Fortinet

FortiMail-100C-Auto

xmlrpc — Wed, 22 Feb 2012 02:47:00 +0000

( PDF )

FortiMail-2000B-Auto

xmlrpc — Wed, 22 Feb 2012 02:47:00 +0000

( PDF )

FortiMail-3000C-Auto

xmlrpc — Wed, 22 Feb 2012 02:47:00 +0000

( PDF )

FortiMail-5002B-Auto

xmlrpc — Wed, 22 Feb 2012 02:47:00 +0000

( PDF )

FortiMail-VM01-Auto

xmlrpc — Wed, 22 Feb 2012 02:47:00 +0000

( PDF )

FortiMail-VM02-Auto

xmlrpc — Wed, 22 Feb 2012 02:47:00 +0000

( PDF )

Strong Policies A Must For BYOD

Wed, 22 Feb 2012 01:23:34 +0000

More and more organizations are opening up their networks with invitations that say BYOD (bring your own device) and seeing everything from iPads to the latest Android gadget walk in their doors.

And no one can deny that this trend is accelerating rapidly without any clear sign of stopping. According to a December 2011 Forrester Report, half of all US information workers pay for their smartphones and monthly plans, while three-quarters pick the platform of their choice rather than accept an IT standard issue device.

For organizations, particularly larger enterprises with sufficient IT staff and security infrastructure—the dearth of personal devices in the work environment paves the way for untold efficiencies and increased productivity, not to mention lowered carrier costs. In short, workers can answer e-mail, upload information on file shares and update Websites from the commuter train, from the beach condo and at their kids’ soccer games—often on their dime.

Sounds like a win-win? Well, here’s the dilemma—while everyone wants to be more efficient, surprisingly few organizations have policies in place to adequately secure the influx of mobile devices being introduced into the workplace.

“These are the devices that people don’t let go of,” says Patrick Bedwell, Fortinet vice president of product marketing. “It’s a great way to make people more effective. But without a policy or controls in place, IT organizations are just saying ‘no.’”

And with good reason. Generally, users’ mobile devices are devoid of the most basic security features—such as antivirus and password protection—incorporated in pretty much all workplace PCs. Meanwhile, the agility enabled by personal devices means that business critical apps can, and will, be accessed from any network in any location.

“You’d be shocked at the amount of sensitive data on their mobile devices,” says Bedwell. “And they’re accessing the corporate network from outside the perimeter. They’re exposing the device to a lot more risk in terms of the Internet. These devices don’t have much protection, but they’re storing very valuable data online.”

So what’s the answer? Here are a few suggestions that will provide some peace of mind for organizations:

Implement A Relevant Mobile Policy: It’s simple Policy 101. Most organizations should take the time to really assess their goals and determine relevant threats to the network. (e.g. malicious Websites? Data loss? Productivity loss? Excessive bandwidth usage?) And more importantly, how should policies be enforced?

“It’s silly to pass a policy and realize that they haven’t done their due diligence,” Bedwell says.

Remote Management Software: It seems like a no-brainer–being able to apply a slew of basic security functions, such as antivirus or remote data wiping software, to any device housing corporate data. Likewise, remote management software gives IT the ability to automatically update users’ devices with the latest patches to prevent any existing vulnerabilities from being exploited in mobile attacks.

Blocking Non-Compliant Devices: This is where organizations can practice the art of compromise. Often workers are eager to use their personal devices for work but reluctant to install additional software—some of which might have the potential to wipe their valuable contacts and photos from their phone. As a compromise, organizations could allow their workers to use their own devices IF they agree to install certain apps in accordance with the organization’s security policy. If not, then the workers can stick with an IT-issued device.

“The problems with BYOD is that devices aren’t issued by the company. It may be difficult for employees to agree to put on remote management software or antivirus software. But there has to be some kind of tradeoff,” Bedwell says. “Organizations really have to get ahead of the curve. BYOD is here to stay.”

ITDC Awarded at Fortinet Annual Partner Thank You Party

Holly — Mon, 20 Feb 2012 08:00:00 +0000

Bangkok, Thailand, 20 February 2012 − Fortinet® (NASDAQ: FTNT) − a world leader in high-performance network security − today announced that it has handed out the 2011 Thailand Top Distributor Award to leading IT distributor ITDC at its annual partner thank you party. The Top Run Rate Award went to CS LoxInfo while the Top Project Base Award was picked up by Comnet Co., Ltd.

Adisorn Singluedej, vice president of ITDC, commented: "We are delighted to receive this award, which recognises the impact we have made on customers' operations as a result of our years of investment in the Fortinet business. We will continue to work closely with our channel to further improve responsiveness and bring customers' security to the next level."

Held at the Nokia Ultra Screen Exclusive Lounge, Siam Paragon Mall, the event was attended by around 80 guests from the distributor and reseller community, including ITDC, ccn-tech and The Value System. At the party, Fortinet also presented tokens of appreciation to all attending partners.
In his opening speech, Peerapong Jongvibool, Country Manager of Fortinet Thailand, paid tribute to the partners' hard work in 2011, which helped Fortinet Thailand's business achieve exceptional growth – Fortinet’s highest across Asia Pacific.

Last year, Fortinet Thailand took steps to strengthen its channel ecosystem, improving incentive programs and technical training for partners, and upgrading repair and maintenance centres across the country. In 2012, the vendor will focus on bolstering education and support for partners and customers in the provinces.

"With security being a vital part of the network infrastructure, IT professionals could benefit from a better understanding of corporate security planning, solution selection and technology maximization. We aim at sharing with them experience in managing new and sophisticated threats without pushing up cost and complexity," said Jongvibool.

About Fortinet (www.fortinet.com)

Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2009 Fortune Global 100. Fortinet's flagship FortiGate product delivers ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet's broad product line goes beyond UTM to help secure the extended enterprise - from endpoints, to the perimeter and the core, including databases and applications. Fortinet is headquartered in Sunnyvale, Calif., with offices around the world.

Copyright © 2012 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and unregistered trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiManager, FortiMail, FortiClient, FortiCare, FortiAnalyzer, FortiReporter, FortiOS, FortiASIC, FortiWiFi, FortiSwitch, FortiVoIP, FortiBIOS, FortiLog, FortiResponse, FortiCarrier, FortiScan, FortiAP, FortiDB and FortiWeb. Other trademarks belong to their respective owners.

Fortinet Researchers Detect Eight Critical Adobe Flaws

Sat, 18 Feb 2012 01:11:12 +0000

This week it’s no secret that the Fortinet team that has been hitting it pretty hard on the Adobe front.

For San Jose, Calif.-based Adobe, Valentine’s Day came with a bang when researcher Honggang Ren of Fortinet’s FortiGuard Labs detected a total of seven out of nine critical vulnerabilities in Adobe’s Shockwave Player 11.6.3.633 (CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, CVE-2012-0766) and earlier versions for both Windows and Mac OS X. According to Ren, the memory corruption vulnerabilities were due to access violation caused by an invalid pointer.

All of the vulnerabilities were given the highest severity rating of “critical,” indicating that the Shockwave Player flaws could enable a hacker to run malicious code remotely on an affected user’s system in an attack designed to steal data, log keystrokes or potentially crash Microsoft’s Internet Explorer browser.

Adobe already has a fix in place, and recommends that users upgrade Shockwave Player to the newest version 11.6.4.634, available on the Adobe website.

Meanwhile, FortiGuard researcher Xu Liu, of FortiGuard Labs, bolstered the Fortinet team effort when he detected a critical memory corruption vulnerability (CVE-2012-0751) in Adobe’s Flash Player 11.1.102.55 and earlier versions affecting a Windows ActiveX control. The flaw was one of seven critical vulnerabilities addressed in the Flash Player update, which affected all platforms, as well as Adobe Flash Player 11.1.112.61 and earlier versions for Android 4.x and Flash Player 11.1.111.5 and earlier versions for Android 3.x and 2.x.

As with many critical vulnerabilities, a successful exploit could open the door for a remote attacker to run arbitrary code that could compromise the victim’s computer or crash the system.

In addition, the Flash Player update, released Wednesday, also resolved a universal cross-site scripting error (CVE-2012 0767) that could be exploited by hackers to “take actions on a user’s behalf” on any website or webmail service if they were to visit a malicious site. Reports are circulating that the cross-site scripting flaw is being exploited in active in-the-wild attacks that trick users into clicking on a malicious link delivered over e-mail running on IE or Windows OS.

Because these flaws are designated with the highest severity rating of “critical,” it’s best that users update as soon as possible to Adobe Flash Player 11.1.102.62, acquired from the Adobe Flash Player Download Center, or to Flash Player 11.1.115.6. for Android 4x, and Flash Player 11.1.111.6 for Android 3x from the Android Marketplace.

Fortinet’s collective one-two punch is hardly an anomaly, given that since 2008, FortiGuard Labs researchers have reported 131 vulnerabilities, 99 of which have been disclosed and fixed by the appropriate vendors.

For more information on unpatched vulnerabilities detected by the FortiGuard research team, you can view the FortiGuard site here.

RSA 2012

Gleb — Sat, 18 Feb 2012 00:35:29 +0000

Image:

link:

http://www.worldsfastestfirewall.com

order:

Thumbnail: