Cyber Threat Assessment

Last year, over 780 enterprises were breached as a result of poor internal security practices and latent vendor content security. The average cost of a corporate security breach is estimated at $3.5 million USD and is rising at 15% year over year. Intrusions, malware/botnets and malicious applications collectively comprise a massive risk to your enterprise network. These attack mechanisms can give attackers access to your most sensitive files and database information. FortiGuard Labs mitigates these risks by providing award-winning content security and is consistently rated among industry leaders by objective third parties such as NSS Labs, VB 100 and AV Comparatives.

Request More Information

Name(*)
Invalid Input

Company
Invalid Input

Phone Number
Invalid Input

Email(*)
Invalid Input

State
Invalid Input

Cyber Threat Assessment Report

The Cyber Threat Assessment is an analysis of your infrastructure, after which you will recieve a report with it's findings. This report represents a summary of these findings and presents a set of recommendations for addressing the detected events. The analysis is based on data collected using a comprehensive set of characteristics.

Sample Report

Download Sample Report

Deployment and Methodology

During this assessment, traffic will be monitored as it moves over the wire and logs are recorded. These logs are typically categorized by their log type. While traffic logs record much of the session information flowing across your network, Fortinet can also monitor more in-depth security logging, such as IPS, anti-virus, web and application control. This assessment was created based on telemetry from all log types and is meant to provide a big picture view of your network's activity. Used in conjunction with FortiAnalyzer, FortiGates can provide additional functions such as event management (e.g. alerts when malicious activity is detected), FortiView analytics and filtering (e.g. investigating specific user activity) and advanced reporting (e.g. detailed reports on security, user and even wireless activity).

Executive Summary

Security and Threat Prevention

Last year, over 780 enterprises were breached as a result of poor internal security practices and latent vendor content security. The average cost of a corporate security breach is estimated at $3.5 million USD and is rising at 15% year over year. Intrusions, malware/botnets and malicious applications collectively comprise a massive risk to your enterprise network. These attack mechanisms can give attackers access to your most sensitive files and database information. FortiGuard Labs mitigates these risks by providing award-winning content security and is consistently rated among industry leaders by objective third parties such as NSS Labs, VB 100 and AV Comparatives.

User Productivity

User application usage and browsing habits can not only be indicative of inefficient use of corporate resources, but can also indicate a lack of proper enforcement of corporate usage policies. Most enterprises recognize that personal use of corporate resources is acceptable. But there are many grey areas that businesses must keep a close eye on including: use of proxy avoidance/peer to peer applications, inappropriate web browsing, phishing websites, and potentially illegal activity. All of which expose the company to undue liability and potential damages. With over 5,800 application control rules and 250 million categorized websites, FortiGuard Labs provides telemetry that FortiOS uses to keep your business running effectively.

Network Utilization

Performance effectiveness is an often undervalued aspect of security devices, but firewalls must keep up with the line speeds that today’s next generation switches operate at. A recent survey by Infonetics indicates that 77% of decision-makers at large organizations feel that they must upgrade their network security performance (100+ Gbps aggregate throughput) in the coming year. FortiGates leverage FortiASICs to accelerate CPU intensive functions such as packet forwarding and pattern matching. This offloading typically results in a 5-10X performance increase when measured against competitive solutions.

Request More Information  »

Security and Threat Prevention

High risk applications: The FortiGuard research team assigns a risk rating of 1 to 5 to an application based on the application behavioral characteristics. The risk rating can help administrators to identify the high risk applications quickly and make a better decision on the application control policy.

Application Vunlerability Exploits: An application vulnerability could be exploited to compromise the security of the network. The FortiGuard research team analyses application traffic patterns and application vulnerabilities and then develops signatures to prevent the vulnerability exploits. The FortiGuard Intrusion Prevention Service (IPS) provides Fortinet customers with the latest defenses against stealthy network-level threats. It uses a customizable database of more than 5,800 known threats to stop attacks that evade traditional firewall systems. For Application Vulnerability and IPS see: fortigard.com.

Malware and Bot Detection

At-Risk Devices and Hosts: Based on the types of activity exhibited by an individual host, we can approximate the trustworthiness of each individual client. This client reputation is based on key factors such as websites browsed, applications used and inbound/outbound destinations utilized. Ultimately, we can create an overall threat score by looking at the aggregated activity used by each individual host.

User Productivity

Application Usage: The FortiGuard research team categorizes applications into different categories based on the application behavioral characteristics, underlying technology, and the related traffic transaction characteristics. The categories allow for better application management. For application category details, see: fortigaurd.com

Web Usage: Web browsing habits can not only be indicative of inefficient use of corporate resources, but can also indicate an inefficient optimization of web filtering policies. It can also give some insight into the general web browsing habits of corporate users and assist in defining corporate compliance guidelines.

Network Utilization

Firewall Statistics: CPU usage of a FortiGate is often used to size a final solution properly. By looking at an hourly breakdown of CPU utlilization statistics, it's easy to get a good idea about how FortiGates will perform in the target network. Typically, with higher throughput, more logs are generated. If 90% or more utilization is sustained over a long period of time, either a new model or revised architecture may be required for final implementation.

Average CPU and Memory usage listed by hour.