Customer Stories

Multinational Bank Manages Threats and Prevents Ransomware with AI/ML Powered FortiGate IPS

By Renee Tarun and Muhammad Abid | November 11, 2021

Customer Perspectives

The financial sector is a key target for cyber criminals, who are becoming increasingly sophisticated in their attempts to encrypt data and demand ransomware or steal data and threaten to make it public, and if it happens, resulting in brand damage and regulatory penalties. For banks, an effective intrusion prevention system (IPS) is critical to combatting these threats. By scanning network traffic, IPS systems help enterprises identify and mitigate network vulnerabilities and spot potentially fraudulent activity.

In 2017, this leading multinational bank faced the daunting prospect of losing its IPS capability. The bank had until then relied on the IPS service of a major US technology vendor, which had decided to exit the market. With little advance notice, the bank needed to find an alternative system provider. The FortiGate NGFW consolidates IPS, delivers predictable TCO, and prevents ransomware with coordinated threat intelligence and AI/ML powered FortiGuard services.

Given the importance of securing its network, the replacement system needed to be of the highest possible standard providing most effective performance, cost, and security. Rather than source a like-for-like replacement with a traditional IPS solution, the team opted to review its overall next-generation firewall (NGFW) strategy comprising firewall, app control, and identity awareness features, in addition to the core IPS requirement - the security solution that can consolidate these functions without compromising performance.

The goal was to use the IPS migration as a springboard to enhance the bank’s overall security posture by protecting against threats and rising ransomware attacks. Importantly, this would need to happen without adversely affecting performance and security effectiveness. 

Protect Vulnerable Systems and Uncover Attacks with AI/ML-Powered FortiGuard IPS

Following a competitive selection process, the bank opted for the FortiGate IPS solution as the ideal fit for its needs and commissioned a yearlong proof-of-concept (PoC). The result was that the FortiGate NGFW running consolidated IPS security had the top-rated performance in their malware and threat prevention providing excellent coverage against the threat samples provided by the bank.

The FortiGate NGFW’s consolidated IPS solution uses machine learning derived artificial intelligence to provide near-real-time threat intelligence. With the IPS solution in place, the bank leverages thousands of intrusion prevention rules to detect and block known and zero-day threats, including malware and underlying vulnerabilities. 

The service is supported by Fortinet Security Processing Units (SPUs) for high-performing network throughput. The SPUs ensure that the security solution has no detrimental impact on the speed and performance of the bank’s network. Additionally, the FortiGate IPS solution offers full visibility with unmatched TLS inspection (Including TLS1.3) to detect malware that hides in encrypted flows - an ability that future-proofs the bank’s investment to satisfy any new requirements moving forward.

After a year, the PoC had exceeded the bank’s expectations, demonstrating that the FortiGate IPS delivers next-level visibility, performance, and protection from known and zero-days attacks with contextual and coordinated threat intelligence sharing leading to effective security. With a proven concept, Fortinet and the bank are embarking on a new and exciting partnership.

Industry Leading FortiGate NGFW Delivering AI/ML-Powered FortiGuard IPS Security and Hyperscale Performance

As the partnership gears up, the bank is set to realize a range of business benefits from the FortiGate IPS solution. Already, the firm has benefited from a seamless technology integration with its data lake and incident handling process. This process proved invaluable as the bank transitioned from its legacy solution to FortiGuard IPS. Fortinet made things even easier by providing a range of deployment options that leverage virtual domains, providing the bank with a level of flexibility it had not experienced before. 

Most importantly, the bank is meeting its core requirement: Intrusion Prevention that blocks the latest stealthy network-level threats and network intrusions by leveraging a comprehensive library with thousands of signatures.

In the malware and threat tests the client conducted during its decision phase, FortiGate IPS consistently came out on top, demonstrating excellent coverage across a large library of threat samples. FortiGate IPS delivers the industry’s highest performance end-to-end protection, and this claim was supported by the client’s testing.

In addition to raw detection power, the bank will also benefit from a greater contextual understanding of its threat landscape. Having integrated FortiGuard Application Control into its FortiGate NGFWs, the firm will have extended visibility of its threat surface, which will in time yield greater insights into the threats it faces. The ability to custom-fit the solution to the firm’s unique threat surface is a key benefit. With the ability to migrate open source “Snort” rules and deploy custom IPS signatures, the solution provides greater control for attacks that are specific to the client’s unique circumstances.

FortiGate IPS is a Partner for the Future

The FortiGate IPS solution has exceeded the bank’s current requirements. It wanted a solution with a good total cost of ownership that is easy to manage and use. This, it received. But with Fortinet, it also benefits from deep senior and technical relationships, a consultative approach, and measurable performance benefits. Moreover, with a security portfolio that maps well to its own product roadmap, this could prove to be a partnership that will go on delivering benefits long into the future.

Find out how Fortinet integrates AI and machine learning capabilities across our Security Fabric to detect, identify, and respond to threats at machine speed.

Find out how the Fortinet Security Fabric platform delivers broad, integrated, and automated protection across an organization’s entire digital attack surface to deliver consistent security across all networks, endpoints, and clouds.