Next Generation Firewalls (NGFW)
Next Generation Firewall technologies from Fortinet offer integrated, high-performance protection against today's wide range of advanced threats targeting your applications, data, and users. In today’s environment, businesses are realizing that traditional enterprise network security solutions such as firewalls, intrusion detection systems and host-based antivirus are no longer adequate to protect against new, sophisticated attacks. In order to defend networks against the latest threats, NGFW should include, at a minimum, an integrated intrusion prevention system (IPS) with deep packet scanning, the ability to identify and control applications running over a network, and the ability to verify a user’s identity and enforce access policies accordingly. In addition, Fortinet now offers Advanced Threat Protection (ATP) in Fortigate Next Generation Firewalls providing enhanced security tools to combat and mitigate multi-vector persistent attacks.
Integrated Intrusion Prevention System (IPS)
Fortinet IPS offers a wide range of features that can be used to monitor and block malicious network activity including; predefined and custom signatures, protocol decoders, out-of-band mode (or one-arm IPS mode), packet logging, and IPS sensors. Backed by automatic, real-time updates delivered byFortiGuard Global Threat Research Team, FortiGate NGFW technology leverages a database of thousands of unique attack signatures as well as anomaly-based detection techniques that enables the system to stop attacks that might evade conventional firewall defenses and recognize threats for which no signature has yet been developed.
Application Identification and Control
Traditional firewall protection detects and restricts applications by port, protocol and server IP address, and cannot detect malicious content or abnormal behavior in many web-based applications. Next generation firewall technology from Fortinet with Application Control allows you to identify and control applications on networks and endpoints regardless of port, protocol, and IP address used. It gives you unmatched visibility and control over application traffic, even unknown applications from unknown sources and inspects encrypted application traffic. Protocol decoders normalize and discover traffic from applications attempting to evade detection via obfuscation techniques. Following identification and decryption, application traffic is either blocked, or allowed and scanned for malicious payloads. In addition, application control protocol decoders detect and decrypt tunneled IPsec VPN and SSL VPN traffic prior to inspection, ensuring total network visibility. Application control even decrypts and inspects traffic using encrypted communications protocols, such as HTTPS, POP3S, SMTPS and IMAPS.
When a user attempts to access network resources, Fortinet Next Generation Firewalls will identify the user from a list of names, IP addresses and Active Directory group memberships that it maintains locally. The connection request will be allowed only if the user belongs to one of the permitted user groups, and the assigned firewall policy will be applied to all traffic to and from that user.