FortiSandbox-3000D

FortiSandbox-3000D is a hardware-software complex, the firewall of new generation, combines in one device service of two-level "sandbox" (sandbox), dynamic analysis of threats, the instrument interface in real time and the detailed reporting

On November 20, 2013 the company Fortinet announced release of FortiSandbox-3000D. This device will provide to corporate users the powerful instrument of fight against purposeful steady threats (APTs). The new solution functions together with firewalls of new generation Fortinet FortiGate (NGFW), the gateway for protection of e-mail FortiMail.

Appointment

Fortinet firewalls act as the first line of defense, scanning and reducing the level of threats. Their sharing with FortiSandbox helps to reveal and check suspicious files, and then to set the updated protection level on the basis of complete lifecycle of threat. Using the new version of FortiMail 5.1, gateways for protection of e-mail against Fortinet can reveal suspicious messages and transport them on FortiSandbox for the detailed analysis.

Description

FortiSandbox-3000D can be unrolled as the independent solution, without any changes in network configurations, or as complex implementation, the device can be integrated into platforms FortiGate and FortiMail for the improved detection and decrease in number of threats.

According to the concept of new product development of Fortinet, in one available and highly effective FortiSandbox device opportunities for detection of threats and also functions of detection of harmful activity through protocols are integrated. At the heart of the solution there is two-level 'sandbox' for effective work on a difficult technique at the level of virtual devices (VM) with the becoming complicated attacks requiring more advanced control.

Main Functions

• Dynamic protection against malware, on the basis of a cloud service of updates: FortiSandbox receives updates from FortiGuard Labs laboratory and can send requests back to laboratory in real time, allowing to detect without delay the threats which are already existing and only arising

• Emulation of the code: Accomplishment of the facilitated check in "sandbox" in real time, including start of the malware in a specific system environment

• Complete virtual environment: provides runtime environment for the analysis of high risk or the suspicious code and also a research of complete lifecycle of threat

• Expanded observability: Allows to receive exhaustive data on work of networks, systems and files and also to classify them by risks to reduce a response time in case of an incident

• Detection of the return network addresses: performs inspection of network traffic on existence of requests for visit of the harmful websites, link establishment with the C&C servers and other actions capable to compromise network

• Manual analysis: allows security administrators to load manually samples of malware for accomplishment of a virtual sandbox without the need for the separate device

• Additional access to FortiGuard services: Tracer reports, harmful files and other information can be sent to a research to FortiGuard Labs laboratory to receive recommendations and the corresponding updated protection

"The release of the solution FortiSandbox is the direct response Fortinet to growth of purposeful steady threats which use harder and harder methods to remain unnoticed security systems", - noted Andrey Rogovoy, the area director across Russia and the CIS Fortinet. - Thanks to our long-term researches of threats and their development, we found out that for effective fight against APT check of file activity is necessary addition to inspection of characteristics. Today our customers have an opportunity easily and with the minimum costs to carry out the detailed analysis of specific threats in the networks, with additional benefit of simultaneous use of solutions FortiGate and FortiMail, for decrease in number of threats in real time".

Availability

The product FortiSandbox-3000D is available.