With more threats than ever bombarding IT organizations, next-generation firewalls (NGFs) need to have speed. At the RSA 2014 Conference this week, Fortinet announced an upgrade to the operating system that drives its next-generation firewall platform along with an implementation of its firewall software that adds support for a dual-level sandbox to better deal with increasing virtual machine evasion techniques.
While sandboxes have emerged as effective tools for isolating and inspecting threats, several classes of advanced persistent threats (APTs) can now detect when they are in a virtual sandbox environment. Once they detect the presence of that environment, they don’t execute their payloads, making it harder to detect their presence. The new offering from Fortinet also includes an updated assessment engine to increase detection rates and new call-back detection to identify outbound communications both in the sandbox and on the wire.
The latest update of the Fortinet operating system makes use of proactive, pre-filtering, dynamic threat intelligence and rich reporting to detect highly targeted attacks. Because Fortinet firewalls make use of proprietary ASICs, Fortinet claims that its firewalls are on average five times faster than its rivals, which Dave Finger, product marketing director for Fortinet, says is key in terms of eliminating the firewall as a bottleneck when inspecting network traffic at the application layer.
In addition to enhancing its sandbox capability, the latest version of the Fortinet operating system provides faster SSL encryption processing that is now being more commonly used inside enterprise IT environments, along with enhanced authentication capabilities and more robust reporting tools. Collectively, Finger says the company’s goal is to significantly raise the IT security bar.
Fortinet says that in 2013 alone, it detected 1,800 new families of viruses being used to attack enterprise IT organizations. While the vast majority of those are APTs, it does show that the volume and types of attacks that IT organizations need to fend off continues to increase unabated. So, it’s only a matter of time before most existing firewalls won’t be able to keep pace with such frequent, sophisticated attacks.