few months, Vidyo is here to support them with our program so they can effectively integrate various forms of telehealth into their patient management strategies."

Health organizations interested in the program can register at https://info.vidyo.com/vidyo-license.html.

About Enghouse Vidyo

Vidyo is a subsidiary of Enghouse Systems Limited, a software and services company traded on the Toronto Stock Exchange (TSX) under the symbol "ENGH." Vidyo enriches people's lives by embedding real-time video into digital communications in the moments that matter most. Millions of people around the world connect visually every day through Vidyo's secure, scalable technology and cloud-based services. Its patented platform integrates with virtually any application environment, network and device to deliver the highest quality experiences that strengthen teams, build trust, solidify relationships, and improve quality of life. Learn more at www.vidyo.com, read our blog, or follow us on Twitter at @vidyo, on LinkedIn, and on Facebook.

Source:
https://www.prnewswire.com/news-releases/enghouse-vidyo-unit-helps-health-systems-scale-telemedicine-to-mitigate-coronavirus-risk-301027334.html

]]>
2020-03-25
<![CDATA[How To Provision A Branch Office Using Fortinet In Under 10 Minutes]]> http://www.phitech.com.tw/news/index.php?news_id=941 You can have a fully provisioned network stack in your branch office in under 10 minutes, where it’s firewall, Wi-Fi, switch, and SD-WAN,’ says Steve Huddleston, a Fortinet senior systems engineer.

 

 

Customers in verticals such as retail can provision a branch office in less than 10 minutes by turning to Fortinet’s centralized management platform, a company executive said.

“You can have a fully provisioned network stack in your branch office in under 10 minutes, where it’s firewall, Wi-Fi, switch, and SD-WAN,” said Steve Huddleston, a Fortinet senior systems engineer. “It’s a pretty cool solution.”

The Sunnyvale, Calif.-based company’s FortiManager centralized management platform can be quite complex due to all the functionality built into it, Huddleston said Wednesday at NexGen 2019, hosted by CRN parent The Channel Company.

[Related: Fortinet Rides Large SD-WAN Deals To Q2 Sales Success]

But Fortinet can dynamically map interfaces, device models, and IP addresses, Huddleston said, meaning that customers can set a particular firewall policy and apply it to all their branch locations. As a result, Huddleston said customers wishing to change their firewall policy only must do so once before pushing the new rules out to all the branch offices.

The FortiGate firewall can do so many things that some configuration work will be required at all branch sites, Huddleston said. However, by scripting functions, Huddleston said technicians can get devices up and running more quickly by setting host names and IP addresses as well as creating manuals.

Firewall policies and IP settings can be managed centrally for the devices in branch locations by using the graphical user interface (GUI), Huddleston said. In addition, Huddleston said the VPN Manager feature on FortiManager reduces the possibility of human error when setting up either a fully meshsed or hub-and-spoke VPN.

In addition, Huddleston said FortiGate can actually manage Fortinet Wi-Fi access points, allowing folks to quickly push out a standardized Wi-Fi configuration for a new branch office that operates off the same template. And the switch manager in FortiGate streamlines the set up process for configuring switches and VLANs (virtual local area networks), Huddleston said.

Branch offices with multiple internet connections can also be centrally provisioned and managed in less than 10 minutes, according to Huddleston. FortiManager is typically purchased by customers as a virtual machine sitting on the hypervisor and public cloud due to the scalability, Huddleston said, which allows customers to initially buy a small virtual machine and upgrade it over time as they get more devices.

Meanwhile, Huddleston said administrative domains in FortiManager allow for the established on role-based access with different levels of permission and control provided to different organizations or different people within the same organization. These administrative domains don’t impede the MSSP’s ability to fully access all customer environments and make whatever changes they deem necessary.

“FortiManager can do a lot. It’s a very powerful product,” Huddleston said. “I’ve been with the company for 10 years, and I’ve seen it come a long way. It’s extremely effective.”

FortiManager’s ability to put together templates should make it easier to assign tasks to less experienced technicians, according to Keith Nelson, vice president of technology at Irvine, Calif.-based Vistem Solutions. Getting network engineers and other high-ranking personnel off provisioning branch offices should free them up to do more around system design, Nelson said.

Setting up branch offices in less than 10 minutes seems realistic once solution providers have fine-tuned their templates and gotten up to speed on corporate policy, Nelson said. The templates will also allow field reps to get more involved in the deployment process in a controlled manner, Nelson said, boosting their familiarity with product interfaces and giving them more ownership over branch projects.

Source:
https://www.crn.com/news/security/how-to-provision-a-branch-office-using-fortinet-in-under-10-minutes

]]>
2020-03-18
<![CDATA[Fortinet expert on why CISOs must focus on employee development as a key security strategy]]> http://www.phitech.com.tw/news/index.php?news_id=939 Paul Anderson, Head of UK and Ireland, Fortinet, tells us how, by focusing on employee development, enablement and buy-in, CISOs can create a centralised security strategy that builds collaboration and reallocates security teams away from tactical, reactive work to more proactive and strategic efforts.

CISOs are facing a perfect storm when it comes to securing their networks. As the number of Internet of Things (IoT) devices increases exponentially, the scale, scope and even the definition of network has changed dramatically. Multi-cloud deployments and DevOps approaches have dispersed organisations’ data, while ever-increasing degrees of mobility create more and more points of access.

Modern CISOs must now protect a constantly expanding attack surface, with limited resources, at a time when cyberattacks are becoming increasingly sophisticated and security best practices are evolving – all while security talent becomes harder to find.

What contributes to these challenges and how can CISOs effectively address them? One of the clearest moves they can take to improve their organisation’s overall security posture is to prioritise employee training and create a proactive cybersecurity culture.

What’s getting in the way of CISOs’ ability to reach their cybersecurity goals?

According to recent reports, 35% of CISOs believe the lack of a centralised cybersecurity strategy and the lack of support from senior management are the top constraints to effective security. But when examining the reasons behind the lack of central strategy, many of the issues seem to start at the employee layer – both among IT employees as well as general employees across the various lines of business.

First, CISOs are dealing with the effects of the ongoing cybersecurity skills gap. According to the Center for Strategic and International Studies, 82% of organisations suffer from a shortage of cybersecurity professionals, hindering their ability to develop a more strategic approach to cybersecurity and to keep pace with new threats.

Instead, security teams end up staying focused on preventing existing threats, rather than using threat intelligence and advanced tools to identify and respond to unknown vulnerabilities and zero days.

The second challenge is around getting cybersecurity buy-in and participation from the executive suite and from the various lines of business. Among various security initiatives, the prevention, detection and response to insider threats are consistently listed among CISOs’ top-tier priorities.

Managing insider threats, both intentional and unintentional – like clicking on a phishing link, using weak passwords, or exposing the network to an unsecured device – eat up a lot of the security team’s time and resources, preventing them from focusing on threats from external sources.

Putting employees at the centre of cybersecurity

To address this, CISOs should give employees a more active role in cybersecurity. The key is to teach them how to avoid common attack tactics without limiting their productivity. In practice, this means developing a strategy around three main areas:

  1. Upskill the IT team: A truly efficient IT team will focus on threat detection and remediation rather than prevention. To achieve this, CISOs should ensure their security team has regular opportunities for further education in deploying, configuring and managing advanced security tools, as well as identifying and addressing new emerging threats. Proficiency in these types of integrated tools provides IT teams with enhanced visibility into how data is used and moved through the network, in addition to simplified management and analytics abilities. Additionally, hands-on training will ensure they have the ability to configure, install and troubleshoot their organisation’s security solution.
  • Give time back to security teams: Cyberattacks are happening at machine speed – meaning security teams cannot keep up with threat correlation or basic remediation efforts on their own. One way to tackle this challenge is to deploy security solutions that make extensive use of automation through Artificial Intelligence and Machine Learning. Automated solutions make it easier to respond to anomalous activity and known threats attempting to breach the network – allowing security teams time to focus on strategy and remediation efforts. For example, rather than having security teams working around the clock to detect potential internal threats, they can use Machine Learning to understand what normal behaviour for employees looks like and then react when there are deviations. They can also be assigned menial tasks such as inventory management and patching, freeing up human resources to focus on higher-order activities.
  • Create a culture of security: By focusing on training and enabling employees to perform basic security tasks such as updating devices, identifying suspicious behaviours and practising safe cyber behaviour across teams, CISOs can begin to establish a holistic security strategy that can stand up to today’s advanced threats. But beyond making sure that employees can identify phishing attacks or know how to update their applications on a regular basis, CISOs should also encourage collaboration between departments and the security team. This will reduce instances of inadvertent internal threats and increase overall buy-in for the security programme.

Within a context where cyber-risk is almost certain to escalate, effective CISOs will maximise their resources – and will then marshal their people, budget and expertise to fight the battles that matter most. This kind of flexible, scalable defence will prove most effective in the counterattacks against cyberbreaches to come.

資料來源:
https://www.intelligentcio.com/eu/2019/10/21/fortinet-expert-on-why-cisos-must-focus-on-employee-development-as-a-key-security-strategy/

]]>
2020-03-11
<![CDATA[FortiGate NGIPS Receives Third Consecutive Recommended Rating from NSS Labs]]> http://www.phitech.com.tw/news/index.php?news_id=938 By Vince Hwang | October 03, 2019

According to the latest Fortinet Threat Landscape Report published in Q2 2019, we continue to see increases in threats, particularly malware and exploits. In fact, towards end of July, the Fortinet Threat Landscape Index (TLI) was at its highest level over a 12-month period, coming in at a TLI score of 1037. (The TLI is a composite score based on a weekly analysis of randomly selected organizations that started with a baseline number of 1,000 so changes in the threat landscape can be easily compared.) This documented increase in threats highlights the importance of deploying a leading and proven intrusion prevention (IPS) solution to protect against attacks and prevent successful infiltration.

Another “Recommended” Rating from NSS Labs

Fortinet’s FortiGate Next-Generation IPS (NGIPS) is one such solution we believe every customer should consider. But don’t just take our word for it – take a look at the NGIPS Test Reports published annually by NSS Labs. In their latest report, Fortinet earned our 3rd consecutive “Recommended” rating from NSS Labs – once again reinforcing what we hear from our customers that Fortinet is one of the most certified and highly recommended security vendors in the market.

Best Total Cost of Ownership

Not only is FortiGate NGIPS recognized as a highly effective NGIPS solutions tested by NSS Labs in this year’s test, it also offers the best total cost of ownership (TCO) – an important consideration in today’s reality of trying to achieve the best security-driven networking outcome while balancing constrained security budgets and resources.

As an example, the FortiGate 100F used in this year’s NSS Labs NGIPS test offers a 3-Year TCO of $4,935, or roughly $2 per protected-Mbps. There are two reasons for this. The first is that it is powered by a purpose-built security ASIC that accelerates performance while reducing the cost of components by several times over off-the-shelf CPUs. The other reason is that it is also supported by FortiGuard Labs, Fortinet’s industry-leading, AI-driven threat research team, that provides the NGIPS system with some of the most effective and critical threat telemetry in the industry. Now that should be music to customers’ ears—and wallet!

Most Use Cases

And if this wasn’t enough, did you know that customers can leverage the exact same FortiGate platform to implement a security-driven network strategy across a variety of use cases – spanning Next-Generation Firewall (NGFW), Secure SD-WAN, Segmentation, and Secure Web Gateway (SWG), all in addition to NGIPS? FortiGate solutions can also be deployed as physical and virtual appliances supporting all on-premises and cloud uses cases, even providing seamless and consistent security in a multi-cloud environments. They are also a critical component of any end-to-end Security Fabric architecture, providing a broad, integrated, and automated solution to security and network operations.

We Believe in Testing – So Should You

But the accolades don’t stop there. Customers choosing Fortinet for their security-driven networking needs can feel good knowing that Fortinet is also recognized as a Leader amongst the 18 vendors in Gartner’s 2019 Magic Quadrant for Network Firewalls. In fact, this is the 12th time we’ve been recognized by Gartner for Network Firewalls. How’s that for a track record? 

At the end of the day, given the critical role security solutions play in allowing customers to run their businesses, talk is cheap. Which is why we subject our security solutions to more third-party testing than any other vendor. Fortinet is a strong believer that the proof of the pudding is in the eating, not just talking about it, especially when it comes to security effectiveness. We want our customers to feel confident that choosing Fortinet will keep them safe. As such, the NSS Labs NGIPS test is only one of many independent tests of Fortinet’s security effectiveness.

And as far as NSS Labs goes, we participate in a total of 8 tests and we have achieved a “Recommended” rating in every one of them! You can see all of Fortinet’s NSS Labs test results here.

Find out how Fortinet’s Security Fabric delivers broad, integrated, and automated protection across an organization’s entire digital attack surface from IoT to the edge, network core and to multi-clouds.  

Find out how Echoenergia and New Zealand Red Cross used Fortinet’s Security Fabric for end-to-end network protection. 


source:
https://www.fortinet.com/blog/business-and-technology/fortigate-ng-ips-nss-labs-recommended-rating.html

]]>
2020-03-04
<![CDATA[Fortinet unveils new FortiGate 1800F firewall, updates FortiOS]]> http://www.phitech.com.tw/news/index.php?news_id=979 Fortinet unveils new FortiGate 1800F firewall, updates FortiOS Wednesday 19 February 2020 | 09:12 CET | News

Fortinet unveiled the FortiGate 1800F Next-Generation Firewall (NGFW) powered by NP7, the company’s seventh generation network processor. In addition, the company announced the release of FortiOS 6.4, the latest version of its flagship operating system powering the Fortinet Security Fabric. Fortinet also hit a milestone with more than 355 technology integrations with the Fortinet Security Fabric.

FortiGate 1800F NGFW

Fortinet said it's introducing the FortiGate 1800F NGFW to meet the extraordinary demands of data centre security and enable a Security-Driven Networking approach.

The FortiGate 1800F is powered by NP7, the seventh generation of Fortinet’s purpose-built network processor specifically engineered to enable large enterprises to handle unprecedented levels of data and application demands. NP7 offers today’s largest organisations the ability to segment and launch services, manage internal and external risks, and preserve user experience.

FortiOS 6.4

With over 350 new features, FortiOS 6.4 introduces automation, scalability, performance, and AI functionalities to deliver full protection across the entire digital infrastructure. 

With version 6.4, FortiOS adds new features designed to support organisations’ digital innovation goals across the four key pillars of the Fortinet Security Fabric and FortiGuard Labs: security-driven networking, zero-trust network access, dynamic cloud security and AI-driven security operations. 

The Fortinet 360 Protection bundle delivered by FortiGuard Labs provides a complete package of operational, support, and security services to enable customers to deploy and benefit from the full power of the Fortinet Security Fabric and is optimised for SD-WAN deployments. 

source:
https://www.telecompaper.com/news/fortinet-unveils-new-fortigate-1800f-firewall-updates-fortios--1327159

]]>
2020-02-26
<![CDATA[Exablaze launches ExaNIC X25 & X100 NICs for low-latency trading]]> http://www.phitech.com.tw/news/index.php?news_id=977 Exablaze, a global provider of ultra-low latency network devices, is launching two new network adapters: ExaNIC X25 and ExaNIC X100. 

In both live trading and benchmark tests the new network adapters proved to be the fastest available, and have set a new record for low-latency performance. The exceptional speed of the new Network Interface Cards (NICs) is due to the unique hardware, software and firmware architecture developed by Exablaze. The ExaNIC X25 is available now, while the ExaNIC X100 is expected to ship in late Q1. 

 
Dr Matthew Grosvenor, SVP of Technology at Exablaze, says: “There is a maxim in Exablaze – in order to be fast, we have to design speed into everything we develop: it’s not enough to simply make old components go a bit faster. We must always start from a clean sheet. That’s how we stay ahead.

“Every aspect of the ExaNIC X25 and X100 is optimised for low latency operations. From our unique cut-through receive path, to our pre-loaded TCP packet transmission capability, we have gone the extra mile to create cutting-edge technology for our clients.”
 
In low latency trading and HFT minimising the time it takes to send and receive network messages is critically important. Exablaze’s achievement with the two new NICs is twofold: to provide significant speed improvements for sending and receiving messages, and to allow trading desks and firms to future-proof their NICs, by using flexible FPGA (field-programmable gate array) technology. FPGA-based NICs can be upgraded and customised ’in the field’ (ie after installation), for example, to support high-speed, 25GbE connections and/or, by adding application-specific logic directly inside the NIC hardware to further reduce system latency.
 
According to Exablaze internal benchmarks, the NICs run approximately 20 per cent faster (ie over 100 nanoseconds) than other low latency optimised NICs, including Exablaze’s own ExaNIC X10. On highly-optimised systems, the ExaNIC X25 offers software trigger-to-response latencies as low as 568ns (median 629ns). These results underscore Exablaze’s continued market dominance in making the fastest NICs available. 
 
Exablaze’s low-latency and highly-programmable networking technologies have caught the eye of world-leading networking technology company Cisco Systems. Cisco recently announced plans to acquire Exablaze, including the ExaNIC product portfolio. The ExaNIC product series is expected to continue to grow under the Cisco banner when the acquisition is formally concluded later this year.
 
"Cisco shares with Exablaze a relentless focus on improving end-to-end performance in ultra-low-latency environments,” said Thomas Scheibe, Vice President of Product Management for Cisco’s Nexus & ACI products. “Application performance is only as good as the sum of the parts: from latency optimized ExaNICs and FPGAs, to latency optimized layer 1 switches and multiplexers, through to latency optimized Cisco Nexus 3500 L3 switches, the whole system needs to be fully optimized.” 
 
A key contributor to the unmatched latency performance of the ExaNIC X25 and X100 is the latest generation of Xilinx Ultrascale+ FPGA technology. The devices are built around Xilinx KU3P FPGAs, featuring 25Gb/s capable transceivers and 13Mb of on-chip ultra-RAM. The X25/X100 NICs optionally also ship with 4GB/9GB (respectively) of on-board DDR4 memory, allowing developers to build more powerful and diverse applications directly inside the devices using the ExaNIC Firmware Development Kit (FDK).
 
The ExaNIC X25 will initially ship in a 2x 10GbE configuration. Future firmware updates will support 2x 25GbE support as well. The ExaNIC X100 will initially ship in 8x 10GbE and 2x 40GbE configurations. Future firmware updates will bring 8x 25GbE and potentially 2x 100GbE support.

Source:
https://www.institutionalassetmanager.co.uk/2020/01/16/282027/exablaze-launches-exanic-x25-x100-nics-low-latency-trading

]]>
2020-02-19
<![CDATA[Fortinet shares healthcare cyberattack trends in 2019]]> http://www.phitech.com.tw/news/index.php?news_id=937 BY  ON OCTOBER 14, 2019 • LEAVE A COMMENT )

During the first five months of 2019, healthcare organizations were under nearly constant cyberattack attempts ranging from targeted phishing and customized ransomware incidents to more common exploits such as malware and botnets. The examples below serve as a takeaway so that we can learn from what has come before.

Traditional Healthcare Network Threats

One of the most prevalent threats was Android/Generic.AP malware that targets Android mobile devices. Once installed on a phone, this trojan can capture keystrokes, collect system information, download/upload files, perform denial-of-service attacks, and run/terminating processes. In networks where healthcare providers rely on their mobile devices to provide real-time patient information, compromised phones can become a conduit for introducing additional malware into the network and gaining unauthorized access to patient information.

Botnets have been another challenge so far in 2019. Gh0st RAT is able to take full control of a victim’s machine, as well as log keystrokes and hijack webcam and microphone data. Bladabindi is similar, but it can also steal stored credentials such as usernames/passwords and other PII.

Have you read “Fortinet shares security-driven network strategies at cybersecurity conference”?

Targeted Attacks

We have also seen a spike in targeted attacks against healthcare networks. Incidences of an older Trojan called Kwampirs, that targets the systems of MRI and X-ray machines and siphons their configuration data, have been documented being actively deployed inside specific networks.

SamSam ransomware has also been targeting the healthcare industry, but we are now seeing additional capabilities being developed and additional malware being included with the ransomware payload, which should worry security administrators.

Cybersecurity company Fortinet shares the four essential elements of security hygiene.

  • Patch devices religiously.
  • Update hardware and software when possible.
  • Replace older systems that can no longer be patched or updated.
  • Implement strong proximity controls for systems that cannot be replaced.

Visibility not only requires seeing every device on the network but also knowing what they are and the role they play.

Mission-Critical Systems – It’s crucial that you understand your mission-critical processes, including critical care areas that cannot withstand downtime.
Online Assets – Maintain an automatically updated inventory of every asset on your network. Those resources that rely on remote access, such as telemedicine or remote clinics, need extra attention.
Extended Infrastructure – You need to not only understand your network topology, but cloud resources such as SaaS applications and infrastructures, as well as remote and branch offices.
Medical IoT – Monitoring or treatment systems need to be identified, tracked, and secured, including mobile devices that move between hospital departments or even into patient homes.

Segmentation is crucial

Once an attacker manages to gain access to the network, they will continue to drive deeper to achieve their goals. Proper network segmentation can limit lateral movement, thereby slowing down attacks and even discouraging attackers – giving you more time for detection and response.

Ransomware – not if, but when

Given their user’s preference for healthcare networks, healthcare IT administrators need to assume they will continue to be the target of a ransomware attack. Proper preparation includes an aggressive backup strategy, storing backups and recover systems offline, and running restoration drills so recovery can be fast and effective.

資料來源:
https://backendnews.net/2019/10/14/fortinet-shares-healthcare-cyberattack-trends-in-2019/

]]>
2020-02-12
<![CDATA[Fortinet Wins “Professional Certification Program of the Year” Award in 2019 CyberSecurity Breakthrough Awards Program]]> http://www.phitech.com.tw/news/index.php?news_id=936 By Rob Rashotte | October 09, 2019

Fortinet is pleased to announce that its Fortinet Network Security Expert (NSE) Institute’s certification program has been named the “Professional Certification Program of the Year” in the 2019 CyberSecurity Breakthrough Awards program. CyberSecurity Breakthrough is a leading independent market intelligence organization that recognizes the top companies, technologies, and products in the global information security market today.

“Fortinet’s combination of broad program scope, global accessibility, and program philosophy have resulted in a cybersecurity education program that goes well beyond a traditional commercial certification program focused on vendor-specific solutions,” said James Johnson, managing director, CyberSecurity Breakthrough. “Fortinet has built a program that is truly focused on closing the cybersecurity skills gap, with more than 230,000 certifications being issued to individuals in more than 200 countries, and we are thrilled to recognize the Company with our 2019 CyberSecurity Breakthrough Award designation as Professional Certification Program of the Year.”

The Fortinet Network Security Expert (NSE) certification program closes the cybersecurity skills gap from a much wider perspective than traditional training and certification programs. The program’s unprecedented level of accessibility includes an 8-level approach targeting different knowledge and skills at each level.

The lower levels (NSE 1 – 3) assess knowledge and understanding of the threat landscape and various solutions that are common in the industry. These initial NSE levels appeal to any individual wishing to understand cybersecurity principles and better protect themselves online, academic institutions looking to provide assessment tools to assess students entering cybersecurity programs, and organizations looking for tools to deploy a cybersecurity awareness program for their employees. The mid-levels of the program (NSE 4 – 6) are more traditional certification levels that focus on a technical audience and their ability to install, configure, and troubleshoot individual Fortinet products. The top levels of the program (NSE 7 - 8) focus on the skills and knowledge required by engineers and architects to design complete cybersecurity solutions using a variety of Fortinet and other products, and to deploy those solutions into complex network environments.

The mission of the CyberSecurity Breakthrough Awards is to honor excellence and recognize innovation, hard work, and success across a range of information security categories, including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, Email Security, and many more. This year’s program attracted more than 3,500 nominations from over 15 different countries throughout the world.

Learn more about Fortinet’s NSE Institute programs, including the Network Security Expert programNetwork Security Academy program and FortiVets program.


Source:
https://www.fortinet.com/blog/business-and-technology/fortinet-wins-cybersecurity-breakthrough-award-nse-institute.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblogs+%28Fortinet+All+Blogs%29

]]>
2020-02-05
<![CDATA[Introducing FortiCWP for Comprehensive Cloud Workload Protection]]> http://www.phitech.com.tw/news/index.php?news_id=935

The lack of cohesion between different security deployments often results in a lack of centralized visibility into critical service configurations, activities, network traffic, security events, and data hygiene. This challenge is compounded further as their business extends its presence across multiple public cloud provider platforms.

To help organizations address this fundamental cloud security issue, Fortinet has just introduced FortiCWP  – a Cloud Workload Protection solution designed to help customers assure compliance and mitigate risks associated with IaaS-based applications. It enables organizations to regain visibility and control over their dynamic multi-cloud infrastructure by providing the industry’s most integrated and dynamic multi-cloud security posture management solution.

Cross-Solution Integration

FortiCWP has been deeply integrated into multiple public cloud infrastructures – including using cloud native APIs from AWS, Google Cloud Platform, and Microsoft Azure – to assess configurations, monitor activity in cloud accounts, analyze and scan data, monitor cloud network traffic, and provide comprehensive compliance reports. 

To ensure it is always running up-to-the-minute security insights, FortiCWP is also integrated with FortiGuard Labs to receive regular and timely threat intelligence updates. It is also integrated with FortiSandbox to analyze data stored in the cloud for malicious content. When combined, these FortiCWP services provide unprecedented visibility and control over the state of cloud security, even across multi-cloud infrastructures, enabling security teams to see and manage their cloud environments with confidence.

Addressing Critical Cloud Security Challenges

Specifically, FortiCWP addresses several of the most critical challenges facing organizations tasked with securing their cloud environments.

  • To address the lack of visibility into cloud configuration and account activities, FortiCWP leverages its tight integration with the leading public cloud providers – Amazon AWS, Microsoft Azure, and Google Cloud Platform to scan configurations and setting and to compare them with best practices, compliance regimes and corporate policy.
  • As the industry’s most integrated dynamic cloud security visibility solution due to its Fabric-based integration with a Fortinet’s Multi-Cloud Dashboard, it enables security teams to seamlessly manage security across multiple cloud platforms.
  • FortiCWP supports the “shared responsibility model of any cloud deployment by looking at configuration settings of the cloud vendor as well as those of the organization.
  • FortiCWP addresses the challenge of ungoverned cloud data with high-capacity cloud-based DLP and malicious content inspection.
  • FortiCWP helps organizations assure they are compliant with industry specific security standards by comparing activity and configurations with policies require by standards including PCI, HIPAA, SOX, GDPR, ISO 27001, and NIST.

The First Fully Integrated Cloud Security Solution

When FortiCWP is combined with FortiGate VM for Ingress/egress cloud security and FortiWeb for Web Application and API Protection, they form the only integrated cloud security solution addressing network security, web application security, and cloud platform security in a comprehensive and tightly integrated solution. Its support for IaaS based applications also makes it the perfect complement to FortiCASB, which is designed to provide management, visibility, and control for SaaS-based applications.

By leveraging these integrated solutions, organizations can now extend the expertise of their security teams into the cloud, enabling them to effectively mitigate risk across their continuously evolving digital innovation landscape.

FortiCWP provides centralized dashboards, reports and maps to track security events and user activity.




source:
https://www.fortinet.com/blog/business-and-technology/forticwp-cloud-workload-protection.html

]]>
2020-01-29
<![CDATA[FortiGate NGIPS Receives Third Consecutive Recommended Rating from NSS Labs]]> http://www.phitech.com.tw/news/index.php?news_id=934 By Vince Hwang | October 03, 2019

According to the latest Fortinet Threat Landscape Report published in Q2 2019, we continue to see increases in threats, particularly malware and exploits. In fact, towards end of July, the Fortinet Threat Landscape Index (TLI) was at its highest level over a 12-month period, coming in at a TLI score of 1037. (The TLI is a composite score based on a weekly analysis of randomly selected organizations that started with a baseline number of 1,000 so changes in the threat landscape can be easily compared.) This documented increase in threats highlights the importance of deploying a leading and proven intrusion prevention (IPS) solution to protect against attacks and prevent successful infiltration.

Another “Recommended” Rating from NSS Labs

Fortinet’s FortiGate Next-Generation IPS (NGIPS) is one such solution we believe every customer should consider. But don’t just take our word for it – take a look at the NGIPS Test Reports published annually by NSS Labs. In their latest report, Fortinet earned our 6th consecutive “Recommended” rating from NSS Labs – once again reinforcing what we hear from our customers that Fortinet is one of the most certified and highly recommended security vendors in the market.

Best Total Cost of Ownership

Not only is FortiGate NGIPS recognized as a highly effective NGIPS solutions tested by NSS Labs in this year’s test, it also offers the best total cost of ownership (TCO) – an important consideration in today’s reality of trying to achieve the best security-driven networking outcome while balancing constrained security budgets and resources.

As an example, the FortiGate 100F used in this year’s NSS Labs NGIPS test offers a 3-Year TCO of $4,935, or roughly $2 per protected-Mbps. There are two reasons for this. The first is that it is powered by a purpose-built security ASIC that accelerates performance while reducing the cost of components by several times over off-the-shelf CPUs. The other reason is that it is also supported by FortiGuard Labs, Fortinet’s industry-leading, AI-driven threat research team, that provides the NGIPS system with some of the most effective and critical threat telemetry in the industry. Now that should be music to customers’ ears—and wallet!

Most Use Cases

And if this wasn’t enough, did you know that customers can leverage the exact same FortiGate platform to implement a security-driven network strategy across a variety of use cases – spanning Next-Generation Firewall (NGFW), Secure SD-WAN, Segmentation, and Secure Web Gateway (SWG), all in addition to NGIPS? FortiGate solutions can also be deployed as physical and virtual appliances supporting all on-premises and cloud uses cases, even providing seamless and consistent security in a multi-cloud environments. They are also a critical component of any end-to-end Security Fabric architecture, providing a broad, integrated, and automated solution to security and network operations.

We Believe in Testing – So Should You

At the end of the day, given the critical role security solutions play in allowing customers to run their businesses, talk is cheap. Which is why we subject our security solutions to more third-party testing than any other vendor. Fortinet is a strong believer that the proof of the pudding is in the eating, not just talking about it, especially when it comes to security effectiveness. We want our customers to feel confident that choosing Fortinet will keep them safe. As such, the NSS Labs NGIPS test is only one of many independent tests of Fortinet’s security effectiveness.

And as far as NSS Labs goes, we participate in a total of 8 tests and we have achieved a “Recommended” rating in every one of them! You can see all of Fortinet’s NSS Labs test results here.

Find out how Fortinet’s Security Fabric delivers broad, integrated, and automated protection across an organization’s entire digital attack surface from IoT to the edge, network core and to multi-clouds.  

Find out how Echoenergia and New Zealand Red Cross used Fortinet’s Security Fabric for end-to-end network protection. 

Source:

https://www.fortinet.com/blog/business-and-technology/fortigate-ng-ips-nss-labs-recommended-rating.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblogs+%28Fortinet+All+Blogs%29

]]>
2020-01-22
<![CDATA[Sangoma Leader in SIP Trunking for Small Businesses]]> http://www.phitech.com.tw/news/index.php?news_id=933 Out of 29 SIP trunking companies examined in the Eastern Management Group’s latest SMB customer survey, none beat Sangoma. No vendor other than Sangoma received the highest possible ranking — four stars — in every customer satisfaction category.
 
If you’re not familiar with Sangoma — or maybe it’s been a while since you were — you may want to brush up… or catch up. The $100 million voice and UC solution provider is on a bit of a tear. Sangoma’s revenue has grown by 53% (CAGR) each year since 2017, and it got another healthy boost when it acquired Digium last September. Sangoma’s gross profit is around 60%, and the business currently spends a customer-comforting 18% of revenue on research and development.
 
Let’s Talk SIP
Apart from the company’s good financials, Sangoma further distinguishes itself in SIP trunking customer satisfaction. In Eastern Management Group’s “2019 SMB SIP Trunking Customer Satisfaction” survey, no competitor beat Sangoma, which stands at the pinnacle of the satisfaction leader board.
 
The Eastern Management Group’s 2019 satisfaction survey of 3,000 IT managers shows a side-by-side comparison of 29 SIP trunk providers. SMB customers (from one to 500 employees) evaluated their SIP vendors on six Customer Satisfaction Measurements under the headings of product, vendor experience, and customer delight.
 

SIP_PROVIDERS1.JPG

SIP trunk providers rated by Eastern Management Group
 
 
The Eastern Management Group
 
In Eastern Management Group’s customer survey, Sangoma received the highest possible ranking — four stars, in every customer satisfaction measurement: technology and product, purchase experience, support, management tools, total overall satisfaction, and recommend-to-a-friend.
 
About Sangoma
Sangoma is one of the scores of providers in the $14.4 billion (2018) SIP trunk market — a market that’s growing 7% yearly — and will continue doing so. The SIP market itself is catapulted by cloud growth, enterprise branch office openings, high PSTN prices, and the inevitable POTS end of life, which are addressed in the Eastern Management Group report "2018-2024 SIP Market 7-Year Forecast and Analysis."
 
Sangoma is an established provider of hardware and software that drives IP communications systems for telecom and datacom applications. The company, which launched in 1984, sells to SMBs and carriers in 150 countries. Well-known Digium is a Sangoma subsidiary, making Sangoma the primary developer and sponsor of the open-source Asterisk project.
 
Based on Eastern Management Group’s customer survey research, 95% of Sangoma SIP trunk customers are SMBs having fewer than 500 employees; that’s more than the SIP trunk industry average of 83%. Sangoma’s largest customer cohort is businesses with 11 to 50 employees; this may account for a third of Sangoma’s SIP customer base.
 
Sangoma customers are well distributed across the 20 vertical markets Eastern Management Group tracks. Sangoma has a broader vertical market reach than many competitors. Our research finds considerable Sangoma SIP trunking sales to businesses in the professional services, retail, and transportation markets.
 
Product and Value
SIPStation is Sangoma’s SIP trunking offer. The company checks all the essential boxes with SIP features:
 
  • Choose your own phone numbers
  • Send and receive faxes
  • T.38 faxing & SMS
  • Share voice services across multiple locations
  • Add lines at any time — no contracts required
  • Create high-volume SIP trunks that are fax- and SMS-compatible
Sangoma’s elevator pitch for SIP is a good one, and the customer benefits include:
 
  • 21-day free trial
  • Cost savings with three-year, one-year, and monthly contracts
  • Integrated with the FreePBX and PBXact systems
  • Integrated fax services
 
It’s our opinion that Sangoma has made a very good name for itself. It has all the trappings of a hands-on company: The CMO blogs weekly, talking as if to a family. Sangoma operates just like a small business — and that’s nice to report on.
 
The research used in this post comes from the following Eastern Management Group sources: "2019 SIP Trunking Customer Satisfaction" report and models, and “2018-2024 SIP Global Market 7-Year Forecast and Analysis.” For more information on these studies and reports, please contact our analyst team or John Malone directly at 212-738-9402 Ext. 2201 or jmalone@easternmanagement.com.

資料來源:
https://www.nojitter.com/sipsip-trunking/sangoma-leader-sip-trunking-small-businesses
]]>
2020-01-15
<![CDATA[《科技》Fortinet SD-WAN解決方案,獲瑞典Telenor採用]]> http://www.phitech.com.tw/news/index.php?news_id=932 【時報記者林資傑台北報導】全方位整合與自動化網安廠Fortinet(NASDAQ: FTNT)宣布,其次世代SD-WAN網路解決方案,獲得全球行動電信集團Telenor旗下Telenor Sweden採用,協助提升敏捷性、靈活性與安全性,加速數位轉型推動,成為北歐首家推出安全SD-WAN服務的行動電信業者。

 為開發使用者更多能力、推動數位化轉型,許多企業致力最佳化WAN基礎架構與連線能力,讓雲端應用程式達到最佳效能,提供最佳的使用者體驗。Fortinet的SD-WAN解決方案協助Telenor可基於寬頻與4G/LTE提供所需智慧化及安全性,因應快速變化的應用需求。

 最新統計顯示,超過4成企業希望今年底前前試行或採用SD-WAN或混合WAN技術。Telenor表示,在瑞典擁有50名以上員工與3個營業據點的企業中,就有3000多家計畫在現階段或近期內發展WAN解決方案,讓內外部資料與應用程式存取更有效率且更安全。

 Telenor SD-WAN產品負責人Tomas Flodin表示,在提供安全、靈活且具成本效益的SD-WAN託管服務時,高安全性是首要考量。選擇Fortinet主要考量可將NGFW安全與SD-WAN服務整合到同一平台,獲得期望的可視性、控制力與安全性,保護客戶的資料與應用程式。

 Fortinet產品執行副總裁John Maddison表示,數位創新正對企業分支機構重大轉變。隨著服務與應用程式逐漸轉移至雲端,各分支機構的網路邊緣隨之增加,擴大網路被攻擊面,使得安全性比以往更加擔憂,除非安全性為SD-WAN一部分,否則無法發揮優勢。

 John Maddison認為,為了在部署後能立即發揮效益,SD-WAN必須提供完整的安全服務與可視性,讓企業知道是誰正透過哪些裝置存取網路,以便使用合適的安全原則給端對端,及本地到WAN、雲端或資料中心上使用。

資料來源:
https://tw.stock.yahoo.com/news/%E7%A7%91%E6%8A%80-fortinet-sd-wan%E8%A7%A3%E6%B1%BA%E6%96%B9%E6%A1%88-%E7%8D%B2%E7%91%9E%E5%85%B8telenor%E6%8E%A1%E7%94%A8-041715065.html

]]>
2020-01-08
<![CDATA[Customers Choose Fortinet Secure SD-WAN for True WAN Edge Transformation]]> http://www.phitech.com.tw/news/index.php?news_id=931 One of the most common issues facing organizations looking to deploy an SD-WAN solution is that what looks like a simple enough idea – replacing your static MPLS connection with a more flexible WAN solution – can quickly become a logistical nightmare. That’s because today’s branch offices have complex requirements that legacy routers, and even most SD-WAN solutions have simply not been designed to address.

The primary need is fast and reliable access to critical business applications. Cloud adoption is rampant, and as organizations migrate their data and resources to the cloud, backhauling those latency sensitive or performance hungry applications through a traditional WAN link to the corporate network quickly becomes problematic. It not only adds additional bandwidth loads on network infrastructures, but can reduce the effectiveness of the application and impact things like productivity and the user experience.

Branch Office Requirements are Evolving

Today’s branch offices require multiple links in order to enable direct connectivity to critical resources. While the traditional link to the core network is still important, they also need direct internet access in order to quickly connect to essential applications such as Salesforce, Office365, and unified communications located in the cloud.

Of course, internet connections are notoriously unreliable and unsecure. So an SD-WAN solution needs to provide rich application steering, redundancy, and quality controls at the network level, as well as a full stack of security solutions to secure data and information that used to rely on the security deployed within the core network. In addition, because 80% or more of the traffic moving through this direct internet connection will need to be encrypted, security also needs to provide deep SSL inspection without impacting application performance.

Most SD-WAN Solutions Don’t Measure Up

Because most SD-WAN vendors only provide very basic firewall functionality as a native element of their solution, customers are required to address this issue by adding security after the fact. But they quickly discover that the complexity of building such a solution is more than they bargained for. Security needs to provide a full stack of protection, including firewallIPSweb filtering, anti-virus and anti-malware, web application firewall, and even sandboxing. And if these solutions aren’t integrated to function as a single unit, managing these tools can require significant overhead.

Second, these security solutions need to be fully compatible with security deployed elsewhere, especially in the cloud. Policies need to traverse multiple ecosystems, enforcement needs to be consistent, and visibility needs to be seamless.

And finally, security and networking need to work as a single system.  This needs to work at scale across hundreds of locations, and do so easily with zero-touch deployment capabilities. And because connections are often in constant flux in order to maintain connection service levels, any overlay security system is forced to react to changes, which can introduce gaps in protections. Instead, what’s needed is for security and networking to be fully integrated together, so that when application or connectivity requirements change, both the network and security adapt simultaneously so there is never a need to “catch up.”

And even more importantly, a Security-Driven Network approach means that if an adjustment in connectivity or configurations would result in a compromise in terms of security, the security solution can prevent that adjustment based on policy, rather than leaving an unsecured connection, exposing data and applications to infection or theft.

A Real World Example

Addressing this real-world challenge was a top priority for one of the largest recycling and waste management companies in North America. They needed to upgrade their WAN solution to more efficiently and securely interconnect their recycling facilities, landfills, and transfer stations.  Their goal was to reduce circuit costs, rationalize their security product inventory, and centralize security management across their distributed organization.

By enhancing data correlation and integration between their various security elements, they also hoped to achieve better visibility, control, and decision making capabilities. However, this lower and more predictable infrastructure cost model also needed to provide a more flexible infrastructure that would be easier to tune in order to meet changing business requirements, without ever compromising security in the process.

Fortinet responded by positioning our Secure SD-WAN and SD-Branch solutions. We were able to demonstrate how, through our Security Fabric framework, all of the various security and networking elements worked together in terms of coordination, correlation, management, configuration, and orchestration. Unlike the traditionally complex SD-WAN story that involved multiple solutions that didn’t really interoperate, Fortinet’s Secure SD-WAN provided the right mix of tightly integrated network and connection functionality, management, and security that the organization was looking for.

Once the Secure SD-WAN solution was under consideration, we were then able to demonstrate how its security and network functionality could also be seamlessly extended deep into each branch network by combining them with switching, wireless access, and network access control functions. Even better, this integrated SD-Branch solution could also be managed remotely through the same interface used to manage the Secure SD-WAN connection.

SD-WAN networking, security, and access control solutions offering from other vendors, including the incumbent solution from Cisco, simply did not work as an integrated system. Separate management, configuration, and orchestration tools would significantly impact the organization’s goals of interoperability and lowering operational overhead. And the Fortinet solution also provided far and away the best price/performance of any solution under consideration.

Fortinet Uniquely Combines Networking and Security into a Single, Integrated SD-WAN Solution

Fortinet’s Secure SD-WAN and SD-Branch solutions combine the entire suite of powerful security tools included in the FortiGate NGFW security appliance – including firewall, IPS, antivirus, web filtering, and sandboxing – with a rich suite of essential connectivity, bandwidth management, and application recognition tools to ensure the reliable delivery of even the most latency-sensitive business applications. It then combines that security with Fortinet’s switching and wireless access points to extend the same security and network management functionality, combined with device and access control, into the branch office network to manage and secure locally deployed enduser and IoT devices.

No other solution in the market provides such a high-performance, deeply integrated, and highly interoperable solution for today’s distributed networks. Simple deployment, unmatched performance, and deep integration between network functionality, connectivity, access control, and a full suite world-class security solutions – all managed and orchestrated through a single pane of glass management system – sets the Fortinet Secure SD-WAN and SD-Branch solutions apart from the rest of the market.

Learn how Fortinet’s Secure SD-WAN Solution uses a security-driven networking approach to improve user experience and simplify operations at the WAN Edge.


資料來源:

https://securityboulevard.com/2019/10/customers-choose-fortinet-secure-sd-wan-for-true-wan-edge-transformation/

]]>
2020-01-01
<![CDATA[Fortinet Ranked in Top Three by Gartner for SD-WAN Equipment Market Share by Revenue]]> http://www.phitech.com.tw/news/index.php?news_id=930 SUNNYVALE, Calif., Oct. 01, 2019 (GLOBE NEWSWIRE) -- Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced that it is among the top three vendors in worldwide market share for SD-WAN equipment by revenue in Gartner’s Q2 2019 report titled, “Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 2Q19.” According to Gartner, total worldwide SD-WAN equipment revenue in 2Q19 was $417M, up 30% quarter-over-quarter. In 2Q19, Fortinet’s SD-WAN revenue is reported to have grown 234% quarter-over-quarter to $46M. This represents the third highest revenue market share at 11.1%.

“Cybersecurity has become a top-of-mind strategic business issue for enterprises deploying WAN edge solutions,” says John Maddison, EVP of products and CMO at Fortinet. “We’re hearing from an increasing number of customers who are concerned about the security risks associated with SD-WAN exposing branch offices to the Internet. We believe our growing market share validates the need for Fortinet’s unique Security-Driven Networking approach, which tightly integrates security and SD-WAN functionality into a single offering. Fortinet is committed to SD-WAN innovation; just this year we released the industry’s first SoC4 ASIC specifically designed to increase SD-WAN performance and security. Fortinet’s Secure SD-WAN solution includes best-of-breed next-generation firewall security, SD-WAN, advanced routing, and WAN optimization capabilities as well as the ability to extend SD-WAN to the access layer via SD-Branch. Because we deliver our SD-WAN solution in-built into every FortiGate Next-Generation Firewall, customers benefit from some of the industry’s best threat protection and threat detection capabilities, fully integrated with one of the top SD-WAN solutions on the market.”

Fortinet Secure SD-WAN is backed by third-party validation
Fortinet solutions have consistently demonstrated high security effectiveness, advanced feature offerings, and superior performance when put to the test by third parties. Fortinet’s Secure SD-WAN solution has received two consecutive NSS Labs “Recommended” ratings and showcased the lowest TCO in the latest NSS Labs SD-WAN Group Test.

Fortinet is a customer favorite
Fortinet received the February, 2018 Gartner Peer Insights Customers’ Choice recognition (Feb 2018) for Enterprise Network Firewall Management Software and has the most reviews of all vendors in the Gartner Peer Insights Enterprise Network Firewall Market as of September 30, 2019. Fortinet’s Secure SD-WAN solution, an integral part of FortiGate Network Firewalls, has also received the most reviews of all vendors in the Gartner Peer Insights WAN Edge Infrastructure Market as of September 30, 2019. Fortinet believes that this additional customer recognition further highlights Fortinet’s leadership in the SD-WAN market.

Fortinet’s Focus on SD-WAN Innovation
Fortinet developed the industry’s first SD-WAN ASIC, which allows them to deliver the fastest SD-WAN security performance in the industry. This includes acceleration for responsive overlay VPN and a better overall WAN user experience across the enterprise. Fortinet’s Secure SD-WAN solution interoperates as part of a comprehensive security architecture through the Fortinet Security Fabric, producing an integrated end-to-end security solution across the entire attack surface that leverages Security-Driven Networking. In addition, Fortinet offers a tightly integrated SD-Branch solution that brings together the branch LAN and WAN environments to ensure consistent security, single-pane-of-glass manageability and visibility, and better TCO.

Supporting Quotes
“We were already pleased with the performance of Fortinet’s Next-Generation Firewalls in our data center and the protection they provide for employee access and authentication. We recently chose to leverage Fortinet’s Secure SD-WAN capability because it provides superior security features in one simple offering. Fortinet helps us reduce complexity and gives us the single-pane-of-glass visibility across all our locations.” 
— Brian Talbert, Director, Network and Connectivity Solutions, Alaska Airlines

“We like Fortinet Secure SD-WAN’s ease of use at the scale at which we operate. Just as importantly, we were impressed with the high level of security that is built into Fortinet Secure SD-WAN. The other solutions we looked at would have required us to add a third-party security tool.”
— Hilton Sturisky, CIO at Crawford & Company

“Security was a top priority for us as a financial institution when it came time to execute our ‘Bank Branch of the Future’ project. We chose Fortinet’s SD-Branch solution because we were able to consolidate our branch services into the same platform that would be running our SD-WAN, giving us better visibility, control and security at our branch offices.”
— Luis Eduardo Dos Santos, Head of Network and Telecom, Banco Votorantim, Brazil

“Leveraging Fortinet’s SD-WAN solution, District School Board Niagara has been able to provide our staff and students with a stable, feature rich and secure network environment, including use of IoT devices in the classroom and schools. We’ve been able to deploy Fortinet’s premium technology while still lowering our broadband and fiber costs. The savings we’ve achieved as a result has allowed DSB Niagara to redirect funds toward educational priorities for all students in DSBN. This includes STEM programs, such as our iHub Academy and our IT4 Learning Team, elective programs for students focusing on artificial intelligence, machine learning, robotics, threat management, etc.” 
— Dino Miele, CIO, District School Board of Niagara

“We’ve been using a cloud-first approach for several years as part of our digital transformation journey. As part of our Ministry of Education Broadband Modernization Project, an initiative to transition all Ontario schools to SD-WAN, we’ve had to speed up this process while connecting each of our schools directly to the internet. After going through the vendor evaluation process, we selected FortiGate Secure SD-WAN because it provides best-of-breed SD-WAN and security features in one single offering. As a result, we’ve been able to reduce complexity at the school level and have single-pane-of-glass visibility across all our locations. We’ve seen a significant reduction in the total cost of ownership for our WAN.” 
— Chris Dale, Executive Manager of ICTS, London District Catholic School Board

Additional Resources

Gartner, Market Share: Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 2Q19, Joe Skorupa, Christian Canales, Nareesh Singh, 20 September 2019.

資料來源:

https://www.globenewswire.com/news-release/2019/10/01/1923391/0/en/Fortinet-Ranked-in-Top-Three-by-Gartner-for-SD-WAN-Equipment-Market-Share-by-Revenue.html

]]>
2019-12-25
<![CDATA[Reducing risk and complexity with Secure SD-WAN – Fortinet]]> http://www.phitech.com.tw/news/index.php?news_id=929 Article by Jon McGettigan, Senior Regional Director, Fortinet Australia and New Zealand

As the pace of digital innovation picks up, opportunities arise. But, concurrently, the attack surface expands.

The challenge for enterprises is to be able to take advantage of business opportunities whilst reducing risk and complexity.

Secure SD-WAN (software-defined wide area networking) is one trend that satisfies both imperatives: expanding the reach of the enterprise network and protecting those who use it.

SD-WAN

SD-WAN is primarily a networking solution without, by definition, embedded security.

SD-WAN simplifies the management and operation of a WAN by decoupling the networking hardware from its control mechanism.

This concept is similar to how software-defined networking uses virtualisation to improve data centre management and operations.

A key application of SD-WAN is to allow enterprises to build higher-performance WANs using lower-cost and commercially available internet access.

This enables them to partially or wholly replace legacy private WAN connection technologies such as MPLS (multi-protocol label switching).

Gartner predicts that by 2023 more than 90% of WAN edge infrastructure refresh initiatives will be based on either virtualised customer premises equipment (vCPE) platforms or SD-WAN software/appliances.

Secure SD-WAN

Secure SD-WAN takes the concept one step further by adding security into the solution.

Secure SD-WAN appliances incorporate all of the networking functionality inherent in SD-WAN and combines it with all of the security features of a next-generation firewall.

The key point here is tight integration between networking and security.

SD-WAN alone doesn’t address security. Security has to be added separately.

In order to establish and secure an SD-WAN branch office, IT managers have to install, configure and maintain both the SD-WAN appliance as well as a firewall.

Two vendors and two separate systems using different cost and licensing models add more complexity into the solution.  

Consistent policy

With a Secure SD-WAN appliance, your workload is cut in half.

And, if your Secure SD-WAN appliance is an integrated component of your overall security fabric, your workload is even further reduced as you’ll be able to extend your integrated security policy to the SD-WAN and branch office.

This further reduces complexity and total cost of ownership.

You’ll be able to manage your SOC (security operation centre) and NOC (network operation centre) management tasks from a single-pane-of-glass dashboard.

You will also be able to incorporate automation into the solution and implement zero-touch for branch offices.

Both reduce the need for skilled staff at remote locations.

Conclusion

Secure SD-WAN not only reduces complexity, but it also reduces risk by ensuring that your branch office is hardened against adversaries of all types.

It also supports a uniform security policy based on business requirements and ensures the desired outcome for the enterprise.

Fortinet’s Secure SD-WAN appliances, fully-integrated components of Fortinet’s market-leading Security Fabric, extend a consistent security policy into your branch offices whilst improving network functionality.

In addition, Secure SD-WAN, as part of the Security Fabric, ensures that no security gaps result due to connecting the branch office to the enterprise WAN.

If you have multiple components independently trying to defend your network, you’re only as strong as your weakest component.

But if they’re collaborating in defending your network, their sum is greater than the individual parts.

This is the true benefit of Secure SD-WAN and the Fortinet Security Fabric.

About the author

Jon McGettigan is Senior Regional Director, Fortinet ANZ. As such, he is responsible for driving Fortinet’s continued expansion in the Australasian region through building and maintaining relationships with enterprises, partners and staff. As a senior executive, he understands the risks, motivations and opportunities that face executives as they transform their networks into 21st-century revenue centres.

About Fortinet

Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organisations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 375,000 customers trust Fortinet to protect their businesses. Learn more at the Fortinet website, the Fortinet Blog, or FortiGuard Labs.


資料來源:
https://itbrief.co.nz/story/reducing-risk-and-complexity-with-secure-sd-wan-fortinet

]]>
2019-12-18
<![CDATA[Introducing FortiCWP for Comprehensive Cloud Workload Protection]]> http://www.phitech.com.tw/news/index.php?news_id=928 The lack of cohesion between different security deployments often results in a lack of centralized visibility into critical service configurations, activities, network traffic, security events, and data hygiene. This challenge is compounded further as their business extends its presence across multiple public cloud provider platforms.

To help organizations address this fundamental cloud security issue, Fortinet has just introduced FortiCWP  – a Cloud Workload Protection solution designed to help customers assure compliance and mitigate risks associated with IaaS-based applications. It enables organizations to regain visibility and control over their dynamic multi-cloud infrastructure by providing the industry’s most integrated and dynamic multi-cloud security posture management solution.

Cross-Solution Integration

FortiCWP has been deeply integrated into multiple public cloud infrastructures – including using cloud native APIs from AWS, Google Cloud Platform, and Microsoft Azure – to assess configurations, monitor activity in cloud accounts, analyze and scan data, monitor cloud network traffic, and provide comprehensive compliance reports. 

To ensure it is always running up-to-the-minute security insights, FortiCWP is also integrated with FortiGuard Labs to receive regular and timely threat intelligence updates. It is also integrated with FortiSandbox to analyze data stored in the cloud for malicious content. When combined, these FortiCWP services provide unprecedented visibility and control over the state of cloud security, even across multi-cloud infrastructures, enabling security teams to see and manage their cloud environments with confidence.

Addressing Critical Cloud Security Challenges

Specifically, FortiCWP addresses several of the most critical challenges facing organizations tasked with securing their cloud environments.

  • To address the lack of visibility into cloud configuration and account activities, FortiCWP leverages its tight integration with the leading public cloud providers – Amazon AWS, Microsoft Azure, and Google Cloud Platform to scan configurations and setting and to compare them with best practices, compliance regimes and corporate policy.
  • As the industry’s most integrated dynamic cloud security visibility solution due to its Fabric-based integration with a Fortinet’s Multi-Cloud Dashboard, it enables security teams to seamlessly manage security across multiple cloud platforms.
  • FortiCWP supports the “shared security model of any cloud deployment by looking at configuration settings of the cloud vendor as well as those of the organization.
  • FortiCWP addresses the challenge of ungoverned cloud data with high-capacity cloud-based DLP and malicious content inspection.
  • FortiCWP helps organizations assure they are compliant with industry specific security standards by comparing activity and configurations with policies require by standards including PCI, HIPPA, SOX, GDPR, ISO 27001, and NIST.

The First Fully Integrated Cloud Security Solution

When FortiCWP is combined with FortiGate VM for Ingress/egress cloud security and FortiWeb for Web Application and API Protection, they form the only integrated cloud security solution addressing network security, web application security, and cloud platform security in a comprehensive and tightly integrated solution. Its support for IaaS based applications also makes it the perfect complement to FortiCASB, which is designed to provide management, visibility, and control for SaaS-based applications.

By leveraging these integrated solutions, organizations can now extend the expertise of their security teams into the cloud, enabling them to effectively mitigate risk across their continuously evolving digital innovation landscape.

 

Learn more about how FortiCWP can address critical cloud security challenges.

Learn more about how Fortinet’s dynamic cloud security solutions provide the necessary visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.

Read these customer case studies to see how Cuebiq and Steelcase implement Fortinet’sdynamic cloud security solutions for secure connectivity and application security.


資料來源:

https://securityboulevard.com/2019/09/introducing-forticwp-for-comprehensive-cloud-workload-protection/

]]>
2019-12-11
<![CDATA[FortiGate Network Firewalls Give MSSPs Another Reason to Select Fortinet]]> http://www.phitech.com.tw/news/index.php?news_id=927 For MSSPs, regardless of their business model or specialty, service excellence is a key factor in determining their success in the marketplace. Whether you are a pure play MSSP, a managed service provider with a strong security business, or a cloud service provider that has seen the need to offer security as part of your IT service portfolio, your business can benefit from partnerships with Industry Leaders.

Fortinet has been recognized as one of the Leaders among the 18 vendors included in the Gartner Magic Quadrant for Network Firewalls report for 2019. Fortinet believes this acknowledgement showcases our clear understanding of market needs, both as an innovator and thought leader. It also highlights our ongoing commitment to providing the IT community, and our more than 415,000 customers around the world, with the best possible cybersecurity protection for today’s increasingly sophisticated and highly distributed networks.

As networks continue to undergo rapid and ongoing transformation, it is critical that the underlying security architecture is able to adapt and scale in a way that enables organizations to realize their business objectives. Fortinet’s clear vision of the needs of both today’s and tomorrow’s networks has enabled us to continually be at the forefront of delivering capabilities that align with the current and future needs of our partners and your end-users. Fortinet is the only security vendor delivering a broad portfolio covering Secure SD-WANCloud Security, Network security, Application security, Email security, and Secure access, all supported with a single pane of glass management across the entire attack surface. We are also the only vendor to actually weave all of these elements into a single, integrated Security Fabric.

As an MSSP, seeking out best-of-breed functionality to ensure that client data and applications are optimally protected is a critical decision.  Due to the prevalence of high-profile security breaches, business leaders are increasingly making network security a top priority. Yet, their CISOs have an inadequate supply of high-level security skills to deal with the threats. As a result, many organizations are looking to migrate some or all of the risk out of their IT departments to MSSP and MSP partners.

We believe Fortinet’s recognition as a Magic Quadrant Leader by Gartner can play a key role in this selection process, and MSSPs offering Fortinet-based security services can benefit by association.

Of course, recognition is about much more than industry acknowledgement, which is why we are also so proud of the fact that our solutions have been universally adopted by more than 415,000 organizations both large and small – including a majority of the Fortune 500 companies, who trust Fortinet to secure their most critical assets.

We also count the top global service providers and a very large ecosystem of Managed Service Providers as our valued partners, deploying and managing services based on Fortinet security for their customers. With our strong and ongoing commitment to MSSP Services, Fortinet provides a strong and high value add security capability for the MSSP market.


資料來源:
https://securityboulevard.com/2019/09/fortigate-network-firewalls-give-mssps-another-reason-to-select-fortinet/

]]>
2019-12-04
<![CDATA[IndiGo Airlines Relies on Fortinet's Secure SD-WAN Solution to Provide the Best User Experience for Business Critical Applications]]> http://www.phitech.com.tw/news/index.php?news_id=926 SUNNYVALE, Calif. - Sep 24, 2019 
 

John Maddison, EVP of products and CMO at Fortinet

"Many customers are currently forced to use multiple point products and management consoles to achieve a secure SD-WAN connection. This separation of network and security operations is not only labor-intensive, but also makes performance and security a bottleneck to move toward direct internet access. Fortinet's unique combination of next-generation firewall and SD-WAN in the same offering, managed through a single centralized controller has seen tremendous momentum in customer adoption and received two consecutive SD-WAN "Recommended" ratings from NSS Labs."

Fortinet®  (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced that IndiGo, India's largest airline, has deployed Fortinet Secure SD-WAN solution across its branch offices to secure its WAN edge.

IndiGo is the largest passenger airline in India with a market share of 46.9 percent as of March, 2019. The airline connects to 58 domestic and 19 international destinations and operates more than 1300 flights every day. It is also the largest individual Asian low-cost carrier in terms of jet fleet size and passengers carried, and the seventh largest carrier in Asia. With a fleet size of 222 aircrafts, IndiGo has served over 300 million customers globally.

IndiGo's growing passenger traffic combined with poor MPLS network and Internet quality had resulted in delays for customers accessing their applications for flight booking, call centers, airport counters and flight status checking, adversely affecting their business. To avoid delays  and provide the best possible user experience for business-critical applications, the airline decided to adopt a hybrid WAN model, supporting its 54 airport counters, that would be able to distribute traffic over a variety of links, including MPLS, Broadband and Internet Leased Line. IndiGo selected Fortinet Secure SD-WAN solution to provide best of breed SD-WAN integrated with security capabilities with one single offering. As part of the Fortinet Security Fabric, Fortinet's Secure SD-WAN solution combines networking and security features, such as routing, WAN optimization, application control and next-generation firewall, enabling IndiGo to manage and configure its WAN and security system from a single-pane-of-glass view.

IndiGo has also deployed multiple FortiGate Next-Generation Firewalls at 54 airport counters and in their data centers, along with FortiManager and FortiAnalyzer for management and analytics. As a result, IndiGo can now map WAN resources directly making the network more efficient and responsive by combining scalability, flexibility, simplicity and cost savings with industry-leading security protection through Fortinet's Secure SD-WAN solution.

After the SD-WAN deployment IndiGo has benefited from:

  • High Application Performance: Automated intelligence, a key feature of FortiOS for SD-WAN, significantly reduces latency by selecting the most efficient route for business-critical traffic through the tracking of granular WAN path information. This helps IndiGo monitor link quality connecting 2000 users in 54 branches with the lowest latency, supporting comprehensive routing with dynamic failover that ensures high-application availability.  
  • Best-of-Breed SD-WAN and Security Capabilities in One Console: With an integrated solution, IndiGo manages both SD-WAN optimization and security capabilities using a single interface. This integration of network and security operations makes it easy to tie traditionally network-centric issues such as performance and functionality to critical NGFW capabilites and SSL data inspection. The single console management helps IndiGo better allocate its IT resources to increase productivity and reduce business costs.
  • Reduced WAN Opex: IndiGo is able to achieve higher bandwith with lower WAN cost by transitioning from MPLS to a hybrid WAN using Fortinet's Secure SD-WAN. Fortinet's Secure SD-WAN capabilities allows IndiGo to leverage WAN link remediation to handle even the most volatile WAN connections and deliver superior application performance for unified communication.  
  • Simplified WAN Edge Management: FortiManager and FortiAnalyzer helps IndiGo with SD-WAN management and orchestration with a single pane for centralized management with reporting and analytics across the SD-WAN environment. 
  • Potential to Scale: With Fortinet's Secure SD-WAN solution, IndiGo can continue to grow its business and expand operations by easily and securely adding new SD-WAN branches to its expanding network.

資料來源:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2019/indigo-airlines-relies-on-fortinet-s-secure-sd-wan-solution.html
]]>
2019-11-27
<![CDATA[AudioCodes Introduces Meeting Insights™]]> http://www.phitech.com.tw/news/index.php?news_id=925

Meeting Insights is an enterprise solution that turns meetings into continuous productivity, by capturing and sharing every idea, action and opinion from any meeting through AudioCodes Voice.AI technology


NEWS PROVIDED BY

AudioCodes 

23 Sep, 2019, 16:24 IDT


LOD, Israel, Sept. 23, 2019 /PRNewswire/ --

Highlights

  • Enterprise corporate meetings are strategically important, bringing together key team members driving decisions, execution and planning
  • Meetings generate an untapped body of business intelligence data, expert opinions, and actionable insights – most of which are typically lost as soon as the meeting ends
  • AudioCodes Meeting Insights solution is an enterprise solution enabling enterprises to capture, organize, and share meeting content
  • Meeting Insights seamlessly delivers multi-modal and real-time access to key meeting moments, decisions taken and resulting action items
  • Meeting Insights ensures that anyone in an organization, whether they attended a meeting or not, can simply and efficiently analyze and act upon its content

Details

AudioCodes (NASDAQ: AUDC), a leading vendor of advanced voice networking and media processing solutions for the digital workforce, today announced Meeting Insights, an enterprise solution that is designed to easily capture, organize and share corporate meeting content assets using AudioCodes state-of-the-art Voice.AI technology.

Meeting Insights leverages years of VoIP leadership and enterprise market presence to power a new age of advanced voice analytics and meeting-generated insights. Capturing information from multiple sources spanning both in-room and remote participants connected from multiple locations, Meeting Insights seamlessly delivers multi-modal and real-time access to key meeting moments, decisions taken and resulting action items. The result is a robust solution that holds crucial information that would otherwise be lost.

"Business meetings are an essential part of business life, but even after the most strategic sessions, important information and key decisions can be lost or forgotten," commented Shabtai Adlersberg, AudioCodes President & CEO. "Relying on AudioCodes vast experience and know-how in voice and AI technology, Meeting Insights ensures that anyone in an organization, whether they attended a meeting or not, can simply and efficiently analyze and act upon its content, significantly improving organizations' ability to retain and share critical business data".

Common organizational use-cases of Meeting Insights include team collaboration sessions, training classes, recruitment interviews and sales reviews. With the solution currently in beta stage, these use-cases together with user feedback will serve as a basis for the general availability of Meeting Insights as a Software-as-a-Service (SaaS) offering.

Follow AudioCodes' social media channels:

AudioCodes invites you to join our online community and follow us on: AudioCodes Voice BlogLinkedInTwitterFacebook, and YouTube.

About AudioCodes

AudioCodes Ltd. (NASDAQ, TASE: AUDC) is a leading vendor of advanced voice networking and media processing solutions for the digital workplace. AudioCodes enables enterprises and service providers to build and operate all-IP voice networks for unified communications, contact centers, and hosted business services. AudioCodes offers a broad range of innovative products, solutions and services that are used by large multi-national enterprises and leading tier-1 operators around the world.

For more information on AudioCodes, visit http://www.audiocodes.com.

Statements concerning AudioCodes' business outlook or future economic performance; product introductions and plans and objectives related thereto; and statements concerning assumptions made or expectations as to any future events, conditions, performance or other matters, are "forward-looking statements'' as that term is defined under U.S. Federal securities laws. Forward-looking statements are subject to various risks, uncertainties and other factors that could cause actual results to differ materially from those stated in such statements. These risks, uncertainties and factors include, but are not limited to: the effect of global economic conditions in general and conditions in AudioCodes' industry and target markets in particular; shifts in supply and demand; market acceptance of new products and the demand for existing products; the impact of competitive products and pricing on AudioCodes' and its customers' products and markets; timely product and technology development, upgrades and the ability to manage changes in market conditions as needed; possible need for additional financing; the ability to satisfy covenants in the Company's loan agreements; possible disruptions from acquisitions; the ability of AudioCodes to successfully integrate the products and operations of acquired companies into AudioCodes' business; and other factors detailed in AudioCodes' filings with the U.S. Securities and Exchange Commission. AudioCodes assumes no obligation to update the information in this release.

©2019 AudioCodes Ltd. All rights reserved. AudioCodes, AC, HD VoIP, HD VoIP Sounds Better, IPmedia, Mediant, MediaPack, What's Inside Matters, OSN, SmartTAP, User Management Pack, VMAS, VoIPerfect, VoIPerfectHD, Your Gateway To VoIP, 3GX, VocaNom, AudioCodes One Voice, AudioCodes Meetings Insights and CloudBond are trademarks or registered trademarks of AudioCodes Limited. All other products or trademarks are property of their respective owners. Product specifications are subject to change without notice.

Company Contact

IR Agency Contact

Shirley Nakar - Orgad
Director, Investor Relations
AudioCodes
Tel: +972-3-976-4000
shirley@audiocodes.com

Brett Maas
Managing Partner
Hayden IR 
Tel: +1-646-536-7331
Brett@haydenir.com

SOURCE AudioCodes

]]>
2019-11-20
<![CDATA[Fortinet leading the fight against cybercriminals]]> http://www.phitech.com.tw/news/index.php?news_id=924 As cybercriminal methods become ever more smart and sophisticated, protecting financial services and other organisations is a major undertaking, writes Paul Anderson.

Due to the sensitive nature of the data they store, and the monetary motivations of cybercriminals, organisations within the financial services (FS) sector are a high-value target and are at high risk of cyber attacks.

This growing risk comes at a time when FS firms are turning their focus to innovating new technologies and features to meet evolving consumer demands. Providing regular updates and new online products is a necessary key differentiator in the competitive financial market. However, rolling out new features at such a fast pace also increases the attack surface and potential vulnerabilities.

The risk of going mobile

With the rise in mobile usage, financial firms are focusing on developing digital wallets and innovative peer-to-peer (P2P) solutions. As mobile payments grow in popularity, FS and fintech firms have to be increasingly wary of related cyber risks. Vulnerabilities lurking in payment applications, mobile phones and point of sale (POS) systems can become entry-ways into customer accounts and even broader financial networks. In fact, according to Fortinet’s Threat Landscape Report, more than a quarter of organisations have experienced a mobile malware attack, with the vast majority of those threats targeting or originating from devices running the Android operating system.

Compromising mobile devices not only allows attackers to steal data stored on that device, it can also be used to collect personal banking information using phishing apps, intercept data moving between a user and their online bank, and monitor financial transactions when purchasing goods or services online. The ‘Android.banker.A2f8a’ malware, for example, targeted more than 200 different banking apps to steal login credentials, hijack short message services, and upload contact lists and other data onto a malicious server.

Worryingly, these apps aren’t just being downloaded from risky sites. Between August and October of 2018, 29 banking Trojans masquerading as legitimate apps were removed from the Google Play store, but only after they had been installed by over 30,000 users. Yet even this is only part of the exposure. Compromised devices are also becoming a gateway through which the larger financial services network can be exploited.

New threats challenging FS

In addition to mobile threats, Fortinet has documented four additional attack strategies that financial security teams need to pay special attention to.

The first is cryptojacking which, in many industries including FS, has jumped ahead of ransomware as the malware of choice. While ransomware continues to be a serious concern for financial networks, the number of unique cryptojacking signatures nearly doubled in 2018. The number of platforms compromised by cryptojacking jumped 38 per cent. Perpetrators included advanced attackers using customised malware, as well as ‘as-a-service’ options available on the dark web for novice criminals.

Although cryptojacking is often considered to be a nuisance threat that only hijacks unused central processing unit cycles, a growing number of new attack techniques include disabling essential security functions on devices, thereby enabling cryptojacking to become a gateway for additional attacks.

Encrypted traffic is a second area of concern. This staple of financial organisations now represents an unprecedented 72 per cent of all network traffic, up from 55 per cent in 2017. While encryption can certainly help protect data and transactions, it also represents a challenge for traditional security solutions. The critical firewall and intrusion prevention system performance limitations of most legacy security technologies continue to hinder organisations’ ability to inspect encrypted data at network speeds. Rather than attempting to slow down time-sensitive financial transactions, a growing percentage of this traffic is simply not being adequately analysed for malicious activity, making it an ideal mechanism for criminals to spread malware or exfiltrate data.

Additionally, botnets are getting smarter. The number of days that a botnet infection was able to persist inside an organisation has increased from 7.6 to 10.2 days, indicating that botnets are becoming harder to detect and remove. This is also the result of many organisations still failing to practice good cyber hygiene, including patching and updating vulnerable devices, protecting the Internet of Things (IoT), and thoroughly scrubbing a network after an attack has been detected.

Last but not least, a new form of spear phishing is enabling threat actors like Silence Group to compromise banks via email in order to gather financial data and remotely withdraw money from ATMs, also known as “jackpotting”. By leveraging pre-installed and publicly available tools, such as PowerShell – an automation engine and scripting language designed to help information technology professionals configure systems and automate administrative tasks – they can accelerate lateral movement across a network while enhancing evasiveness by leveraging processes already identified as legitimate.

Implementing cohesive security

To successfully address today’s challenges, FS organisations need to rethink their strategy, from automating their security hygiene measures to replacing isolated security devices with an integrated security fabric architecture that can seamlessly span the growing attack surface.

In order to address the latest attack vectors, organisations need to achieve greater control over their network, thereby limiting exposure if there is a breach.

This entails:

To protect these customers, organisations should start by educating them about using legitimate banking applications. This includes constantly reminding them of what sorts of information they will – and won’t – be asked for, such as online “password validation” or “account validation” techniques used by phishers and scammers. Organisations should also regularly scan the internet for fraudulent applications, warn consumers when they are found, and apply pressure on application stores to remove them from their inventories.

Commercial banks, credit unions, stock brokerage firms, asset management firms, and insurance companies that support digital transactions through mobile apps are increasingly being targeted and exploited by malicious criminals.

At the same time, they suffer the same challenges as organisations in other sectors, including figuring out how to inspect and secure the growing volume of encrypted traffic, battling the persistence of botnets, and addressing new malware trends.

The use of automation and high-performance security resources will enable financial organisations to protect their distributed environments and keep pace with modern forms of cyberattacks.


資料來源:
https://www.scotsman.com/business/fortinet-leading-the-fight-against-cybercriminals-1-5007569

]]>
2019-11-13
<![CDATA[Fortinet shares security-driven network strategies at cybersecurity conference]]> http://www.phitech.com.tw/news/index.php?news_id=923 BY  ON SEPTEMBER 20, 2019 • LEAVE A COMMENT )

Cybersecurity solutions firm Fortinet holds anew its annual Fortinet 361° Security conference this year across multiple cities in Southeast Asia and Hong Kong. The 2019 iteration explores innovative ways to protect business networks in the hyper-connected world of today.

The regional Fortinet 361° Security 2019 cybersecurity conference will gather Fortinet executives, industry experts, and customers who will share their insights on how to securely unlock the potential of the digital economy, enabling organizations to confidently focus on the business, technology, and infrastructure drivers shaping their future.

Keynote and panel discussions will cover a range of topics, including today’s changing threat landscape, the growing challenge of interconnected devices, the widening distributed network, and how security strategies need to adapt to meet the new demands of today and tomorrow.

“In today’s hyper-connected world, data moves between various environments such as multi-cloud, IoT, and mobile devices. It is important for modern networks to enforce consistent security, yet preserve functionality in the network, so that essential workflows are protected along their entire data path as data travels through multiple environments. That is why this year’s regional 361° Security conference focuses on Security-Driven Networking, where networking and security are integrated and combined. This concept of building a network around security as a foundation, allows enterprises to architect and deploy business critical applications and services faster than ever before without compromising security throughout the network,” said Peerapong Jongvibool, VP for Southeast Asia and Hong Kong at Fortinet.

“The pace of digital transformation in the Philippines is accelerating. Since the entry of this mindset into the mainstream consciousness roughly three years ago, we have seen local businesses start undertaking their transformation journey. The country has also started fulfilling its mission to establish one digitized government as the Department of Information and Communications Technology recently launched the E-Government Masterplan (EGMP) 2022—this makes this year’s regional 361° Security conference more relevant to local organizations,” said Louie Castañeda, country manager, Fortinet Philippines.

“The demands of digital transformation are forcing organizations of all sizes and industries to reassess the effectiveness and scalability of existing legacy security infrastructure. Networks in sensitive sectors such as government, financial services, and healthcare, often hold highly-valuable data on individuals, financial transactions, and critical infrastructure. This data-rich environment makes them the target of a variety of threats like ransomware, phishing, and DDoS, which aim to halt, extort, or disrupt networks. Business leaders and IT professionals must equip themselves with forward-looking strategies to cope with increasingly complicated network environments. As organizations develop a meshed and hyper-connected networking infrastructure that spans ecosystems, businesses, societies, and personal lives, security needs to do the same,” said Anthony Lim, Principal Consultant for South East Asia and Hong Kong at Fortinet.

Fortinet 361° Security 2019 conference goes to Ho Chi Minh (Oct 22), Hanoi (Oct 24), Hong Kong (Oct 31) and Singapore (Nov 6).


資料來源:
https://backendnews.net/2019/09/20/fortinet-shares-security-driven-network-strategies-at-cybersecurity-conference/
 

]]>
2019-11-06
<![CDATA[Fortinet Recognized as a Leader in the Gartner Magic Quadrant for Network Firewalls]]> http://www.phitech.com.tw/news/index.php?news_id=922 Marks 10th time in a row that Fortinet is in the Magic Quadrant for Network Firewalls
September 19, 2019 11:15 ET Source: Fortinet, Inc.
 
 

SUNNYVALE, Calif., Sept. 19, 2019 (GLOBE NEWSWIRE) -- 

John Maddison, EVP of products and CMO at Fortinet 
“Fortinet continues to be a clear leader in the network firewall market. The Fortinet Security Fabric platform removes complexity and provides automated and broad protection across the entire digital attack surface. FortiGate Network Firewalls were among the first to deliver integrated SD-WAN, provide broad support for multi-cloud environments and accelerate the cloud on-ramp for better user experience. We believe this recognition from Gartner validates our work toward enabling enterprise customers to architect a security-driven network that delivers consistent security to all network edges.”

News Summary 
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity solutions, today announced it has been named a Leader among 18 vendors in the 2019 Gartner Magic Quadrant for Network Firewalls. This marks the tenth time Fortinet has been recognized as a Leader for completeness of vision and ability to execute. Fortinet believes its placement in the Leaders quadrant is largely due to its commitment to enabling a security-driven networking approach, which integrates security into every element of the network, to help its more than 415,000 global customers increase efficiencies across their infrastructure.

FortiGate Network Firewalls ensure consistent, end-to-end protection across crucial network edges—from branches, to campuses, to hybrid data centers, and to multiple clouds—and allows customers to architect a security-driven network to gain a number of benefits, including:

  • Secure SD-WAN: Fortinet is one of the first vendors to deliver integrated SD-WAN with advanced security for distributed enterprise locations to improve user experience and lower WAN cost without compromising on an organization’s security posture. 
  • Cloud Security: FortiGate Network Firewalls secure multi-cloud environments with broad support for the top six IaaS providers. This allows customers to leverage consistent multi-layer security protection, automation, and deep integrations no matter how many clouds they adopt.
  • Accelerate the Cloud On-Ramp: Fortinet’s high-performance hybrid data center and SD-WAN solutions accelerate the cloud on-ramp by providing secure high-speed connectivity and deep SSL inspection to multi-cloud environments. Fortinet is also the only vendor that delivers inspection on encrypted flows that leverage newly introduced TLS 1.3 encryption standards. With FortiGate Network Firewalls, organizations are able to deliver excellent user experience while achieving full visibility with the inspection of all HTTPS traffic.
  • Single-pane-of-glass management: Single-pane-of-glass management enabled by FortiManager provides a complete and consolidated view across a variety of network edges, simplifies operations and provides network-wide security, visibility and analytics

Together, these capabilities deliver unparalleled protection and performance to Fortinet’s more than 415,000 customers worldwide. Fortinet’s FortiGate Network Firewalls have received the Feb. 2018 Gartner Peer Insights Customers’ Choicerecognition and Fortinet has the most reviews of all vendors in the Gartner Peer Insights Network Firewalls market as of September 18, 2019 based on 1,448 reviews. Fortinet has also received the most reviews of all vendors in the Gartner Peer Insights WAN Edge Infrastructure market as of September 18, 2019 based on 162 total reviews for Fortinet’s Secure SD-WAN solution, an integral part of FortiGate Network Firewalls. Fortinet believes that this additional customer validation further highlights Fortinet’s leadership in the network firewalls market.

Additional Resources

Gartner, Magic Quadrant for Network Firewalls, Rajpreet Kaur, Adam Hils, Jeremy D'Hoinne, John Watts, 17 September 2019. This report was previously titled Magic Quadrant for Enterprise Network Firewalls.

Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences, and do not represent the views of Gartner or its affiliates.

Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 415,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.    

FTNT-O

Copyright © 2019 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiCare, FortiManager, FortiAnalyzer, FortiOS, FortiADC, FortiAP, FortiAppMonitor, FortiASIC, FortiAuthenticator, FortiBridge, FortiCache, FortiCamera, FortiCASB, FortiClient, FortiCloud, FortiConnect, FortiController, FortiConverter, FortiDB, FortiDDoS, FortiExplorer, FortiExtender, FortiFone, FortiCarrier, FortiHypervisor, FortiInsight, FortiIsolator, FortiMail, FortiMonitor, FortiNAC, FortiPlanner, FortiPortal, FortiPresence , FortiProxy, FortiRecorder, FortiSandbox, FortiSIEM, FortiSwitch, FortiTester, FortiToken, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLCOS and FortiWLM.

Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments. This news release may contain forward-looking statements that involve uncertainties and assumptions, such as statements regarding technology releases among others. Changes of circumstances, product release delays, or other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this press release. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and expressly disclaims any obligation to update these forward-looking statements.

Media Contact Investor Contact Analyst Contact
Michelle Zimmermann Peter Salkowski Ron Davis
Fortinet, Inc. Fortinet, Inc. Fortinet, Inc.
408-235-7700 408-331-4595 415-806-9892
pr@fortinet.com

 
psalkowski@fortinet.com rdavis@fortinet.com

 

資料來源:
https://www.globenewswire.com/news-release/2019/09/19/1918135/0/en/Fortinet-Recognized-as-a-Leader-in-the-Gartner-Magic-Quadrant-for-Network-Firewalls.html ]]>
2019-10-30
<![CDATA[Dialogic Announces Successful Interoperability Testing Between the Dialogic BorderNet SBC and the OrecX Oreka Audio Capture Platform]]> http://www.phitech.com.tw/news/index.php?news_id=921

Dialogic, a cloud-optimized applications and infrastructure solutions provider for service providers, enterprises, and developers, announced today that interoperability testing has been completed between the Dialogic® BorderNet™ SBC and the Oreka Audio Capture platform from OrecX, a world-leading open source call recording solution provider.

The BorderNet SBC, a software-only, cloud-native SBC, secures connectivity to OrecX deployments, while simultaneously enabling high-quality call delivery and real-time call recording. The BorderNet SBC and OrecX solutions can be deployed both on-premises and in the cloud, including private, public, and hybrid cloud environments, without compromising performance, availability, and scalability.

“OrecX's interoperability with the Dialogic BorderNet SBC enables our enterprise customers, platform partners, and AI-fueled ecosystem to securely scale the Oreka audio capture platform and leverage it to meet their evolving real-time and post-call digital transformation initiatives,” said Steve Kaiser, OrecX CEO.

“OrecX customers using the BorderNet SBC are leveraging its flexible licensing and deployment options to help them achieve their unique business objectives,” added Bill Crank, President and CEO of Dialogic. “This successful interoperability testing gives OrecX platform users confidence when choosing the BorderNet SBC for their security and session control needs.”

About Dialogic

Dialogic (dialogic.com) is a leading cloud-optimized solutions provider for real-time communications media, applications, and infrastructure to service providers, enterprises, and developers around the globe. Based in Parsippany, NJ with offices worldwide, Dialogic works with 48 of the world’s top 50 mobile operators, and nearly 1,000 application developers build and deploy on agile networks.

Dialogic and BorderNet are either registered trademarks or trademarks of Dialogic Corporation or a subsidiary thereof (“Dialogic”). Other trademarks mentioned and/or marked herein belong to their respective owners.

About OrecX

OrecX’s modern, open, and modular call recording platform meets the diverse requirements of call centers, communication platforms, platforms as a service, large enterprises, and small business at a fraction of the cost and complexity of proprietary closed-end solutions. The quality, access, and control of OrecX’s open design enables a broad ecosystem of third-party speech analytics, voice biometrics and workforce optimization solutions to extend the value of their software for their partners and clients. OrecX (orecx.com) is the primary developer and sponsor of the Oreka GPL, an open source call recording project hosted on GitHub, with more than 200,000 unique downloads and tens of millions of users in over 200 countries.

    Your Banner Ad Here instead - Showing along with ALL Articles covering IT Security / Anti-Spam Announcements

 

Replace these Affiliate Programs at ANYTIME! Your banner here within the next hour. Learn How!

 

 

Written by / Agency / Source: Dialogic Corporation

   

Availability: All Regions (Including Int'l)

]]>
2019-10-23
<![CDATA[Fortinet Discovers WordPress (Core) Cross-Site Scripting Vulnerability]]> http://www.phitech.com.tw/news/index.php?news_id=920

Summary

Fortinet's FortiGuard Labs has discovered a Cross-Site Scripting (XSS) vulnerability in WordPress CMS.

 

WordPress is one of the world's most popular content management system (CMS). WordPress is by far the most popular CMS with 60.4% of the market share. This means WordPress is used by 33.5% of all the websites online.

 

An XSS vulnerability has been discovered in WordPress 5.2.2 and earlier versions. The vulnerability is caused by inadequate input filtering of HTML encoded characters which can lead to XSS attacks in the Shortcode function.

Solutions

FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:

WordPress.Shortcode.Preview.XSS
Released Dec 24, 2018 

Users should apply the solution provided by WordPress.

Timeline

Fortinet reported the vulnerability to WordPress on December 11, 2018.

WordPress confirmed the vulnerability on December 24, 2018.

WordPress patched the vulnerability on September 5, 2019.

Acknowledgement

This vulnerability was discovered by Zhouyuan Yang of Fortinet's FortiGuard Labs.

IPS Subscription

Fortinet customers who subscribe to Fortinet's intrusion prevention (IPS) service should be protected against this vulnerability with the appropriate configuration parameters in place. Fortinet's IPS service is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and antispam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate, FortiMail and FortiClient products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat's lifecycle.
]]>
2019-10-16
<![CDATA[Stop Using CVSS to Score Risk]]> http://www.phitech.com.tw/news/index.php?news_id=919 Stop Using CVSS to Score Risk

The mechanics of prioritizing one vulnerability’s business risk over another has always been fraught with concern. What began as securing business applications and infrastructure from full-disclosure bugs a couple of decades ago, has grown to encompass vaguely referenced flaws in insulin-pumps and fly-by-wire aircraft with lives potentially hanging in the balance.

The security industry has always struggled to “score” the significance of the threat posed by a newly discovered vulnerability and recent industry practices have increased pressure on how this should be done.

With the growth of bug bounty programs and vertical industry specialization at boutique security consultancies, vulnerability discoveries with higher severity often translate directly into greater financial reward for the discoverers. As such, there is immense pressure to increase both the significance and perceived threat posed by the vulnerability. In a growing number of cases, marketing teams will conduct world-wide campaigns to alert, scare, and drive business to the company.

It’s been close to 25 years since the first commercial vulnerability scanners started labeling findings in terms of high, medium, and low severity. Even back then, security professionals stumbled by confusing severity with “risk.”

At the turn of the last century as companies battled millennium bugs, the first generation of professional penetration testing consultancies started to include factors such as “exploitability,” “likelihood of exploitation,” and “impact of exploitation” in to their daily reports and end-of-engagement reports as way of differentiating between vulnerabilities with identical severity levels. Customers loved the additional detail, yet the system of scoring was highly dependent on the skills and experience of the consultant tabulating and reporting the results. While the penetration testing practices of 20 years ago have been rebranded Red Teaming and increasingly taken in-house, risk scoring vulnerabilities remains valuable – but continues to be more art than science.

Perhaps the most useful innovation in terms of qualifying the significance of a new vulnerability (or threat) has been the Common Vulnerability Scoring System (CVSS). It’s something I feel lucky to have contributed to and helped drive across products when I led X-Force at Internet Security Systems (acquired by IBM in 2006). As the (then) premier automated scanner and managed vulnerability scanning vendor, the development and inclusion of CVSS v1 scoring back in 2005 changed the industry – and opened up new contentions in the quantitative weighting of vulnerability features that are still wrestled with today in CVSS version 3.1.

CVSS is intended to summarize the severity of vulnerabilities in the context of the software or device – not the systems that are dependent upon the software or device. As a result, it worries me deeply when I hear that CVSS scores are wrongly being used to score the risk a vulnerability poses to an organization, device manufacturer, or end user.

That misconception was captured recently in an article arguing that vulnerability scoring flaws put patients’ lives at risk. On one hand, the researchers point out that though the CVSS score for their newly disclosed vulnerability was only middling (5.8 out of 10), successful exploitation could enable an attacker to adjust medicine dosage levels and potentially kill a patient. And, on the other hand, medical device manufacturers argue that because the score was relatively low, the vulnerability may not require an expedited fix and subsequent regulatory alerting.

As far as CVSS in concerned, both the researchers and medical device vendor were wrong. CVSS isn’t, and should never be used as, a risk score.

Many bright minds over two decades have refined CVSS scoring elements to make it more accurate and useful as a severity indicator, but have stalled in searching for ways to stretch environmental factors and the knock-on impacts of a vulnerability into quantifiable elements for determining “risk.” Today, CVSS doesn’t natively translate to a risk score – and it may never because every industry assesses risk differently and each business has its own risk factor qualifications that an external party won’t know.

I would caution any bug hunter, security analyst, software vendor, or device manufacturer to not rely on CVSS as the pointy end of the stick for prioritizing remediation. It is an important variable in the risk calculation – but it is not an adequate risk qualifier by itself.

Related: Risk-Based Vulnerability Management is a Must for Security & Compliance

Related: The Top Vulnerabilities Exploited by Cybercriminals

Related: Tenable Adds 'Predictive Prioritization' to Vulnerability Management Offering

Related: Many ICS Vulnerability Advisories Contain Errors

]]>
2019-10-09
<![CDATA[阿里巴巴宣佈進一步整合 Fortinet 保安纖維 保護雲端遷移]]> http://www.phitech.com.tw/news/index.php?news_id=918 雲端平台全時間與網絡互動,對於網絡保安的要求亦相當高。為了進一步提升客戶從數據中心遷移至雲端平台過程間的安全,阿里雲最近與 Fortinet 加強合作,進一步整合其保安纖維。

Fortinet 產品及解決方案高級副總裁 John Maddison 表示:「透過與阿里雲的緊密合作及整合,以及其他雲端防護的應用,Fortinet 致力為客戶在雲端過程上提供更全面周全的保護。為進一步支援一些資源有限的客戶,我們今天正式宣佈為雙方客戶提供更自動化的安全流程,並更加無縫地將安全防護整合至其應用程序的生命週期。」

在新的功能整合下,客戶可以在其混合基礎架構中實施一致的安全策略,為機構從數據中心至雲端的過程中提升保安的可視性及可控性。其中包括有 API 方面的原生整合,Fortinet 亦會提供一系列的保安產品組合供阿里雲客戶選擇,而管理和自動化方面,客戶也可以透過雲端和內部部署的 Fortinet 安全管理工具管理阿里雲的安全功能。

資料來源:
https://unwire.pro/2019/08/02/alicloud-fortinet-fabric/cloud/
 

]]>
2019-10-02
<![CDATA[Dialogic Receives “Best Unified Communications Online Provider of the Year” at the Carrier Community Global 2019 Awards ]]> http://www.phitech.com.tw/news/index.php?news_id=917   

Parsippany, NJ (May 28, 2019) - Dialogic, a cloud-optimized applications and infrastructure solutions provider for service providers, enterprises, and developers, announced today that the Dialogic BUZZ™ UC platform was the recipient of the “Best Unified Communications Online Provider of the Year” award at the CC Global 2019 Awards event in Berlin on May 14, 2019 and hosted by the Carrier Community.

Dialogic BUZZ combines Dialogic’s real-time communications leadership, application development know-how, and AI/IoT proficiency into a single platform. This cloud-scale, carrier-class business communications solution offers an Instant Message (IM)-centric platform that addresses requirements for audio, video calling, and conferencing in a collaborative environment while supporting full mobility via smartphone, desktop, and web clients. In addition, Dialogic BUZZ supports traditional PBX functionality and advanced telephony features that enterprises call for. Its unique architecture supports an additional tenancy layer that allows wholesale voice providers to bundle Dialogic BUZZ with their offerings to service providers.

“We are thrilled that the Carrier Community has acknowledged the uniqueness of our Dialogic BUZZ UC platform,” said Bill Crank, President & CEO of Dialogic. “Dialogic BUZZ reflects Dialogic’s expertise in media processing, applications, and network infrastructure, enhanced by our experience with AI and IoT technologies. This powerful combination has allowed Dialogic to create a paradigm shift in Unified Communications.”

“Support for on-premises, cloud deployment, and UCaaS models, in addition to an extra tenancy layer, give Dialogic BUZZ the flexibility needed to address the needs of both service providers and channel partners,” added Miguel Lopes, Vice President PLM Applications Products at Dialogic. “The ability to easily customize the platform to meet multiple market segment needs gives Dialogic BUZZ – and our customers – an advantage over the competition.”

For more information on Dialogic BUZZ, visit the Dialogic website at www.dialogic.com/buzz.

About Dialogic

Dialogic is a leading cloud-optimized solutions provider for real-time communications media, applications, and infrastructure to service providers and developers around the globe. Based in Parsippany, NJ with offices worldwide, Dialogic helps 48 of the world’s top 50 mobile operators, and nearly 1,000 application developers build and deploy on agile networks. Learn more about how Dialogic is enabling agility by following us on Twitter @Dialogic, and visiting www.dialogic.com and the Dialogic Blog for the latest industry news, trends and advice.

Dialogic and Dialogic BUZZ are either registered trademarks or trademarks of Dialogic Corporation or a subsidiary thereof (“Dialogic”). Other trademarks mentioned and/or marked herein belong to their respective owners.

資料來源:
https://www.dialogic.com/2019-05-28-best-unified-communications-online-provider-carrier-community-global-2019-awards?utm_source=hs_email&utm_medium=email&utm_content=74473573&_hsenc=p2ANqtz-_MuKRSgTBXOLMWj_1dB1bJNNzCp3wRb6NMgwkGgBsqcPNYBaCLX3XoTwqmvTmChzoAiBCwMwtce8--Frwq5ys0d4wpoav__OYhtDrHi-ZaKeFuN_8&_hsmi=74474141
 

]]>
2019-09-25
<![CDATA[Alibaba Cloud Extends Integration with the Fortinet Security Fabric to Secure Cloud Migration]]> http://www.phitech.com.tw/news/index.php?news_id=916 John Maddison, EVP of Products and Solutions at Fortinet
“Fortinet is committed to helping customers make their journey to the cloud even more secure by integrating more tightly with Alibaba Cloud and supporting additional cloud security use cases. To further support resource-constrained teams, today’s announcement is helping our joint customers automate additional security processes and more seamlessly integrate into their application life cycle.”

News Summary 
Alibaba Cloud, the data intelligence backbone of Alibaba Group, and Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced the expansion of the Fortinet Security Fabric offerings and new automation capabilities for Alibaba Cloud to provide streamlined and consistent security for organizations with hybrid cloud infrastructures. The combination of Alibaba Cloud and the Fortinet Security Fabric provide organizations with the ability to extend security visibility and control from the data center to the cloud and the ability to ensure that organizations employ consistent security policies no matter where their applications are deployed.

By implementing the Fortinet Security Fabric on Alibaba Cloud, customers can apply consistent security policies throughout their hybrid infrastructures and can realize multi-layer security protection and operational benefits for running applications on Alibaba Cloud. Sodexo and Fung Group are among the global customers leveraging Fortinet’s cloud native integration with Alibaba Cloud to secure its hybrid cloud environment. Sodexo is using Fortinet’s FortiGate-VM to deploy secure VPC on Alibaba Cloud, effectively aggregating and securing its globally distributed infrastructure. Fung Group is also taking advantage of the integration with the deployment of the FortiGate-VM on Alibaba Cloud, which enables consistent visibility and security management across its cloud environments.

As organizations move workloads and applications to the cloud, the digital attack surface is expanding and making it harder to ensure robust, consistent security across clouds and data centers. Organizations are looking to take advantage of the agility and scalability that cloud environments offer without compromising security. Alibaba Cloud’s extended collaboration with Fortinet addresses this concern as it leverages Fortinet’s breadth of cloud security offerings that are part of the Fortinet Security Fabric. Additional benefits of this expanded partnership include:

  • Native Integration: Fortinet’s security solution will natively integrate with Alibaba Cloud for seamless integration with workloads running in Alibaba Cloud. As a Fortinet Fabric-Ready Partner, Alibaba Cloud will integrate its APIs with the Fortinet Security Fabric to provide more consistent and effective end-to-end security to end users.
     
  • Broad Protection: The Fortinet Security Fabric for Alibaba Cloud includes a broad range of Fortinet security offerings including: FortiGateVM, FortiWebFortiManagerFortiAnalyzer and Fabric Connectors. These solutions address a broad set of use cases including protecting cloud workloads, securing hybrid cloud and cloud-based security management.
     
  • Management and Automation: With the expanded integration, Alibaba Cloud’s security functionalities can be managed through the Fortinet Security Management tools across both Alibaba Cloud and on-premises deployments to streamline security operations. Customers can leverage automation capabilities provided by The Fortinet Security Fabric, leveraging APIs and stitches for example, to further streamline and automate operations.

Fortinet’s cloud security solutions are available on Alibaba Cloud Marketplace or can be purchased from a Fortinet channel partner providing customers with the flexability of purchasing only on demand or owning a license that is transferrable across platforms.

Supporting Quotes

“Sodexo chose to work with Fortinet for its commitment to the cloud and its native integration of security capabilities into Alibaba Cloud. Fortinet provides us with a robust solution to deploy advanced architecture on Alibaba Cloud with reinforced security. This was critical for Sodexo as we expand the business in China and consolidate our workloads and applications to Alibaba Cloud. With Fortinet and Alibaba Cloud’s integrated security solution, we are able to stay agile to our customer needs while protecting sensitive information in both a cloud and on-premise setup. This is very key to our commitments in proving quality of life services to our clients and consumers.” 
-Krone Cai, Head of IS&T at Sodexo China

“Fortinet has demonstrated its performance and delivered consistent policy management for a hybrid-cloud environment – without compromising ease-of-use when it comes to manageability. Fung Group has deployed Fortinet cloud security solutions in Alibaba Cloud environments and Fortinet enables secure applications and connectivity from data centre to cloud.” 
- Mark Lu, General Manager of Information Security at Fung Group

Additional Resources

About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 400,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.


資料來源:
https://www.globenewswire.com/news-release/2019/07/30/1893729/0/en/Alibaba-Cloud-Extends-Integration-with-the-Fortinet-Security-Fabric-to-Secure-Cloud-Migration.html
 

]]>
2019-09-18
<![CDATA[Fortinet Discovers AVIRA Self-Protection Bypass via Registry Removal]]> http://www.phitech.com.tw/news/index.php?news_id=915

Summary

Fortinet's FortiGuard Labs has discovered self-protection bypass flaw in Avira Antivirus.

Avira Antivirus is a security software developed by Avira Operations GmbH & Co. KG.

Avira self-defense driver can be bypassed by user-mode program that would allow adversary to disable critical product functionalities. The flaw resides in Avira's self-defense driver avipbb.sys which allows adversary to modify Avast protected registry key that could make product become completely nonfunctional or partially malfunction by disabling product update

Solutions

Users of vulnerable Avira products should apply the latest updates from Avira.

Additional Information

Following products and versions are affected.

  Avira Free Edition 15.0.19.164 and below

Acknowledgement

This vulnerability was discovered by Wayne Low of Fortinet's FortiGuard Labs.

IPS Subscription

Fortinet customers who subscribe to Fortinet's intrusion prevention (IPS) service should be protected against this vulnerability with the appropriate configuration parameters in place. Fortinet's IPS service is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and antispam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate, FortiMail and FortiClient products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat's lifecycle.

資料來源:
https://fortiguard.com/zeroday/1693
]]>
2019-09-11
<![CDATA[美超微為智能邊緣帶來前所未有的性能和可配置性 展示新安全、5G與人工智能解決方案]]> http://www.phitech.com.tw/news/index.php?news_id=914 最新的邊緣服務器為網絡邊緣帶來配置了37個局域網端口的軟件定義網絡解決方案並加快人工智能推理,開?了全新的5G就緒型解決方案類型

新加坡2019年7月16日 /美通社/ -- 企業運算、存儲和網絡解決方案以及綠色運算技術領域的全球領導者美超微電腦股份有限公司(Super Micro Computer, Inc.) (SMCI)再次重申,該公司最新的智能邊緣平台非常適合網絡安全、虛擬化網絡功能(VNFs)以及用於5G和物聯網的多接入邊緣運算(MEC)。

美超微在RSA Asia展出新安全、5G與人工智能邊緣解決方案 
美超微在RSA Asia展出新安全、5G與人工智能邊緣解決方案

美超微的網絡安全邊緣解決方案為我們合作夥伴的網絡軟件棧提供支持,如低延遲數據包管理,這十分適合統一威脅管理(UTM)、下一代防火牆(NGFW)、深度數據包檢測(DPI)和其它網絡安全應用。

美超微總裁兼行政總裁梁見後(Charles Liang)表示:「美超微致力於提供最先進的邊緣和數據中心服務器解決方案,從而支持網絡安全、物聯網和用於5G的多接入邊緣運算。美超微資源節約型服務器是高度可配置的,允許客戶在部署時選擇最好的內存、處理器、連接和軟件。」

美超微最新的嵌入式服務器採用英特爾(R)至強(R)D-2100系列處理器,如1019D-16C-FHN13TP,可以在微數據中心或智能邊緣需要的地方加速運算和虛擬化網絡功能,從而支持英特爾(R)精選解決方案通用客戶端設備(uCPE)、5G虛擬化無線接入網(vRAN)和多接入邊緣運算。這些新的邊緣平台為GPU加速卡或英特爾(R)FPGA可編程加速卡提供支持,以提供本地運算和人工智能推理,從而將邊緣和雲端聚合到一個無縫數據處理平台中。

美超微的SuperServer 1019D-FRN5TP利用高級輸入/輸出模塊(AIOMs)為虛擬化網絡邊緣帶來了最終的通用性,這些模塊可以配置多達37個局域網(LAN)端口,以補充平台的虛擬化網絡功能和軟件定義的廣域網(SD-WAN)功能。此外,緊湊型E300 SuperServer在一個非常小的空間內融合了很多功能——它可以用作安全設備,或部署包括SD-WAN在內的虛擬化網絡功能,而且還是經驗證的英特爾(R)精選解決方案通用客戶端設備。這些平台有助於消除複雜性,加速部署,並使開發人員能夠專注於支持5G和物聯網應用和服務的業務邏輯。

美超微將於7月16日-18日在新加坡濱海灣金沙酒店舉行的RSA Asia 2019(展台號1815)上展出這些新系統。

有關美超微完整的嵌入式Building Block Solutions系列詳情,請瀏覽www.supermicro.com/Embedded或下載嵌入式解決方案手冊

有關RSA Asia 2019或註冊領取展會入場券的詳情,請瀏覽https://www.rsaconference.com/events/ap19

美超微電腦股份有限公司(SMCI)簡介

領先的高性能、高效率服務器技術創新企業美超微(R)是用於數據中心、雲端運算、企業IT、Hadoop/大數據、高性能運算和嵌入式系統的先進服務器Building Block Solutions(R)的全球首要供應商。美超微致力於透過其「We Keep IT Green(R)」計劃來保護環境,並且向客戶提供市面上最節能、最環保的解決方案。

Supermicro、Building Block Solutions和We Keep IT Green是美超微電腦股份有限公司的商標和/或註冊商標。

所有其他品牌、名稱和商標均是其各自所有者的財產。

資料來源:
https://tw.stock.yahoo.com/news/%E7%BE%8E%E8%B6%85%E5%BE%AE%E7%82%BA%E6%99%BA%E8%83%BD%E9%82%8A%E7%B7%A3%E5%B8%B6%E4%BE%86%E5%89%8D%E6%89%80%E6%9C%AA%E6%9C%89%E7%9A%84%E6%80%A7%E8%83%BD%E5%92%8C%E5%8F%AF%E9%85%8D%E7%BD%AE%E6%80%A7-%E5%B1%95%E7%A4%BA%E6%96%B0%E5%AE%89%E5%85%A8-5g%E8%88%87%E4%BA%BA%E5%B7%A5%E6%99%BA%E8%83%BD%E8%A7%A3%E6%B1%BA%E6%96%B9%E6%A1%88-010000497.html
 

]]>
2019-09-04
<![CDATA[Fortinet連續兩年於NSS實驗室的SD-WAN組別測試中獲得推薦評級]]> http://www.phitech.com.tw/news/index.php?news_id=913 Fortinet產品與解決方案執行副總裁John Maddison

 Fortinet將首屈一指的SD-WAN(軟體定義廣域網路)與資安防禦整合於一個解決方案中,以加速推動廣域網路邊緣(WAN Edge)的發展。繼去年首度於NSS實驗室的SD-WAN組別測試報告獲得「推薦」評級,今年Fortinet再度獲得同等殊榮。該報告指出,Fortinet解決方案的每Mbps總擁有成本是所有參與測試的解決方案中最低的,而且其快速的自動配置功能可提升營運效率。Fortinet在此類別已連獲兩年獲得「推薦」評級,這次再度獲得NSS實驗室的推薦,證明Fortinet致力讓產品與解決方案通過第三方機構的測試和驗證。

新聞摘要
全方位整合與自動化網路安全領導廠商Fortinet®(NASDAQ: FTNT)今天宣布再度於NSS實驗室的SD-WAN組別測試中獲得「推薦」評級。根據NSS實驗室的評比,Fortinet的FortiGate安全SD-WAN(FortiGate Secure SD-WAN)具有以下優勢:

• 最低的總擁有成本(TCO):從75個企業分支機構的部署與不同環境中的實境測試結果顯示,FortiGate安全SD-WAN解決方案的每Mbps總擁有成本(TCO)是最低的,因此能大幅降低營運支出。FortiGate安全SD-WAN可在六分鐘內為新分支機構內自動配置好網路,不僅能簡化WANEdge的運作,還能透過一流的SD-WAN與安全功能提供可擴充、集中化的管理功能。
• 可靠、高品質的整合通訊體驗:在組別測試中,FortiGate安全SD-WAN在平均意見分數(Mean Opinion Scores,MOS)方面表現優異,其在VoIP與視訊測試的分數分別為4.36分與4.15分。此外,FortiGate安全SD-WAN也能為關鍵業務的影音應用提供卓越的使用體驗。此測試模擬了現實環境中各種困難的WAN情境,例如丟包、高延遲、封包延遲與斷線。
• 可提升使用體驗的高復原力與可用性:NSS實驗室也測試了FortiGate安全SD-WAN的高可用性,此特性與網路與應用程式穩定性息息相關,而且對企業網路至關重要。FortiGate安全SD-WAN解決方案在VoIP與視訊這兩方面都得到高平均意見分數(MOS),可見WAN連線失敗時,此解決方案仍具備高復原力,並可維持一致的使用體驗。
• 雲端應用的高WAN效能:FortiGate安全SD-WAN採用專用型的SD-WAN ASIC,因此在VPN覆蓋效能取得893Mbps的佳績,證實其可提供卓越的使用體驗與最低的延遲性。由於數位轉型中的企業偏好直接透過網際網路連線至公有雲與SaaS應用程式,因此這個效能特別重要。

Fortinet的安全SD-WAN解決方案可降低複雜度並簡化WANEdge的運作
FortiGate安全SD-WAN採用了內建更強大功能的專用型SD-WAN ASIC,例如SD-WAN、安全性、WAN最佳化與進階路由,因此能加速企業推動WANEdge轉型。今年,NSS實驗室的SD-WAN組別測試報告將FortiGate安全SD-WAN評比為TCO最低的解決方案,並強調其可在數分鐘內自動完成配置。自動配置能解決企業分支機構目前遭遇到的問題-當企業擁有許多端點產品,部署新據點的網路經常需要花上數個月的時間,而且網路問題的疑難排解相當費時。FortiGate安全SD-WAN的自動配置功能可解決這個難題,讓企業組織更輕鬆、安全地使用WANEdge。

全球客戶的青睞加速FortiGate安全SD-WAN的普及
隨著Fortinet持續開發創新功能,包括最近發布業界首創的SD-WAN ASIC,其安全SD-WAN解決方案客戶的使用率迅速攀升。企業組織可以透過單一解決方案獲得一流的SD-WAN功能與安全性,因此他們逐漸體驗到FortiGate安全SD-WAN解決方案的優勢。截至2019年6月12日為止,Fortinet在Gartner的Peer Insights WAN邊緣基礎架構市場(Peer Insights WAN Edge Infrastructure Market)評比中獲得最高評價。客戶肯定以及NSS實驗室的「推薦」評級等第三方測試結果是FortiGate安全SD-WAN在業界脫穎而出的重要原因。

FortiGate安全SD-WAN解決方案具備業界最推薦的新世代防火牆(NGFW)
FortiGate安全SD-WAN解決方案內建連續五年獲NSS實驗室新世代防火牆(NGFW)測試評比為推薦的Fortinet新世代FortiGate防火牆。此防火牆具備IPS、防毒軟體、URL過濾以及可抵禦與偵測進階威脅的沙箱。在NSS實驗室最新的新世代防火牆(NGFW)組別測試中,FortiGate的整體安全有效性評分高達99.3%,並可100%阻擋閃避式攻擊。FortiGate也展現高度的SSL檢測能力,而且不會影響系統效能。在測試期間,Fortinet解決方案在安全有效性、進階功能與卓越效能等方面表現相當優異。Fortinet解決方案已在NSS實驗室的九個組別測試中獲得推薦評級,包括:
• 軟體定義廣域網路
• 新世代防火牆
• 資料中心入侵防護系統
• 資料中心安全閘道設備
• 漏洞防護系統
• 新世代入侵防護系統
• 漏洞偵測系統
• Web應用防火牆
• 進階端點防護

所有榮獲NSS實驗室推薦評級的Fortinet解決方案都可透過Fortinet安全織網 (Fortinet Security Fabric)互通,以構成完整的安全架構,為各種攻擊提供完整的端點對端點的安全解決方案。

證言
「Fortinet在NSS實驗室組別測試中再度得到優異成績。在今年的SD-WAN組別測試中,FortiGate安全SD-WAN以最低的總擁有成本再次榮獲「推薦」評級。對於想在單一控制台中獲得資安防禦性與SD-WAN功能的企業而言,Fortinet的FortiGate安全SD-WAN是強大的解決方案。」
-NSS實驗室執行長Jason Brvenik


資料來源:

https://news.sina.com.tw/article/20190712/31951182.html]]>
2019-08-28
<![CDATA[Fortinet 夥中信國際電訊 CPC 推 SD-WAN  單一平台管理部署降整體擁有成本]]> http://www.phitech.com.tw/news/index.php?news_id=912

在 SaaS、IaaS 等雲端服務和流動應用高速普及之下,私有雲網絡和公共雲網絡的界線愈趨模糊。在節點、應用、頻寬和網絡成本日高的催化下,市場對軟件定義廣域網(SD-WAN)基建的需求有增無減。市場研究機構 IDC 指出,2017 年 SD-WAN 基建市場盈利增長為 83.3%,達 8 億 3 千 3 百萬美元;預期由 2017 至 2022 年間,SD-WAN 基建市場將可增長至 45 億美元,年複合增長率達 40.4%。

有見及此,中信國際電訊 CPC 與 Fortinet 近日便推出以聯合解決方案「TrueCONNECT Hybrid」,採用了 Fortinet 的 FortiGate 安全 SD-WAN 技術及防火牆功能,而中信國際電訊 CPC 則為 Fortinet 在泛亞首個信息安全管理服務合作夥伴(MSSP)。TrueCONNECT Hybrid 有助中小企業以至大企業快速實施 SD-WAN,同時免除當中有可能遇到的安全威脅。

▲ Fortinet 香港、澳門和蒙古區域總監馮玉明與中信國際電訊 CPC 產品部副總裁藍泰來宣布推出 TrueCONNECT Hybrid 軟件定義廣域網(SD-WAN)解決方案。

單一平台提供可視度、自動化和簡化網絡部署管理

中信國際電訊 CPC 產品部副總裁藍泰來表示:「TrueCONNECT Hybrid 提供的 SD-WAN 監控及報告,讓客戶能恪守私隱、安全標準和行業法規。特別對一些面對高度分散環境如零售網絡的客戶來說,由於他們需遵守嚴格的規則,這項服務對於他們尤其重要。方案只須通過單一管理平台,即可為企業的分支機構網絡網絡帶來更高的可視度、自動化,和簡化網絡部署及管理。 」

而 Fortinet 香港、澳門和蒙古區域總監馮玉明則指出,Fortinet 將 SD-WAN 和網絡安全性整合至單一產品之中,除助中小企業以至大企業快速實施 SD-WAN,更可提供一致的執行措施,免除當中有可能遇到的安全威脅,為所有分支機構提供有效的保護。

具有嵌入式 SD-WAN 功能的 FortiGate 下一代防火牆(NGFWs)技術與中信國際電訊 CPC 的網絡和信息安全管理服務結合後,可為企業碼化轉型提供以下優勢:

  • 確保享有高性能和高安全效能的網絡; 
  • 高效的網絡和信息安全的營運模式;和 
  • 降低分支機構網絡的整體擁有成本。 

資料來源:
https://unwire.pro/2019/07/08/fortinet-cpc/new-product/
 ]]>
2019-08-21
<![CDATA[Fortinet extends Advanced Application Security with FortiWeb Cloud WAF-as-a-Service on AWS]]> http://www.phitech.com.tw/news/index.php?news_id=911 Fortinet has announced the addition of FortiWeb Cloud WAF-as-a-Service to its cloud security portfolio. FortiWeb Cloud WAF-as-a-Service on Amazon Web Services (AWS) allows organisations to rapidly deploy web applications while providing security for mission-critical applications – protecting applications and APIs from threats and addressing compliance requirements.

Organisations protecting their web applications with this Software-as-a-Service (SaaS) solution can deploy the full WAF solution without the need to deploy and manage infrastructure or possess specific web application security skills, enabling rapid application deployment.

Fortinet is addressing the issues that IT teams, including DevOps, face with the addition of FortiWeb Cloud WAF-as-a-Service to its cloud security portfolio. FortiWeb Cloud WAF-as-a-Service is available for purchase on AWS Marketplace or through preferred Fortinet reseller and leverages the flexibility of AWS by automatically provisioning security protection for customers across multiple AWS Regions.

Rajesh Maurya, Regional Vice President, India & SAARC at Fortinet, “As organisations increasingly build out their business in the cloud and use web applications, they increase their exposure to known and unknown targeted attacks. Delivered through the Fortinet Security Fabric, FortiWeb Cloud Web Application Firewall (WAF)-as-a-Service allows organizations to rapidly deploy web applications while providing best-in-class security for mission-critical applications.”

“The availability of FortiWeb Cloud WAF-as-a-Service on AWS makes it easy for organizations to get a SaaS cloud-based web application firewall up and running for advanced threat protection within minutes in a single global AWS Region. Fortinet’s SaaS solution is delivered from multiple AWS Regions and runs closest to customer applications, providing customers with the flexible performance and cost benefits they desire to support their business agility,” Dan Plastina, Vice President, Security Services at Amazon Web Services, Inc.

資料來源:
https://www.crn.in/cloud/fortinet-extends-advanced-application-security-with-fortiweb-cloud-waf-as-a-service-on-aws/

]]>
2019-08-14
<![CDATA[Fortinet launches new WAN and edge security platform]]> http://www.phitech.com.tw/news/index.php?news_id=910 Fortinet's Secure SD-Branch platform uses Fortinet security products to converge WAN and security into an integrated platform and protect access edges.
  •  
  •  
  •  
  •  
  •  

Fortinet has launched the Secure SD-Branch platform, designed to secure the WAN and access edge, as well as enable security-driven networking for distributed enterprises.

The Secure SD-Branch platform extends Fortinet Security Fabric, and according to Fortinet, it converges WAN and security into an integrated platform. Fortinet claims this increases security and visibility, while reducing complexity, to improve performance and lower overall IT costs.

The intention of the Secure SD-Branch platform, according to Fortinet, is to provide adequate, easy-to-manage security of an organization's ever-increasing number of edges. Fortinet's Secure SD-Branch platform is composed of the FortiGate next-generation firewall, FortiNAC network access control, FortiSwitch and FortiAP access points.

The two main protections that Fortinet claims the Secure SD-Branch platform provides are network edge protection and device edge protection.

The FortiGate next-generation firewall extends through the access layer with FortiSwitch and FortiAP to consolidate security and network access. According to Fortinet, this is the architecture ideal for Secure SD-Branch deployments. New Wi-Fi 6 FortiAP access points enable greater capacity and throughput to keep up with expanding bandwidth needs, and FortiSwitch switches offer higher power to run power-hungry IoT devices, Fortinet claims.

The FortiNAC network access controller provides automatic discovery, classification and security of IoT devices as they enter the network. It uses FortiGate as a sensor to detect anomalies via traffic.

Fortinet claims Secure SD-Branch delivers the following customer benefits:

  • Integrated security: FortiGate extends next-generation firewall services to the network access layer through the integration of wireless and switch management.
  • Simplified management: Zero-touch deployment and integrated management via a single pane of glass simplify enterprise branch deployments. The architecture scales to support a variety of branch sizes and growth.
  • Lower cost of ownership: According to Fortinet, it does not charge licensing fees, and network traffic sensors do not have to be purchased. Simplified management operations require fewer interfaces to learn and manage daily and less time to deploy, saving organizations time and money, Fortinet claims.

source:
https://searchsecurity.techtarget.com/news/252465361/Fortinet-launches-new-WAN-and-edge-security-platform
]]>
2019-08-07
<![CDATA[Android 版的 iMessage 就快來了,英法用戶將支援 RCS 訊息服務]]> http://www.phitech.com.tw/news/index.php?news_id=909 作者  | 發布日期 2019 年 06 月 19 日 17:45 |   

由於電信服務商與手機製造商錯綜複雜的關係,Android 手機用戶想要使用新一代傳訊服務幾乎是不可能的事。但在 Google 的技術主導之下,採用 RCS(Rich Communication Services,進階通訊解決方案)的傳訊服務將搶先提供給英國、法國的用戶使用,並逐步向全球用戶開放。

本月底開始,英國與法國的 Android 用戶將能搶先使用由 Google 提供、採 RCS 的傳訊服務,不再需要等待電信商支援才能使用。這似乎意味著 RCS 未來將有機會取代 SMS(Short Message Service,簡訊服務),而隨著 Google 向愈來愈多國家推動這項服務後,最終 RCS 將適用於所有 Android 用戶。

藉由 RCS,Android 用戶可透過 Wi-Fi 或行動網路以系統預設的《訊息》App 收發訊息,其他像是傳送表情符號、高解析度的圖片與影片或讀取回條、甚至是群組聊天等都能辦得到。此外,用戶在電腦上透過訊息網頁版也能收發訊息,文字、照片以及貼圖都能傳送。

對於 Android 平台來說,Google 的 RCS 傳訊服務並非等同於蘋果的 iMessage,但已經很接近了;由於 RCS 尚未支援端到端加密(End-to-end encryption,E2EE),這是與 iMessage 的差異所在。不只是 iMessage,通訊軟體包括 WhatsApp、Signal 等已支援 E2EE,甚至 Facebook 也表示旗下所有應用程式將要預設採用 E2EE。此外,RCS 何時才能適用於所有 Android 用戶的手機則成了第二大問題,Google 目前正在加緊趕工。


資料來源:
http://technews.tw/2019/06/19/google-is-finally-taking-charge-of-the-rcs-rollout/

]]>
2019-07-31
<![CDATA[The benefits of 5G: Streaming video, gaming, and immersive mobile experiences]]> http://www.phitech.com.tw/news/index.php?news_id=908 The benefits of 5G: Streaming video, gaming, and immersive mobile experiences
18 June 2019 Sarah Henschel

With 5G deployments rolling out across the world, the next generation of mobile technology promises myriad benefits to consumers, especially those who enjoy streaming videos. Recall that when 4G LTE first launched, mobile operators partnered with pay-TV providers and streaming services such as Netflix to showcase that LTE allowed consumers to stream videos with their mobile devices. While LTE provided a strong foundation for video streaming, 5G is poised to enhance the consumer streaming experience even further while also opening new revenue opportunities for enterprises.

 

LTE currently supports $40 billion in consumer revenues in the online video market. With 5G, however, IHS Markit forecasts that number to jump to $100 billion in the next five years. 5G will offer countless opportunities for improved streaming experiences, thanks to faster speeds, lower latency, stronger reliability, higher capacity, and better mobility. Given such vast improvements, IHS Markit predicts that there will be 1 billion 5G mobile subscriptions by 2023.

 

The gaming industry in particular should benefit from the new opportunities that 5G presents. Because online gaming requires low latency and fast speeds for an optimal user experience, 5G will deliver a vastly improved gaming experience. IHS Markit predicts that revenue from mobile gaming will jump to $83 billion in the next five years. Moreover, cloud gaming will also benefit since 5G removes the need for high-cost hardware.

 

While streaming video and gaming will improve in the short term because of the faster speeds and lower latency that 5G offers, the long-term possibilities are perhaps even more compelling. For example, immersive, "choose your own adventure" experiences and AR stand to benefit a great deal from 5G. Augmented reality in particular should show continued improvement on 5G because AR has the entire smartphone footprint at its disposal. IHS Markit predicts AR revenue to grow to over $3 billion in the next five years.

 

While LTE generally provides a solid streaming experience, 5G will make it easier for consumers to enjoy a host of streaming options, such as binge-watching TV shows in 4K or playing online games whenever they want and anywhere they go.


Sarah Henschel is senior research analyst for media at IHS Markit
Posted 18 June 2019

資料來源:

https://ihsmarkit.com/research-analysis/the-benefits-of-5g.html

]]>
2019-07-24
<![CDATA[Gartner: Cybersecurity skills shortage requires a new approach]]> http://www.phitech.com.tw/news/index.php?news_id=907 At the Gartner Security and Risk Management Summit, analysts discuss the challenge of finding skilled cybersecurity professionals and how it can be solved.
  •  
  •  
  •  
  •  
  •  

National Harbor, Md. -- While the cybersecurity skills shortage continues to plague the industry, the "real problem" lies in how security leaders are addressing the issue, said Sam Olyaei, director at Gartner's security and risk management group.

"The problem is really our mindset has to be shifted away from thinking about open roles that can be hired out in the market to actually optimizing the security function in ways that can actually help you procure the competencies we need," Olyaei told attendees during a session at the Gartner Security & Risk Management Summit.

According to a Gartner survey, 61% of organizations admitted that they are struggling to hire security professionals.

Most organizations struggle because they don't know what cybersecurity skills they need or put too much weight on certifications, Olyaei said. They haven't mapped everything back to a workforce strategy or framework to figure out what they need, he added.

"We have to look for alternative, emergent techniques that we can use to not only source these people, but build them," he said.

When it comes to security roles, he said, there is a lack of standardization around titles, names, terminology and, as result, a lack of clear career paths.

"The problem is, there is no standardization on what these titles actually mean," he said. "An incident response analyst could potentially be an information security analyst in another organization. A security engineer could even be a security architect in another organization."

Olyaei advised security program practitioners to craft a strategy planning process that takes into account frameworks like the NIST's National Initiative for Cybersecurity Education (NICE) cybersecurity workforce framework. The NICE cybersecurity workforce framework is designed to introduce standardization in the titling aspect of the information security and cybersecurity roles, he said.

"That'll help you identify, the competencies, knowledge and skill sets that we might need in the future and ultimately get ahead of the curve by planning for these things today," Olyaei said.

He also recommended security professionals use enticing job titles that don't just focus on the technical aspect of the job, but stresses on opportunities to "develop and grow" and "learn and adapt," to help attract the right candidate.

He advised investing in training simulation platforms like a cyber range, which replicates an organization's environment in a lab, to build the cybersecurity skills needed to plan and execute a digital business strategy.

Security automation in the era of digital business

Gartner analysts believe a contributing factor to the cybersecurity skills shortage is the rapid digital transformations that many organizations are experiencing. In the company's latest digital business survey, 85% of organizations reported actively pursuing digital optimization strategies, and 66% reported being on the path to digital transformation.

Emerging technologies will impact security and risk directly because rapid adoption of emerging technologies is creating risks, Gartner director Beth Schumaecker said during the opening keynote at the conference.

"We try to build a security risk management team that can face all of these demands and we are confronted with the new reality that digital transformation needs new skills from our security people," Schumaecker said.

Given the "tight security labor market," Schumaecker advised organizations to think about how they implement an adaptive automation strategy that allows them to best utilize the people and skills they have.

Olyaei urged security professionals to figure out skills and functions that can be automated, and which ones can be outsourced to a managed security service provider or managed detection and response service providers.

"If you have repetitive functions in your organizations today, you should be looking to automate that right away," he said. "Take advantage of what's around you in terms of technologies, tool sets, capabilities, techniques, and ultimately, even external people."

Security leaders should also move away from a siloed approach toward cybersecurity, he said, because it will not work in digital security or digital business platforms.

"While information security analysts today probably focus more on the operational day to day, things like log management, or monitoring, or endpoint protection, you'll start to see a less siloed approach as you move to digital," he said. "A lot of times organizations try to break down the silos so that they have more versatile people that can arrive at the same conclusions."

Digital businesses require digital competencies

Embracing digital technologies to deliver new value and competitive advantage to the enterprise also requires developing digital competencies, Gartner analysts agreed. CISOs and security risk leaders need to hire people with digital competencies.

Adaptability is a key security skill in the digital era, Olyaei said.

"This is somebody who demonstrates flexibility, agility and the ability to respond effectively to different demands," he said. 

Business acumen, digital dexterity, outcome-driven, and collaboration and synergy are other key digital competencies required of security professionals today, he said.

The drive toward digital business will also create demand for new skills, he said. While top security roles currently in demand include information security analyst and vulnerability analyst/penetration tester, Olyaei predicted that's going to change in the next few years.

"A pen tester, for example, is measured on whether or not they can actually get into an environment, the system and network applications etc., and whether or not they can find original vulnerabilities," he said. "We're starting to see the role of a pen tester change and trying to figure out whether or not you can actually catch an attacker in the process of using a vulnerability to infiltrate the system or environment."

As organizations begin to mature, he said, the demand for the technical security analyst role will also decrease.

"A lot of the functions this technical security analyst is responsible for doing will either have been outsourced, automated or in a lot of cases be bundled into a common security function that this person's required to do," Olyaei said.

Some of the emerging roles that CISOs and CIOs and security and risk leaders need to keep track of are digital risk officer, data security scientist, security champion, digital ecosystem manager and chief of staff.

"These five roles are shaping up to be sort of that bridge between information security and digital security ... taking you from that traditional focus on confidentiality, integrity and capability, to focus more on privacy, safety and resilience," he said.


source:
https://searchsecurity.techtarget.com/news/252465325/Gartner-Cybersecurity-skills-shortage-requires-a-new-approach

]]>
2019-07-17
<![CDATA[AT&T Exec Said Telco's Ideas Will 'Radically Reshape' TV]]> http://www.phitech.com.tw/news/index.php?news_id=906 The hyperbole was on high boil Wednesday as AT&T's John Donovan made some big pronouncements, but little detail, about how the company is evolving and transforming its TV business.

At the Credit Suisse Communications Conference in New York yesterday, Donovan was asked about how AT&T's pay-TV and streaming video plans, including recent price changes for DirecTV Now and a coming "thin-client" version of the fuller-freight DirecTV service that will be delivered via the Internet rather than via satellite.

"We're going to transform our product," Donovan said. "It's the consumer product I'm most excited about since the iPhone. It radically reshapes what your concept of television is."

But how, exactly? After all, the market is teeming with relatively new OTT-TV options, with many of those services also grappling with razor-thin margins thanks to the continuous rise of programming costs. What TV magic does AT&T have in its bag of tricks?

 

Here's where AT&T's vision for the future of video and pay-TV gets a bit hazy. The company, perhaps to keep its competition guessing or because it's still trying to figure out how it's going to truly offer something new and different, is not being very clear on this count.

"We think we're going to be disruptive in the market on features and capability, but we need to evolve our product," he said.

Donovan was later pressed if he'd care to elaborate on the innovations AT&T will bring to bear to pay-TV.

"No," he responded, then jokingly chided his inquisitor for asking a question he already knew the answer to, along with a backhanded compliment. "You could be a reporter."

Donovan was a bit more forthcoming on the timing of the new thin-client DirecTV product, noting that it's expected to debut sometime in Q3 2019. That offering is expected to center on an inexpensive AT&T-supplied Android TV-powered box alongside streaming support on various retail streaming platforms.

Despite Donovan's dodginess about the features and capabilities that will grace that product, putting an OTT version of DirecTV's satellite TV packages makes a lot of economic sense. For starters, the cost of acquisition of an OTT-TV customer should be much lower than it is for DirecTV's satellite TV service. There's less (and cheaper) equipment involved, and the OTT version should allow for simple customer self-installs.

And that product should help DirecTV/AT&T expand its addressable market. Donovan estimated that about 20% of US households can't get satellite TV due to line-of-sight issues and other restrictions. He said DirecTV, on occasion, will role a truck to a new customer only to find that the customer isn't eligible or capable of getting the service -- a big waste of time and money.

"It's not immaterial," Donovan said of the portion of the market that the new product will allow AT&T to reach, noting that the company has a database of consumers who can't be served with satellite but would be eligible for the new thin-client TV product.

That product "is going to be a great opportunity for us to have a product that's not only competitive but one that we would expect to take some share with," he said.

AT&T could use something that steals some share, as its video business has been struggling alongside the broader pay-TV industry. The company lost 627,000 video subs in Q1 2019, including 544,000 legacy "premium" TV subs (DirecTV satellite and U-verse IPTV) and 82,000 DirecTV Now subs as OTT customers continued to roll off after early, heavily discounted rates dissipated.

An SVoD assist?
Donovan didn't advance the ball much regarding AT&T's plans to launch a subscription VoD service in beta form later this year and reach full commercial deployments in 2020. AT&T has alluded to plans to offer that product to traditional pay-TV distributors, so it seems likely that AT&T will attempt to package in this new SVoD product with its pay-TV offerings.

But, following an earlier analyst's note that AT&T is now looking at a single-tier SVoD product (rather than one with three separately priced tiers with a different content mix), The Wall Street Journal reported Thursday that the new offering will cost $16 to $17 per month.

Per the WSJ, the offering will include HBO, Cinemax and Warner Bros content, and cost just a bit more than HBO Now, HBO's standalone, direct-to-consumer OTT subscription service that fetches $14.99 per month. At the reported price, AT&T's new SVoD will carry a big premium over Disney+, a service set to debut in November for $6.99 per month.

Bolstering the bundle
AT&T is also hopeful that its new thin-client video option will refuel a service bundling strategy, making it much easier to combine TV with its broadband products.

On that point, Donovan also provided an update on AT&T Fiber's progress, predicting that the unit will add 1 million subs this year, with roughly two thirds of them coming from cable. That prediction is in contrast to recent analysis that found that most of the new AT&T Fiber subs are coming from existing AT&T broadband subs (including U-verse customers) that have migrated or upgraded to faster, fiber-fed Internet service.

While AT&T's DirecTV merger commitment was to have fiber deployed to 12 million locations by June 2019, Donovan reiterated that the number will be closer to 14 million.

"We have a lot of inventory now," Donovan said, confident that AT&T Fiber is in position to achieve service penetration of 50% to 55% in as little as 24 months in some markets.

]]>
2019-07-10
<![CDATA[Fortinet’s Robust Multi-Cloud Portfolio Secures Migration to Cloud Environments]]> http://www.phitech.com.tw/news/index.php?news_id=905 Fortinet secures the migration to multi-cloud with native integration, broad protection and management and automation capabilities for every cloud environment

SUNNYVALE, Calif. - Jun 3, 2019
 
 

John Maddison, EVP of products and solutions at Fortinet
“Hybrid Networks and multi-cloud are major tenants of the enterprise architecture for the next 10 years. Fortinet customers are deploying our Security Fabric for visibility across their entire digital attack surface, enabling high quality operations and rapid, orchestrated response to any potential threats.”

News Summary:
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced that Aspire Global, MediaKind, MLP Finanzberatung SE, and Nubank have chosen Fortinet’s multi-cloud security offerings to implement secure connectivity and consistent visibility and control across their cloud environments. These organizations confidently rely on Fortinet’s multi-cloud security solutions to ensure that applications and/or workloads have consistent security across physical, virtual and cloud footprints and can be centrally managed whether they reside in a private cloud, public cloud, hybrid cloud or on-premises. 

Migrating workloads and applications to cloud environments, building cloud native applications and consuming SaaS applications have many benefits for organizations looking to stay agile, flexible and reduce operational costs. However, this transition to multi-cloud also raises security concerns that if left unaddressed can be detrimental and offset these benefits. Gartner predicts that “by 2021, 50% of enterprises will unknowingly and mistakenly have some IaaS storage services, network segments, applications or APIs directly exposed to the public internet, up from 25% at YE18.” [1]

To address these concerns, Fortinet’s depth and breadth of multi-cloud security products and solutions that are part of the Fortinet Security Fabric offer the following solutions:  

  • Visibility and control: Organizations need a single-pane-of-glass to gain visibility and define consistent security policies throughout the entire cloud infrastructure to effectively manage risk. Fortinet’s FortiCASB-Cloud allows customers to leverage the public cloud management APIs to monitor activity and configuration of multiple cloud resources as well as eliminate blind spots across an expanding attack surface. It continuously evaluates configurations across regions and public cloud types while dynamically analyzing activity in the public cloud infrastructure to identify potentially malicious activities. FortiCASB-Cloud dashboards are pluggable into Fortinet Security Fabric FortiView, uniquely offering Security Administrators a single-pane-of-glass view of the entire attack surface in multi-cloud infrastructures. Through FortiView dashboards, administrators can see both inline security as well as cloud configuration security to build a comprehensive view of risk.
     
  • Application security: The growing number of cloud-based applications that organizations are building either for direct web access or as backend applications for various mobile and business applications increases security risks and threats. Fortinet provides advanced application layer security controls so customers can choose cloud platforms based on their business priorities, not security limitations. Through  FortiWeb-VM, customers are able to secure web APIs and front-end web application to protect from known and unknown threats. FortiWeb is easy to use and delivers high accuracy powered by on-device machine learning capabilities, as well as the flexibility of form factors from containers to virtual machines to SaaS. FortiWeb also integrates with FortiGate-VM through FortiView dashboards and shares security intelligence information to consistently enforce security policies and provide increased visibility. FortiCloud Sandbox Service is integrated to perform dynamic analysis of files and storage services in order to identify previously unknown malware.
     
  • Secure connectivity: As organizations deploy an array of cloud infrastructure and shift toward multi-cloud, secure connectivity across these various environments is critical to protect sensitive information and confidential communication. FortiGate-VM provides the most flexible and scalable offerings in the industry supporting small point workload connectivity designed to scale out. It also supports larger data connections that require a scale-up VPN connection to multiple Gbps of VPN traffic. FortiGate-VM’s virtual security processor (vSPU) technology accelerates performance in both private and public clouds, enabling customers to confidently migrate their high-performing applications to the cloud.

Aspire Global - the complete iGaming Platform, MediaKind - a global media technology leader, MLP Finanzberatung SE – the partner for all financial matters, and Nubank - the leading Fintech in Latin America, are among the most recent Fortinet customers realizing the benefits of multi-cloud without compromising security. Some of the benefits customers gain from leveraging the Fortinet Security Fabric for multi-cloud are:

  • Consistent security controls and policies regardless of application infrastructure.
  • Single-pane-of-glass visibility for multi-cloud security to comprehensively manage risk in a dynamic and diverse environment.
  • The ability to leverage existing security personnel skillset when securing the cloud.
  • The confidence to deploy any application on any cloud supporting the desired business velocity and choices.

Customer Supporting Quotes:
“MediaKind chose to work with Fortinet for its commitment to the cloud and its native integration of security capabilities into any cloud computing platform. Fortinet gives us the freedom to deploy any application on any cloud without compromising security. This was critical for MediaKind as we chose to reduce the number of physical data centers and transition our workloads and applications to the cloud. With Fortinet’s robust portfolio, we are able to stay agile to our customer needs while protecting sensitive information and intellectual property in both a cloud and on-premise setup.”
-Ravinder S. Jarral, Head of Global Security at MediaKind

“Aspire Global views cybersecurity as a top priority. It’s important for us to offer a safe, mutli-cloud secured platform in order set the groundwork to have a smooth business continuation from the start of the process to finish with network users. Fortinet’s cloud security solutions are a dynamic resource that gives Aspire Global the technology edge in the digital sector enforced across all environments.”
- Ziv Shtaeinberg, Chief Technology Officer at Aspire Global

Fortinet has demonstrated its performance for a multi-cloud environment – without compromising ease-of-use when it comes to manageability. We have deployed Fortinet cloud security solutions in all three – AWS, Azure, and Google – of our cloud environments and Fortinet delivers the necessary visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.
- Erik Vellmete, Head of IT Infrastructure and Basic Applications at MLP Finanzberatung SE

"The main benefit for Nubank when purchasing Fortinet security solutions was the security itself. We were looking for solutions that would serve our internal security Red Team, as well as improving integration with our AWS cloud environment. For this, we adopted Fortinet's Security Fabric for AWS. Further, with Fortinet’s cloud security solutions, we now have a record of activities for each engineer and for each user that uses one of our services, allowing us to understand all the activity being carried out – a very important safety point for us and for our clients. This was only the first step in blueprinting what we want to achieve.”
- Gabriel Diab, software engineer at Nubank Brasil

Additional Resources

 

1 Gartner, Innovation Insight for Cloud Security Posture Management, Neil MacDonald, 25 January 2019.

 

資料來源:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2019/multi-cloud-portfolio-secures-migration-to-cloud-environments.html

]]>
2019-07-03
<![CDATA[IETF推出用來取代IMAP的現代開源電子郵件協定JMAP]]> http://www.phitech.com.tw/news/index.php?news_id=904

由於老舊的IMAP協定已經不符合現代電子郵件處理需求,IETF推出更適用於網頁以及行動裝置的新協定JMAP

 
 

網際網路工程任務組(Internet Engineering Task Force,IETF)推出新的電子郵件協定JMAP(JSON Meta Application Protocol),這個協定更適合網頁以及行動裝置使用,電子郵件通知推送也更為即時。JMAP並非IMAP的升級版,而是一個全新的協定,使用結構化的JSON格式傳輸,修正了過去像是IMAP等開放協定的缺陷,主要用來取代IMAP與SMTP的組合。

IETF提到,IMAP並不適合用於網路資源受限的行動裝置上使用,而IMAP與其他協定諸如SMTP、CalDAV和CardDAV的組合,用來提供日曆和聯絡人功能,對開發者來說有一定的開發門檻。IETF認為,這樣的情況影響電子郵件的應用發展,許多新的客戶端以及擴充套件,僅為大型電子郵件服務開發,專有協定逐漸取代了開放協定。

IMAP IDLE功能有兩大問題,第一、更新機制效率不好,除非客戶端對所有資料夾開啟連接,否則一個連接只會通知更新一個資料夾的變更;第二、需要持續網路連線,在行動裝置實作IMAP有困難,對iOS來說更是無法使用。

而JMAP實作兩種推送機制,這兩種機制都以狀態字串觸發,讓客戶端知道有新訊息,接著客戶端接著以標準方式同步資料。對桌機客戶端與Webmail,其提供事件來源介面,使用持續的HTTP連接進行更新,對行動裝置以及網頁整合使用上,開發者可以設定回呼處理程序,執行應用程式伺服器推送。

JMAP可以在單個指令中,對多個訊息進行創建、更新與刪除的動作,這是舊的IMAP做不到的。另外,JMAP是無狀態協定,不需要持續連線,對於間歇網路存取,像是行動裝置更加友善,而且提供一系列彈性的指令,可以方便地進行批次處理,雖然還是能以串流的方式處理郵件,但是JMAP設計的初衷就是無狀態協定,減少斷開連接的手續。

在相容性支援上,JMAP資料模型相容於IMAP資料夾以及類Gmail標籤,實作JMAP的伺服器也能支援IMAP。JMAP還具有流量控制的能力,客戶端可以限制伺服器發送的資料量,當數量超過客戶端限制,則指令將回傳錯誤。

IETF認為,JMAP是新一代電子郵件開放標準,為電子郵件提供現代的功能支援,又具有良好的擴充性,可以輕鬆地加上日曆等服務,能正面影響整個生態系的發展。

資料來源:
 https://www.ithome.com.tw/news/130539]]>
2019-06-26
<![CDATA[Going into 5G, don't forget security]]> http://www.phitech.com.tw/news/index.php?news_id=902  
telecomasia.net

For years telco revenues as measured in Average Revenue Per User (ARPU) have been on a decline. As consumers and business acquire a taste for broadband and mobile broadband connectivity, operators are pressured to offer bigger and faster pipes, and to do so more cheaply lest competition from OTTs and mobile virtual network operators (MVNO) take home the bacon. We have reached a point where telcos are finding themselves becoming almost exclusively connectivity vendors– what some call “the pipe business”.

Guner Reiss, vice president of strategy, A10 NetworksAs Gunter Reiss (pictured), vice president of strategy at A10 Networks, tells it, that a lot of operators want to get out of being labeled a telco – a connectivity provider.

He cites the comment made by Johan Johan Wibergh, chief technology officer at Vodafone: “We want to become a technology provider. We want to become a service provider to the enterprise community.”

Based on what we understand about 5G technology, this may just be what the industry is praying for. Some believe that 5G features like network splicing, enhanced mobile broadband, ultra reliable low latency communications and massive machine type communications, are all geared towards the performance requirements of enterprises.

To date, a number of telcos in Asia and around the world are making significant investments in 5G with the intent to target enterprise opportunities. One area that has always lagged when it comes to understanding and planning for is around security.

At the 2019 Total Security Conference, a chief security officer speaking at a panel noted that “if you want to stay secure from cyber threat, then stay out of the internet.” However, the reality is that internet has become so embedded into everyday living [and business] that it would be a business suicide if any business stays out of it.

So for telcos, the challenge is building infrastructure, including 5G-based connectivity solutions, that appeal to the risk appetite of their enterprise customers.

In an exclusive interview with Telecom Asia, Reiss opens up to the threats and opportunities operators must face as they rise to the 5G challenge.

Given that operators will need to invest more around security as part of their 5G rollout. How do they monetize in these investments?

Gunter Reiss: There are two ways: 

First, every operator has to protect their own infrastructure because the system is their bread and butter.

Secondly, we see a lot of operators today starting to offer a managed security services to enterprises. Cloud providers are doing the same thing.

Instead of buying a DDoS appliance directly for your premises, you want a DDoS service – literally just buying it as part of your connectivity, or part of any of the other specific IoT services you would buy from a mobile operator. You would add the security services on top of it.

This is why service providers and mobile operators in the 5G world will finally become a true service providers and partner to the enterprise community.

This is how they will monetize their investments, including security.

As operators near 5G rollout, what remains their biggest concern?

Gunter Reiss: That would be – “How can we protect our mobile infrastructure?”

It's the same as what they have now with 4G – just with 5G, they realize that they have more points to protect. If you think about it in 4G it was the GI-LAN infrastructure they just needed to protect – and it doesn’t scale. Scale requirements just weren’t there.

But what we see now, they have to protect the peer points. They have to protect the mobile edge – this is what they are building the architecture for. That's the conversations we have with them.

There is another aspect – our latest DDoS weapons report revealed more than 23.5 million DDoS weapons all around the world. The largest number is more than 6 million in China, followed by 3 million in the US. And as you go into each country, we can actually highlight how many DDoS weapons there are. This is important for operators because this is proactive defense of your infrastructure.

So that's basically how we help these operators to protect the infrastructure. And again, it doesn't really matter if they're on 4G right now. They are realizing that they have to protect the infrastructure. They have to start planning, investing and allocating budgets for the protection of the mobile infrastructure along the journey to 5G.

You don't want to wait and suddenly say, “Now that I’m launching 5G, it’s time for me to adjust my security architecture or infrastructure, and how I deal with [connectivity] suppliers.”

As operators look to harness the non-traditional business opportunities presented by 5G, including areas like Smart Cities, what should I be looking at as an operator?

Gunter Reiss: What you should look at is in order to support – ultimately as an operator – you need to increase your ARPU, you want to sell more services.

Now, particularly then with 5G, you need to build relationships with the various industries from smart cities, to governments, to hospitals, to whatever industry it is. And, of course, in that way, industry explosion of the IoT endpoints – depending on what data you trust – up to 35 billion over the next years.

When you take all that into consideration, you have to protect your infrastructure all the way, obviously, to where the IoT endpoints get connected, and as a consequence you need a comprehensive security architecture.

And the only way to really be able to manage the scale requirements is with Intelligent Automation.

And this is where you leverage machine learning algorithms, any AI type of capabilities and analytics to get more visibility about your network and your application environment in order to really be able to secure your infrastructure. The complexity is just getting that much larger than what these operators are dealing with today.

This is basically the straightforward message I try to explain to them.

It's not about how cyberattacks will come through the internet anymore. They come through those peering partners, and they come directly from the IoT devices which get weaponized from the phones. So, you have to have protection right away at the mobile edge.

And for this, you need to leverage automation capabilities.

As activities around 5G accelerate in 2019, what's your expectation?

Gunter Reiss: 5G is still in its early stage. I think we will see over the next 12 months a lot more operators commercially launching 5G services with various used-cases.

And I would say that at least within this year, we’ll see between 20 and 30 mobile operators launching new commercial services around the world.

But 2020 is going to be, I think, that big push where more operators will come with 5G commercial services. And this, from an A10 perspective, is the opportunity. We are working with a lot of them already right now under 4G virtualization developments and securing the 4G virtualized and NFV type of environment.

Now that they are future proof and ready, from a scale perspective, to take that all the way into this full 5G architecture.

As I mentioned before, for some time, we will see a hybrid type of 4G / 5G network architecture. Then some of those early adopters will go out with the 5G standalone, network architecture.

Even if the operator is not launching 5G yet in 2019, they're already working and starting to work with us on their plans towards 5G and how to protect that infrastructure. This is why we are super thrilled and excited about it.


資料來源:
https://www.telecomasia.net/content/going-5g-dont-forget-security?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+tarss+%28Telecom+Asia+RSS%29

]]>
2019-06-19
<![CDATA[Connectivity between Azure Virtual WAN and Fortinet Appliance]]> http://www.phitech.com.tw/news/index.php?news_id=900 Connectivity between Azure Virtual WAN and Fortinet Appliance

Contributors: Karthik T, Principal Cloud Architect at Powerupcloud Technologies.

“Networking is the cornerstone of communication and Infrastructure”

Azure VWAN

Microsoft Azure Virtual WAN allows to enable simplified connectivity to Azure Cloud workloads and to route traffic across the Azure backbone network and beyond. Azure provides 54+ regions and multiple points of presence across the globe Azure regions serve as hubs that you can choose to connect to the branches. After the branches are connected, use the Azure cloud service through hub-to-hub connectivity. You can simplify connectivity by applying multiple Azure services including hub peering with Azure VNETs. Hubs serve as traffic gateways for the branches.

Fortinet with Azure VWAN

Connecting Fortinet Firewalls to a Microsoft Azure Virtual WAN hub can be done automatically. The automatic configuration provides a robust and redundant connection by introducing two active-active IPSec IKEv2 VPN tunnels with the respective BGP setup and fully automated Azure Virtual WAN site creation on Microsoft Azure. The finished deployment allows full connectivity between branch-office sites and resources in Azure Virtual Networks via the Azure VPN Hub.

VWAN Offerings:

Microsoft Azure Virtual WAN offers the following advantages:

Integrated connectivity solutions in hub and spoke

Automated setup and configuration

Intuitive troubleshooting

Organizations can use Azure Virtual WAN to connect branch offices around the globe. An Azure Virtual WAN consists of multiple virtual hubs, and an organization can create virtual hubs in different Azure regions.

For on-premises devices to connect into Azure a controller is required. A controller ingests Azure APIs to establish site-to-site connectivity with the Azure WAN and a Hub.

Microsoft Azure Virtual WAN includes the following components and resources:

WAN: Represents the entire network in Microsoft Azure. It contains links to all Hubs that you would like to have within this WAN. WANs are isolated from each other and cannot contain a common hub, or connections between two hubs in different WANs.

Site: Represents your on-premises VPN device and its settings. A Site can connect to multiple hubs.

Hub: Represents the core of your network in a specific region. The Hub contains various service endpoints to enable connectivity and other solutions to your on-premises network. Site-to-site connections are established between the Sites to a Hubs VPN endpoint.

Hub virtual network connection: Hub network connects the Azure Virtual WAN Hub seamlessly to your virtual network. Currently, connectivity to virtual networks that are within the same Virtual Hub Region is available.

Branch: The branches are the on-premises Fortinet appliances, which exist in customer office locations. The connection originates from behind these branches and terminates into Azure.

Prerequisites and requirements

The following prerequisites required for configuring Azure and Fortinet to manage branch sites connecting to Azure hubs.

  1. Have white-listed Azure subscription for Virtual WAN.
  2. Have an on-premise appliance such as a Fortinet appliance to establish IPsec connection into Azure resources.
  3. Have Internet links with public IP addresses. Though a single Internet link is enough to establish connectivity into Azure, you need two IPsec tunnels to use the same WAN link.
  4. SD-WAN controller — a controller is the interface responsible for configuring appliances connecting into Azure.
  5. A VNET in Azure that has at least one workload. For instance, a VM, which is hosting a service. Consider the following points:
  6. The virtual network should not have an Azure VPN or Express Route gateway, or a network virtual appliance.
  7. The virtual network should not have a user-defined route, which routes traffic to a non-Virtual WAN virtual network for the workload accessed from the on-premise branch.
  8. Appropriate permissions to access the workload must be configured. For example, port 22 SSH access for a Ubuntu VM.

Step 1. Configure Microsoft Azure Virtual WAN Service

 
Fig 1.1 Virtual Network Configuration
 
Fig 1.2 Virtual WAN Creation
 
Fig 1.3 Virtual WAN
 
Fig 1.4 Virtual Hub
 
Fig 1.5 Hub status with no sites configured

Step 2. Configure and Connect the Fortinet Firewall

 
Fig 1.6 Fortinet Firewall Configuration
 
Fig 1.7 Fortinet Phase 1 & Phase 2 Proposal
 
Fig 1.8 Azure to Fortinet Rule
 
Fig 1.9 Fortinet to Azure Rule

Step 3. Associate Sites to the Hub

 
Fig 1.10 Add a connection between hub and site
 
Fig 1.11 Associate site with one or more hubs

Step 4. Verify Connectivity and Routing

 
Fig 1.12 Hub status with VPN site
 
Fig 1.13 VWAN Heath and Gateway status
 
Fig 1.14 Fortinet Gateway status

There you go the connection is established and network flows:)

Virtual WAN enables centralized, simple and fast connection of several branches, with each other and with Microsoft Azure.

If you need any help on Virtual WAN Implementation, Please do reach out to us.

資料來源:
https://blog.powerupcloud.com/connectivity-betweenazure-virtual-wan-and-fortinet-appliance-e5c66e66367f

]]>
2019-06-12
<![CDATA[Managing the 5G Hype Is Critical to Carriers]]> http://www.phitech.com.tw/news/index.php?news_id=901 Denver -- Big 5G Event -- At this early stage of the 5G era, it's critical for mobile carriers to manage the hype around the next-gen platform among both enterprise customers as well as consumers.

The near future of 5G has, of course, plenty to do with engineering, but it's likewise important to prepare customers for what the technology will be capable of early on and to avoid creating "unrealistic expectations," Patrick Riordan, chairman, president and chief strategy officer of Wisconsin-based Nsight (Cellcom), said here Tuesday during a panel discussion focused on the next steps for 5G. "We need to tell the story better on what 5G is."

As labels like "5Ge" enter the marketplace, they can create a "placebo effect" that ends up falling short of what "true 5G" will be capable of, Riordan said.

For its part, Cellcom has been spent the last two years preparing to move from 4G to 5G, he said, noting that purchasing and building fiber is "critical" to that effort, and that for a company like his, which is focused on rural areas, it's also important to "work hand-in-hand' with suppliers on the deployment.

 

Sprint, meanwhile, is amid an initial 5G rollout that will hit nine markets before the end of the first half of 2019, Mishka Dehghan, vice president of 5G deployment at Sprint, said. She estimated that this early batch of work will enable Sprint to cover about 1,000 square miles with 5G. At this stage, Sprint has some proof-of-concepts announced related to 5G-powered smart city applications. "There is definitely a ton of interest in cities from across the country about what 5G can bring to their communities," Dehghan said.

For Cisco Systems, the next big step on the 5G path is to work with carriers on the deployment of 5G radios with a 4G core. That will follow with the early positioning of a new 5G core architecture and more work on how this core-level migration will be completed, Ian Campbell, CTO service provider mobility and automation at Cisco Systems, said.

5G "is a major re-architecture of the core," he said, citing the move toward network-slicing and installing more compute at the network's edge. Some initial introductions of a 5G core are expected to start next year.

Network virtualization will also be paramount, as it will help to drive costs out of the network and put carriers in a better position to create a profitable 5G business. "There will be no 5G without virtualization," John Baker, SVP of business development at Mavenir, said. He said many carriers he speaks to are still struggling with how to make a 5G business plan work.

He also estimates that the computer industry is some 15 years behind the mobile industry concerning deployment technologies, and that could greatly affect the deployment of effective edge computing architectures needed by 5G. To the computer industry, "everything is 19-inch rack-based," he said, believing that this will open up opportunities for others to rethink and develop processing technologies that are more optimized for the edge.

5G will support faster speeds, but carriers will also need to ensure that their mobile networks can keep up and don't become the bottlenecks. The industry is still data center focused, so more work needs to be done to enable redundancy and harden the edge of the new 5G network, Oded Sagee, senior director of embedded and integrated solutions at Western Digital, said.

Panelists also noted that 5G networks, and the low-latencies and abundant capacities they will support, will be deployed to reach small pockets and target specific early cases early on.

"It can be done one enterprise at a time," Baker said.

"It could be as small as a manufacturing plant," Riordan added, reiterating that the industry must avoid the "super hype" building on 5G and the perception that it will suddenly become available everywhere. "It's not going to happen that way."

— Jeff Baumgartner, Senior Editor, Light Reading

資料來源:
https://www.lightreading.com/mobile/5g/managing-the-5g-hype-is-critical-to-carriers-/d/d-id/751315?_mc=RSS_LR_EDT

]]>
2019-06-05
<![CDATA[Fortinet has a Longstanding Commitment to Cloud Security Leadership]]> http://www.phitech.com.tw/news/index.php?news_id=899

Fortinet has a Longstanding Commitment to Cloud Security Leadership

As digital transformation requirements drive organizations to adopt and expand cloud usage, Fortinet is positioned to support a wide range of cloud migration initiatives—from extending and migrating applications and datecenters to the cloud, to helping companies build applications on the cloud through helping customers consume SaaS applications.

Due to the breadth of security offerings (FortiGate, FortiWebFortiSandbox, FortiMail, etc.) available on all six of the leading cloud platforms (AlibabaAWSAzure, GoogleIBM, and Oracle), Fortinet is uniquely positioned to offer organizations the confidence to deploy any application on any cloud as they can take their security with them supporting any cloud adoption initiative.

Four Major Advances in Cloud Security

In keeping with our Fortinet’s long history of security innovation on premise, Fortinet offers these expertise for the cloud as well. We are proud to announce Four new advances that further demonstrate our commitment to the variety of cloud adoption initiatives organizations are undertaking—enabling them with the confidence needed due to consistent security across their entire infrastructure even as their cloud and networking initiatives continue to evolve.

1. Accelerated Performance—Virtual Security Processor (vSPU) for FortiGate VM

As organizations migrate existing applications into the cloud, they too often find that many of these applications—especially those with high performance requirements—cannot benefit from the flexibility and potential that these new cloud architectures have to offer. Quite often, this is due to the performance constraints inherent in the virtual security solutions they have deployed to protect themselves and their resources, and not in the cloud environment itself. To truly unleash the potential of the cloud’s scale, customers need a new class of high-performance virtual security appliances designed for cloud environments.

Fortinet’s new Virtual Security Processing Unit (vSPU) for the FortiGate-VM solution, modeled after the award-winning security ASICs in place in Fortinet’s physical devices, extends accelerated security performance into private and public clouds. Our new vSPU technology enables customers to migrate their high performance applications to the cloud without compromising on speed or security. It also supports a variety of other use cases, including highly available, large scale VPN in the cloud.

Fortinet’s revolutionary vSPU architecture provides a whole new level of performance for virtual security. We also made the process of integrating with new acceleration technologies much easier, which, in turn, provides customers with the benefit of early access to high performance security in the public and private cloud.

Fortinet has achieved this by applying our 15+ years of proven hardware design leadership to cloud software by optimizing code, eliminating unnecessary processing, and addressing many of the processing challenges and complexities faced by other security solutions. As a result, Fortinet is now the first to market with high performance support for AWS C5n and Intel QAT, on top of their existing support for DPDK and SR-IOV running in a variety of environments.

2. Cloud Security Analytics—FortiCASB-Cloud 4.1

Gartner predicts that through 2023, at least 99% of cloud security failures will be the result of misconfiguration. So whether an organization is migrating to the cloud or building cloud-native applications, the cloud’s management interface is one of the new threat vectors that organizations need to address. In fact, while many organizations are still trying to use their traditional security tools to deal with cloud security issues, it is important to realize that none of these tools  address the threats associated with the misconfiguration of cloud infrastructures—let alone the potential risks associated with such misconfigurations being distributed across multiple disperse and distinct cloud infrastructures.

The cloud security management capabilities provided by FortiCASB-Cloud 4.1 provides organizations with the visibility and controls they need to mitigate the growing risks associated with the configuration of their public cloud infrastructures, as well as with the applications they have built in the cloud.

FortiCASB-Cloud powers security teams with insights and information that help them communicate cloud security information and findings more effectively with cloud DevOps teams. This information helps them better address potential risks, such as those that can be addressed through modifications to infrastructure code in the CI/CD pipeline. Among its capabilities. FortiCASB-Cloud offers organizations the ability to investigate security events, optimize security configurations, and assess an overall security posture against internal or external policies and regulatory requirements.

  • FortiCASB-Cloud leverages the public cloud management API to monitor activity and configure multiple public cloud resources on AWS, Azure, and Google Cloud Platform
  • FortiCASB-Cloud continuously evaluates configurations across regions and public cloud types to:
                    - Provide guidance on security best practices
                    - Offer threat and risk management tools to help mitigate cloud risk
                    - Trace misconfigurations to their source
                    - Enable regulatory compliance violation reporting

3. Container Security

As organizations build native cloud applications. they often leverage emerging technologies such as containers and serverless workloads. The use of these technologies to accelerate the application development process is accelerating digital transformation. However, traditional security tools—even those designed for the cloud—cannot address all of the security needs of these workloads.

FortiGate (FortiOS 6.2) Fabric Connectors and New Technology Partners

Fortinet offers a comprehensive Container and emerging technology solution for our customers through a mix of organic products and tools, and integrations with 3rd parties. 

FortiOS 6.2 addresses these cloud container challenges with the following advances:

  • FortiGate running FortiOS 6.2 Fabric Connectors delivers container-aware security by helping customers secure any traffic entering or leaving (north-south) their container clusters using logical policies based on labels and meta-data information attached to container resources. Since containers cannot be defined using static IP address information, these capabilities are essential when securing container-based workloads for publicly facing cloud applications.
  • FortiCASB-Cloud 4.1 delivers container-aware security by providing full visibility into container service configuration risk profiles and vulnerabilities, as well as well as detailed traffic analysis to and from container hosts.
  • Fortinet Cloud Technology Alliance Partnerships deliver container-integrated security with partnership with companies like: (1) Tufin, through their cloud-native Iris platform that manages native cloud security ,as well as their Orca platform that manages Kubernetes security without agents, and (2) Alcide, which offers deep integration into serverless and container-based workloads, leveraging emerging standards such as Istio, and supporting agents for containers. 

4. FortiMail 6.2 O365 Connector

For those organizations that consume O365 applications, many find it hard to implement a network-heavy security product which requires potentially challenging changes to network configuration. Fortinet addresses this challenge by offering organizations the ability to easily attach an industry-leading mail security to their O365 Exchange online instances that has been optimized for cloud performance and that functions as a cloud-native solution.  

Summary

Fortinet continues to be committed to solving the wide range of cloud adoption initiatives organizations are considering or implementing, whether migrating applications and infrastructure to the cloud, building cloud native applications, or consuming SaaS applications. Fortinet’s comprehensive strategy of the native integration of our portfolio of products and services into the cloud platforms, offering the broadest set of protections available, and enabling single pane of glass management and security operations offer customers the confidence they need to expand cloud operations while deploying any application on any cloud without concerns of risk, availability, or performance.

Read more about how Fortinet secures multi-cloud environments with our Security Fabric.

Read more about the news announced from Fortinet at Accelerate 19.

資料來源:
https://www.fortinet.com/blog/business-and-technology/fortinet-raises-bar-for-cloud-security-again.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblogs+%28Fortinet+All+Blogs%29
 

 


 
 
]]>
2019-05-29
<![CDATA[Container周報第100期:新版Docker企業版3.0內建K8s,而Windows則內建了Linux]]> http://www.phitech.com.tw/news/index.php?news_id=903

Docker企業版3.0新特色是內建了一個Kubernetes叢集管理服務DKS,等於是直接在Docker中內建了Kubernetes支援,可以強化Docker企業版與Kubernetes叢集的整合,

 
 

5/2~5/8你一定要知道的容器精選新聞

#企業版Docker、#DKS、#K8s
Docker企業版推出3.0,最大特色是內建Kubernetes管理服務

Docker在今年DockerCon大會中,推出了新的Docker企業版3.0,最大新特色是內建了一個Kubernetes叢集管理服務DKS(Docker Kubernetes Service),等於是直接在Docker中內建了Kubernetes支援,可以強化Docker企業版與Kubernetes叢集的整合,例如可在Docker中套用Kubernetes的RBAC權限、PKI金鑰,也可支援Kubernetes的網路CNI外掛,另外Docker也宣布3.0版。3.0還強化了Docker叢集的自動化部署功能,可以自動部署到指定的雲端環境,來建立藍綠測試環境,可支援AWS、Azure和VMware中。DockerCon另一個重要宣布是,Docker產品將支援服務網格專案Istio,不過沒有進一步說明。Docker也預告,未來將優先開發跨基礎架構(多OS、多雲)的部署機制,以及雲端自動化部署機制,另外也將推出containerd的商業支援。

#紅帽、#RHEL
紅帽企業版Linux 8正式推出

紅帽在年度大會中,正式推出了企業版Linux產品RHEL 8.0。新版內建了一個網頁管理介面(Web Console),這是源自開源Cockpit專案的新管理介面,透過瀏覽器就能提供系統層級的監控和維護管理,也能直接管理作業系統中的虛擬機器,這是RHEL 8用來統一混合雲管理機制的重要功能。RHEL Web Console還可以和紅帽基礎架構管理產品Satellite整合。另外,RHEL也新增了應用程式串流功能,來強化應用程式派送和部署版本的管理。新版還內建了一套完整的紅帽容器工作包(Red Hat Container Toolkit),以容器開放標準相關工具為主,涵蓋了建立、執行和共享容器化應用所需的常見工具。RHEL通用基礎映像檔也趁8.0發布正式推出,可作為建立紅帽容器化應用的基礎OS。

#WSL 2、#Linux、#Windows
Windows將內建完整Linux核心,可支援完整系統呼叫

微軟發表了第二版Windows內建的Linux次系統WSL 2,這次改將完整的Linux核心(目前是4.19版核心),放入了Windows作業系統中,而且可以提供全套Linux核心系統呼叫,包括了git clone、npm install、apt update、apt upgrade這些Linux工程師維運系統常用的指令都支援,開發者也可以在Windows中執行Linux應用程式。微軟表示,目前已測過不少Linux軟體,連Linux版Docker都能順利執行在Windows中。原本第一版WSL 1只是在Windows核心提供了一個可以和Windows NT核心溝通的轉譯層,讓Linux系統呼叫可以轉換成對應的Windows NT系統呼叫。但是到了第二版WSL 2,則改用特殊的虛擬化技術,直接將完整的Linux核心,放入Windows中來執行,也因此,微軟表示,WSL 2執行Linux App的速度,比WSL 1快了20倍。微軟預計在今年6月,先提供給Windows測試計畫用戶試用。

 

#CNAB、#Docker應用
Docker應用程式通用格式CNAB正式產品化

去年底,Docker和微軟聯手發表了一個全新的容器應用程式格式CNAB(Cloud Native Application Bundles ),要作為封裝容器化應用的標準檔案格式。今年DockerCon中,Docker終於在3.0新版中,正式支援這個封裝格式,也推出了Docker應用管理工具,讓開發者可以建立以CNAB格式打包的Docker應用樣版,快速將Dockerfile和相關檔案封裝成一個應用程式,以便分享給其他人。

#無伺服器、#Azure
微軟推出K8s無伺服器元件KEDA,可將Azure Functions部署到K8s上

微軟和紅帽聯手打造了一個K8s的無伺服器服務元件KEDA(Kubernetes-based event-driven autoscaling),可將Kubernetes上部署容器應用,變成一個事件驅動的無伺服器應用。KEDA可以自動依據事件訊息,自動部署、擴充在Kubernetes上的容器應用,可以從0(自動新增容器實例)擴充到數千個的容器實例。等於是KEDA可以用來在Kubernetes叢集上,自動建立一個事件驅動的無伺服器服務。微軟也宣布,Azure Functions將可透過KEDA部署到Kubernetes上,甚至是企業內部自建環境或其他公有雲上的Kubernetes皆可支援。

#IDE、#Visual Studio
微軟正打造網頁版開發工具Visual Studio Online

最近微軟宣布正在開發Visual Studio Online,以賦與開發者隨時隨地就能開發的靈活性,這是一個基於網頁的伴隨編輯器(Companion Editor),讓開發者在任何裝置的瀏覽器上,執行諸如快速編輯,或是查看團隊Live Share對話等工作。由於Visual Studio Online是基於Visual Studio Code開發,因此開發者能夠快速上手,而且還可以使用豐富的擴充套件,支援Visual Studio Code工作區與Visual Studio解決方案,此外,Visual Studio Online還會支援IntelliCode以及Live Share。

#Windows、#命令列工具
新版Windows終端機開源了,開發者可以自訂彩色介面

Windows的命令列工具不再黑黑醜醜,微軟在Build開發者大會上,宣布釋出全新開源全功能Windows終端機(Terminal),這是一個現代高效的終端應用程式,可用來操作命令提示字元、PowerShell和WSLWindows Subsystem for Linux)等殼層,將在今年夏天於Windows 10的Microsoft Store提供,但想嚐鮮的使用者,可以於GitHub中複製專案使用,目標在冬天時推出Windows終端機1.0。終端機也新增了多頁籤功能,可以開啟任意數量的分頁,每個分頁都可以連接到選擇的殼層或是應用程式,像是命令提示字元、PowerShell,也能在WSL執行Ubuntu、openSUSE以及Debian,甚至是透過SSH連接樹莓派也沒問題。

#AKS、#微軟
微軟推出AKS虛擬節點功能,數秒內可彈性擴充大量AKS節點

微軟在年度開發者大會上宣布了多項AKS服務新功能,其中一項是AKS虛擬節點(Virtual nodes)正式上線,可以讓開發者在幾秒內自行調度、新增大量Kubernetes運算節點,來回應突然暴增的運算需求。開發者只需要Azure入口網站設定即可快速建立AKS叢集,而不用自行在虛擬機器上進行部署。目前只可支援Linux pods和Linux節點。

責任編輯/王宏仁
 

資料來源:
 https://www.ithome.com.tw/news/130566]]>
2019-05-22
<![CDATA[Fortinet: 5G to present new edge computing security concerns]]> http://www.phitech.com.tw/news/index.php?news_id=897 Although the rollout of 5G connectivity will enable new edge computing opportunities, John Maddison, executive VP at Fortinet, said it will also require new security considerations.
  •  
  •  
  •  
  •  
  •  

The rollout of 5G wireless technology is expected to enable many new technologies to thrive, but it will also lead to new edge computing security challenges and competition with cloud providers.

John Maddison, executive vice president of products and solutions at Fortinet Inc., said that although the rollout of 5G may take a while, the benefits are apparent, including more data capacity, faster speeds and lower latency, which will enable more edge computing options.

In this Q&A, Maddison says this will also present challenges for edge computing security, as attack surfaces will grow larger and more decentralized, which will present the need to rethink how edge computing security is handled by enterprises. Additionally, the rise of edge computing could lead to competition between ISPs and cloud providers.

Editor's note: this interview has been edited for length and clarity.

Can you walk through how the 5G infrastructure is set up and how it could change enterprise connectivity?

John Maddison: I think a lot of the 5G applications will be IoT-oriented because a lot of those IoT applications need low latency, and I think edge compute will be a key component of 5G.

Today, we think about data centers all becoming mega-data centers around cloud, and we'll still see that trend happening. But we're also going to see compute move to the edge, and 5G will be a big platform to allow that to happen.

At edge compute, we'll empower these low-latency applications that require a very rapid compute and low latency for a small amount of compute.

At some point, because of the capacity and throughput, 5G will take over more of the traditional fixed-line connectivity where you've probably got more capacity. For example, today, we've got some products that are called SD-WAN, which have built-in 4G and 3G LTE capability and, often, the customer uses that as a backup.

5G is going to be a very important component of that because when it rolls out properly, it won't be used as backup like 4G is today. It'll be used as a primary connection for a lot of businesses, and they will use that as part of their SD-WAN 5G.

The move to more edge computing applications can decentralize the structure of the network. What does that mean if there's an edge computing security concern, like a malicious device on the network?

Maddison: Security people are always concerned about the attack surface, and the attack surface definitely changes when we've got networks and applications which are much broader and, sometimes, not under your control. Once that attack surface becomes so large, it is a big risk.

The security then needs to be deployed in a different way. And whether it's deployed in the car itself, in the application, the IoT devices -- it'll be security deployed in the edge compute.

And edge compute has to be much more efficient than centralized data centers, so you'll see custom silicon for edge compute deployed to provide security. You'll see security deployed as virtualized systems in the core networks and you'll see connectivity deployed at the internet gateway. You'll see a much more distributed model of security versus the current model today where it assumes everything goes through a secure gateway; that's just not going to be true.

But you're going to see a hybrid way of deploying that security through custom silicon, off-the-shelf virtual systems. And then, because of the serious scale, the other component [of] artificial intelligence and machine learning will be essential. It'll actually be mandatory.

There's no way you can provide security without deploying some AI and machine learning just because of the sheer scale. From a security perspective, you're going to see a much more distributed model, and then you're going to see much more deployment of AI and machine learning as the security component.

With the more distributed idea of edge computing security, how difficult is that going to be to implement?

Maddison: A very simple example is, 5G makes sure everything is encrypted. Even just to provide that encryption, there's a lot of processing power [needed], and if you use the normal, off-the-shelf CPU, that takes a lot of compute resource.

We're talking billions of devices here eventually. That's why we see custom silicon as being an essential part of edge computing going forward because you've just got to get the efficiency right.

Can you expand on the encryption changes coming with 5G?

Maddison: The encryption piece is end to end. If you look at all the applications on the web today, they're definitely encrypted -- 80% of the traffic is encrypted in HTTPS. The majority of the traffic is traveling across the application encrypted, but also they'll provide encryption at the transport layer, as well, so you've got encryption upon encryption upon encryption, which makes it even harder for general purpose CPUs.

Encryption is here to stay across our networks and it's great because that provides things not in clear text [where] people can just tap in and see what it is. But it's a lot more compute to transport it around.

The CEO of AT&T, Randall Stephenson, talked about how things will change because of the low latency of 5G. He said "the storage no longer needs to be [on endpoint devices]. The storage can be back in the network. The compute capacity no longer needs to be there. It can be back in the network." What are the edge computing security concerns of a move like this?

Maddison: What he's talking about is edge compute. Some of the compute might be in the towers. Imagine that, where you've got compute there. But there's no reason why that can't be there at some point. Whether you trust them or not is a different matter. I think they'll have to rethink that security strategy totally, but that's probably the only way it's going to work for some of these apps.

I was watching Sprint doing this 5G example. One of the applications was if you took your eyes off the road [while driving] for more than three seconds, it would send an alarm and buzz you or your phone. It's a very simple application, just to make sure your eyes are on the road all the time.

But it was using a very rapid calculation locally and in the edge compute to do that. If you had to send that information to data centers, [you're] too late. You're done. You've crashed. So some applications will have to work that way with edge compute.

And that necessarily gives a lot more power to the carriers.

Maddison: It's actually what they want. Why do you think they're building 5G? They're absolutely building 5G for that reason.

It's no different in my mind than some of the cloud vendors, like Microsoft and AWS. They're creating monopolies, as well. Data is very powerful going forward, and if you've got lots of data, you can even sell it and use it, to mine it, to kind of promote things. And so I think the carriers want a piece of that action, and they want to say they can do that if they control some of the applications, for sure.

We're here in Silicon Valley; we've got an Apple campus to our right and a Google campus to our left. They're huge campuses. It just gives you the size of the investment these companies make. [Google] is building a new data center every six months. The investment needed for these networks of 5G is enormous. There are going to be large companies that are the only people to build them. A shift from the cloud to edge compute might balance things out a bit.

Today, there are four or five cloud vendors around the world: it's Facebook, Apple, Amazon, Google, Microsoft. There's probably Alibaba in China, as well. If you let those [companies] decide everything going forward, then it's probably not a good thing. If you have maybe 10 carriers also able to offer it to most of us, I think that's a good thing. Would you like it to be more distributed? Probably.

But, coming back to it, this just means, in our mind, a different security challenge, and I think we refer to it as kind of a security-driven networking. Instead of thinking about security last, you think about security first. You think about how the security is going to be building a network first -- [with] privacy, encryption, defense, defense against exploits, social engineering -- and then build your network.

資料來源:
https://searchsecurity.techtarget.com/news/252460696/Fortinet-5G-to-present-new-edge-computing-security-concerns
 

]]>
2019-05-15
<![CDATA[五招教你 防範被植入木馬]]> http://www.phitech.com.tw/news/index.php?news_id=896 美國資安大廠Fortinet北亞區資深技術協理劉乙今日表示,安裝防火牆、不安裝不明來路的軟體、定期更新作業系統、定期備份手機與電腦,以及布署網路沙箱等,這五招將可以避免被植入木馬。

華碩自動更新軟體被植入木馬,引起關注,終端裝置的消費者,要如何防止被植入呢?劉乙說,要防止木馬被植入電腦或手機等終端裝置,有五項工作要做,即1.安裝防火牆和病毒軟體。2.不安裝來路不明的軟體,不隨便點擊不明來源的網頁連結和執行電子郵件附件。

3.定期更新作業系統安全補釘和軟件資安更新。4.定期備份工作手機和電腦。5.佈署網路沙箱和多功能資安防火牆,及早模擬或利用C&C的連線資訊,發現潛在的感染設備。

他說,若你的電腦或手機,出現以下八種症狀,就可能被植入木馬。1.瀏覽器經常性跳出莫名的視窗。2.電腦或手機出現龜速情況。3.Windows出現藍畫面。4.滑鼠無法控制或自行異常移動情形。

5.硬碟或SD儲存莫名滿載。6.防火牆或資安軟體被移除或暫停使用。7.重要檔案莫名損毀或消失。8.使用者介面語系被更改。

至於被植入木馬會發生什麼事? 他說,木馬程式已經不僅僅是感染電腦,已知多種的變型木馬大幅入侵移動裝置,甚至是手機和網路監控設備。

目前有幾種常見的型態,1. BackDoor-開啟後門,以利駭客遠端操控此電腦,進而竊取上傳的資料,甚至在下載更多不同的惡意軟體

2.DataThelf -偷竊機敏資訊,大至國家國防機密,小至個資及銀行帳密。3. Mining -竊取控制客戶的電腦資源,協助駭客數位貨幣挖礦。4.SMS/Call -利用感染手機盜傳簡訊,或盜撥高資費的付費電話。

資料來源:
https://udn.com/news/story/7240/3721991

]]>
2019-05-08
<![CDATA[Azure Marketplace App - Fortinet FortiWeb Web Application Firewall WAF VM]]> http://www.phitech.com.tw/news/index.php?news_id=895

AI-based, multi-layered protection for web-based applications

Whether to simply meet compliance standards or to protect mission critical hosted applications, FortiWeb's Web Application Firewalls (WAFs) provide advanced features and AI-based machine learning detection engines that defend web applications from known and zero-day threats.

Using a multi-layered and correlated approach, FortiWeb intelligently and accurately protects your web applications from the OWASP Top 10 threats. Combined with Fortinet’s Web Application Security Service from FortiGuard Labs, FortiWeb keeps your applications safe from vulnerability exploits, bots, malware uploads, DoS attacks, advanced persistent threats (APTs), and zero day attacks.

FortiWeb software editions offer the same features of the FortiWeb hardware-based appliances with the flexibility to deploy instances as needed to meet the demands of dynamic application hosting environments.

selected image

Highlights:

  • Effective protection using multiple techniques including signatures, IP reputation, antivirus, and AI-based behavioral analysis
  • Integrated with FortiGate, FortiSandbox, and leading third-party vulnerability scanners for enhanced zero-day threat protection and virtual application patching
  • Accurate with intelligent tools that minimize false positive detections including user scoring, session tracking, and event correlation
]]>
2019-05-02
<![CDATA[Fortinet Recognized as Best Security Company at 2019 SC Magazine Awards]]> http://www.phitech.com.tw/news/index.php?news_id=894 ast week at RSA Conference 2019, Fortinet won an Excellence Award for "Best Security Company" and a Trust Award for “Best UTM Security Solution” at the 2019 SC Awards held in San Francisco during RSAC.

“The Excellence Award honors those organizations and individuals whose relentless pursuit of data security, innovation and customer service places them in a league of their own. Fortinet has demonstrated its commitment to improving the industry and has rightfully earned this recognition,” said Illena Armstrong, VP, editorial, SC Media. “And as a winner in the Trust Award category, Fortinet's UTM solution stands out for its innovative approach to protecting businesses against the ever-changing threat landscape. This is a significant achievement and one that shows Fortinet’s dedication to improving the IT security industry as a whole.”

Trust: Fortinet’s UTM Solution

Fortinet has consistently delivered the industry’s most robust Unified Threat Management (UTM) solution since its initial release. Its tight integration of network connectivity, wireless access, and endpoint security with its top-rated protection, simplified management, and rich reporting provides a powerful solution for customers around the world.

Excellence: Fortinet Security Fabric

Fortinet’s growing portfolio of security, networking, and business productivity solutions are tightly integrated to ensure that today’s organizations can confidently build the digital business infrastructure they need without compromising on security. By combining custom security processors, an intuitive operating system, and applied threat intelligence, Fortinet customers receive proven security, exceptional performance, and better visibility and control, along with easier administration to reduce overhead and TCO.

This Security Fabric architecture approach also provides seamless protection across and between different networked environments, whether physical or virtual, and can adapt as business requirements and technologies continue to evolve without compromising on performance of functionality. This holistic approach to security, which is broad, integrated, and automated, sets Fortinet apart from the rest of the security industry, and those efforts are reflected in these industry-recognized awards. 

For more information and a detailed list of categories, finalists, and winners of this year’s, SC Awards, you can visit https://scawardsus.com/.

Learn more about how Fortinet's Security Fabric provides a unified security solution to seamlessly protect organizations for the Third Generation of Network Security




資料來源:
https://www.fortinet.com/blog/business-and-technology/fortinet-recognized-as-best-security-company-at-2019-sc-magazine.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblogs+%28Fortinet+All+Blogs%29
 

]]>
2019-04-24
<![CDATA[Fortinet’s FortiClient Blocks 100 Percent Malware in NSS Labs 2019 Advanced Endpoint Test Report]]> http://www.phitech.com.tw/news/index.php?news_id=893 FortiClient receives third-straight recommended rating in the NSS Labs AEP Group Test, offering powerful and cost-effective solution for safeguarding the growing number of endpoint devices.

Sunnyvale, CA - Mar 7, 2019
 - 

 

John Maddison, executive vice president of products and solutions, Fortinet

“Endpoint devices and applications play an increasingly important role in business and networking strategies. Endpoint security solutions need to coordinate closely with the network and other security components, enabling them to share telemetry, correlate intelligence and quickly address increasingly sophisticated threats as part of an automated and coordinated response. Fortinet is pleased to have received our third-straight Recommended rating by NSS Labs for FortiClient along with the many we have received for our other Security Fabric components as we remain committed to third-party testing validations.”

News Summary

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced its results from NSS Labs’ 2019 Advanced Endpoint Protection (AEP) Group Test. NSS Labs' AEP report provides the industry’s most comprehensive test results for security effectiveness and total cost of ownership for endpoint security solutions protecting today’s increasingly intelligent and hyperconnected endpoint devices.

In this year’s test, which included 19 endpoint security vendors, Fortinet’s FortiClient demonstrated a 100% block rate of exploits, unknown threats and HTTP malware, with zero false positives. It also demonstrated high effectiveness in detecting malicious malware across multiple vectors, including email, web, and USB (for offline threats), and was proven resistant to all evasion techniques. As a result, FortiClient has received NSS Labs' coveted 'Recommended' rating for the third straight year with low TCO.

  • As a robust advanced endpoint protection solution, FortiClient effectively detects and blocks threats such as malware, exploits and malicious scripts. FortiClient also provides effective vulnerability scanning and flexible patching options to help users and organizations maintain security hygiene and reduce their attack surface. 
  • FortiClient also integrates with FortiSandbox and FortiGate to further identify and respond to unknown, advanced and targeted threats, creating a single, unified security strategy that can seamlessly extend out highly mobile endpoint devices to correlate threat intelligence, extend visibility, and block threats before they reach the enterprise network.
  • Fortinet’s FortiClient Fabric Agent can also be deployed as an essential and integral component of the Fortinet Security Fabric, delivering endpoint visibility, network access control and automated threat response.

FortiClient AEP Test Report Highlights

  • 100 percent block rate on exploits
  • 100 percent block rate for web-borne malware
  • 100 percent detection rate for evasions
  • Zero false positives

Supporting NSS Labs Quote

“NSS Labs focuses on empowering enterprises to make informed decisions based on independent real-world testing results. We applaud Fortinet's years of consistent commitment to third-party testing. Fortinet's Recommended rating in our 2019 AEP Group Test makes them a strategic option for any business looking to strengthen their endpoint security strategy.”  Vikram Phatak, CEO of NSS Labs

Additional Resources


資料來源:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2019/fortinet-s-forticlient-blocks-100-percent-malware-in-nss-labs-20.html
 
]]>
2019-04-17
<![CDATA[THE LEADING GLOBAL IOT CONFERENCE 25-26 APRIL 2019, OLYMPIA, LONDON]]> http://www.phitech.com.tw/news/index.php?news_id=898 Stand No: 380
 

Dialogic is a leading cloud-optimized solutions provider for real-time communications media, applications, and infrastructure to service providers, enterprises, and developers around the globe. Based in Parsippany, NJ with offices worldwide, Dialogic works with 48 of the world’s top 50 mobile operators, and nearly 1,000 application developers build and deploy on agile networks. Our global team of professional services experts is ready to help you with unparalleled support and consulting so you can get the most out of your network investment.

For more information on Dialogic, visit www.dialogic.com

]]>
2019-04-10
<![CDATA[Fortinet Secures the Path to 5G]]> http://www.phitech.com.tw/news/index.php?news_id=892 By John Maddison | February 19, 2019
5G Blog

Fortinet has just announced its portfolio support for the Mobile Service Provider transformation to a 5G core network. Fortinet has a growing family of advanced security solutions not only designed for, but fully integrated together to protect today’s evolving networks and virtual infrastructures. The latest addition to this portfolio is the introduction of Virtual SPU (Security Processing Unit) technology to power our VM-based security products.

Service Providers are embracing 5G transformation to increase network capacity, improve operational efficiency, deliver gigabit speed connectivity, and support new revenue generating use cases—such as enhanced mobile broadband, multiaccess edge computing, and IoT. To accomplish this, they have to support and secure a rapid architectural shift to open, virtual, and cloud infrastructure. In fact, the rapid adoption of these technologies is one of the primary reasons why Service Providers need to implement advanced security techniques designed to protect their new network infrastructures and revenue generating services in order to augment their traditional perimeter-based security measures.

5G market overview and new service opportunities

We are at the threshold of remarkable growth and opportunity in the mobile space. 5G has now been commercially launched and there is strong momentum in the global 5G market. In the United States, a major communications service provider launched a 5G fixed in-home service (internet service) at the beginning of October 2018, and all four of the country’s major service providers have now publicly announced that they will begin providing 5G services by mid-2019. On a global level, major 5G network deployments are anticipated beginning in 2020.

According to Ericsson’s Mobility report from November 2018, there will be 8.9 billion mobile subscriptions by the end of 2024. Further, mobile broadband subscriptions will reach 8.4 billion, accounting for close to 95 percent of all mobile subscriptions. To frame the context of the 5G transition opportunity, by the end of 2024 there will be 1.5 billion 5G subscriptions for enhanced mobile broadband, accounting for close to 17 percent of all mobile subscriptions.

With global mobile data traffic forecast to increase more than 5X between 2018 and 2024, key drivers for 5G deployment include increased network capacity and decreased cost per byte. In fact, 5G subscription uptake is expected to be faster than it was for LTE, which has been the fastest growing mobile technology to date.

Similarly, the number of cellular IoT connections is expected to increase at an annual growth rate of 27 percent, reaching 4.1 billion in 2024. These cellular IoT connections and fixed wireless access (FWA) subscriptions support new use cases, and will come on top of mobile subscriptions. New IoT services will also address diverse and evolving requirements across a wide range of use cases in different verticals, including utilities, smart cities, transportation, logistics, agriculture, manufacturing, and wearables.

To support this evolution, massive IoT cellular technologies such as NB-IoT and Cat-M1 are taking off and driving growth in the number of cellular IoT connections worldwide. And as the IoT application market begins to widen, even more advanced use cases requiring enhanced network capabilities are beginning to emerge. For example, service providers have announced the deployment of 85 cellular IoT networks worldwide using Cat-M1 and/or NB-IoT.

These new use cases—and the need to support a magnitude increase in bandwidth and ultralow latencies— are driving the evolution of traditional hierarchical service provider architectures to a flatter, cloud-based architecture where services can be offered from the edge of the mobile core network.

A shift in the core architecture

Traditionally, the core of the mobile network was run from a handful of datacenters. All mobile traffic was hauled into the core before providing access to service provider-delivered application services, such as end-user account applications or walled garden applications, or sending mobile traffic over the internet to third party cloud networks or services. These networks have been designed to handle hundreds of millions of connections and deliver megabit connection speeds.

However, in order to meet the challenges of billions of connected devices, gigabit connection speeds, and ultralow latencies—in addition to delivering rich context around data transiting the mobile network—service providers must now rapidly increase network capacity and deployment agility, in addition to adding more compute and storage—all while avoiding raising costs and/or lowering the reliability and availability of the infrastructure and services.

Cloud service providers have already demonstrated that it is possible to quickly and reliably deliver services at massive scale and capacity to both enterprise customers and consumers. Service providers are adopting a similar approach, but with a twist. They plan to deliver services from thousands of edge clouds rather than from a few mega-capacity central clouds. To support agility in service delivery, there is also a heavy focus on the programmability of the network to make dynamic changes - add/delete/update - anytime and anywhere.

The adoption of virtual and cloud native technologies to support these initiatives means opening the service provider stack to open-source technologies. At the same time, new service use cases require support for extensive web-based application delivery frameworks, with a heavy emphasis on APIs to connect the different service layers together. These new architectural changes and open technologies open up a Pandora’s box of security issues that service providers have never had to consider or deal with before, at least not at the scale and complexity that this new transformation demands.

Key security use cases

A properly engineered service provider mobile core needs to considers the need for specific security controls early on in its lifecycle. These early considerations are driven by security principles and policies established by the service providers, as well as by regulations and laws imposed by oversight and governing bodies. These drivers, together with the assessed risks to the business and its assets, give rise to security requirements, which in turn lead to having safeguards and countermeasures planned and put in place to deal with vulnerabilities and protect infrastructure and information assets from threats, whether naturally occurring or adversarial, from day one.

Today, with the movement to virtual infrastructures and cloud-based architectures that rely on open technologies, there is a significant need for security capabilities that go well beyond the traditional safeguards provided by stateful firewalls. The surface attack area of this emerging infrastructure extends far beyond physical assets, backhaul and fronthaul, signaling, roaming, charging, and internet interfaces. Service providers also need to secure the virtual infrastructure and cloud platforms. And with new strategies such as network slicing, service providers have to be able to accommodate the complete end-to-end isolation of slices, in addition to the agile and dynamic allocation of end-to-end resources to multiple tenants running different services with varied requirements.

Another new concept arising from 5G transformation is edge clouds designed to deliver high bandwidth and low latency applications. These edge clouds will also need to support multiple tenants and specialized IoT applications that don’t run in the central cloud. However, from a security perspective, their policies and enforcement will need to be consistent with those in the core.

The most important consideration of the 5G threat landscape is that it is far more than the volumetric DDoS attacks and signaling protocol-specific hacks of the past. It also includes advanced persistent threats, lateral propagation, web application layer vulnerabilities, API security, and more. As a result, service providers need to ensure that the diverse set of security requirements imposed by this new architecture—along with the related use cases and services supported by their core networks—are adequately addressed by the security solutions they have in place. And further, these solutions need to be fully integrated and automated to ensure consistent and effective security enforcement to protect infrastructure assets and revenue generating services.

Fortinet solutions for 5G transformation

Fortinet offers a suite of strategic security solutions specifically designed to address the unique challenges facing operators as they migrate their core networks to deliver 5G mobility services. These specialized tools provide the ability to build an integrated security framework that optimizes the cost of launching and operating new services and revenue opportunities and enhances the ability to achieve service level goals, all while mitigating advanced threats.

Fortinet has a pedigree of building high performance carrier-class products and solutions. For example, we offer next generation firewalls that not only protect the mobile carrier signaling, roaming, charging, and internet interfaces with our 5G-ready FortiGate 7000 and FortiGate 5000 series, but we also provide secure transport for backhaul and fronthaul traffic with our FortiGate 3000 series. FortiGate NGFWs powered by the FortiCarrier OS offers several key security features including:

Stateful termination of GTP-C and GTP-U traffic (Gn/Gp interfaces and S5/S8 interfaces) to provide complete protection and content inspection to prevent GTP signaling attacks.

Comprehensive SCTP protection and inspection, including SCTP over IPSec VPN, IPS DoS protection, flood attacks, fuzzing attacks, and more.

Extensive protection with hardware acceleration for SIP (Voice) and MMS (multimedia messaging) features, including inspect only and header rewrite modes, complex SIP NAT environments, rate limiting, topology hiding, and more

Highest capacity for virtual domains and very high scale for profiles to enable true multi-tenancy needed to support MVNOs, IoT providers ,etc. Carrier features can be defined per-virtual domain.

For virtualized infrastructures, Fortinet offers a broad range of next generation virtual firewalls and virtual web application firewall virtualized network functions (VNFs). Powered by Fortinet’s Virtual SPU Technology, FortiGate Virtual Network Functions (VNFs) deliver significant increases in application and carrier security performance through innovative security processing optimizations and the latest packet processing acceleration technologies. While the FortiGate NGFW VNFs provide comprehensive network security capabilities along with deep application visibility and control, the FortiWeb WAF VNFs protect web applications and APIs powering cloud-based services.

These VNFs also have a small footprint, boot within seconds, and require less storage, thereby enabling service providers to protect their virtual networks and cloud platforms cost effectively. And for the efficient and agile deployment and utilization of these security VNFs, Fortinet also delivers integrations with NFV platform and SDN vendors. At the same time, FortiSIEM offers service providers offline inspection, security event correlation, and advanced analytics to detect and respond to application and user threats that may have evaded other inline protection systems.

Conclusion

The move to 5G presents service providers with a tremendous opportunity to grow their revenue streams into enterprise service offerings, in addition to improving ARPU with advanced mobile applications for consumers. These new services, however, require the adoption of virtual and cloud-based technologies that open up an entirely new set of vulnerabilities and threats to the infrastructure and services.

By utilizing Fortinet advanced security and high-performance systems, service providers can continuously monitor their extensive and complex mobile core networks and automatically detect and respond to threats. Additionally, Fortinet’s security fabric components provide mobile carriers with improved visibility through comprehensive and correlated analytics, and the ability to thwart complex external and internal security threats that can impact network infrastructure and services through massive scalability, high performance, broad visibility, and deep, granular controls.

Learn more about Fortinet's 5G security solutions.

Read the 5G Security Survey by Heavy Reading or the "Securing 4G, 5G and Beyond" white paper.

資料來源:
https://www.fortinet.com/blog/business-and-technology/fortinet-secures-the-path-to-5g.html

 
]]>
2019-04-03
<![CDATA[How Fortinet's Intent-Based Segmentation Makes SDN Easier to Do]]> http://www.phitech.com.tw/news/index.php?news_id=891

NETWORKING TREND ANALYSIS: In discussions with IT pros, eWEEK's Zeus Kerravala finds that network segmentation is a little like going to the gym--where everyone talks about it but very few actually do it.

Fortinet.conference

There may be no hotter trend in networking and security than segmentation. The rise of software-defined systems have made it possible to carve up the network into virtual segments to isolate assets. In actuality, in discussions with IT pros, I find that segmentation is a little like going to the gym--where everyone talks about it but very few actually do it. 

The reason for this is that applying segmentation can be very difficult. The concept is easy to understand: Keep high-value assets away from others and, as they say, “Bob’s your uncle” (this means "and there it is" or "and there you have it"; this is commonly used in United Kingdom and Commonwealth countries). In practicality, there are multiple kinds of segmentation and often a lack of understanding of how to apply the various types. 

Recently, security vendor Fortinet announced something called intent-based segmentation (IBS) to help make the process easier. The term “intent-based” refers to having the ability to have a system configure and maintain itself based on business intent. If you’re not familiar with the term, I recently wrote this post on how intent-based networking (IBN) works. Although this was specifically networking, the concepts as applied to segmentation are the same. In fact, one could argue that intent-based segmentation is a subset of the overall IBN term.

Varying Types of Segmentation

Before I get into how IBS works, it’s worth reviewing the various types of segmentation. These are:

  • Macro-segmentation, also known as coarse grained segmentation, is akin to VLANs, although they are significantly more flexible. The primary use case is to isolate broad buckets of device types, such as medical devices or guest endpoints.
  • Micro-segmentation, also known as fine-grained segmentation, is a more granular version of macro. This lets IT pros tailor security settings to isolate classes of devices within a broad group. An example of this might be a hospital that wants to isolate cardiac heart pumps from all other medical equipment.
  • Application level segmentation is used isolate traffic at an application or even process level. This can isolate applications on the same physical or virtual server.
  • Endpoint segmentation enables segmentation to be applied at the device level, regardless of the network topology below it. This can be particularly useful in IoT environments.

The obvious question here is which type of segmentation is best? The answer is all of them! It really depends on what the business is trying to achieve. In fact, the process of isolating cloud assets can involve using micro, macro and application segmentation.

This is where Fortinet’s IBS comes into play. Its new family of next-generation firewalls (NGFW) includes intent-based segmentation as part of its feature set. The family includes two mid-range NGFWs (FG-401E / 601E) and two high-end ones (FG-3401E / 3601E). Performance ranges from 4.8Gbps to 66 Gpbs. All of the NGFWs are built in Fortinet’s own security processing unit (SPU). The home-grown silicon has an advantage over off-the-shelf silicon in that it’s tailored to the needs of security, similar to the way a graphics processing unit (GPU) is optimized for video.

IBS Capabilities Can Be Adjusted to Workloads

The IBS capabilities intelligently segment the IT assets based on the intent of the business objectives and aligns the security process and access control to prevent threats from spreading laterally across the network. This is something that’s difficult, if not impossible, to do with traditional security tools.

To help understand, consider what happens when a user initiates or receives a transmission. The sessions traverse the public network, and that connection gets hardened and inspected to identify and prevent malware or traffic hijacking. This is certainly necessary but not enough. Isolating users and applications enables security professionals to see and control the devices that can interact with the connections, making it difficult for threat actors to intercept, steal or corrupt that data and helps ensure that data and resources are managed and secured as they move across an increasingly expanding network of connected ecosystems. Intent-based segmentation simplifies this by automating the process.

The "intent" in IBS indicates it operates at a business or use-case level. For example, the security administrator can initiate a use case of separating critical assets, and the Fortinet NGFW will apply a combination of micro and macro segmentation. Other use cases are things such as border security, tiered cloud access, meeting compliance requirements and securing physical access. Each one of these has a specific architecture that simplifies deployment and on-going management.

IBS Plugs in to Third-party Vendors

One final note is that IBS works with third-party vendors that customers may have in place as part of their segementation strategy. This includes some widely deployed solutions, such as Vmware’s NSX and Cisco ACI.

IT environments have grown more complex and dynamic, making it more difficult to reduce the overall attack surface.

Segmentation plays a key role in doing this, but trying to stitch together multiple products is difficult, because keeping policies up to date becomes overwhelmingly hard to do. The concept of intent-based segementation simplifies this process, because it applies the right combination of segmenation techniques to ensure the objectives of the business are always being met.

Zeus Kerravala is the founder and principal analyst with ZK Research. He spent 10 years at Yankee Group and prior to that held a number of corporate IT positions.


資料來源:

https://www.eweek.com/networking/how-fortinet-s-intent-based-segmentation-makes-sdn-easier-to-do

]]>
2019-03-27
<![CDATA[Fortinet To Share Expert Healthcare Insights During Sessions at HIMSS19]]> http://www.phitech.com.tw/news/index.php?news_id=889 By Fortinet | January 25, 2019
Fortinet Security Fabric for Healthcare

In the healthcare spacedigital transformation is a complex and crucial initiative. New medical and network-based IoT and OT devices are being added to improve care and reduce costs. But when these devices are compromised, they can not only disrupt the network but also jeopardize the well-being of patients, data, and internal processes. To address these new attack vectors, Healthcare IT teams must create robust plans for both network and physical security. This includes leveraging emerging tools such as voice and biometric recognition, in addition to more traditional application and IoT security.

Through our years of working closely with our healthcare partners and customers to address issues that stem from digital transformation, Fortinet has gained a first-hand understanding of the pressing needs and concerns plaguing the industry. Fortinet is attending HIMSS19 to work further with healthcare providers to help them better protect their patients and critical devices, and secure the data and other resources they have stored in their expanding networks.

Attendees at HIMSS19 have a chance to learn from the experience and innovations that have resulted from these critical collaborations between Fortinet and our partners through a number of speaking sessions, meetups and media engagements such as HIMSS TV.

HIMSS TV Session Overview

HIMSS TV is the first online broadcasting network focused on global technological innovation in healthcare. Fortinet is excited to announce our participation in two HIMSS TV interviews this year at the HIMSS conference in Orlando. We encourage attendees to sit in on these sessions to gain new insights on digital and physical security, and the application of AI and machine learning in the healthcare space.  

Bridging the Gap of Digital and Physical Security

In today's connected world, the gap between physical and digital security must be bridged to allow for an overarching security architecture that can support the requirements of modern healthcare organizations. The integration of physical security solutions such as monitors and physical access control systems with digital cybersecurity efforts allows for the addition of new recognition and response solutions to a healthcare organization's security toolkit. These efforts allow for greater physical and digital connectivity within the organization while centralizing and streamlining critical security functions.

Fortinet's VP of Enhanced Technologies & Consumer Success, Troy Roberts, will be sitting down with HIMSS TV for an exclusive interview to discuss the importance of a connected digital and physical security architecture and how CIOs can achieve this with the right tools.

What: Exclusive Interview @ Booth 821    

Who: Troy Roberts – VP, Enhanced Technologies & Customer Success at Fortinet

When: Tuesday, February 12: 11:00 AM

Artificial Intelligence and Machine Learning in Healthcare

Modern healthcare teams are tasked with a variety of complex business enablement requests. In order to keep up, they must expand their organizations' digital capabilities to improve the quality of patient care, reduce costs, and enhance the overall customer and patient experience. To meet these demands, IT teams need to begin leveraging the expanding capabilities of machine learning and AI technology to help address the needs of digital transformation—while also maintaining a consistent and adaptable cybersecurity posture.

During this interview, Fortinet's Senior Security Strategist, Keith Rayle, will be joining Halifax Health's Tom Stafford at the HIMSS TV News Desk to discuss the importance of incorporating artificial intelligence and machine learning into an organizations' security architecture to support digital transformation initiatives in healthcare.

What: Panel Interview @ HIMSSTV News desk: Artificial Intelligence and Machine Learning in Healthcare

Who: Tom Stafford, VP & CIO - Halifax Health, Keith Rayle, Senior Security Strategist - Fortinet

When: Wednesday, February 13: 11:00 AM

Working Together to Overcome Physical and Digital Security Challenges

At this meetup, we will be discussing the convergence of physical and digital security. Hear about practical solutions that you can get started with today from our panel of experts: Tom Stafford, VP & Chief Information Officer at Halifax Health, Erik Devine, Chief Information Security Officer at Riverside HealthcareJason Dugenio, Chief Information Officer at Bridgeway Senior HealthcareTroy Roberts, Vice President Enhanced Technologies & Customer Success at Fortinet, and John Lynn, Founder of HealthcareScene.com.

Join this discussion to explore the actionable ways your healthcare organization can improve both digital and physical security to better protect patient data and critical resources.

What: Physical and Digital Security: Practical Things You Can Do Today

When: Wednesday, February 13 - 3:00 - 4:00 PM @ Booth 821

Fostering Secure Practices and Communication Amongst Healthcare Staff

Fortinet is also excited to attend the sessions conducted by our valued partner, Tom Stafford of Halifax Health. Tom will be leading a session titled Forging a Stronger Approach for the Cybersecurity Challenge.

Healthcare leaders have identified two major cyberthreats facing their organizations: data theft and ransomware. This session will explore the "bad actors" who threaten healthcare and identify the areas health IT teams need to focus on protecting. Tom will go on to explain Halifax Health's "D3" coordination philosophy, which has reduced the organization’s vulnerabilities to cyberthreat. CIOs and C-Suite executives are encouraged to attend this important and valuable session.

What: Forging a Stronger Approach for the Cybersecurity Challenge

When: Tuesday, February 12: 12:00 - 1:00 PM @ W320

Final Thoughts

Fortinet is looking forward to working with our healthcare partners, customers, and other leaders in the healthcare space to help overcome the security challenges plaguing the industry. Join us and our partners at any of our sessions at HIMSS19 to gain perspective, insights, and actionable solutions to modern health IT issues. And be sure to follow our social media channels for behind-the-scenes coverage of HIMSS 2019.

We hope to see attendees at this year’s show at Fortinet Booth #821.

Read more about Fortinet cybersecurity solutions for healthcare.

 資料來源: https://www.fortinet.com/blog/business-and-technology/fortinet-to-share-expert-healthcare-insights-during-sessions-at-.html

 
]]>
2019-03-20
<![CDATA[Fortinet:企業組織將運用更多自動化技術來因應網路威脅]]> http://www.phitech.com.tw/news/index.php?news_id=887 全方位整合與自動化網路安全廠商Fortinet,公佈了旗下FortiGuard安全防護中心對於2019年的網路威脅預測,這些預測揭示了網路犯罪分子未來可能採用的方法和技術,以及企業組織未來在因應這些攻擊時的策略改變。

 

Fortinet全球安全策略長Derek Manky表示,「我們發現網路犯罪工具和服務有了重大進展,他們已在利用自動化和人工智慧的先行技術。因此,企業組織必須重新思考他們的策略,更佳地預測威脅,同時打擊網路犯罪分子的經濟誘因,讓他們徒勞無功回到原點。企業組織不需要永久的軍備競賽,而是也要採用自動化和人工智慧來降低風險,由被入侵到偵測入侵,再由偵測入侵到防禦入侵。

 

這可以藉由整合安全防護到一個安全織網(security fabric)架構來實現,在統一的架構裡動態共享威脅情報,進而從物聯網到多雲架構的每個網段中,獲得更全面的保護和可視性。」

 

網路攻擊會更聰明、更精密

 

對於很多網路犯罪組織而言,攻擊技術不僅僅單從它們的成效來評估,亦包括技術發展、改良和施行時所產生的成本開支,因此,有些攻擊可能會因人為、過程及技術的改變而受到干擾。

 

其中一個方法是引入新技術和策略,例如利用機器學習和自動化來處理需要大量人力監督和介入,既沉悶又耗時的工作。這些較新的防禦策略很可能會影響網路犯罪策略,令他們改變攻擊方法並加強技術發展。

 

隨著機器學習和自動化漸趨普及,我們預期網路罪犯很可能會採取以下策略,建議整個網路資安業界必須緊密觀察:

 

人工智慧模糊測試及漏洞檢測

 

模糊測試一向是網路威脅的專業實驗室研究人員,用來偵測軟、硬體界面及應用程式漏洞的精密技術。透過在界面或程式輸入無效、無關連性或半隨機的數據,研究人員會進行監控並檢測程式崩潰、沒有記錄的跳轉、偵錯常式、錯誤代碼和潛在的記憶體流失等事件。

 

隨著加入機器學習功能,我們預測這種技術將會變得更有效且量身定制,由於網路犯罪分子開始利用機器學習來開發自動化模糊測試程式,他們將能更快發現零日漏洞,並增加針對不同程式和平台的零日攻擊。

 

利用AIF挖掘零日漏洞

 

當AIF到位時,它可以利用受控環境中的代碼來挖掘零日漏洞,零日攻擊的速度亦會顯著加快。一旦因此出現零日挖掘服務(zero-day mining-as-a-service),它將徹底改變企業組織處理資安問題的方式,因為這些零日攻擊的出現將會無法預測,也無從計算正確防禦的方法。現階段很多單位仍使用單一獨立的傳統防護工具,這會讓問題變得更具挑戰性。

 

零日的「價格」

 

一直以來,零日漏洞的價格都很高,主要是因為發掘它們需要時間、精力和技能。但隨著人工智慧技術的應用,發掘這些漏洞將從極為稀有變成一件商品。我們看到一些更傳統的漏洞已商品化,例如勒索軟體和殭屍網路,結果讓許多傳統資安公司無力因應。急劇加速的漏洞數量與種類,包括快速製造零日漏洞的能力並轉化成服務,可能會徹底改變暗網上的服務類型和成本。

 

群集智能即服務(Swarm-as-a-Service)

 

以群集智能技術(swarm-based intelligence technology)驅動的精密攻擊,再進一步延伸至殭屍網絡,我們稱之為蜂巢網(hivenets),這種新型威脅可以用來製造能協同合作和自動化運作的大規模群集智能機器人,群集智能網路不僅提高了制定防禦措施所需的技術門檻,但跟零日挖掘一樣,他們亦會對潛在的網路犯罪商業模式有所影響。最終,隨著漏洞挖掘技術和攻擊方法不斷演變,最深受影響的會是網路犯罪組織的商業模式,而目前其生態圈主要由人所主導。

 

專業黑客多數按照客制化的漏洞挖掘方式來收費,即使一些嶄新先進技術如勒索軟體服務(ransomware-as-a-service),或需要黑帽工程師來支援不同項目,例如構建和測試漏洞,或是管理後端C2伺服器。當能自動化、自我學習的群集智能技術服務投入後,黑客顧客和黑帽企業家的直接互動量將急劇降低。

 

自選的群集智能技術

 

把群集智能劃分為不同任務去達成理想結果的能力,與世界走向虛擬化發展的方向非常相似。虛擬化網路可以完全基於需求,啟動或減緩虛擬機器去處理一些特定的問題,例如頻寬。同樣地,群集智能網路的資源可以彈性分配,或按照攻擊鏈上遇到的特定問題再重新分配。

 

犯罪企業利用一系列分析工具和漏洞,預先編制群集智能,配合自動學習,讓它們能以團隊形式一同改善攻擊協定,網路犯罪分子便能輕易地像挑選菜單一樣,任意選購攻擊項目。

 

有毒的機器學習

 

機器學習是資安防禦裡一項最有保證的工具。你可以訓練資安設備和系統自動執行特定任務,例如調整行為基準、使用行?分析來辨識複雜的威脅,或是追蹤和修復設備。不幸的是,網路罪犯同樣也會濫用這項技術。

 

針對機器學習流程,網路罪犯可以調控設備或系統,以停止使用漏洞修補或更新某個特定裝置、忽視特定的應用程式種類或行?、或者暫停記錄特定流量以逃避偵測。這都對機器學習和人工智慧科技的未來有重大的革命性影響。

 

防禦將變得更精密

?了因應這些技術發展,企業組織需要為網路罪犯構築高牆。每一項防禦的預測都會對犯罪組織有影響,逼使他們改變策略、修改攻擊方式,並尋找新方法來發掘機會。對他們而言,實行攻擊的代價會提升,讓犯罪開發者需要花費更多的資源去獲取同樣的結果,或是尋找一個更容易進入的網路來攻擊。

 

先進的詐騙策略

 

在資安策略中引入詐騙技術,利用造假資訊構建網路,能逼使攻擊者必須反覆驗證他們的資訊,花費更多時間和資源來檢測誤報,以確保他們可以看到的網路資源是準確的。由於在造假網路資源的任何攻擊都可以被即時偵測,並自動觸發防禦對策,因此攻擊者需要非常謹慎地執行策略,即使是探測網路的基本舉動。

 

統一開放式的合作

 

對網路罪犯來說,一個把現有攻擊的投資極大化,甚至可以逃避偵測的方法,就是簡單地做出一個微小的改變,例如改變網路IP位址。而防守方要跟上這些變化的有效方法,則是積極分享威脅情報。持續更新的威脅情報,可以讓資安廠商和其客戶密切了解最新的威脅概況。

 

如果威脅研究機構、業界聯盟、資安廠商和執法機構公開合作,將大幅縮短偵測最新威脅的時間。與其靜觀其變,倒不如藉由開放式合作,透過即時數據結合行?分析,讓防禦者有效預測惡意軟體的潛在風險,進而擊退目前網路罪犯重複利用現有惡意軟體進行攻擊的模式。

 

速度、整合和自動化都是重要的網路安全關鍵

 

假使未來防禦策略要引進自動化或機器學習,可利用智能響應技術的精密度,集中蒐集、處理威脅情報,或依情報做出相應行動。為應付日益複雜的威脅風險,企業組織必須將所有安全元件整合在一個安全織網架構,方便快速和大規模地探查和反應。

 

在安全元件之間有關聯或共享的先進威脅情報都需自動化,以降低風險並儘快進行補救。整合分散式網路中的單項產品,結合策略性的網路分區,對於抵禦愈趨智能化和自動化的攻擊有很大的幫助。

資料來源:
http://www.ctimes.com.tw/DispNews-tw.asp?O=HK2CB8YBTCGSAA00NV

]]>
2019-03-13
<![CDATA[Fortinet Discovers Microsoft Windows Universal Telemetry Client Denial of Service Vulnerability]]> http://www.phitech.com.tw/news/index.php?news_id=886

Summary

Fortinet's FortiGuard Labs has discovered a Denial of Service vulnerability in Microsoft Universal Telemetry Client.

 

Microsoft Universal Telemetry Client (UTC) is a remote procedure call (RPC) service that is used to collect telemetry data from Windows 10 to identify security and reliability issues, to analyze and fix software problems, to help improve the quality of Windows and related services, and to make design decisions for future releases.

 

The Denial of Service vulnerability is caused by insufficient user input validation sent to APIs exposed via UTC RPC interfaces that eventually lead to null pointer dereference. The vulnerability can be triggered by local authenticated user to effectively terminate the service that can normally be done by administrative users.

 

Solutions

FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:

MS.RPC.UTC.DoS
Released Nov 14, 2018 

Users should apply the solution provided by Microsoft.

Timeline

Fortinet reported the vulnerability to Microsoft on September 25, 2018.

Microsoft confirmed the vulnerability on October 3, 2018.

Microsoft patched the vulnerability on December 11, 2018.

Acknowledgement

This vulnerability was discovered by Wayne Low of Fortinet's FortiGuard Labs.

IPS Subscription

Fortinet customers who subscribe to Fortinet's intrusion prevention (IPS) service should be protected against this vulnerability with the appropriate configuration parameters in place. Fortinet's IPS service is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and antispam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate, FortiMail and FortiClient products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat's lifecycle.


資料來源:
https://fortiguard.com/zeroday/FG-VD-18-152
]]>
2019-03-06
<![CDATA[Fortinet Enables Intent-based Segmentation with New High-Performance FortiGate Next-Generation Firewalls]]> http://www.phitech.com.tw/news/index.php?news_id=890 FortiGate’s New Next-Generation Firewalls achieve an industry first by bringing together the combination of Intent-based Segmentation and high performance to help reduce cost, complexity and risks for a robust security architecture

Sunnyvale, California - Feb 6, 2019
 
 

John Maddison, EVP of products and solutions at Fortinet

“Segmentation is becoming as fundamental as patching vulnerable systems. Intent-based Segmentation aligns business goals with infrastructure changes and ultimately, dynamically separates infrastructure to protect users, data and systems. A fundamental element of Intent-based Segmentation is the high-performance NGFW. The new FortiGate 3400E and 3600E Series provide industry-leading threat protection and SSL inspection performance allowing customers to implement a holistic end-to-end architecture.”

News Summary

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced its new high-performance FortiGate Next-Generation Firewalls (NGFWs), comprised of FortiGate 3600E, FortiGate 3400E, FortiGate 600E and FortiGate 400E Series, enabling organizations to implement Intent-based Segmentation into their security architecture.

  • Intent-based Segmentation allows organizations to achieve granular access control, continuous trust assessment, end-to-end visibility and automated threat protection.
  • In addition to delivering Intent-based Segmentation, FortiGate 3600E offers 30Gbps threat protection and 34Gbps SSL inspection performance. FortiGate 3400E offers 23Gbps threat protection and 30Gbps SSL inspection performance.
  • FortiGate has a longstanding trajectory of earning NSS Labs Recommended ratings in the Next-Generation Firewalls group tests given its high SSL inspection performance with minimal performance degradation as one of the reasons.

The combination of business growth, workloads migrating to multiple clouds and increasing cyber attacks makes it difficult for organizations to maintain a robust security architecture that effectively implements consistent security policy across all network environments. Having flat networks with a single enforcement point further compounds this problem by making it easier for cybercriminals to get inside the network. Once inside, they become part of the trusted zone, allowing them to quickly spread threats laterally. It’s extremely hard to detect and contain these cybercriminals as they move deeper into the network, resulting in cascading risks and exfilteration of valuable data.

As existing security strategies are failing to keep pace with a complex security landscape, organizations are seeking adaptive and predictive protection that prevents the spread of threats throughout the network. With Intent-based Segmentation, organizations achieve adaptive security by intelligently segmenting IT assets in accordance with the business intent, like addressing compliance, by having multiple enforcement points. Adaptive protection is achieved by implementing granular access control based on varying trust levels and high-performance advanced security.

Fortinet is making it easier for organizations to adopt Intent-based Segmentation with the introduction of its new high-performance FortiGate NGFWs, which include FortiGate 3600E, FortiGate 3400E, FortiGate 600E and FortiGate 400E Series. As part of Fortinet’s Security Fabric, the new FortiGate NGFWs give organizations an integrated and consistent security policy across on-premise and cloud assets. Powered by customized Security Processor Units (SPUs), the new FortiGate NGFWs provide full visibility and advanced threat protection without the fear of performance degradation. Other benefits of FortiGate E-Series include:

  • FortiGate 3600E Series deliver 30Gbps threat protection performance and 34Gbps SSL inspection performance. With high-density interfaces of 10G, 40G and 100G, it offers product consolidation and meets the needs of diverse deployments. Fortinet’s FortiGate Next-Generation Firewalls offer one of the industry’s highest marked SSL inspection performance and threat protection throughput.
  • The FortiGate 3400E Series provide 23Gbps threat protection performance and 30Gbps SSL inspection performance. Combined with high-density interfaces of 10G, 40G, 100G, the FortiGate 3400E Series meet the needs of a variety of deployments by offering input/output flexibility, reducing complexity to achieve operational efficiency
  • FortiGate 600E Series achieve 7Gbps threat portection and 8Gbps of SSL inspection performance with diverse 1G and 10G interfaces, allowing deployment flexibility.
  • FortiGate 400E Series deliver 5Gbps threat protection and 4.8Gbps SSL inspection performance with high 1G port density to suit the needs of branch offices.
  • The new FortiGate NGFWs, as part of Fortinet’s Security Fabric, leverage Fabric Connectors to seamlessly integrate with external security ecosystems, sharing threat intelligence quickly for automated remediation. Fabric Connectors provide open APIs, allowing the FortiGate NGFWs to integrate with third-party solutions and Fabric-Ready Partners. This gives users advanced high-performance security integration with industry leading solutions, such as VMWare NSX and Cisco ACI.

Supporting Quotes

“With over 60,000 students and staff in 100 locations, Halton District School Board has a vast network to protect as well as personal data to keep secure. We leverage Fortinet’s FortiGate Next-Generation Firewalls not only to mitigate risks, but also to gain greater end-to-end visibility into our security ecosystem. With Fortinet, we know we’re receiving the highest performing security products at the best price point in the industry.”

—    Fernando (Fern) Pinho, Information Technology Manager, Network & Corporate Operations at Halton District School Board

“As environments become more dynamic and complex, reducing an organization’s attack surface is a key initiative. Network segmentation plays a fundamental role in this strategy, but often customers need assistance with design and integration. ePlus partners with Fortinet to bring the FortiGate NGFW portfolio to our customers, supplementing with our advisory, assessment, and deployment expertise to speed their adoption while also providing advanced threat protection.”  

—    Marc Cohen, Security Solutions Director at ePlus

“The increasing complexity of security has led organizations to seek real-time visibility and adaptive threat protection. Traditional security solutions aren’t agile enough to adequately secure organizations and effectively mitigate risk. As a result, more businesses are considering network segmentation to augment their security strategy, but don’t know where to start. With the extension of its FortiGate NGFW portfolio, Fortinet is making it easier for organizations to start segmenting their networks intelligently and with the business objectives at the forefront.”

—    Zeus Kerravala, Principal Analyst at ZK Research

Additional Resources

  • Read more on how to achieve business goals with Intent-based Segmentation in the blog.
  • Read this blog to learn more about this announcement.
  • Learn more about FortiGuard Labs and the FortiGuard Security Services portfolio.
  • Learn more about the FortiGuard Security Rating Service, which provides security audits and best practices.
  • Sign up for the weekly FortiGuard Threat Intelligence Briefs.
  • Read more about our Network Security Expert program, Network Security Academy program or our FortiVets program.
  • Read more about the Fortinet Security Fabric or the Third Generation of Network Security.
  • Follow Fortinet on TwitterLinkedInFacebookYouTube, and Instagram.     

資料來源:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2019/fortinet-enables-intent-based-segmentation.html
]]>
2019-02-27
<![CDATA[Fortinet:企業組織將運用更多自動化技術來因應網路威脅]]> http://www.phitech.com.tw/news/index.php?news_id=885 全方位整合與自動化網路安全廠商Fortinet,公佈了旗下FortiGuard安全防護中心對於2019年的網路威脅預測,這些預測揭示了網路犯罪分子未來可能採用的方法和技術,以及企業組織未來在因應這些攻擊時的策略改變。

 

Fortinet全球安全策略長Derek Manky表示,「我們發現網路犯罪工具和服務有了重大進展,他們已在利用自動化和人工智慧的先行技術。因此,企業組織必須重新思考他們的策略,更佳地預測威脅,同時打擊網路犯罪分子的經濟誘因,讓他們徒勞無功回到原點。企業組織不需要永久的軍備競賽,而是也要採用自動化和人工智慧來降低風險,由被入侵到偵測入侵,再由偵測入侵到防禦入侵。

 

這可以藉由整合安全防護到一個安全織網(security fabric)架構來實現,在統一的架構裡動態共享威脅情報,進而從物聯網到多雲架構的每個網段中,獲得更全面的保護和可視性。」

 

網路攻擊會更聰明、更精密

 

對於很多網路犯罪組織而言,攻擊技術不僅僅單從它們的成效來評估,亦包括技術發展、改良和施行時所產生的成本開支,因此,有些攻擊可能會因人為、過程及技術的改變而受到干擾。

 

其中一個方法是引入新技術和策略,例如利用機器學習和自動化來處理需要大量人力監督和介入,既沉悶又耗時的工作。這些較新的防禦策略很可能會影響網路犯罪策略,令他們改變攻擊方法並加強技術發展。

 

隨著機器學習和自動化漸趨普及,我們預期網路罪犯很可能會採取以下策略,建議整個網路資安業界必須緊密觀察:

 

人工智慧模糊測試及漏洞檢測

 

模糊測試一向是網路威脅的專業實驗室研究人員,用來偵測軟、硬體界面及應用程式漏洞的精密技術。透過在界面或程式輸入無效、無關連性或半隨機的數據,研究人員會進行監控並檢測程式崩潰、沒有記錄的跳轉、偵錯常式、錯誤代碼和潛在的記憶體流失等事件。

 

隨著加入機器學習功能,我們預測這種技術將會變得更有效且量身定制,由於網路犯罪分子開始利用機器學習來開發自動化模糊測試程式,他們將能更快發現零日漏洞,並增加針對不同程式和平台的零日攻擊。

 

利用AIF挖掘零日漏洞

 

當AIF到位時,它可以利用受控環境中的代碼來挖掘零日漏洞,零日攻擊的速度亦會顯著加快。一旦因此出現零日挖掘服務(zero-day mining-as-a-service),它將徹底改變企業組織處理資安問題的方式,因為這些零日攻擊的出現將會無法預測,也無從計算正確防禦的方法。現階段很多單位仍使用單一獨立的傳統防護工具,這會讓問題變得更具挑戰性。

 

零日的「價格」

 

一直以來,零日漏洞的價格都很高,主要是因為發掘它們需要時間、精力和技能。但隨著人工智慧技術的應用,發掘這些漏洞將從極為稀有變成一件商品。我們看到一些更傳統的漏洞已商品化,例如勒索軟體和殭屍網路,結果讓許多傳統資安公司無力因應。急劇加速的漏洞數量與種類,包括快速製造零日漏洞的能力並轉化成服務,可能會徹底改變暗網上的服務類型和成本。

 

群集智能即服務(Swarm-as-a-Service)

 

以群集智能技術(swarm-based intelligence technology)驅動的精密攻擊,再進一步延伸至殭屍網絡,我們稱之為蜂巢網(hivenets),這種新型威脅可以用來製造能協同合作和自動化運作的大規模群集智能機器人,群集智能網路不僅提高了制定防禦措施所需的技術門檻,但跟零日挖掘一樣,他們亦會對潛在的網路犯罪商業模式有所影響。最終,隨著漏洞挖掘技術和攻擊方法不斷演變,最深受影響的會是網路犯罪組織的商業模式,而目前其生態圈主要由人所主導。

 

專業黑客多數按照客制化的漏洞挖掘方式來收費,即使一些嶄新先進技術如勒索軟體服務(ransomware-as-a-service),或需要黑帽工程師來支援不同項目,例如構建和測試漏洞,或是管理後端C2伺服器。當能自動化、自我學習的群集智能技術服務投入後,黑客顧客和黑帽企業家的直接互動量將急劇降低。

 

自選的群集智能技術

 

把群集智能劃分為不同任務去達成理想結果的能力,與世界走向虛擬化發展的方向非常相似。虛擬化網路可以完全基於需求,啟動或減緩虛擬機器去處理一些特定的問題,例如頻寬。同樣地,群集智能網路的資源可以彈性分配,或按照攻擊鏈上遇到的特定問題再重新分配。

 

犯罪企業利用一系列分析工具和漏洞,預先編制群集智能,配合自動學習,讓它們能以團隊形式一同改善攻擊協定,網路犯罪分子便能輕易地像挑選菜單一樣,任意選購攻擊項目。

 

有毒的機器學習

 

機器學習是資安防禦裡一項最有保證的工具。你可以訓練資安設備和系統自動執行特定任務,例如調整行為基準、使用行?分析來辨識複雜的威脅,或是追蹤和修復設備。不幸的是,網路罪犯同樣也會濫用這項技術。

 

針對機器學習流程,網路罪犯可以調控設備或系統,以停止使用漏洞修補或更新某個特定裝置、忽視特定的應用程式種類或行?、或者暫停記錄特定流量以逃避偵測。這都對機器學習和人工智慧科技的未來有重大的革命性影響。

 

防禦將變得更精密

?了因應這些技術發展,企業組織需要為網路罪犯構築高牆。每一項防禦的預測都會對犯罪組織有影響,逼使他們改變策略、修改攻擊方式,並尋找新方法來發掘機會。對他們而言,實行攻擊的代價會提升,讓犯罪開發者需要花費更多的資源去獲取同樣的結果,或是尋找一個更容易進入的網路來攻擊。

 

先進的詐騙策略

 

在資安策略中引入詐騙技術,利用造假資訊構建網路,能逼使攻擊者必須反覆驗證他們的資訊,花費更多時間和資源來檢測誤報,以確保他們可以看到的網路資源是準確的。由於在造假網路資源的任何攻擊都可以被即時偵測,並自動觸發防禦對策,因此攻擊者需要非常謹慎地執行策略,即使是探測網路的基本舉動。

 

統一開放式的合作

 

對網路罪犯來說,一個把現有攻擊的投資極大化,甚至可以逃避偵測的方法,就是簡單地做出一個微小的改變,例如改變網路IP位址。而防守方要跟上這些變化的有效方法,則是積極分享威脅情報。持續更新的威脅情報,可以讓資安廠商和其客戶密切了解最新的威脅概況。

 

如果威脅研究機構、業界聯盟、資安廠商和執法機構公開合作,將大幅縮短偵測最新威脅的時間。與其靜觀其變,倒不如藉由開放式合作,透過即時數據結合行?分析,讓防禦者有效預測惡意軟體的潛在風險,進而擊退目前網路罪犯重複利用現有惡意軟體進行攻擊的模式。

 

速度、整合和自動化都是重要的網路安全關鍵

 

假使未來防禦策略要引進自動化或機器學習,可利用智能響應技術的精密度,集中蒐集、處理威脅情報,或依情報做出相應行動。為應付日益複雜的威脅風險,企業組織必須將所有安全元件整合在一個安全織網架構,方便快速和大規模地探查和反應。

 

在安全元件之間有關聯或共享的先進威脅情報都需自動化,以降低風險並儘快進行補救。整合分散式網路中的單項產品,結合策略性的網路分區,對於抵禦愈趨智能化和自動化的攻擊有很大的幫助。

資料來源:
http://www.ctimes.com.tw/DispNews-tw.asp?O=HK2CB8YBTCGSAA00NV

]]>
2019-02-20
<![CDATA[黑客攻擊升級增用AI Fortinet預測3趨勢]]> http://www.phitech.com.tw/news/index.php?news_id=884 網絡保安成為企業難題,有網絡服務供應商預測,未來黑客的入侵攻擊將會愈加智能化,包括在攻撃時應用機器學習等人工智能(AI)技術,加快黑客尋找網絡漏洞及攻擊速度。Fortinet早前發布2019年威脅概況預測,指出有3點黑客攻擊趨勢:

  • 1. 人工智能檢測漏洞:黑客增加使用機器學習應用於偵測硬件及軟件介面的保安漏洞,以模糊測試的形式,在介面輸入無效、無關連的數據,檢測程式崩潰、錯誤代碼等情況。黑客日後可以加快發現漏洞,展開攻擊。過往發掘成本較高的零日漏洞攻擊,應用AI後,可以變得商品化。
  • 2. 蜂群智能即服務(Swarm-as-a-Service):以蜂群智能技術驅動的攻擊將會延伸至殭屍網絡,大規模蜂群智能機器人以協同合作和自動化形式進行攻擊的形態將更普遍,今後犯罪分子的商業模式可能會由人所主導,轉為更自動化,黑客與「顧客」的直接互動量料將急劇下降。
  • 3.投毒的機器學習:網絡罪犯將可針對網絡保安的機器學習流程,調控裝置或系統以停止使用漏洞修補或更新某個特定裝置、忽視特定的應用程式種類或行爲、或者暫停記錄特定流量以逃避偵測。

Fortinet 安全解決方案經理吳維穎介紹,企業機構需要針對網絡犯罪提高防衛程度,近年新引入的方法包括引入詐騙技術,透過虛假資訊騙取黑客攻擊,讓防禦系統可爭取時間進行對策。

資料來源:
https://wealth.hket.com/article/2226927/%E9%BB%91%E5%AE%A2%E6%94%BB%E6%93%8A%E5%8D%87%E7%B4%9A%E5%A2%9E%E7%94%A8AI%E3%80%80Fortinet%E9%A0%90%E6%B8%AC3%E8%B6%A8%E5%8B%A2?mtc=b0005

]]>
2019-02-13
<![CDATA[料 AI 與 ML 將大幅影響網絡攻擊手法 Fortinet 針對端點可視性收購 ZoneFox]]> http://www.phitech.com.tw/news/index.php?news_id=883 今年數據外洩頻仍,當中不乏涉及全球用戶個人資料的大規模外洩。敏感資訊未能得到完善保護,僅歐洲用戶受 GDPR 保障,本港用戶只能徒歎奈何。而據 Verizon 早前發布的《2018年資料洩漏調查報告》,三成的資料外洩事件均涉及內部人員的疏忽或惡意行為。

為針對防禦內部威脅、清除網絡盲點,Fortinet 上月便宣布收購雲端威脅分析公司 ZoneFox,將其以雲端為本的網絡威脅捕獵技術收歸麾下,整合至 FortiClient 端點保安,提供端點偵測及反應功能(EDR),同時可延伸 FortiSIEM 的功能,不論在主機或雲端均可提供額外的用戶實體行為分析(UEBA)功能,讓企業可對端點及相關數據流動及用戶行為有更深層的可視性。

整合 ZoneFox 後的 FortiClient 將具備以下功能:

  • 透過機器學習的能力,從每日以 10 億計的事件抽出高質的潛在網絡威脅項目,以揭露盲點並提醒用戶注意可疑活動;
  • 以雲端為本的獨特架構能收集圍繞 5 個核心因素的重要數據,包括用戶、裝 置、資源、過程及行為,從而分析及設定安全政策;
  • 提供資料的完全檢驗時序記錄,結合簡單的搜尋介面,協助分析師快速決定提 升企業安全設置所需的行動;  
  • 零配置代理外更可擴展至支援超過 10,000 個配置代理而不會影響表現;
  • 就《通用數據保障條例》(GDPR)、ISO 27001、HIPAA 及 PCI DSS 為用戶提供支援,並已具備隨時可用的安全政策。

Fortinet 安全解決方案經理吳維穎(上圖)透露,未來 Fortinet 主要集中 4 個保安領域,包括:網絡保安、雲端保安、IoT與營運技術保安,以及端點、應用和存取保安。他相信,下一波攻擊將會是保安廠商與黑客之間的 AI/ML 攻防戰。

「我們會採用 AI 去學習和預測黑客的行為和攻擊手法,但換過來說,黑客同樣可以借助 AI 去預測我們如何防範攻擊。所以明年我們將在客戶端設置多個 Deception 產品,原理與 Honeypot(蜜罐)類同。」吳維穎指出, 過去 Honeypot 只會放在 Fortinet 的伺服器上引誘黑客攻擊,繼而作出分析,如今則設置於客戶端,誤導黑客以為他們所盜取的是真的客戶資料。

2019 保安趨勢預測

吳維穎續指,有些攻擊可能會受人、過程及技術的改變而受到干擾,例如利用機器學習和自動化來處理需要大量人 力監督和介入、既沉悶又耗時的工作。隨著機器學習和自動化漸趨普及化,他預期網絡罪犯很可能會實施以下策略,建議企業緊密關注:

  • 人工智能模糊測試(Artificial Intelligence Fuzzing,AIF)及漏洞檢測模糊測試一向是專業實驗室研究人員用來偵測硬件和軟件介面及應用程式漏洞的精密技術。透過在介面或程式輸入無效、無關連性或半隨機的數據,研究人員會進行監察並檢測程式崩潰、沒有記錄的跳轉、偵錯常式、錯誤代碼和潛在的記憶體流失等事件。隨著加入機器學習功能,預測這種技術將會變得更有效和量身定制。由於網絡犯罪分子開始利用機器學習來開發自動化模糊測試程式,他們將可加快發現零日漏洞,並增加針對不同程式和平台的零日攻擊。
  • 利用 AIF 的零日挖掘:AIF 可以利用受控環境中的代碼來挖掘零日漏洞,零日攻擊的速度亦會顯著加快。一旦啟用零日挖掘即服務,將徹底改變企業處理保安問題的方法,因為這些零日攻擊的出現將變得難以預測,也無從計算正確的防禦方法。現時,很多機構正使用獨立或傳統且過時的防護工具,令保安變得更具挑戰性。
  • 零日的「代價」:一直以來,零日漏洞的代價都很高,因為發挖需要大量時間、精力和技能。但隨著人工智能技術的應用,這些漏洞成果 將從極為稀有變成一件商品。急劇加速的漏洞數量與種類,包括快速製造零日漏洞的能力並將之轉化成一種服務,可能會徹底改變暗網上的服務類型和成本。
  • 投毒的機器學習:機器學習是其中一個在防禦保安工具包裏最有保證的工具。你可 以調控保安裝置和系統自動執行特定任務,例如行為基線、使用行爲分析來識別複 雜的威脅風險或者追蹤和修復裝置,惟網絡罪犯同時亦會濫用這項技術。針對 機器學習流程,網絡罪犯可以調控裝置或系統,以停止使用漏洞修補或更新某個特定 裝置、忽視特定的應用程式種類或行爲,或者暫停記錄特定流量以逃避偵測。
資料來源:
https://unwire.pro/2018/12/06/fortinet-2/security/
 ]]>
2019-01-30
<![CDATA[【2019年預測】Fortinet:網絡攻擊將更聰明更精密]]> http://www.phitech.com.tw/news/index.php?news_id=882 隨著機器學習及自動化漸趨普及,Fortinet 預測網絡罪犯很可能利用人工智能作 Fuzzing、推出 Swarm-as-a-Service,甚至可能於機器學習防禦系統中放毒。

2018 年第三季整體威脅持續上升

Fortinet 代表 Cherry Fung 及 Nick Ng 於發布會中簡述第三季情況,整體威脅持續上升。當中,惡意程式依然肆虐,由於容易搵錢,挖礦劫持(Cryptojacking)問題進一步擴大。惡意入侵方面,Nick 指出不少是針對過去的漏洞,因為不少企業仍未修補漏洞,令網絡罪犯有機可乘,而排第一位的惡意程入侵繼續是針對 Apache Struts,各位要留意。

【2019年預測】Fortinet:網絡攻擊將更聰明更精密
整體網絡威脅持續上升,以惡意程式尤甚。
黑客都識得人工智能模糊測試及漏洞檢測

引入機器學習技術之後的人工智能模糊測試(Artificial Intelligence Fuzzing,AIF)可加快發現零日漏洞,網絡保安專家可藉此加快修補。不過,Fortinet 預計網絡罪犯將可能利用同樣技術,零日攻擊速度加快,甚至發展為「zero-day mining-as-a-service」,情況將會非常危險,因為零日攻擊是難以預測,亦難以計算正確防禦方法,這將會是個大挑戰。

Swarm-as-a-Service — 蜂群智能即服務

過去幾年,網絡專家利用 Swarm 技術提升偵測軟件系統的效能,不過 Fortinet 發現網絡罪犯亦開始利用 Swarm 技術,令 Botnet 進化為 Hivenet(蜂巢網絡)。其特點是 Botnet 高度自動化以及可以互相協調,大規模的Hivenet 攻擊令防禦更難。另外,網絡罪犯更可以制訂菜單,為犯罪商人提升更方便的攻擊選項服務,Swarm-as-a-Service 有可能成為犯罪商人的熱賣商品。

於機器學習防禦系統中放毒

機器學習是近年最得寵的技術,透過輸入大量數據如行為基線、使用行爲,讓人工智能學懂識別複雜的威脅風險或者追蹤和修復裝置。不過,網絡罪犯亦有可能針對機器學習流程「教壞」人工智能,例如生產超大量假數據誤導機器學習、調控裝置或系統等,對網絡保安人員將會是個撠手問題。

Fortinet 收購雲端威脅分析公司 ZoneFox

Cherry Fung 表示,Fortinet 剛完成的收購雲端威脅分析公司 ZoneFox,目的正是為增加機器學習為本的威脅偵測及反應能力。未來,Fortinet 會將 ZoneFox 以雲端為本的網絡威脅捕獵技術與 Fortinet 現有的端點及安全性資訊與事件管理(SIEM)保安產品結合,為客戶提供一個全面的方法去防禦內部威脅、清除網絡盲點,保護正在擴張中的可攻擊面。

【2019年預測】Fortinet:網絡攻擊將更聰明更精密
(左)Nick Ng, Security Solutions Manager for Hong Kong, Macau and Mongolia, Fortinet;(右) Cherry Fung, Fortinet’s regional director for Hong Kong, Macau and Mongolia, Fortinet

資料來源:
https://wepro180.com/editorial-feature/%E3%80%902019%E5%B9%B4%E9%A0%90%E6%B8%AC%E3%80%91fortinet%EF%BC%9A%E7%B6%B2%E7%B5%A1%E6%94%BB%E6%93%8A%E5%B0%87%E6%9B%B4%E8%81%B0%E6%98%8E%E6%9B%B4%E7%B2%BE%E5%AF%86/]]>
2019-01-23
<![CDATA[Rapid7 Releases Metasploit 5.0]]> http://www.phitech.com.tw/news/index.php?news_id=888 Rapid7 on 1/11 announced the release of Metasploit 5.0. The latest major version of the popular penetration testing framework introduces several new important features, improved performance, and its developers say it should be easier to use.

According to Rapid7, Metasploit 5.0 brings significant changes in terms of database and automation APIs, improving the way the platform interacts with data and other tools. Metasploit has been using the PostgreSQL database system, but the latest version also allows users to run the database as a RESTful service, enabling interaction with Metasploit consoles and external tools.

There is also a new JSON-RPC API that should make it easier to integrate the framework with new tools and languages. In addition, Metasploit’s own automation protocol is now complemented by a common web service framework for the database and automation APIs.

Metasploit 5.0 releasedAnother significant improvement in Metasploit 5.0 is related to evasion modules and libraries. Penetration testers can now generate their own evasion modules more easily using the C programming language.

The latest version also enables the execution of an exploit module against multiple targets at a time.

Other improvements include faster and more advanced search functionality for modules, a new metashell feature, and support for three new languages – Go, Python and Ruby – for external modules.

Metasploit 5.0 is currently available from its official GitHub project. Rapid7 says it’s in the process of informing third-party developers that Metasploit 5.0 is stable – Linux distributions such as Kali and ParrotSec are shipped with Metasploit.

“Metasploit 5.0 offers a new data service, introduces fresh evasion capabilities, supports multiple languages, and builds upon the Framework’s ever-growing repository of world-class offensive security content,” wrote Brent Cook, engineering manager for Metasploit at Rapid7. “We’re able to continue innovating and expanding in no small part thanks to the many open source users and developers who make it a priority to share their knowledge with the community. You have our gratitude.”

Related: NSA-Linked Hacking Tools Ported to Metasploit

Related: Rapid7 Adds Hardware Testing Capabilities to Metasploit

Related: Vulnerable Services Emulator Released for Metasploit

Related: New Encrypted Downloader Delivers Metasploit Backdoor


資料來源:

https://www.securityweek.com/rapid7-releases-metasploit-50?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

]]>
2019-01-16
<![CDATA[Fortinet Solutions for the Hospitality Industry]]> http://www.phitech.com.tw/news/index.php?news_id=881

The hospitality industry continues to grow and evolve, deploying an increasing number of new technologies to enhance and customize guest experiences. As part of the hospitality digital transformation, an increasing volume of data and applications are rapidly moving to the cloud, which also unintentionally expands the attack surface. The Fortinet Security Fabric offers an extensive set of network security capabilities to unify a hotel’s security infrastructure and provide broad protection from advanced threats.

With the Fortinet Hospitality Solution, you can:

  • Connect and protect all branches from headquarters to chain locations
  • Secure guest Wi-Fi, in-room entertainment systems, and reservation systems
  • Achieve integrated security flexible enough to fit the unique needs of any hotel
Hospitality Location Network Hospitality Headquarters Network
 
 
Protecting Hotels and Guests with the Fortinet Security Fabric
 

Protecting Hotels and Guests with the Fortinet Security Fabric

Download the white paper for more information 
A New Guest Experience Requires a New Approach to Security
 

A New Guest Experience Requires a New Approach to Security

Learn more 
Security Transformation in Hospitality
 

Security Transformation in Hospitality

Find out more in the eBook 
 
UTM for hotel network security

Network security

Hoteliers looking for comprehensive security need to consider a company that offers proven end-to-end protection. The revolutionary Fortinet Security Fabric is the only offering that provides true integrates security at every angle of an infrastructure. As the leader in unified threat management (UTM), ensure your hotel is secured from internal, external, and branch-wide advanced threats. 

hotel network connectivity

Network connectivity

Enhance the functionality of hospitality networks with ease from Fortinet integrated solutions. Fortinet's solution offers simple deployment for quick ramp up time. Gain end-to-end visibility across the network that is simultaneously easy to manage with a single pane of glass. In addition, gain enhanced performance all while saving resources and your bottom line. 

Hotel presence analytics

Presence analytics

FortiPresence analytics empowers hotel to track and even influence guest experiences during their stay. The FortiPresence solution combines advanced analytics with a sophisticated customer engagement engine that includes social Wi-Fi to help hotels influence guests and increase purchases.

]]>
2019-01-09
<![CDATA[DialogicONE – Working with Smart Speakers]]> http://www.phitech.com.tw/news/index.php?news_id=880 DialogicONE – Working with Smart Speakers-->

by Peter Kuciak

Nov 2, 2018 11:30:00 AM

smartspeaker-office (002)We now live in a time where most of us have heard of smart speakers and quite a few of us have one (or two or more). According to our friends at Gartner, Ovum, and Voicebot.ai who specialize in smart speaker research, the world has adopted these tiny devices into their homes at an incredible rate. Living rooms and kitchens are the most popular locations to place them, and Amazon has over 70% of the market. Looking at recent reports, 1 in 5 U.S. adults have a smart speaker, for a total of over 48M in the U.S. alone.

Some of us, myself included, have quite of few of these devices as they allow us to automate our homes and cottages, as well as provide timely information and hands-free communication with friends and family. Amazon Echo Show has been great for video calls with my kids away in University. Smart speakers also assist with simple tasks like boiling the perfect egg, or the highly complex task of figuring out who was the second-to-last president of [fill in the country] to win that round of a trivia game.

Some of the initial “skills,” “intents,” and “capabilities” of smart speakers have been pretty simple. However, as the features and applications that run on smart speakers continue to grow, the interactions are getting more complex.

Let’s have a peak at the challenges a service provider might run into in order not only to cover the Amazon and Google camps of smart speakers, but also to have that conversational user interface behave the same on all smart phones. What if a service provider wanted to create an excellent (read - excellent user experience) solution that would allow you to ask any relevant question from your CSP, such as Verizon, TELUS, Vodafone, BT, or Softbank? What if your question was not static, which you could easily google or find in an FAQ, but contained ever changing details? What if the question was specifically connected to YOU, for example: “How much data has my family used this month?” Or what if it was even more complex: “Can you tell me when I can upgrade to the new iPhone XS?” Or try an even harder request: “Setup a voice conference tomorrow at noon with my kids.” I would fully expect this to dial my family’s respective 5 phones and put us into an HD conference call as a service available from my CSP.

Ah yes and I also want this smart speaker/smart phone solution to:

  • work more or less the same on Google and Amazon smart speaker devices
  • be context-aware of our conversation so I do not have to make requests in fully qualified statements, but rather to ask in a natural manner
  • behave the same on my mobile phone as well so I can get the same user experience while on the road
  • last but not least, I DO NOT want this to be just a first step that will end up sending me to call center “Mike” in a far-away location … if this solution is not able to take concrete actions, and I get transferred to a human (unless I ask specifically) because the system is unable to help me, then it is a total failure!

Oh and one last thing: as a developer of implementing such a beautiful solution for smart speakers and mobile phones, I want to do the work once – not twice, not three times - once!

As I mentioned in my previous blog, here at Dialogic we have been helping customers develop solutions that include smart speakers and conversational user interfaces. We got quite tired of doing the same things two and three times – plus maintaining three different sets of code to make it all happen. So instead, we developed a few new services within DialogicONE to make it all better :-)

There are a couple of different ways to do this. To begin, CSPs can certainly start by using DialogicONE as the data model repository of the conversational user interface for smart speakers (Google and Amazon) and for mobile apps. Or, they can import one of the smart speaker solutions into DialogicONE and manage it in DialogicONE. From that point forward they’ll be able to push it out to both sides of the smart speaker world (Amazon and Google) and to mobile apps as well.

Ah much better now. Rest assured that if we have to do things twice, just because there is fragmentation out there, we’ll put our smart hats on and develop a solution so that CSPs do not have to. DialogicONE servers are also utilized to perform cache functionality that reduces the latency of going to AI engines to figure out what the user is asking – but that is a much deeper subject that I can discuss another time.

In my next blog post, I’ll talk about one of the coolest recent technologies - Artificial Intelligence! I’ll do a quick primer to show you the state of the industry, and then describe HOW CSPs can leverage AI to create incredible applications and services with DialogicONE.

Topics: Internet of Things, Communications Application Development

資料來源:
https://blog.dialogic.com/blog/dialogicone-working-with-smart-speakers?utm_source=hs_email&utm_medium=email&utm_content=67208498&_hsenc=p2ANqtz--LLJcVVcH31u5GNXeoT4q1YMkqri9MmDJIZjrRmQOxOe5wAo38gvmR-YQ7VER8gurcfpKKkmcByAgYD1n68EuPJZ7ApK0w8Q1qwKx9ya46fh0gj0s&_hsmi=67208498
 

]]>
2019-01-02
<![CDATA[Fortinet Acquires Cloud-Based Threat Analytics Company ZoneFox]]> http://www.phitech.com.tw/news/index.php?news_id=877 Sunnyvale - Oct 23, 2018 -

 

Ken Xie, founder, chairman of the board and chief executive officer, Fortinet

“Enterprise organizations are experiencing a dramatic increase in the number of endpoints and users accessing data and cloud resources, which is also increasing the need to defend against insider threats. In fact, 30 percent of breaches involved insiders acting negligently or maliciously according to the 2018 Verizon Data Breach Investigations Report. By combining ZoneFox’s cloud-based threat-hunting technology with Fortinet’s existing endpoint and SIEM security offerings, we are well positioned to provide our customers with an integrated approach to defend against insider threats, eliminate network blind spots and protect today's expanding attack surface with automation and machine learning.”

News Summary          

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today completed the acquisition of ZoneFox Limited, a privately-held cloud-based insider threat detection and response company headquartered in Edinburgh, Scotland. The acquisition further enhances the Fortinet Security Fabric and strengthens Fortinet’s existing endpoint and SIEM security business by providing customers with:

  • Deeper visibility into endpoints and associated data flow and user behavior, both on and off the network
  • Machine learning capabilities able to distill billions of events per day into high-quality threat leads to uncover blind spots and alert users of suspicious activities
  • A unique cloud-based architecture that captures essential data around five core factors - user, device, resource, process, and behavior - to analyze and configure policies easily
  • Full forensics timeline recording of information, combined with a simple search interface that helps analysts quickly determine the actions needed to boost an enterprise’s security posture
  • A zero-configuration agent that is easy and fast to deploy; the solution can scale up to support over 10,000 agents without performance loss
  • Out-of-the-box support for GDPR, ISO 27001, HIPAA and PCI DSS, with “ready-to-go” policies

The integration of ZoneFox’s award-winning machine learning-based threat-hunting technology will complement FortiClient endpoint security to provide endpoint detection and response (EDR) capabilities and will extend FortiSIEM with additional user entity behavior analytics (UEBA) features, both on-premises and in the cloud. Fortinet expects that the new endpoint security capabilities provided by ZoneFox will allow enterprise organizations to better leverage machine learning to detect anomalous behavior and provide an even faster response to insider threats.

Dr. Jamie Graves, chief executive officer and founder, ZoneFox

“We’re pleased to join the Fortinet team and bring together our shared vision of alleviating CISO concerns about insider threats. Integrating our solution with the Fortinet Security Fabric will allow us to extend our reach to a broad spectrum of Fortinet and third-party solutions to solve customers’ most difficult challenges in network security.”

Additional Resources


資料來源:
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2018/fortinet-acquired-cloud-based-threat-analytics-company-zonefox.html
]]>
2018-12-26
<![CDATA[Fortinet 列入標準普爾 500 指數成份股]]> http://www.phitech.com.tw/news/index.php?news_id=876 Fortinet 創辦人、董事長暨執行長謝青表示,「我們很高興能列入標準普爾指數,這項里程碑對 Fortinet 來說是非常重要的肯定。自從 2009 年上市以來,Fortinet 持續獲利,且每季相對同期營收均達 2 位數成長。」

謝青進一步指出,「遍及全球的業務、不斷創新的承諾,以及獨特的 Security Fabric 安全織網平台,都讓 Fortinet 與眾不同。不僅能解決客戶最棘手的問題,還能讓他們在快速演變的網路威脅環境下,實現數位轉型的目標。」

Fortinet 自 10 月 11 日正式列入 S&P 500 指數,取代 Envision Healthcare Corp.,之前 Fortinet 為 S&P 中型股 400 指數成份股。Fortinet 在 GICS 產業分類為資訊科技(information technology),次分類為系統軟體(system software)。

資料來源:
http://technews.tw/2018/10/23/fortinet-sp-500/

]]>
2018-12-19
<![CDATA[Fortinet Discovers New Android Apps that Mine the Unminable]]> http://www.phitech.com.tw/news/index.php?news_id=875 By Axelle Apvrille | October 11, 2018
rippleminer

Cryptocurrencies don't all work the same way. Some are minable, some aren't. For example, Ripple (XRP), Cardano (ADA) and Tether (USDT) aren't minable.

Despite this fact, several applications pose as miners for those currencies on Android ;) Do not be fooled, they are all malicious, if not scams.

It's not the first time that researchers have spotted such miners on Android marketplaces: Lukas Stefanko already noticed some in February. However, the samples below are new and are believed to have been hiding under the radar since May 2018.

A collection of fake miners created by developer 'lovecoin'. You'll notice some of them claim to mine Ripple, Cardano and Tether...

Fake Mining

The app displays a (fake) miner as below.

App claims you start mining Ripple by pressing the Start button...This is impossible.

But check the code: the mining speed is generated randomly.

  • A new thread is created
  • The mining speed is absolutely fake. The digit before and after the comma are random.
  • The random numbers are displayed (setText)
  • There is no mining at all... (and for Ripple, it's impossible by design anyway) 
Fortinet FortiGuard Labs Threat Research

Withdraw Currencies

The app has a menu, and one of the possible choices is "Withdraw" to presumably collect your mined currencies. At this point, you probably won't be surprised that this withdrawal will not succeed.

To the question "Are you want to Withdraw now?" (English as in code...), there are only two alternatives:

  1. Yes. Then, the application complains your wallet address is incorrect. Too bad ;-)
  2. No. Closes the window.

So, in all cases, you won't be able to withdraw.

Fortinet FortiGuard Labs Threat Research

What's Their Business?

As far as we know, the only business around those applications is for their author to display ads and collect revenue:

Fortinet FortiGuard Labs Threat Research

So, basically, the idea is to fool the end-user in downloading an adware.

Protection

Fortinet customers are protected from these scams, detected as Riskware/FakeMiner!Android.

-- the Crypto Girl

IOC

Unminable:

 

  • 9ccfc1c9de7934b6f1c958d73f8e0b969495fce171e48d642ec4c5bad3dc44cb
  • 8890366fc67c5a896d7494b3de3cf87debe0d0f96548cec9f81d072e3442716b
  • 4a67d5c5bf0e1dba3d215c15e95ce1bdbd2f9fca4e103a0e702161d6efc3aae6

Fake miners of the same family:

  • 0a25f286986149202eda1fdb336f80a6a035d0966a785573e676217151b7ccba
  • 7054160813fddd4a94e393eba4764cda356e631f229f69a062e5a34ec39e1cb4
  • 074c93f24e9de178a4af73e69d26c1da06a29be0c6a4b0f8893b27add7ce47fe
  • 7403ab326a6afdb07a5e717792bf9dfea09303f044f1fdadea86c6b3a81f5030
  • a2ecfd59b8fdec7eb5d5a139bae77815c25ed347e05d57de9847210acce5d4f6
  • c06815b3e2c10d5bbb4a7aa1a15bad00eb79d012e5bb5a1a37d24c68eda1818