May

4

The Secret to Delivering “Intent-Based” Network Security


Posted on

If you’re like most security practitioners, you long for the days of traditional point-to-point networks with trusted, flat insides surrounded by strong easy-to-defend perimeters. Today’s networks, with their messy meshes of mobile, Internet-of-Things (IoT) and cloud networks are anything but easy to defend. Perhaps it’s time to take a page out of the network engineer’s playbook and focus on building intent-based security into your architecture.

Networks are growing increasingly diverse and complex. In fact, 2017 will see businesses spend $964 billion to deploy 3.1 billion things, supporting everything from smart electric meters and commercial security cameras to just-in-time inventory systems.

The problem becomes clear when you factor in the enormous upswing in big data initiatives as enterprises look to capitalize on all that connectivity and data to enhance or build new products. All that data crossing all those different networks, servers and endpoints creates new business opportunities. But it also presents ripe opportunities for criminals to steal, compromise and lately ransom all that lucrative data.

An Easier Way

Faced with keeping up with this huge volume of data and transactions, many network engineers are making the move to software-defined networks (SDN). SDN provides the flexibility, efficiency and automation required to ensure that every employee, customer, device and application in today’s hyperconnected world can access the data they need when they need it.

To simplify management, SDN also supports a scheme called “intent-based” networking (IBN). With IBN, the logical intent of the network communications is separated from the underlying switches and routers providing the connectivity. This presents a big win for network engineers, who can simply set parameters for a connection (give me a low latency path from A to B, and if jitter occurs, switch to path C), without having to worry about the underlying technology (does it use Cisco routers? Is it MPLS?).

Why can’t security do the same? Actually, now it can, thanks to our partner Fortinet and its Security Fabric architecture. Instead of struggling to manage a hodgepodge of point security solutions with their own deployment, configuration and alerting idiosyncrasies, Fortinet’s Security Fabric embeds security intent within the network, both simplifying and improving security at the same time.

How Intent-Based Security Works

Much like the SDN flavor, Fortinet’s intent-based security automatically translates business requirements into synchronized security actions and policies, without worrying about the intricacies of the underlying security toolset. Every tool within the fabric, be it from Fortinet or a partner, can communicate and collaborate with the others and be managed seamlessly from a single pane of glass— no matter the network, device or application.

For example, if Fortinet’s FortiSandbox identifies new malware and creates a signature, it can automatically and immediately propagate it to other tools in the fabric, ensuring that even zero-day attacks are recognized and mitigated quickly and efficiently. All policies are applied consistently and automatically throughout the fabric, easing management and ensuring your security architecture does exactly what you need.

As a value-added distributor of Fortinet solutions, Fine Tec can support your efforts to guide customers on a successful path to intent-based network security. Learn more.

May

4

Software-Defined Data Centers Highlight Case for Software-Defined Cybersecurity


Posted on

As more companies go cloud-first, the notion of the software-defined data center (SDDC) is gaining attention. Its ability to virtualize and manage all data center aspects with software promises huge gains in efficiency, agility and effectiveness – that is, if cybersecurity is done right.

According to Gartner, 75% of global 2000 enterprises will consider the programmatic capabilities of an SDDC a requirement as early as 2020. But to be successful, SDDC adoption requires new data security governance programs — with 20% of respondents to Gartner’s survey considering such programs necessary for preventing data breaches in the new paradigm.

SDDC Benefits

With SDDCs, all software and hardware is abstracted, enabling it to be viewed as massive pools of physical and virtual resources controlled and managed by a software layer on top. With everything from servers to storage and the underlying network virtualized, IT can automatically spin up or down services based on demand and business need — all while ensuring optimal resource utilization, performance, availability and cost-efficiencies.

SDDC Cybersecurity Challenges

Unfortunately, few of today’s security toolsets are designed to work with this level of software-defined capabilities. As enterprises look to design and deploy SDDCs, they’re coming to realize that existing security toolsets are ill-equipped to manage SDDC’s:

  • Complexity: No two SDDC implementations are alike. Few security tools can ensure data remains secure as it crosses from a private cloud to a public cloud or hybrid of the two and back again. SDDCs require tools that are flexible enough to secure all data, no matter where it lives or where it goes.
  • Compliance requirements: While the most effective SDDCs allow IT to tap into pools of resources as needed, data still needs to be secured. Few security tools today can track critical data as it crosses from one cloud or geography to the next. The best SDDC security provides enterprises with full insight and visibility to comply with current and evolving regulations governing data residency, privacy and more.
  • Diversity: Because the intricacies of the underlying technologies are abstracted, SDDCs use variety of hardware, software and operating systems. The security tools deployed in SDDCs must also have broad enough support to cover the whole ecosystem, end to end.

What Makes a Strong, Software-Defined Security Solution?

SDDCs can’t be protected without a strong software-defined security solution. Our partner Fortinet knows this. Its FortiCloud platform is a cloud-based provisioning, configuration management and analytics service designed to provide security at the level of today’s (and tomorrow’s) SDDCs.

A fully cloud-hosted solution, FortiCloud works at the speed of SDDC, enabling teams to deploy and configure a range of tools quickly and automatically — including FortiGate next-generation firewalls, FortiWiFi networks and FortiAP wireless access points. It also offers cross-platform and cross-cloud traffic and application visibility, logging, data analytics, security sandboxing and more – all easily controlled and managed from a single pane of glass.

FortiCloud provides the deep, broad functionality, control and visibility you need to ensure your customers’ move to SDDC is successful and secure. A value-added distributor of Fortinet solutions, Fine Tec can support you as you help your business customers more easily manage security in the cloud and the SDDC. Learn more

Apr

28

Fortinet’s Solution for Small and Medium Sized Businesses (SMBs)


Posted on

Today’s small and medium businesses are dealing with many challenges and opportunities. Growing business is obviously their number one priority. Business applications need to be available from anywhere, 24/7 and from any device. As technology early adopters (BYOD, Cloud Services, Mobility), SMB have to deal with threats associated to agility.

Faster infrastructure and greater security are “must have” to sustain their growing business but the time and resources which SMB can allocate to this need are limited.

Highlights

Small Office Technology Needs Are Increasing: To support employee mobility, many small offices are adding wireless and enabling BYOD—technologies that have traditionally been confined to larger enterprises.

Small Businesses Are a Target: According to the Verizon Data Breach Incident Report, data breaches were more common in small than large organizations (25% vs. 20%, with 50% from size unknown).

Large Market Opportunity:

  • IDC predicts that the total UTM market size will be around $5.3 billion by 2017.
  • The Enterprise Wireless LAN market is expected to reach $7.09 billion by 2018, according to Gartner.
  • Switching is already a mature $21+ billion market.
  • Newer technology areas, like sandboxing to detect advanced threats ($2.5 billion in 2017), continue to offer additional opportunities.
Source: Osterman Report 2015

SMB Campaign

Overview

Use this campaign to target small and medium business owners and IT purchasers who are looking for a complete security solution that supports increasing employee mobility.

What’s New?

Fortinet proposes two enhanced packages to meet SMB customer needs:
Connected UTM:

  • Top-rated security technologies protect the business, users, and data.
  • Integrated wired and wireless networking simplifies office IT.
  • Cloud-based management and reporting make it all simple to support.

Secure Communications:

  • Easy-to-deploy and manage on-premises, IP-based mail and voice systems
  • Top-rated protection against threats to mail, voice, and web infrastructure
  • Comprehensive feature sets, with all-in-one licensing

Why Buy?

Consistently and Independently Top-rated Security
Fortinet’s commitment to quantified, independent third-party validation of security effectiveness is unmatched in the industry. Security technologies deployed from network edge to individual endpoints have all earned top marks in real-world testing by NSS Labs, Virus Bulletin, AV-Comparatives, and more.

Single Vendor, Comprehensive Portfolio
Fortinet is the only UTM vendor able to offer the broad range of security and networking capabilities to dramatically simplify IT infrastructure and security. Because all products are built in-house, they will integrate more tightly and reduce your administration effort.

Your life becomes even easier by working with a single vendor, single procurement process, single administrative experience across products, single support group, and single volume licensing program.

And as threats evolve, Fortinet continues to introduce new security services to protect customers. Today these include mobile security and cloud sandboxing.

Target Audience

Small and medium-sized businesses have different IT challenges than large enterprises, limited IT resources, and often the challenge of a restrained budget. Small businesses are organizations with 250 employees or less.

Apr

1

Help Fight Data Privacy Enemy #1


Posted on

Mobile adoption, IoT and other data-intensive trends are growing and driving an influx of web applications to manage them, many which bypass normal security procedures by operating in the Shadow IT sphere. Knowing this, cyber criminals are exploiting these new entry points to threaten data privacy and hit pay dirt.

Web Application Vulnerabilities

Big data has become a revenue source, as well as a burden for companies trying to harness it. Implementing web applications like content management systems (CMS) and ecommerce platforms help turn that information and intellectual property into actionable insights.

Yet in a Verizon report, attackers found these implementations to be the perfect weak link, resulting in almost 20,000 incidents. For example, bad actors have been known to use CMS plugins as a foothold for deploying malicious software that launches a distributed denial of service (DDoS) attack or is repurposed as phishing.

Data-rich industries like financial services and retail should be most concerned are most vulnerable to web application attacks. With 69 percent of applications plagued by vulnerabilities and 95 percent of web application attacks financially motivated, there is a lot to lose.

Vulnerabilities in Java and .NET

Research found that “80 percent of tested software applications had at least one vulnerability, with an average of 45 vulnerabilities per application.” So do these vulnerabilities typically hide?

A comparison of Java and .NET, two of the most popular web application development languages, revealed the following insights:

  • Java has a higher prevalence of cross-site request forgery.
  • Java has a higher rate of injection flaws, which is commonly missed by traditional application security tools. If missed, attackers can pivot to a complete host takeover.
  • .NET has more misconfiguration problems since it relies more heavily on configuration than Java.

Steps to Fight Data Breaches

As companies continue to “appify,” they need to consider preventive measures like two-factor authentication, timely patching and input monitoring. Without adequate security, enterprises will join their unsecured peers in paying on average $7 million per incident.

Businesses can avoid a messy breach aftermath by:

  1. Continuously monitoring the hundreds or thousands of web applications in the IT environment. The process should be automated and be able to scale.
  2. Blocking direct attacks at the source with web application firewalls.
  3. Preventing malware damage by:
  • Patching vulnerabilities and fixing misconfigurations
  • Choosing reputable and secure ad delivery networks
  • Using scalable, always-on scanning tools
  • Ensuring that scanning tools maintain a comprehensive, up-to-date signature library and triggers alerts instantly
  • Leveraging behavioral analysis to detect new variants
  • Using a single pane of glass security platform to visualize and report on websites and infections

Comprehensive Platform Makes Protection Easy

Protecting today’s diversified IT environment can be overwhelming. That’s why we recommend providing your customers with the advantages of a web application firewall; plus, an advanced threat protection (ATP) framework to integrate threat prevention, detection and mitigation.

The Fortinet ATP is powered by top-rated security components that work together as a unified security fabric. A value-added distributor of Fortinet solutions, Fine Tec is uniquely positioned to help you address the challenges that threaten your customers’ data privacy. Contact us.

Apr

1

Suggested Title: What Every Ransomware Prevention Strategy Needs


Posted on

Ransomware was big business for criminals in 2016, bringing in more than $1 billion worldwide according to some estimates. And 2017 is expected to fare no better, with experts predicting ransomware attacks on businesses to double this year. It’s time to get your ransomware prevention strategy in place – the main component of which should be anti-phishing defenses.

Phishing is Popular Attack Vector

While ransomware has many attack vectors, including drive-by malware drops from infected websites, the primary delivery mechanism is phishing emails with malware-laced attachments.

Attackers gravitate to phishing emails because they are easy to target and deploy. Just a few minutes of online research is usually all attackers need to uncover the name, title and group/department of a likely phishing candidate. They then simply create the message, embed the ransomware in an innocuous-looking attachment and send.

To make matters worse, many ransomware attacks are now available in as-a-service models. One of the most notable as-a-service ransomware offerings used Cerberus — a variant researchers claim was responsible for eight new campaigns a day and generating $2.5 million annually in criminal revenue.

Critical Ransomware Prevention Measures

Preventing ransomware attacks deployed via phishing emails is no easy feat. It requires a strong combination of:

  1. Workforce education: It’s always best to stop attacks before they start, and that means educating users so they understand the risks, can identify common phishing schemes and know how to report potential phishing attacks. At a minimum, users should be taught not to click on links embedded in email and instead, access only business-approved online sites directly from their browsers.
  2. Strong policies: This means enforcing strong access controls including requiring difficult-to-guess passwords that are changed on a regular basis, and multi-factor authentication to limit damages should an attack occur.
  3. Technology: In addition to stripping links from email and enforcing whitelisting to ensure users only engage with known, permitted sites, organizations should focus on bolstering endpoint controls, leveraging sandboxing to uncover zero-day attacks, deploying next-generation firewall and IDS solutions, and implementing good vulnerability and patch management programs.

Advanced Threat Protection Framework Mitigates Attacks

While implementing such an approach is easier said than done, new tools like those from our partner Fortinet can help. Its Advanced Threat Protection (ATP) framework together with its Secure Email Gateway and cohesive Security Fabric architecture provide the high degree of visibility and collaboration needed to protect against even the most sophisticated ransomware attacks.

Fortinet’s Secure Email Gateway; for example, uses antivirus, anti-malware and data loss prevention (DLP) tools to protect against known inbound and outbound email attacks. In addition, it integrates with the ATP’s advanced sandboxing technology to test and identify never-before-seen zero-day attacks.

When combined with Fortinet’s Security Fabric, any newly created signatures are then deployed to all other security tools in the fabric including next-generation firewalls, IDS/IPS and others. The result is that organizations are able to quickly mitigate attacks that might otherwise fly under the radar of a single security tool, significantly reducing their exposure and risk to both phishing and ransomware.

A value-added distributor of Fortinet solutions, Fine Tec is an expert in deploying Fortinet’s ATP, Secure Email Gateway and Security Fabric architecture. We can help you ensure your customers don’t fall victim to the latest phishing and ransomware attacks. Learn more.

Mar

10

Suggested Title: 3 Common Endpoint Security Pitfalls and How To Avoid Them


Posted on

Thanks to changing threats and technology trends like the cloud, Internet-of-Things (IoT) and bring-your-own-device (BYOD), endpoint security is much more complex than it used to be; and attackers are targeting endpoints with a vengeance. It’s time to get serious about endpoint protection, and the first step is knowing the main pitfalls and how to address them.

End-users and their myriad devices are now a top target for exploit. SANS Institute reports that user actions at the endpoint are the most common way attackers gain entry into corporate networks with 75% entering via an email attachment, 46% through clicks on malicious links and 41% through visits to infected websites that lead to drive-by malware downloads.

Why? There are a number of reasons, but most come down to the fact that organizations rely too heavily on conventional endpoint protection approaches like antivirus or signature-based controls that simply can’t cover the broad expanse of endpoints on the network today. To avoid becoming the next headline, companies need to shore up their endpoint security. That means avoiding the following common pitfalls:

·         Security-blind workforce: As the SANS stats show, the majority of threats that entered at the endpoint could have been thwarted if users were better educated about what a malicious email or website looks like and trained to report potential threats. Good user education should also include policies for keeping corporate data safe, such as trying never to store critical data on a tablet or smartphone, using encryption, backing up sensitive data (a critical defense in a ransomware scenario), and using only corporate-sanctioned apps or those downloaded from reliable app stores.

·         Poor cyber hygiene: All endpoints, from traditional corporate PCs and laptops to mobile smartphones or tablets in BYOD scenarios must be kept up to date and included in all vulnerability and patch management programs. Organizations should also consider removing difficult-to-update endpoint software like Java or Adobe Flash, which may not be business-critical but are most often compromised by attackers.

·         Limited endpoint security platform: Since it’s obvious that traditional tools or signature-based AV can’t get the job done, a better strategy is to deploy endpoint protection that can run on a variety of devices (PC, laptop, smartphone, tablet, etc.) and provide the right level of visibility, control, protection and authorized access to thwart threats and keep endpoints safe.

Fortinet Offers Better Endpoint Protection

A good example of effective endpoint protection is Fortinet’s FortiClient. It offers a lightweight security agent that can be deployed on just about any endpoint, from a Windows PC and a Chromebook to an iOS or Android mobile device. Together with Fortinet’s FortiGate next-generation firewall platform and single-pane-of-glass management via FortiManager, it provides true access control, policy enforcement and remediation, ensuring no endpoint gains access to the network without the requisite protections and policies in place.

Integratable with Fortinet’s Security Fabric, Fortinet’s endpoint protection platform goes beyond endpoint awareness, compliance and enforcement to communicate with key fabric-compliant security tools such as malware sandboxes, IDS/IPS and more. The result? Organizations can quickly detect and identify potential endpoint threats, share threat signatures and block both known and unknown attacks in real time.

A partner of Fortinet, Fine Tec is in the ideal position to help your customers achieve better endpoint protection. Learn more.

Mar

10

Using Advanced Persistent Intelligence to Fight Advanced Persistent Threats


Posted on

Face it, we’re all locked in a cyber-security arms race. Attackers are becoming smarter and more aggressive, while corporate networks and the data in them are becoming more complex and difficult to defend. Isn’t it about time we started fighting fire with fire, using advanced persistent intelligence to fight advanced persistent threats (APTs)?

Today’s APTs are more targeted and stealthy than ever. Attackers choose their victims carefully and craft their attacks specifically to gain undetected access to the network.

Consider the ease with which attackers were able to spear-phish staffers at the Democratic National Committee and trick them into providing email credentials, or how hackers were able to target the right accounts at the right banks to make off with $81 million from Bangladesh Bank.

Once inside, APTs deploy targeted malware designed to fly under the radar of traditional security, giving them time to learn the ins and outs of the network and hone in on the most lucrative data sets. They then quietly exfiltrate critical data, dripping data out slowly and unobtrusively, or hiding packets within legitimate traffic streams. Consequently, APTs are able to evade detection for weeks, even months, continually siphoning off data while leaving their victims none the wiser.

In this APT world, traditional signature-based tools alone are not enough. Instead, organizations need to embrace advanced persistent intelligence and defend the network using the same level of patience, expertise and technology as attackers. This means:

·         Giving employees the right intelligence: Your employees are your first line of defense – but they can’t recognize and deflect attacks if they don’t know the warning signs. A strong defense requires an effective security awareness program that keeps users abreast of the latest tactics and helps them identify possible phishing attacks or social engineering scams before they create problems.

·         Deploying layered defenses: To increase the chances of detection, organizations need to layer on different controls combining tools like antivirus, IDS/IPS and SIEM systems with advanced behavior-based controls such as next-generation firewalls and sandboxing. Along with strong vulnerability/ patch management, endpoint protection and authentication/identity management, defense-in-depth ensures attacks that evade one control are stopped at the next, or at least slowed to the point where they can be detected.

·         Responding rapidly: It’s not if but when you’ll be breached. That means companies need a solid incident response plan to recognize and shut down new attacks quickly, minimize damage and stop further leakage.

Fortinet’s Advanced Threat Protection Framework Fights Fire with Fire

Our partner Fortinet knows the challenges today’s APTs present. Its Advanced Threat Protection (ATP) solutions are engineered to provide the high degree of visibility and intelligent, automated collaboration needed to protect, detect and mitigate even the most sophisticated APTs.

With Fortinet’s FortiSandbox, FortiClient endpoint protection and FortiGate next-generation firewalls, Fortinet’s ATP works to intelligently block known malware, detect new attacks, create signatures on the fly and quickly update all ATP tools, automatically thwarting both known and unknown attacks. When integrated with Fortinet’s Security Fabric platform, even non-Fortinet solutions like Carbon Black’s endpoint protection can participate via the fabric’s open API-based architecture. The result is advanced, persistent intelligent defense end-to-end — across internal data centers, the cloud, mobile and more.

A partner of Fortinet, Fine Tec is in the ideal position to help arm your customers with the advanced persistence intelligence they need to fight ATPs. Learn more.

Jan

18

Fortinet Incentives and Promotions


Posted on

Incentives and Promotions

Current FortiRewards, Incentives and Promotions

Security Fabric Solution Incentive

Protect your customer’s network with a Fortinet FortiGate Security Fabric Solution, add additional qualifying* Fortinet Solution product(s), and receive up to $1000 in FortiRewards.

Sell any FortiGate Solution AND:

  • One additional qualifying Fortinet Solution Product* and get $250  
  • Two additional Fortinet Solution Products* and get $500 
  • Three additional Fortinet Solution Products* and get $1000

* Qualifying Fortinet Solution Product(s): FortiSandbox, FortiMail, FortiClient, FortiWeb, FortiSIEM 

Qualifying Terms:

  • Additional products must be sold to the same end-user customer by the same reseller within 180 days of the original invoice for qualifying FortiGate
  • Offer only applies to approved Fortinet Deal Registration deals
  • Maximum incentive is $1000 per sale to an end-customer
  • Promotional period is from January 1, 2017 through December 31, 2017
  • Claims must be made within 180 days of the qualifying sale of the FortiGate and additional product(s)
  • This offer may not be combined with any other FortiRewards offer

See the 2017 Rewards Flyer for details.

Fortinet Enterprise Bundle Incentive

Sell any FortiGate solution and include either Fortinet Enterprise Bundle and get a 2% incentive on the Fortinet Enterprise Bundle sold (up to a maximum of $1,000).

To qualify for the incentive, you must sell any FortiGate AND either Enterprise Bundle below:

  • Enterprise Bundle FC-10-00305-871-02-DD
    Includes: 8×5 FortiCare plus NGFW, AV, Web Filtering, Antispam, FortiSandbox Cloud and Mobile Security Services
  • Enterprise Bundle FC-10-00305-974-02-DD
    Includes: 24×7 FortiCare plus NGFW, AV, Web Filtering, Antispam, FortiSandbox Cloud and Mobile Security Services

Qualifying Terms:

  • All products must be on the same invoice sold at the same time
  • Minimum invoice amount $20,000
  • Maximum incentive 2%** of Enterprise Bundle price or $1,000 whichever is less
  • Program applies to both 1 year, 2 year, and 3 year contracts
  • Opportunity must be on or after January 1, 2017 and close no later than December 31, 2017
  • Incentive based on net price to Fortinet
  • All claims must be submitted within 30 days of the qualifying sale, and no later than January 31, 2018
  • This offer may not be combined with any other FortiRewards offer

** Incentive is based on cost of FortiCare Enterprise Bundle only

See the 2017 Rewards Flyer for details.

Cyber Threat Assessment Reward

Get rewarded while helping your customers assess their network security. Earn $250 for every completed customer Cyber Threat Assessment between January 1, 2017 and March 31, 2017.

Visit the CTAP page to learn more about Fortinet Cyber Threat Assessments.

Requirements:

  • Limit one reward per end-user report
  • CTAP assessment must be completed no later than March 31, 2017
  • Only Fortinet reseller-initiated CTAPs for qualifying end-user accounts are eligible for the incentive reward
  • Claims must be submitted through the FortiRewards site no later than April 30, 2017

See the Q1 CTAP Rewards flyer for more details.

CTAP Close the Deal Incentive

For every approved CTAP rewarded in Q1 2017, receive an additional $250 when you close the deal before March 31, 2017.

Requirements:

  • Only applies to deals approved for the CTAP incentive between
  • January 1, 2017 and March 31, 2017
  • All product must be shipped on or before March 31, 2017
  • All product must be on the same invoice to the same customer
  • All invoices must be billed to the same end-user customer as the approved CTAP claim
  • Claims must be submitted through the FortiRewards site no later than April 30, 2017

See the Q1 CTAP Rewards flyer for more details.

Reseller Incentive Program: Claiming Instructions

For details on claiming 2017 rewards, see the 2017 Rewards Flyer.

To claim Q4’16 rewards, enter each completed CTAP or closed FortiSIEM deal through the FortiRewards site no later than January 31, 2017. These rewards ran from October 1, 2016 through December 31, 2016. See either the Q4 Rewards Flyer or the Q4 FortiSIEM Rewards Flyer for details.

  • Q4’16: Earn $1000 on Net New FortiSIEM Deals (See the Q4 FortiSIEM Rewards Flyer for details.)
  • Q4’16: Earn $250 for Every Completed Cyber Threat Assessment
  • Q4’16: Close the Deal Incentive (Applied to closed deals after a completed CTAP)

2017 rewards need to be registered through the FortiRewards site no later than January 31, 2018.

Available to all US and Canada Silver, Gold and Platinum partners registered with the FortiRewards Program.

Claim your rewards now at http://www.fortinetrewards.com/.

PLEASE NOTE: Fortinet’s Partner Incentive Programs and associated FortiRewards claims are limited to Fortinet’s quarterly budgeted amount. All Fortinet Partner Incentive Programs are governed by and subject to the terms and conditions of Fortinet’s then current Incentive Program Contract. Fortinet reserves the right to cancel or modify these Programs at any time at its sole discretion.

FortiRewards Program General Information

FortiRewards Program General Information

  • FortiRewards offers our Channel Partners quarterly incentives through a 3rd party vendor.
  • FortiRewards incentives are available to Fortinet Partners registered with FortiRewards* Program. To register for FortiRewards go to: acbpromotions.com/fortinetrewards. Note: those partners with existing negotiated Fortinet SPIFF incentives or partners who prohibit incentives are not eligible.
  • Rewards can be claimed at acbpromotions.com/fortinetrewards.
  • Channel partner must be an active partner in good standing to be eligible to participate in the program.
  • Channel Partner is required to select how we pay qualifying FortiRewards incentives when they register for the program:
    (1) Sales rep pay or (2) Company pay.

    • If the partner selects (1) Sales rep pay, the reward can be split by more than 1 rep as long as both individuals are registered for the FortiRewards program.
  • All claims must be submitted using the established FortiRewards claiming process. 
  • All claims must be validated as for Fortinet as meeting the requirements established for the incentive.
  • Deal needs to be closed and invoiced no later than the dates indicated on the promotional flyer.
  • Rewards are payable to either partner company or individual, depending on how partner opted into the Fortinet rewards program.
  • Product incentives cannot be combined or stacked.
  • NOTE: Not all incentives and promotions are available to all partners. Please check with your Fortinet Sales Team with questions (or email partnermarketing@fortinet.com).

Notwithstanding anything to the contrary, this program is subject in full to the Fortinet Partner Terms & Conditions included on the registration site.

How to Register Partners for FortiRewards

Partner not yet registered for FortiRewards? It’s easy.

Dec

16

Suggested Title: 6 Questions To Ask When Recommending SIEM


Posted on

In view of today’s threat landscape, more and more organizations are looking to add security information and event management (SIEM) to their cybersecurity architecture. SIEM is a security intelligence solution that delivers a panoramic view of the health of your customers’ IT infrastructures by analyzing security events, network flows and log data in real time.

However, SIEMs are complex technologies that have to be integrated with numerous security controls and hosts across the IT infrastructure. So, before recommending an SIEM to your customers, make sure it meets the right criteria. Here are some questions to help guide the process:

  1. Is the SIEM easy to manage? Ease of management is an important feature as it provides a holistic view of the network. Fortinet addresses this in an SIEM (FortiSIEM) that provides single-pane-of-glass administration with dashboard views of all information collected and analyzed.
  2. Can the SIEM identify attacks accurately and effectively? The strength of a SIEM is in breaking down layers of events into useful and purposeful information so as to respond to any threat with little delay. The Fortinet SIEM platform we offer achieves this with a distributed real-time event correlation engine that enables organizations to detect complex event patterns in real time.
  3. What tools does the SIEM feature to support real time analytics and forensics? You can provide real value to your customers by delivering an SIEM (like FortiSIEM) that supports analytics from diverse information sources such as logs, performance metrics, simple network management protocol (SNMP) traps, alerts and configuration changes.
  4. Can SIEM be integrated into a large enterprise or delivered as a service without extensive custom development? Re-designing an existing on-premise application is time-consuming and risky as it requires changing database schema to support tenant identifiers. Save your technicians (and customers) the headache with FortiSIEM—which is built around a highly customizable, multi-tenant architecture to simplify the management of  multiple physical/logical domains and overlapping systems and networks from one console.
  5. How easy is it to scale out a virtualized architecture? With cloud adoption approaching a tipping point, being able to offer SIEM as a VM that supports on-premise and public/private cloud deployments on multiple hypervisors is a huge plus.
  6. How timely and effective is the SIEM’s automated response capabilities? The ability to accurately monitor and perform real-time analyses of event logs is critical to flagging and responding to potential issues before they become bigger problems. FortiSIEM features an asset discovery and profiling tool that simplifies the categorization of network assets; along with actionable reports that make it easy to zero in on the events that need the most urgent attention.

As a partner of Fortinet, you have a real opportunity to bring the value of advanced, security intelligence and event management to your customers with FortiSIEM. This FortiSIEM datasheet can give you more details on specific features and their corresponding benefits. A value-added distributor of Fortinet cybersecurity technology including FortiSIEM, Fine Tec is here to support your business. Contact us with questions.

Dec

16

Consolidated WiFi Network Access Security: A Smarter Approach for SMBs


Posted on

Hyper-connectivity, the IoT, and the device mesh are all so far ingrained in our daily lives that it’s practically impossible to do business without them. As a result, organizations of every size are continuously expanding their WiFi networks so their workforce can quickly and easily connect to the company’ network and the Internet—without the limitations of analog connections.

At the same time, employees also expect a consistent, unified access experience across all devices and applications, whether wireless or wired. Furthermore, many organizations routinely grant third parties—for example, partners, vendors and contractors—an equal amount of access to their networks so they can do their jobs uninterruptedly.

Ease of Access Comes at a Cybersecurity Cost

While ease of access is convenient, it also comes at a cybersecurity cost. With the growing prevalence of BYOD practices in the workplace, an increasing number of employee-owned devices are used to log onto organizations’ networks. These devices are notoriously lacking in security measures, effectively forming an ever-expanding attack surface for cyber threats. To complicate matters further, there’s often a lack of oversight in regard to the on- and off-boarding of third parties, which can result in unauthorized users gaining access to the network.

Concurrent with these developments, we’ve seen an alarming trend of increasingly sophisticated cyber threats targeting individuals and organizations. Existing malware is being enhanced with new technology, new threats are being developed and cyber criminals are finding ways to deploy multi-level threats to low- and high-profile targets.

Why Small to Mid-Sized Businesses Are Vulnerable

Clearly, these developments pose a wide range of new cybersecurity challenges to organizations. And among these targets, small to midsized businesses (SMBs) are the most vulnerable. According to a recent survey by Ponemon Institute, an astounding 55 percent of SMBs had experienced a cyber-attack and 50 percent had experienced a data breach in the past 12 months.

This should come as no surprise: with much lower budgets than large organizations, SMBs in general lack the financial resources and in-house IT expertise to ensure robust security. They simply don’t have the capabilities to create customized, multi-layered, segmented defenses that protect against malware and malicious connections, monitor endpoint integrity, and more.

A More Streamlined, Scalable, and Comprehensive Approach Is Needed

This is precisely why Fortinet’s unified approach to WiFi access security is a game-changer. FortiWiFi provides unified, on-premise, wired, and wireless access management combined with robust threat protection in one single platform.

It offers unprecedented visibility and control of applications and resource utilization; streamlined on- and off-boarding; an intuitive “single pane of glass” management interface; and regular signature updates from FortiGuard Labs to ensure immediate and effective protection from new cyber threats.

Last, but not least, FortiWifi is completely scalable, and can be utilized by organizations of all sizes with tens of thousands of clients—all from one centralized FortiGate control point. In short, FortiWiFi delivers world-class security at a price point that’s realistic for organizations of every size.

It should be clear that as an ISV or MSP and partner of Fortinet, you’re in the perfect position to educate your SMB clients about the protection FortiWiFi can offer their organizations. Moreover, as a value-added distributor of Fortinet cybersecurity technology, Fine Tec can support you in addressing clients’ concerns and demonstrating the potential ROI. Last, but not least, Fine Tec can provide any additional support you may need in delivering the exact configuration a client needs.

To learn more about FortiWiFi and FortiGate, contact the team at Fine Tec.