subscribe: Daily Newsletter


Fortinet earns NSS Labs rating


Fortinet, a global leader in high-performance network security, announced its FortiSandbox-3000D as one of the top rated Breach Detection Systems (BDS), delivering 99% breach detection and zero false positives, based on real-world comparative analysis conducted by third party NSS Labs.

A recommended rating from NSS Labs indicates that a product has performed well and deserves strong consideration. Only the top technical products earn a Recommended rating from NSS – regardless of market share, company size or brand recognition.

“Real-world third-party validation is an essential resource for enterprises considering security products to help cut through confusion caused by vendor marketing,” said Fortinet CEO Ken Xie.

“NSS Labs’ testing continues to demonstrate Fortinet’s commitment to meet high industry standards for security detection, performance, reliability, management and value. In this case, Fortinet’s FortiGuard Labs expertise was integral in meeting and exceeding those high benchmarks, which are increasingly necessary to combat sophisticated cyber-threats and today’s stealthy Advanced Persistent Threats.”

Leveraging sophisticated research and test infrastructure that collects real threats and attack methods for concurrent delivery to the systems under test (SUT), NSS Labs utilised empirical data from its first ever Breach Detection Systems Group Test to produce a Security Value Map (SVM).

The SVM measures the security effectiveness and value (cost per protected Mbps) of tested product configurations. Fortinet’s FortiSandbox-3000D is one of the top performing systems out of six network security vendors.

As a result of testing against five other vendors’ products, Fortinet’s FortiSandbox-3000D earned a “Recommended” rating based on real-world testing that evaluated detection rate, device stability and reliability, effective management, performance and total cost of ownership. This latest vendor roundup is the industry’s most comprehensive third-party test of Breach Detection Systems to date.

According to the NSS Labs’ benchmark results, Fortinet’s FortiSandbox-3000D passed 100% of the tests that gauged the reliability and stability of the device. In addition, NSS analysis found the FortiSandbox-3000D to have a 99% threat detection rate in a real-world testing environment that included more than 1,800 live exploits and malware samples.

Both threat detection and reliability and stability scores were factored into a metric that led to a 99% rating in overall security effectiveness.

NSS Labs tests also confirmed the FortiSandbox-3000D as a high-performance BDS solution, with the majority of detections happening in three minutes or less. The FortiSandbox-3000D tied for the highest number of TCP connections per second at 225,000, and the appliance accurately delivered on stated throughput claims.

The “recommended” rating speaks to the criticality of real-world third party testing and Fortinet’s commitment to meeting and exceeding high industry standards.

When FortiSandbox is used in conjunction with a FortiGate NGFW and FortiGuard, Fortinet’s Advanced Threat Protection (ATP) solution provides access control, threat prevention, behavioural analysis, continuous and monitoring to provide the best protection against targeted attacks.

“The Fortinet FortiSandbox-3000D was tested and rated by NSS at 1,000 Mbps, which is in line with the vendor’s claim (Fortinet rates this device at 1,000 Mbps). NSS rated throughput is calculated as an average of the “Real-World” Protocol Mixes (Enterprise Perimeter, Education), and the 21 KB HTTP response-based tests,” according to NSS Labs.

“The Fortinet FortiSandbox-3000D detected 99% of HTTP malware, 98% of e-mail malware, and 100% of exploits, giving an overall breach detection rating of 99%. The device passed all stability and reliability tests and detected 83% of evasions.”

The FortiSandbox-3000D is a key component to help combat sophisticated malware and Advanced Persistent Threats (APTs) as part of a broader, integrated security framework.

The FortiSandbox consolidates specialised threat detection and intelligence services across protocols and functions into a single, high-performance and highly affordable appliance. At the core of the solution is a dual-level sandbox that effectively deals with the increasing sophistication of attacks that require more advanced inspection.

Key features include:

* Proactive anti-malware;
* Real-time cloud query of community results;
* Code emulation;
* Full virtual environment;
* Callback detection;
* Actionable dashboards and reports; and
* Optional submission to FortiGuard.

The FortiSandbox-3000D can be integrated with Fortinet’s FortiGate and FortiMail platforms for enhanced detection and threat mitigation or deployed on-premise on its own without changing any network configuration.