US Federal government networks have experienced dramatic increases in "content-based" network security attacks including viruses, worms, spy-ware and Trojans as the need for multi-agency communication has increased under the Network Centric model.
Fortinet's FortiGate appliances correlate all attack instances through layer-7 of the OSI model to prevent blended, Zero-Day, application level and insider-attacks that legacy layer 3 security products cannot defend you against. Enterprise-wide, centralized and distributed policy enforcement with Fortinet's FortiManager platform and detailed logging, reporting and statistical analysis with FortiAnalyzer appliances, across single enclaves, or for multiple communities of interest, allow for intuitive security theater management.
- Most agencies have identified that these new application-layer attacks are introduced into their organizations via seemingly innocuous activities such as Web browsing, email correspondence and file exchanges not caught by their legacy layer 3 firewalls and VPNs.
- This trend is expected to continue as organizations turn increasingly to real-time communications including Web applications and instant messaging as the means to remain responsive and productive in the Network Centric Warfare environment supported in today's US Federal mainstream.
- Unfortunately, conventional network protection systems such as firewalls and host-based antivirus software lack the dedicated hardware processing required to perform the content reassembly and application-level screening necessary to detect these threats without imposing unacceptable delays on real-time network applications.
- As a result, most organizations are dangerously exposed to content based attacks from real-time web, email and peer to peer traffic. Their layer 3 or deep-packet-inspection firewalls cannot effectively protect them from layer 7 attacks and have been reduced to an incomplete component of a defense in depth architecture. Adding layered devices has increased network security complexity while sending the management cost and latency to all time high levels.
- To defend US Federal networks, Fortinet performs Complete Content Inspection - (CCI) at layers 1-7 of the OSI stack protecting vital voice, video & data network communications using Forti-ASIC acceleration to deliver secure multi-gigabit performance.
- Traffic is cleaned of any malicious content effectively eliminating application level attacks. Fortigate appliances and systems correlate attack instances using signatures, heuristics, anomaly and activity detection mechanisms to stop blended, Zero-Day, and insider attacks while blocking and logging dangerous P2P and IM traffic if desired. FortiGuard subscriptions services provide real-time updates for all signatures and attack defenses.
- The Fortinet FortiGate appliance series integrate a powerful application-proxy firewall, a dynamic intrusion prevention system (IPS) and an industry leading content filtering system with the World's fastest antivirus protection in support of U.S. US Federal Government network and host security requirements.
- By combining true "Best-of-Breed" network security technology in an award winning series of ASIC-accelerated appliances, Fortinet exacts the ultimate security posture and delivers cost effective security-policy-management and control of critical U.S. US Federal Government network and host assets across any size theater of operation.
- From the smallest enclave or "community-of-interest" protection application to large-scale, geographically-dispersed multi-agency implementations, Fortinet's products deliver scalable high-speed protection from today's more sophisticated attacks.
- Fortinet's Fortigate products have proven themselves in high-performance tactical and traditional performance applications for U.S. Department of Defense, civilian and intelligence community customers.
Fortinet Government Feature Hotlist
|Community of Interest Protection (COIP)||Provides distinct manageable physical and virtual separation of various trusted and untrusted enclaves or communities of interest, whether network or host based across broad multi-agency network architectures.|
|Insider Threat Prevention Systems -- (ITPS)||Applies layered defense-in-depth security policy to all data - simultaneously protecting both "trusted from untrusted" and "trusted from trusted" enclaves from each other with Fortinet's multi-threat defense architecture. Supports Network and Host deployments.|
|Theater Operational Management||Deploys enterprise wide security policy, providing automated personnel security privilege - moves, adds & changes. Dynamically mapped security associations, content security logging, reporting and management with change analysis for the Network Centric Warfare models.|
|FortiGuard Subscription Service||Real Time FortiGuard IDP, IPS, Content Filtering, Antivirus and Anti-SPAM updates direct from Fortinet without the multi-vendor lag-time associated with piecemeal offerings|
|Dual Stack IPv4 & IPv6 Support||Meets and exceeds U.S. US Federal Government Policy|
|US Federal NIAP Certification Support||Common Criteria EAL4 Plus Certified|
|US Federal NIST Certification Support||FIPS 140-2, Level 2 Certified|
|NIST SCAP Validation||Validated for Microsoft XP and VISTA, FDCC Scanner, Authenticated Configuration Scanner, Mis-configuration Database, Vulnerability Database, Authenticated Vulnerability and Patch Scanner|
|Industry Certification||ICSA Labs Certified for IPSec, Antispam, AV, IPS and Firewall ensuring compatibility and integration with legacy network products|