Independently-Assured Security Certification Further Strengthens Fortinet’s Commitment to Government and Enterprise Customers
SUNNYVALE, Calif., February 13, 2012 ― Fortinet® (NASDAQ: FTNT) - a world leader in high-performance network security – today announced the company’s FortiOS 4.3 operating system has received certification for Common Criteria Evaluation Assurance Level 4 (EAL) 4. The certification process provides a third-party evaluation service for determining the trustworthiness of information technology security products, which is fundamentally important to the company’s enterprise and government customers.
Common Criteria evaluations involve formal rigorous analysis and testing to examine security aspects of a product or system. Extensive testing activities involve a broad and formally repeatable process, confirming that the security product functions as claimed by the manufacturer. Security weaknesses and potential vulnerabilities are specifically examined during an evaluation.
FortiOS 4.3 introduced many advancements, including wireless controller extensions that support automatic provisioning of wireless access points, detection and suppression of rogue access points, multiple authentication methods and unified “single pane of glass” management of both wired and wireless networks from a single FortiGate™ platform. These capabilities improve security by enabling role-based access control to limit access to regulated, proprietary, or confidential data based upon a user's role, as well as allowing customers to meet wireless PCI DSS compliance with improved rogue AP on-wire detection and suppression and integrated management and reporting for both wireless connectivity and security.
“Common Criteria EAL 4+ for FortiOS 4.3 is a critical certification as Fortinet continues a focus to grow sales in large enterprise and government markets,” said Steve Kirk, vice president of Fortinet Federal. “Attaining the EAL 4+ certification for our FortiGate operating system demonstrates our commitment to providing highly-secure, high- performance solutions for our customers.”
The Common Criteria for IT Security Evaluations, also known as ISO standard 15408, was developed by the national security organizations of the United States, Canada, the United Kingdom, France, Germany and The Netherlands. It provides a broad range of evaluation criteria for many types of commercial and nationally-sensitive government-use IT security products.
“With this latest EAL 4+ certification of their FortiGate product line Fortinet has again demonstrated their commitment dating back to 2005 to testing their products against demanding international security standards,” said Erin Connor, Director of the EWA-Canada Common Criteria Test Lab in which the evaluation was carried out. “Customers who install FortiGate systems can rely on the products as trusted security solutions that are straightforward to configure and operate. They can also be assured that the company will be there to provide full support over the long term.”
Additional certifications that Fortinet products have recently received include: ISO 9001:2008, NSS, ICSA Labs, Virus Bulletin, FIPS, Dod UC APL, U.S. Army IAAPL and Common Criteria Evaluation Assurance Level 2 (EAL 2+).
FortiGate consolidated security platforms deliver unmatched performance and protection while simplifying the network. The platforms integrate the FortiOS operating system with FortiASIC™ processors and the latest-generation CPUs to provide broad, high-performance security. FortiGate appliances provide enterprise-class protection against network, content and application-level threats. Dynamic updates from the FortiGuard Labs global threat research team ensure FortiGate appliances are protected against the latest threats. In addition, FortiGate platforms incorporate sophisticated networking features, such as high availability (active/active, active/passive) for maximum network uptime, and support for virtual appliances and virtual domains (VDOMs) for virtualized environments. For more about the FortiGate family of products, please visit the product site: http://www.fortinet.com/products/fortigate/.
EWA-Canada (www.ewa-canada.com) is Canada’s premier Information Assurance consulting firm specializing in IT Security Engineering, Managed Security Services and independent third-party evaluation and testing of products in its Common Criteria, FIPS 140 2 Cryptographic Module and Security Content Automation Protocol test labs. EWA-Canada is recognized for its comprehensive experience with Common Criteria evaluations, enabling companies to efficiently and cost-effectively manage the evaluation process thereby ensuring their products meet important certification requirements. For further information please visit us at www.ewa-canada.com/studies/it_security.php.
About Fortinet (www.fortinet.com)
Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2011 Fortune Global 100. Fortinet's flagship FortiGate product delivers ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet's broad product line goes beyond UTM to help secure the extended enterprise - from endpoints, to the perimeter and the core, including databases and applications. Fortinet is headquartered in Sunnyvale, Calif., with offices around the world.
More information can be found at www.worldsfastestfirewall.com
Copyright © 2012 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and unregistered trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiManager, FortiMail, FortiClient, FortiCare, FortiAnalyzer, FortiReporter, FortiOS, FortiASIC, FortiWiFi, FortiSwitch, FortiVoIP, FortiBIOS, FortiLog, FortiResponse, FortiCarrier, FortiScan, FortiDB and FortiWeb. Other trademarks belong to their respective owners. Fortinet has not independently verified statements, certification, or tests herein attributed to third parties and Fortinet does not independently endorse such statements. Nothing in the news release constitutes a warranty, guaranty, or contractually binding commitment and, in addition, any product specifications or product performance discussed herein may be based on the products in a particular environment under particular circumstances. This news release may contain forward-looking statements that involve uncertainties and assumptions. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including but not limited to, any statements related to expected benefits from a certification. These trends are difficult to predict and any stated expectations regarding these trends may not ultimately be correct. Demand for our products from government entities is unpredictable and may be negatively impacted by numerous factors unique to selling to government agencies. For example, to-date Fortinet has had limited traction in sales to U.S. Federal government agencies and any increase in sales to government agencies is uncertain. Fortinet assumes no obligation to update any forward-looking statements, and does not intend to update these forward-looking statements.
FortiGate appliances allowed us to have our security grow with the needs of our network infrastructure, evolving from 200 Mbps to 1 Gbps performance over time. With Fortinet's firewall solution, we control what comes in and out of our data centers, and we have been able to include new applications in our service catalogue without jeopardizing the availability and security of our core systems.