Logging/Reporting Systems offer security event correlation.
Press Release Summary:
FortiLog-100/400/800 network-based logging and reporting appliances are offered with FortiLog(TM) v1.6 firmware that helps streamline report creation, standardization, and generation. Firmware supports multi-vendor devices, providing single source for users to gather, correlate, analyze, and store event data across network security architecture. Systems provide administrators with information needed to determine security threats and act on network security vulnerabilities.
Original Press Release:
Fortinet Adds Multi-Vendor Support, Security Event Correlation to FortiLog Logging and Reporting Systems
FortiLog(TM) V1.6 Firmware Gives Enterprises Comprehensive View of Their Security Environment; More Than 140 Reports & Advanced Logging to Help Meet Regulatory Compliance
SUNNYVALE, Calif., Jan. 27 -- Fortinet -- the confirmed market leader in Unified Threat Management and only provider of ASIC-accelerated, network-based antivirus firewall systems for real-time network protection -- today announced new capabilities across the FortiLog family of integrated logging and reporting appliances with FortiLog v1.6, the next version of its firmware. FortiLog v1.6 is built on a new graphical profile-based reporting architecture that helps streamline report creation, standardization and generation and now supports multi-vendor devices -- providing a single source for IT administrators to gather, correlate, analyze and store event data from across their network security architecture.
FortiLog systems, which also support RAID-based storage, provide administrators with the comprehensive information needed to determine security threats and quickly act on network security vulnerabilities and meet governmental regulations regarding compliance, disclosure and privacy.
Enhancements in FortiLog v1.6 include:
-- Event correlation: helps identify attacks originating from the same source or all targets of an attack by providing alerts when events occur.
-- Support for multi-vendor devices: provides full logging support for Fortinet's FortiGate systems and syslog support for third-party networking and security systems to provide a centralized location for correlation and forensics.
-- 11 categories & over 140 reports: includes more report capabilities for many types of traffic including Network, Web, FTP, Terminal, Mail, Intrusion, Antivirus, Web Filter, Mail Filter, VPN and Content.
-- Advanced logging with meta content logs: helps with regulatory compliance such as the Health Insurance Portability and Accountability Act (HIPAA) and Sarbanes-Oxley (SOX) by allowing high-level monitoring of HTTP, FTP, IMAP, POP3 and SMTP traffic from FortiGate systems running FortiOS 2.8 firmware.
The FortiLog Family of Security Logging and Reporting Solutions
The FortiLog family includes the FortiLog-100, 400 and 800 systems, which provide scalable levels of storage, performance and functionality to meet the varied needs of enterprises and service providers. The FortiLog-100 provides 120 GB of storage and logging for up to 10 FortiGate systems. The FortiLog-400 and the FortiLog-800 both have storage capacities of 360 GB and can be configured at RAID levels 0, 1, 3 and 5 depending on the desired levels of capacity and data assurance. The FortiLog-400 system supports logging for up to 25 FortiGate systems and the FortiLog-800 supports logging for up to 100 systems. Log data security is ensured through IPSec VPN tunnels that securely transmit log data from FortiGate systems to FortiLog systems.
FortiLog systems utilize an easy-to-use Web interface that provides administrators with a single, centralized view of network utilization and Web, mail, FTP and attack activity. A convenient, built-in report generator lets administrators quickly gain useful analysis on key events to support security response, network planning, acceptable use enforcement and compliance with regulations.
"Real-time logging and reporting are essential features for managing and maintaining complete network security platforms, as well as meeting government regulations for data storage and retrieval," said Richard Hanke, vice president of product management for Fortinet. "The new FortiLog systems give administrators a single system to capture, analyze and store information about their entire network security environment, which is often composed of numerous and heterogeneous network devices -- making it quicker, easier and more cost-effective to protect the enterprise and comply with government regulations."
Distribution and availability
Version 1.6 is available immediately on Fortinet's FortiLog-100, FortiLog-400 and FortiLog-800 systems.
About Fortinet (www.fortinet.com)
Fortinet is the confirmed leader of the Unified Threat Management market. The company's award-winning FortiGate(TM) series of ASIC-accelerated antivirus firewalls, winner of the 2004 Security Product of the Year Award from Network Computing Magazine and the 2003 Networking Industry Awards Firewall Product of the Year, are the new generation of real-time network protection systems. They detect and eliminate the most damaging, content-based threats from e-mail and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance. FortiGate systems are the only security products that are quadruple-certified by the ICSA (antivirus, firewall, IPSec, NIDS), and deliver a full range of network-level and application-level services in integrated, easily managed platforms. Named to the Red Herring Top 100 Private Companies, Fortinet is privately held and based in Sunnyvale, California.
