Malicious Intrusions Remain a Problem—and One That is Growing
Malicious intrusions are a big problem. 42% of security leaders in a recent Forrester Consulting study said they have experienced a security breach during the past two years. Another study by ISACA found that 80% of security leaders believe their organization will experience a security attack this year. This projection makes sense, considering that over half of those same security leaders believe the number of attacks is going to increase.
While defense and protection most certainly need to be tied to advanced threat detection and mitigation capabilities, intrusion prevention systems (IPS) still remain a critical detection linchpin in an enterprise’s security strategy. But to be effective, IPS should be integrated into the broader security fabric, giving organizations visibility into users, devices, endpoints, and applications across the distributed and elastic network of physical and virtual ecosystems. This is exactly our approach with the FortiGate IPS, which serves as a critical component of the Fortinet Security Fabric.
NSS Labs “Recommended” Rating for FortiGate IPS
Fortinet takes industry recognition and evaluations seriously, and we were very pleased when in their 4th Next Generation Intrusion Prevention System (NGIPS) Test report and Security Value Map, NSS Labs rated Fortinet FortiGate IPS as “Recommended,” their somewhat understated way of according a product their highest rating. For organizations concerned about intrusion prevention, the FortiGate IPS is a solution you should seriously consider. Let’s take a look at some of the findings from NSS Labs.
To begin, the NSS Labs NGIPS test is tough, encompassing more types and methods of attack and evasion than any other IPS test we’ve seen. Compared to other IPS solutions that were tested, the FortiGate IPS surpassed most other vendors, blocking 100% of all evasions thrown at it. In addition to being one of the most effective IPS solutions, FortiGate was also rated as the most cost-effective IPS solution NSS Labs tested, with a total cost of ownership of approximately $4 per Megabits/Second (Mbps) of throughput.
FortiGate IPS: Engineered to Be the Best
If this sounds a little too good to be true, there are solid reasons behind the FortiGate IPS solution’s outstanding performance. For example, Fortinet has engineered custom silicon-based security processors for the FortiGate line of security appliances and integrated them in a unique parallel processing architecture to speed deep and thorough traffic inspection and intrusion detection functionality. Specifically, Fortinet’s network processors accelerate assembly and normalization, while our content processors speed content inspection and decryption. Architecting these elements to perform packet processing, policy management, and content inspection in parallel not only results in unmatched raw performance, but it gives our designers plenty of headroom to keep the FortiGate IPS line at the forefront of the industry in the years ahead.
Unknown Becomes Known in the IPS Space
While we are (as yet) not the most well-known vendor in the IPS space, we are gaining good customer traction for our FortiGate IPS systems. For example, a global automobile manufacturer recently replaced an incumbent standalone IPS vendor’s solution with FortiGate IPS. A large aerospace manufacturer in Europe seeking greater flexibility and performance also recently elected to use FortiGate IPS to replace its longstanding traditional IPS products. Stories like this are becoming more and more common as organizations see the advantages that Fortinet’s IPS brings to them in terms of power, performance, and efficiency.
We’re clearly gaining ground in the IPS marketplace, but it’s been a quiet, steady rise. While I couldn’t say we’re taking the world by storm, we have been stealthily delighting customers with outstanding performance combined with a compelling total cost of ownership, which are clearly making a name for Fortinet in the IPS arena—not to mention helping organizations protect their systems and information from bad actors around the globe.
Article written by Nat Smith of Fortinet, a Dewpoint partner for Firewall Protection