Overlay | VanRoey.be

Why you need more protection than just a firewall

Share on whatsapp
Share on facebook
Share on twitter
Share on linkedin
Share on email

The day you're hit by ransomwarewill feel like a nuclear bomb exploded in the heart of your company.

The trafficking that's been going on about you corporate network includes a quantity of code: from known good code on the one hand, to known harmful code on the other hand. However, part of your network traffic is completely unknown.

You may already have a number of security technologies installed to protect your company from malicious code. But - like most organisations - your company is still at risk of the unknown. That unknown part of the encryption continuum is not sufficiently covered by your firewall.
Sandboxing offers you a method to identify attacks that were previously unknown.

An extra layer of protection

Traditional security technologies, such as antispam, web filtering, IPS, antivirus, app control and IP reputation techniques, are necessary protections. But they will not stop today's most advanced attacks. This is because their operation is based on identifying known attack indicators.

More in-depth info?
Cybercriminals target homeworkers. Without training or the right layers of security, they are an easy target. How can you best protect your colleagues?

So the danger arises when an attack is brand new or can mask itself through tunneling, encryption or other avoidance methods. If you add sandboxing to your security strategy, then you add an extra protection layer please. And one that can detect malicious code, even if it was previously unknown.

Simulate control systems

When there is a suspicious bag in the airport, the first thing to do is to cordon off the surrounding area and send a de-mining robot to open the bag so that - regardless of what happens - no victims can fall.

A sandbox works in a similar way. It simulates the environment and behaviour of real end-user systems. A new, 100% shielded environment is set up and the - potentially malicious - code is extensively executed and tested. Even before the suspicious file appears in your mailbox, the system will first open that file in a protected environment and extensively analyze what it does exactly. 

To assess malware, sandboxes will have multiple code evaluation processes with different operating systems and technologies. The unknown code is, as it were, being played with in the sandbox. FortiSandbox gives priority to different code evaluation processes depending on the extent to which malware occurs in different configurations. In this way, the process is considerably accelerated.

FortiSandbox offers optimal security in combination with the established Fortinet security toolssuch as a FortiGate Next Generation Firewall (NGFW), FortiEDR and FortiMail.

FortiSandbox performs better thanks to CPRL

Fortinet uses Compact Pattern Recognition Language (CPRL). This is a patented technology, developed by FortiGuard Labs, for performing a very deep code inspection. CPRL can Identify 50,000 disguisesused by known malware.

If CPRL detects a known avoidance technique, FortiGate can block the code immediately, without sending it to the sandbox. In this way, the sandbox is less burdened and can reserve all its resources to work on code that is still unknown.

Sandboxing works with your existing security tools

Antispam, IPS, antivirus, web filteringIP reputation, firewalls, secure e-mail gateways and EDR... Sandboxing does not replace these security tools. Your sandbox must work with them to provide an additional layer of protection that can be managed as part of a comprehensive defense.

Fortinet Expert Partner | VanRoey.beAdvantages of FortiSandbox

  • Prevents breaches by advanced, as yet unknown attacks
  • Identifies unknown malware
  • Blocks more spearphishing attacks
  • Increase the effectiveness of your NGFW, UTM or Secure Email Gateway solution
"Even before the suspicious file appears in your mailbox, the system will first open that file in a protected environment and extensively analyze what it does exactly".
This (12p) brochure summarizes a few things: the evolution of Fortinet and network security, the Fortinet Security Fabric, FortiOS, the SPU, FortiGuard Threat Intelligence and much more...

Written by:

Hans Versmissen
Copywriter

An experienced creative jack-of-all-trades, that's Hans. His background as an engineer and business consultant, his strong assets in his role as Freelance Copywriter at VanRoey.be.

Share on whatsapp
Share on facebook
Share on twitter
Share on linkedin
Share on email

Related info

Let's catch up on cyber security. Especially now that homeworkers are being targeted more and more often. After watching this event, you will be up to date with the latest technologies.