Skip to content Skip to navigation Skip to footer

Network Detection and Response

Fortinet NDR identifies cybersecurity incidents in progress based on anomalous network activity to reduce the risk and impact of cyber threats

Watch the Overview Video
Network Detection and Response banner background banner dots

Overview

Network Detection and Response (NDR) uses artificial intelligence and other analytics to identify suspicious network activity outside of the norm, which may be an indicator of a cyber attack in progress.  FortiNDR enables full-lifecycle network protection, detection, and response. It covers both network traffic and file-based analysis, along with root-cause identification. New threats can be identified by FortiNDR so you can instantly adapt threat containment and protection to new attacks.  

Artificial intelligence in action
In addition to dynamically profiling an organization’s network activity, FortiNDR also conducts file-based analysis. It comes pre-trained with more than 6+ million malicious and safe features that can identify IT- and OT-based malware and classify it into threat categories. These features can also accurately pinpoint patient zero and lateral spread of multi-variant malware by analyzing the entire malware movement.

Virtual security analyst
FortiNDR includes a virtual security analyst capability (formerly known as FortiAI) that can operate in unsupervised mode, helping lean SecOps teams fully analyze and investigate new threats within the shortest period of time. Because of our deep neural network’s innate ability to self-learn, it continuously adapts to the evolving cyber-threat landscape including AI-powered cyberattacks.

 

Machine Learning Across the Digital Attack Surface

A visual exploration of the digital attack surface, and how AI-SecOps within the Fortinet Security Fabric protects the entire network through an integrated set of security products, many of which include machine learning inspection points

Watch Now

FortiNDR is offered as an on-premises hardware appliance designed for deployment at data centers and campuses.

View by:

Form Factor
2 RU
Ports
2 x 10GE (RJ45), 1 xGE (RJ45)
NDR Throughput
5Gbps
Malware Analysis Throughput
100,000 files/hour with sub-second verdict

The virtual appliance of FortiNDR can be deployed on VMware and KVM platforms.

FortiNDR-VM16
vCPU
16 cores
NDR Throughput
Hypervisor hardware dependent
Malware Analysis Throughput
14,000 files/hr
Memory (Minimum/Recommended)
128GB/256GB
FortiNDR-VM32
vCPU
32 cores
NDR Throughput
Hypervisor hardware dependent
Malware Analysis Throughput
22,000 files/hr
Memory (Minimum/Recommended)
128GB/256GB

View by:

FortiNDR utilizes both local and cloud network intelligence for updates to threat detection. NDR updates such as encrypted hashes, outbreak intelligence, IP reputations, are coupled with local and cloud ML to assist with detection.

 

FortiGuard Security Services

FortiGuard Labs delivers timely, global intelligence combined with fast decision-making and response across all critical vectors. This enables near-real time, AI-driven protection across the Fortinet Security Fabric.

FortiNDR Service

 

FortiCare Technical Support and Services

FortiCare provides 24x7 support options to help keep your Fortinet deployment up and running smoothly. We also have services such as our Premium RMA options with 4-hour replacements, to make sure you’re covered in case of an extreme event.

24x7 Support

FortiNDR Use Cases

FortiNDR detects threats where traditional security solutions fail, by using ML and AI, combined with FortiGuard updates.

Features and Benefits

checkmark icon

FASTER INCIDENT DETECTION

Baselines network behavior, detects anomalous activity, validates incidents, and contains cyber actors
high performance icon

ACCELERATED THREAT RESPONSE

Sub-second malware classification and inline blocking of zero-day malware with MITRE ATT&CK investigation results
top rate icon

PROVEN AI

ML-based traffic profiling with mature deep learning model leveraged since 2012 comes pre-trained with 6+ million malware detection features for file based analysis
Automation Driven Network

THREAT MITIGATION

Integrates with third party via API or Fortinet security products upon detection to contain threats
Icon security fabric

OPEN PLATFORM APPROACH

Security Fabric integration across the Fortinet portfolio, and third-party solutions via robust API
Malware Protection

UNIFIED IT/OT ZERO-DAY THREAT PROTECTION

Protects both IT and OT environments from threats
security operations | security fabric

Security Operations

To keep up with the volume, sophistication, and speed of today’s cyber threats, you need AI-driven security operations that can function at machine speed. Fortinet Security Operations provides advanced threat detection, response capabilities, centralized security monitoring, and optimization across the entire Fortinet Security Fabric.

Network Detection and Response

Find solution guides, eBooks, data sheets, analyst reports, and more. Go to Resource Center >

Learn more about Fortinet Network Detection and Response Contact Us >