APTs, Data Breaches Top of Mind Priority of IT Security Initiatives in 2016 sonctenory —stghpny ene ry wtongety tet ery There is Good Reason For Concern Incite +64,199 incidents — oc +2,260 breaches aoe + CEOs, ClOs and CISOs who resigned sea-dsa-5-Beaie-s vA {UTE VEE How Does it Remain Undetected? Unique Code. 99.5% fic er a sever Eales — viet Fant, TS Sams Fie see Sines t i iKnowledge Check When surveyed, what was the top security priority of enterprise ‘executives for 20167 © a, Protection / detection for Advanced Persistent Threats (APTS) b. BYOD ©. Privileged user access d. Software Defined Networking (SDN) security Correct FortiSandbox Overview An advanced threat detection solution that analyzes activity, rather than attributes, to identify previously unknown malware FortiSandbox Key Features An advanced threat detection solution that analyzes activity, rather than attributes, to identify previously unknown malware + Five levels of analysis + Granular risk ratings, real-time intelligence + Independently top rated effectiveness + Stand-alone, integrated and manual deployment + All form factorsFive Levels of Analy: + Identify the ultimate aim, call back & exftration + Mitigate wiFortiGuard updates + Examine real-time, full lifecycle activity to get the threat to expose itself alt Back Detection ee + Quickly simulate intended activity he + OS independent and immune to evasion/obfuscation {cloud Fle Guery + Check community intelligence & fle reputation + Apply top-rated anti-malware engine Granular Risk Ratings and Intelligence Sharing riigene Sng + Distibuo roa-ime updates + Peed gba system | > cat Back Detection en 104 File Query AR ifIndependently Top-Rated Effectiveness ss 7 All Form Factors 3Portfolio ee er Pricing and Licensing Overview ee oe Upton Mwesw $0 «$O SHR «$180k «SOK $250 ‘SYEServon! Suppod $240 $150k Sk SS STOO Teal Year $210 S180k SK SUR SEK HK ssen2c0 _ ‘$200,000 7s Knowledge Check How is FortiSandbox different from traditional forms of threat detection? 1. FortiSandbox uses blocklists available on the Internet. © b. FortiSandbox observes the behavior of the suspected malware objects. c. FortiSandbox calculates a checksum of the suspected malware object. d. FortiSandbox looks at static attributes of the suspected malware object. CorrectKey Use ll #; Key Use 8 2Deeper Qualifying Questions ‘Sandboxing takes a different, behavior-based approach to detect threats and helps 87%¢ of the time. Objection Handling + Independent Validation NSS Labs Recommended Edge to I haven't heard about FortiSandbox (or Endpoint Fania), Rew | kai ICoALabs Cats Amand Treat it will work? «Test it Behind Your NGFW/SEG Now ~17% more spam caught Tens of known viruses caught Thousands of unknown attacks caught Objection Handling + Traditionally, yes. But not now. Integrated deployment ‘Alkin-one platform Real-time inteligence sharing ‘Automated response Sandboxes are too expensive! require too much monitoring and response. ‘SKnowledge Check ‘Which Fortinet product can be used with FortiSandbox to address previously unknown threats arriving in email attachments? * a. FortiMail b. Fortiweb c. FortiManager d. FortiAnalyzer Correct epWhat percentage of previously unknown malware was detected when FortiSandbox was subjected to independent testing by NSS Labs and ICSA Labs? © 73% © 88% © Over 97% © Less than 53% ‘This information can be found in the fo a What size environment is appropriate for a FortiSandbox deployment? © Fortisandbox has deployment options scalable from smal to large enterprise. © Fortisandbox is postioned exclusively for large enterprise © Fortisandbox must be installed in a ful-height rack. © FortiSandbox is positioned exclusively for Small and Midsize Business (SMB). This information can be found in the ect kereIna recent data breach report, in almost all cases the malware responsible for the breach was found to be unique to the organization that it invaded. What security challenge does this represent? ‘© The enormous bandwidth consumed by so many unique attacks can impact enterprise network connectivity. ‘The increased staffing levels required to manually cope with so many unique threats, ® 's a drain on the talont poo. ‘The incredibly vast number of resulting unique catalog efficiently. Se an Busine: ‘© Traditional security technologies based on against those threats, iteelik tas FortiSandbox is available in which form factors? CorrectHow is FortiSandbox different from traditional forms of threat detection? © FortSandbox calculates a checksum ofthe suspected malware object. © FortiSandbox uses blockfsts available on the Intemet. © FortSandbox observes the behavior of suspected malware objects. © ForiSandbox looks at static attributes of the suspected malware object. Sao erect Which Fortinet product can be used with FortiSandbox to address previously unknown threats arriving in email attachments? © FortiAnalyzer © FortiManager ® FortiMail © FortiWweb ar React crHow would you handle the objection, "| haven't heard about FortiSandbox before."? © Move the conversation back to FortiGate. © Shame them for not paying attention to the ATP market © Give them the link to www fortinet.com, © Highlight our independent test results and suggest a PoC, Eee ec How many levels of analysis does FortiSandbox perform on each suspected malware sample? © Five (5) © Four(a) © Forty-two (42) © Three @) a ee tater In be found in the cc felit aaWhich Fortinet product can be deployed along with FortiSandbox as a legacy Endpoint Protection Platform replacement? FortWeb FortiGate FortiClient ee eo Fortivait Sa nenCarn Uy atselic a9 Once FortiSandbox has analyzed a suspected malware sample, what kind of rating does FortiSandbox provide? © The sample's "badness" value is placed on a 3-axis advanced logarithmic scale {A threat level scale color-coded to match the U.S. Department of Homeland @ A Secuniy’s threat level scale © A simple "good" or "bad" rating © One of ve, granular ratings This information can be found in the aentneke Incorrect