Fortinet, a world leader in high-performance network security, has answered the question “what’s next in next-generation enterprise firewalls?” with new features within its FortiOS 5 operating system, which serves as the foundation for the company’s award-winning FortiGate network security platform.

The new update includes:
* Feature select – with one-click, customers can choose from a variety of security configuration options, including: High Speed Firewall, NGFW, ATP, Web Filtering, UTM and others;
* Contextual visibility – gives organisations real-time and historical insight on network use based on application, user and device; and
* Advanced threat protection (ATP) – enhanced security tools combat multi-vector persistent attacks.

“Security buyers may seek a combination of firewall options, such as NGFW, unified threat management (UTM), virtual and stateful firewalls, to meet a wide range of typical enterprise needs, such as data centre, small offices or highly distributed enterprises, as cost-effectively as possible,” says Eric Ahlm, research director at Gartner.

“In order to increase protection, simplify management and reduce costs, enterprises today are migrating away from multi-vendor firewall environments in favour of a single-vendor model,” says John Maddison, VP of marketing for Fortinet.
“For example, an enterprise may have high-performance firewalls for its data centres, NGFWs for their campus perimeters and UTMs for their distributed offices. With its singular focus on innovating security and security-focused R&D, only Fortinet provides a true Network Security Platform with a wide array of robust security functionality for data centres, campus perimeter and distributed offices.”

With Fortinet Feature Select, enterprises can quickly and easily configure their FortiGate appliances based on their unique business and security requirements. These preset configurations can be done with a single button click at the time of system setup or at any time during the system’s deployment.

Configuration options include high-performance Firewall (includes VPN), NGFW (includes Firewall, intrusion prevention and application control); ATP (includes advanced threat protection and endpoint control); WF (includes Web filtering and explicit proxy); NGFW + ATA (includes NGFW and ATP features) and UTM (includes all previously mentioned features plus e-mail filtering, data loss prevention, vulnerability scanning).

The new Contextual Visibility feature in FortiOS 5 gives administrators deeper insights into historic or realtime network activities using detailed analytics. The types of data that can be extracted include IP and Port, geographical IP, session type, user names, network usage, network coverage and the types of applications and devices that are connecting to the network.

With this, administrators can use correlated data to identify top clients associated with particular threats and further isolate suspicious Web sites and IP addresses. This is available through the client reputation function.

ATAs, also referred to as APTs, target specific organisations, infiltrate from multiple vectors and can remain stealthy for an undetermined amount of time before exfiltrating data.
The new FortiGuard Advanced Threat Protection Service offers a multi-pronged approach to security that helps protect against attacks that could arrive via zero day vulnerability, undiscovered malware, phishing e-mails and/or password hacks. The features within the ATP service include botnet blacklisting, anti-malware signatures and cloud-based sandboxing.