FortiGuard AI-powered Security Bundles for FortiGate
Powerful security and support services elevate FortiGate NGFW and Fortinet NGFW-based solutions
FortiGuard AI-powered security bundles provide a comprehensive and meticulously curated selection of security services to combat known, unknown, zero-day, and emerging AI-based threats. These services are designed to prevent malicious content from breaching your defenses, protect against web-based threats, secure devices throughout IT/OT/IoT environments, and ensure the safety of applications, users, and data.
The Advanced Threat Protection bundle delivers AI-powered protection against network- and file-based threats.
The bundle includes: Intrusion prevention, anti-malware (antivirus + cloud-based sandbox), application control, and FortiCare Premium.
Data Center Firewalls
Protect north-south traffic into and out of the data center
Internal Segmentation Firewalls
Protect east-west traffic to workloads and applications
IPS Replacements
Deliver intrusion prevention for network and file security
The Unified Threat Protection bundle builds on the ATP bundle with advanced web security services to protect organizations against web-borne threats including sophisticated DNS-based threats.
Included: ATP + DNS filtering, URL filtering, video filtering, and anti-botnet and C2 communications services.
Edge Firewalls
Protection for direct internet access
Data Center Firewalls
Data center protection with ZTNA
SASE
Protection for SASE deployments
The Enterprise Protection bundle offers the best valuethrough a comprehensive suite of enterprise-class security features for enterprises and other organizations with more complex environments. The Enterprise Protection bundle builds on the UTP bundle with advanced services to address SaaS application security, data security, and protection for IoT devices as part of a comprehensive attack surface assessment and monitoring service. The Enterprise Protection bundle also includes powerful AI-based inline malware prevention capabilities.
Included: UTP + CASB for SaaS application security, data loss prevention (DLP), IoT detection and vulnerability correlation, attack surface monitoring and risk scoring, AI-based inline malware prevention.
Regulatory Compliance
Helps highly-regulated HQ, branch, and campus environments meet compliance
SD-WAN Requirements
Helps where secure SD-WAN is required to meet stringent compliance and data security requirements
FortiGuard Security Services | Available A La Carte | Advanced Threat Protection | Unified Threat Protection | Enterprise Protection |
---|---|---|---|---|
Intrusion Prevention System (IPS) | ✔ | ✔ | ✔ | ✔ |
Advanced Malware Protection (AMP) | ✔ | ✔ | ✔ | ✔ |
Antivirus |
✔ | ✔ | ✔ | ✔ |
Botnet |
✔ | ✔ | ✔ | ✔ |
Mobile Malware |
✔ | ✔ | ✔ | ✔ |
Outbreak Prevention |
✔ | ✔ | ✔ | ✔ |
Sandbox SaaS (detection only) |
✔ | ✔ | ✔ | ✔ |
AI-based Inline Malware Prevention | ✔ | ✔ | ||
Web Security | ✔ | ✔ | ✔ | |
Web and Content Filtering |
✔ | ✔ | ✔ | |
Secure DNS Filtering |
✔ | ✔ | ✔ | |
Video Filtering |
✔ | ✔ | ✔ | |
Attack Surface Security Rating | ✔ | ✔ | ||
IoT Security |
✔ | ✔ | ||
Security Self-check |
✔ | ✔ | ||
Inline SaaS Application Security (CASB) | ✔ | ✔ | ✔ | ✔ |
Data Loss Prevention | ✔ | ✔ | ||
OT Security | ✔ | |||
OT Device Detection |
✔ | |||
OT Virtual Patching |
✔ | |||
OT Industrial Signature |
✔ | |||
SD-WAN and SASE Services | Available A La Carte | Advanced Threat Protection | Unified Threat Protection | Enterprise Protection |
SD-WAN Underlay Bandwidth and Quality Monitoring | ✔ | |||
SD-WAN Overlay Orchestration Management | ✔ | |||
SD-WAN Connector for SASE Secure Private Access | ✔ | |||
SASE for FortiGate (including 10 Mbps) | ✔ | |||
NOC and SOC Services | Available A La Carte | Advanced Threat Protection | Unified Threat Protection | Enterprise Protection |
FortiConverter | ✔ | ✔ | ||
FortiManager Cloud | ✔ | |||
FortiAnalyzer Cloud | ✔ | |||
Indicator of Compromise Detection |
✔ | |||
Outbreak Alerts |
✔ | |||
Managed FortiGate (NOC) | ✔ | |||
SOC-as-a-service | ✔ |
FortiCare Included Features | Per-device Service Options | |
---|---|---|
FortiCare Premium (included) | FortiCare Elite (upgrade) | |
RMA | Advanced replacement (PRMA available) | Advanced replacement (PRMA available) |
Web Support | ✔ | ✔ |
Telephone Support | ✔ | ✔ |
Firmware Updates | ✔ | ✔ |
Asset Management Portal | ✔ | ✔ |
Response Time (critical issue) | 1 hour | 15 mins |
Response Time (non-critical issue) | Next business day | 2 business hours |
Extended End-of-Engineering-Support (E-EoES) for Long Term Supported Firmware (LTS) of 18 months* | - | ✔ |
Device Insights and Monitoring Portal (FortiCare Elite Portal) | - | ✔ |
*Currently available for FortiGate only
FortiGuard Labs, Fortinet’s cybersecurity threat intelligence and research organization is comprised of experienced threat hunters, researchers, analysts, engineers, and data scientists. This elite team develops and enhances FortiGuard AI-powered Security Services including inline malware prevention, IPS, and DLP. FortiGuard Labs also provides valuable expert help through FortiGuard Expert-driven Security Services.
Protects against the latest polymorphic attacks, viruses, malware (including ransomware), and other threats.
Performs AI-powered real-time inspection of files for protection against unknown threats, zero-days, and sophisticated file-based attacks.
Utilizes the latest threat intelligence to perform deep packet inspection/SSL inspection of network traffic to detect and block malicious traffic and activities.
Provides full visibility into DNS traffic while blocking high-risk domains including malicious newly registered domains (NRDs) and parked domains.
Uses AI-powered behavior analysis and correlation to block unknown malicious URLs almost immediately, with near-zero false negatives.
Assesses and rates your Security Fabric infrastructure and controls against best practices and major security and compliance frameworks. Includes coverage for connected IoT devices.
Blocks unauthorized attempts to communicate with compromised remote servers for both receiving malicious commands and extracting information.
Blocks intentional and accidental disclosures of sensitive data while addressing key requirements for data security associated with major frameworks.
Allows the creation of policies to allow, deny, or restrict access to applications and keep malicious, risky, and unwanted applications out of the network.
Provides a dual-mode (inline and API-based) cloud access security broker (CASB) solution for securing applications, monitoring their usage, and safeguarding related data.
Extends IPS protections to identify and police most of the common ICS/OT/SCADA protocols to detect and block exploits targeting OT vulnerabilities.
Dramatically reduces spam at the perimeter through a multi-layered approach to filtering unwanted and malicious email.