On September 26th, Fortinet announced our new Fortinet Fabric Ready Program, which delivers on the “Open” attribute of the Fortinet Security Fabric by providing threat intelligence visibility across multi-vendor cybersecurity solutions.
Cross-product coordination (regardless of vendor) is a critical capability for today’s enterprises, as it is rare for an organization to completely source all IT security components from a single vendor across the entirety of their network and covering all attack vectors. Leaving just one gap in security – an unprotected mobile worker, a poorly secured remote location, a cloud-based system without visibility or control, and so forth can serve as an entry point for determined cybercriminals.
While there are many potential points of integration for Fabric-ready partners, I wanted to highlight two that have been enhanced or added to our FortiSandbox advanced threat detection component (the primary component for identification of attacks that may have slipped in and need to be contained/remediated).
JSON API: FortiSandbox has a defined interface to accept objects for advanced inspection with sandboxing, return ratings back, and dynamically distribute intelligence to block newly identified attacks. This integration point is particularly useful in extending the Fortinet Security Fabric to the diverse set of endpoints of an enterprise. This API now delivers its intelligence in industry-standard STIX format for easy consumption and use by other vendors.
ICAP API: FortiSandbox also has a new interface to also accept objects, return ratings, and distribute new threat intelligence in an automated fashion. This integration point is especially useful for organizations that have network security components that act as “ICAP clients” deployed both at the edge and internally, allowing them to be woven into the Fortinet Security Fabric.
These new capabilities are available in FortiSandbox v2.3, and ship standard on the new high-end FortiSandbox 3000E appliances. The FortiSandbox 3000E offers 60 virtual sandbox environments in a single appliance, which can also be easily clustered for even greater capacity. For customers with existing FortiSandbox physical or virtual appliances, a simple upgrade makes these new features available.
To learn more about advanced threat protection and the Fortinet Security Fabric, please visit our solution page where you will find additional learning resources, including a product video demonstrating key solution components in action.
Finally, if you have questions about whether a certain security component is “Fabric Ready,” please contact us. We are always looking for new partners.