Skip to content Skip to navigation Skip to footer

Network Detection and Response

Fortinet NDR identifies cybersecurity incidents in progress based on anomalous network activity to reduce the risk and impact of cyber threats

Watch the Overview Video
Network Detection and Response banner background banner dots


Network Detection and Response (NDR) uses artificial intelligence and other analytics to identify suspicious network activity outside of the norm, which may be an indicator of a cyber attack in progress.  FortiNDR enables full-lifecycle network protection, detection, and response. It covers both network traffic and file-based analysis, along with root-cause identification. New threats can be identified by FortiNDR so you can instantly adapt threat containment and protection to new attacks.  

Artificial intelligence in action
In addition to dynamically profiling an organization’s network activity, FortiNDR also conducts file-based analysis. It comes pre-trained with more than 6+ million malicious and safe features that can identify IT- and OT-based malware and classify it into threat categories. These features can also accurately pinpoint patient zero and lateral spread of multi-variant malware by analyzing the entire malware movement.

Virtual security analyst
FortiNDR includes a virtual security analyst capability (formerly known as FortiAI) that can operate in unsupervised mode, helping lean SecOps teams fully analyze and investigate new threats within the shortest period of time. Because of our deep neural network’s innate ability to self-learn, it continuously adapts to the evolving cyber-threat landscape including AI-powered cyberattacks.


Machine Learning Across the Digital Attack Surface

A visual exploration of the digital attack surface, and how AI-SecOps within the Fortinet Security Fabric protects the entire network through an integrated set of security products, many of which include machine learning inspection points

지금 보기

FortiNDR is offered as an on-premises hardware appliance designed for deployment at data centers and campuses.

View by:

Form Factor
2 RU
2 x 10GE (RJ45), 1 xGE (RJ45)
NDR Throughput
Malware Analysis Throughput
100,000 files/hour with sub-second verdict

The virtual appliance of FortiNDR can be deployed on VMware and KVM platforms.

16 cores
NDR Throughput
Hypervisor hardware dependent
Malware Analysis Throughput
14,000 files/hr
Memory (Minimum/Recommended)
32 cores
NDR Throughput
Hypervisor hardware dependent
Malware Analysis Throughput
22,000 files/hr
Memory (Minimum/Recommended)

View by:

FortiNDR utilizes both local and cloud network intelligence for updates to threat detection. NDR updates such as encrypted hashes, outbreak intelligence, IP reputations, are coupled with local and cloud ML to assist with detection.


FortiGuard Security Services

FortiGuard Labs delivers timely, global intelligence combined with fast decision-making and response across all critical vectors. This enables near-real time, AI-driven protection across the Fortinet Security Fabric.

FortiNDR Service


FortiCare Technical Support and Services

FortiCare provides 24x7 support options to help keep your Fortinet deployment up and running smoothly. We also have services such as our Premium RMA options with 4-hour replacements, to make sure you’re covered in case of an extreme event.

24x7 Support

FortiNDR Use Cases

FortiNDR detects threats where traditional security solutions fail, by using ML and AI, combined with FortiGuard updates.

Features and Benefits

checkmark icon


Baselines network behavior, detects anomalous activity, validates incidents, and contains cyber actors
high performance icon


Sub-second malware classification and inline blocking of zero-day malware with MITRE ATT&CK investigation results
top rate icon


ML-based traffic profiling with mature deep learning model leveraged since 2012 comes pre-trained with 6+ million malware detection features for file based analysis
Automation Driven Network


Integrates with third party via API or Fortinet security products upon detection to contain threats
Icon security fabric


Security Fabric integration across the Fortinet portfolio, and third-party solutions via robust API
Malware Protection


Protects both IT and OT environments from threats
security operations | security fabric

보안 운영

오늘날의 사이버 위협의 양, 정교함, 속도를 따라잡기 위해서는 기계 속도로 작동 가능한 AI 기반 보안 운영 기능이 필요합니다. Fortinet 보안 운영 기능은 Fortinet 보안 패브릭 전체에 걸쳐 지능형 위협 탐지, 대응 기능, 중앙 보안 모니터링 및 최적화를 제공합니다.

Network Detection and Response

솔루션 가이드, eBook, 데이터 시트, 분석 보고서 등을 확인하세요. Go to Resource Center >

Learn more about Fortinet Network Detection and Response 연락처 >