Fortinet Earns AV-Comparatives ADVANCED+ Rating for Superior Malware Protection
Jan 3, 2014 (Fri): Fortinet – a world leader in high-performance network security – today announced the company has been awarded an ADVANCED+ rating in AV-Comparative’s August-November 2013 “Whole Product Dynamic ‘Real-World’ Protection Test,” earning an impressive 98% score out of 100%. Fortinet’s FortiClient 5 endpoint security suite was tested against 21 other antivirus clients from multiple countries for their ability to block malicious software and not block legitimate content. Download the full report with results and testing methodology from: http://www.av-comparatives.org/dynamic-tests/. Today’s award announcement follows recent Virus Bulletin VB100 awards Fortinet won in April, August, October for the software’s excellent reactive and proactive detection and zero false positives.
The critical element of Fortinet’s antivirus engine is its ability to decode and track behaviors of polymorphic, encrypted and packed malware in real time. Commonly used by authors of Advanced Persistent Threats (APTs), these evasion techniques can enable advanced malware to bypass other detection engines. To detect and block unknown threats, Fortinet has developed a proprietary signature match processor that uses a unique and patent-pending Compact Pattern Recognition Language (CPRL) to detect as many as 50,000 different viruses with a single signature in some scenarios. Fortinet has also developed a propriety binary emulation engine that allows its antivirus engine to detect new malware and variants, regardless of whether a detection signature exists. This enables the engine to detect much of today’s advanced malware threats, even those that use sophisticated evasion techniques like polymorphism and encryption to avoid detection from other AV products.
Protecting Against Today’s Advanced Persistent Threats
Fortinet’s proactive antivirus engine is a component of a broader advanced malware and APT defense:
- FortiGuard Web/Email Filtering: prevents delivery of malware via known web sites, email senders, phishing campaigns and more using a range or reputation, content inspection and other techniques
- FortiGuard IPS/Application Control: blocks malicious applications and traffic that may serve as a malware delivery vehicle.
- FortiGuard Antivirus Engine: identifies known malware, and variants of malware families, using one-to-many signatures, advanced heuristics and other techniques
- FortiGuard Analytics/FortiSandbox: identifies previously unknown malware through code emulation, execution in a contained virtual environment and more, either in the cloud or on-premise
- FortiGuard Botnet Database: prevents remote command and control communications based on up-to-date information about IP reputations
Fortinet’s antimalware technology is part of the suite of security services developed and maintained by the company’s global FortiGuard Labs research team, which delivers industry-leading advanced malware threat protection for a wide range of Fortinet products, including FortiGate®, FortiWeb™, FortiMail®, FortiCarrier™, FortiCache™ and FortiClient® products. The technology is also found at the heart of Fortinet’s FortiOS 5.
These technologies are developed and updated by Fortinet’s FortiGuard Labs, a world-class security team that monitors the threat landscape and ensures Fortinet customers are continuously informed and protected against today’s most modern threats. Consisting of more than 150 dedicated research analysts, FortiGuard helps protect customers 24 hours a day, 7 days a week and 365 days a year. The team discovers new third party threats and then delivers rapid signature updates and detailed security knowledge designed to provide practically instant protection from new and emerging threats. In a typical week, the FortiGuard team adds or updates approximately 1.4 million antivirus, intrusion prevention (IPS) and antispam signatures. Additionally, FortiGuard has made more than 150 zero day discoveries in the last three years and actively collaborates with non-government and governmental organizations.
Fortinet is able to discover threats quickly via analyzing data submitted voluntarily by Fortinet’s extensive customer network of hundreds of thousands of installed FortiGate devices and then push out signature updates to every customer in the world in minutes – unlike competing security companies that have to rely on third party security companies to provide them with the latest malware signatures.
The awards presented by AV Comparatives included ADVANCED +, ADVANCED, STANDARD and no award. STANDARD winners are considered to be good products that achieved a “good” score, ADVANCED winners received a “very good” score and ADVANCED+ winners received an “excellent” score. Products that did not receive an award may still require further improvement to reach the tested goal. An overview of past awards can be found on the company’s Website.
“We are honored to be recognized by AV-Comparatives. Independent third party validation is critical for network security vendors today and AV-Comparatives is renowned for their high integrity and solid testing methodologies,” said John Maddison, vice president of marketing for Fortinet. “Rest assured we will continue our relentless technological innovation in our quest to protect our customers against today’s most advanced and persistent threats.”