Fortinet Earns "Recommended" Rating from NSS Labs for the Company's Advanced Persistent Threats Breach Detection Systems
SUNNYVALE, Calif., April 2, 2014 - Fortinet, a global leader in high-performance network security, today announced its FortiSandbox-3000D is one of the top rated Breach Detection Systems (BDS), delivering 99 percent breach detection and zero false positives, based on real-world comparative analysis conducted by third party NSS Labs.
A Recommended rating from NSS Labs indicates that a product has performed well and deserves strong consideration. Only the top technical products earn a Recommended rating from NSS—regardless of market share, company size or brand recognition.
The full report with Security Value Map and testing methodology can be downloaded here: www.fortinet.com/resource_center/whitepapers/breach-detection-systems-beyond-hype.html
"Real-world third-party validation is an essential resource for enterprises considering security products to help cut through confusion caused by vendor marketing," said Fortinet CEO Ken Xie. "NSS Labs' testing continues to demonstrate Fortinet's commitment to meet high industry standards for security detection, performance, reliability, management and value. In this case, Fortinet's FortiGuard Labs expertise was integral in meeting and exceeding those high benchmarks, which are increasingly necessary to combat sophisticated cyber-threats and today's stealthy Advanced Persistent Threats."
Leveraging sophisticated research and test infrastructure that collects real threats and attack methods for concurrent delivery to the systems under test (SUT), NSS Labs utilized empirical data from its first ever Breach Detection Systems Group Test to produce a Security Value Map (SVM). The SVM measures the security effectiveness and value (cost per protected Mbps) of tested product configurations. Fortinet's FortiSandbox-3000D is one of the top performing systems out of six network security vendors (see Figure 1).
NSS Labs: "Recommends" FortiSandbox
As a result of testing against five other vendors' products, Fortinet's FortiSandbox-3000D earned a "Recommended" rating based on real-world testing that evaluated detection rate, device stability and reliability, effective management, performance and total cost of ownership. This latest vendor roundup is the industry's most comprehensive third-party test of Breach Detection Systems to date.
According to the NSS Labs' benchmark results, Fortinet's FortiSandbox-3000D passed 100 percent of the tests that gauged the reliability and stability of the device. In addition, NSS analysis found the FortiSandbox-3000D to have a 99 percent threat detection rate in a real-world testing environment that included more than 1,800 live exploits and malware samples. Both threat detection and reliability and stability scores were factored into a metric that led to a 99 percent rating in overall security effectiveness.
NSS Labs tests also confirmed the FortiSandbox-3000D as a high-performance BDS solution, with the majority of detections happening in three minutes or less. The FortiSandbox-3000D tied for the highest number of TCP connections per second at 225,000, and the appliance accurately delivered on stated throughput claims.
The "Recommended" rating speaks to the criticality of real-world third party testing and Fortinet's commitment to meeting and exceeding high industry standards.
When FortiSandbox is used in conjunction with a FortiGate NGFW and FortiGuard, Fortinet's Advanced Threat Protection (ATP) solution provides Access Control, Threat Prevention, Behavioral Analysis, Continuous and Monitoring to provide the best protection against targeted attacks.
"The Fortinet FortiSandbox-3000D was tested and rated by NSS at 1,000 Mbps, which is in line with the vendor's claim (Fortinet rates this device at 1,000 Mbps). NSS rated throughput is calculated as an average of the "Real-World" Protocol Mixes (Enterprise Perimeter, Education), and the 21 KB HTTP response-based tests," according to NSS Labs. "The Fortinet FortiSandbox-3000D detected 99% of HTTP malware, 98% of email malware, and 100% of exploits, giving an overall breach detection rating of 99.0%. The device passed all stability and reliability tests and detected 83% of evasions."
The FortiSandbox-3000D is a key component to help combat sophisticated malware and Advanced Persistent Threats (APTs) as part of a broader, integrated security framework.
The FortiSandbox consolidates specialized threat detection and intelligence services across protocols and functions into a single, high-performance and highly affordable appliance. At the core of the solution is a dual-level sandbox that effectively deals with the increasing sophistication of attacks that require more advanced inspection.
Key features include:
- Proactive Antimalware
- Real-time Cloud Query of Community Results
- Code Emulation
- Full Virtual Environment
- Callback Detection
- Actionable dashboards and reports
- Optional Submission to FortiGuard
The FortiSandbox-3000D can be integrated with Fortinet's FortiGate and FortiMail platforms for enhanced detection and threat mitigation or deployed on-premise on its own without changing any network configuration.
FortiSandbox Product Family
Further demonstrating the company's commitment to the Breach Detection Systems space, in February this year, Fortinet announced the FortiSandbox-1000D, a unique dual-level sandbox that features proactive pre-filtering, dynamic threat intelligence and rich reporting for small to mid-sized enterprises. As with the FortiSandbox-3000D, the FortiSandbox-1000D offers a consolidated approach to covering all protocols and functions in one appliance with the ability to deploy stand-alone or as an integrated extension of FortiGate and FortiMail appliances.
The FortiSandbox-3000D is available now, and the FortiSandbox-1000D is expected to ship later this month. To learn more about the FortiSandbox family of Advanced Threat Detection products or other Fortinet network security products, please visit www.fortinet.com. For a no-risk evaluation of our FortiGate family of High Performance Data Center Firewalls, Enterprise Next Generation Firewalls or smaller Unified Threat Management devices, please visit: http://www.fortinet.com/how_to_buy/try_and_buy.html
Fortinet Webinar: Beyond the Hype: NSS Labs Tests Today's Breach Detection Systems
On Tuesday, May 13, at 9:00 a.m. PT, Fortinet will host a live webinar with NSS Labs that will cover:
- Establishing real-world test methodology for BDS
- Real-world test results, including "Recommendations" and "Cautions"
- How Fortinet's FortiSandbox performed in real-world conditions
Register for the event here: https://attendee.gotowebinar.com/register/6540954349161736450
Fortinet (NASDAQ: FTNT) helps protect networks, users and data from continually evolving threats. As a global leader in high-performance network security, we enable businesses and governments to consolidate and integrate stand-alone technologies without suffering performance penalties. Unlike costly, inflexible and low-performance alternatives, Fortinet solutions empower customers to embrace new technologies and business opportunities while protecting essential systems and content. Learn more at www.fortinet.com.
Copyright © 2014 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and unregistered trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiManager, FortiMail, FortiClient, FortiCare, FortiAnalyzer, FortiReporter, FortiOS, FortiASIC, FortiWiFi, FortiSwitch, FortiVoIP, FortiBIOS, FortiLog, FortiResponse, FortiCarrier, FortiScan, FortiAP, FortiDB, FortiVoice and FortiWeb. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties, such as NSS Labs, and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, binding specification or other binding commitment by Fortinet, and performance, functionality and other specification information herein may be unique to certain environments. This news release may contain forward-looking statements that involve uncertainties. Changes of circumstances, product release delays, changes in product plans and other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this press release. If the uncertainties materialize prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and expressly disclaims any obligation to update forward-looking statements.