Warning: Your Email Gateway May Not Be as Secure as You Think

Posted on

Hackers know today’s businesses run on email, and they spend a good deal of time figuring out ways to craft messages to sneak past your defenses. In the past, this may have meant blanketing several target companies with the same malware-laced mass email in the hopes of getting one or two through. But today’s email gateways are designed to recognize and stop such generic attacks pretty readily.

To up the ante, attackers have turned to custom-tailoring malware to appear as harmless, business-as-usual missives that can skip past signature- and rules-based defenses like antivirus and email gateways. They launch attacks in a variety of shapes and forms including:

  • Zero-day malware: If an attack is new and has no signature, signature-based AV can’t pick it up.
  • Low-volume: Spam filters designed to recognize and block mass, generic attacks have trouble picking up one-offs or low-volume attacks tailored to seem innocuous.
  • Clean sources: If an attack originates from a newly created or spoofed email address or IP address with a clean history, few sender reputation filters will pick it out and block it.
  • Malicious attachments: Attackers realize that email gateways can easily be set to block unusual or risky attachment types like .EXE or .LNK. Newer attacks use common document types like .DOC, .PDF or .PPT attachments, which are less likely to be blocked.
  • Masked URLs: Many URL filters will miss attacks when the malicious URL or macro is hidden in a PDF or Word document. Similarly, attackers know they can evade web scanners by sending harmless URLs but then placing malicious code behind the URL later, after it gets past the gateway.

Luckily, some secure email gateways such as Fortinet’s FortiMail are leveraging advanced techniques to thwart these custom attacks. They focus on:

  • Validating the sender: Techniques like Sender Protection Framework (SPF), Domain Keys Identified Mail (DKIM) or Domain-based Message Authentication Reporting and Conformance (DMARC) can be used to validate a sender’s identity and protect against spoofed emails.
  • Deep analysis: Using sandboxes, some gateways can extract and detonate all elements of an email attachment and safely analyze them for malicious behavior, uncovering hidden macros and executables and stripping them out prior to delivery.
  • URL redirection: Forcing URLs to be rewritten and sent through a cloud-based web gateway whenever they are clicked ensures that all URLs are scanned every time, all the time.

Security Can’t Be At The Expense Of Performance

Unfortunately, these advanced techniques can sometimes sap performance, especially in large organizations with multiple email gateways. To counter this, our partner Fortinet offers a unique approach. It involves combining the capabilities of the FortiMail gateway to recognize and block even the most sophisticated attacks with the unparalleled protection of Fortinet’s FortiADC application delivery controllers. FortiADC’s high-performance load balancing and advanced health checks ensure optimal user experience and uptime, even when multiple FortiMail appliances are in use.

As a value-added distributor for Fortinet, Fine Tec can help ensure your email gateway defenses are both bulletproof and scalable. Learn more.



How to Rock Endpoint Threat Containment

Posted on

Enterprise IT sits between a rock and a hard place.

On the one hand, the business keeps pushing IT to support new network-dependent applications, from mobile and cloud to emerging Internet of Things (IoT) initiatives. On the other hand, these deployments significantly increase network complexity and attack surfaces, as more employees demand access to critical applications from anywhere at any time using any device.

When endpoints can range anywhere from a cloud-based server to a BYOD smartphone in a coffee shop, how can IT stay ahead of emerging – and increasingly successful – endpoint threats?

The issue is compounded by the complexity of today’s defenses. While potential threats may be identified by a range of security tools, network devices or even the endpoints themselves, understanding and correlating all that information to quickly detect and stop real threats in their tracks is difficult at best.

Gap Between Time-to-Compromise and Time-to-Discover Creates Risk

In fact, Verizon’s most recent Data Breach Investigations Report (DBIR) found that while attackers are compromising systems faster, enterprises are detecting them slower, with the gap between time to compromise and time to detect now averaging 77%.

Worse, the gap translates to actual business losses in productivity, brand and even revenue with new data from IBM finding the cost of a breach has risen to $4 million per incident — up 29% since 2013. The same data also underscores the need for rapid, effective incident response with IBM also reporting that simply having an incident response team in place lowered the cost per stolen record by as much as $16.

Closing Security Gap Takes a Collaborative Approach

To get a better handle on endpoint threats, organizations need to take a different approach, one that’s more collaborative and can automatically triage alerts and incident response across siloed security, network operations and endpoint management teams. Our partner, Fortinet, understands the issue and has partnered with Bradford Networks so that we can offer our customers just such an approach.

Bradford’s Network Sentry solution coupled with Fortinet’s next-generation FortiGate firewalls and FortiSandbox platforms enable IT to identify and contain compromised endpoints in just seconds through:

  • Next-generation security capabilities: When a compromised endpoint connects to the corporate network and tries to open up a command-and-control channel back to an attacker, for example, FortiGate and FortiSandbox immediately detect and block the callback.
  • Collaborative communications: The Fortinet tools alert Network Sentry that an endpoint is engaging in risky network behavior.
  • Contextual correlation: Network Sentry uses its live inventory of network connections to automatically correlate the suspect IP address with its user name and endpoint profile. This enables IT to accurately and automatically identify and isolate the endpoint.
  • Fast, automated response: IT can then choose, in real time, to isolate, restrict or block compromised endpoints based on user profile and business criticality. They can also ensure this policy is automatically shared among all network and security tools so that the right policy is applied at the right time to all endpoints, no matter where or how they connect.

As a value-added distributor for Fortinet, Fine Tec can help ensure your customers contain any and all endpoint threats quickly, accurately and effectively. Learn more.



Secure Access Architecture Solution- Secure Your Weakest Link

Posted on

Organizations are changing the way they deploy access networks, connect devices, and enable business applications to address a number of challenges:

  • The number and types of network-connected wireless devices and mobile applications continue to grow exponentially, presenting new vulnerabilities and increasing the attack surface.
  • Users want fast Wi-Fi and a smooth experience across wired and wireless networks.
  • IT needs reduced complexity of network management, application management, and device management.

Fortinet is the only company with security solutions for network, endpoint, application, data center, cloud, and access designed to work together as an integrated security fabric to provide true end-to-end protection. Our Secure Access Architecture extends security policies to the very edge of the network where most vulnerabilities target. FortiAP and FortiSwitch communicate to the rest of the network, with FortiGate at the core. With one operating system across the entire network, customers get better visibility and awareness with simplified management.

Learn more at

Secure Access Campaign



Fortinet’s secure access architecture ensures the same award winning security that is validated by independent certification agencies is available to every type of Wi-Fi deployment, from a stand-alone AP in an isolated office, to a handful of APs in a retail store to thousands of APs deployed across a large enterprise campus.

Three distinctly different WLAN offerings are available: an Integrated wireless solution in which WLAN control and security are combined on a single high-performance appliance; an Infrastructure wireless solution made up from best-of-breed wireless, switching and security components; and third, a Cloud Wi-Fi solution which embeds security intelligence into cloud-managed access points.


What’s New?

Technology Shifts Are Driving Need for Secure Network Access

  • The enterprise sector will account for 39% of the roughly 23 billion active IoT devices by the year 2019 accordingly to a 2015 Business Insider report. With most IoT devices having limited or no security, this presents a significant increase in the points of network vulnerability.
  • BYOD, and its associated security risks, continues to grow rapidly, with half of companies surveyed telling Gartner that they planned to move exclusively to BYOD for smartphones in 2017

What Is the Market Opportunity?

  • Cross-sell Fortinet’s Secure Access solutions to existing customers that want to extend security policies to the edge of the network
  • Penetrate new accounts through a unique combination of unified wireless and wired, with integrated security from an industry leader
  • Sell Fortinet’s cloud-managed Wi-Fi solution (AP-S) to SMB and distributed enterprise organizations, such as restaurant or retail chains, branch offices, medical clinics, and schools

Why Buy?

Fortinet’s Secure Access Architecture offers:

  • Unified management of wired, wireless and security
  • Intuitive “single pane of glass” management interface
  • Comprehensive, integrated threat protection
  • Unmatched visibility and control of applications and utilization
  • Security kept up to date through regular signature updates from FortiGuard Labs

Target Audience

IT Managers, directors, or CIO/CSOs at mid-market or enterprise organizations that are expanding or upgrading their Wi-Fi and/or switch network and are concerned about security at the access layer.

To learn more about SWAT/SAA, please attend our upcoming webinar on Nov 16th. 



Securing Enterprise Networks from Rapidly Increasing Malicious Attacks

Posted on


Securing the Enterprise NetworksEnterprise organizations are appealing targets for hackers. These networks can provide everything from valuable personal data profiles, to financial and research data – all valuable commodities on the dark web.  The interest in targeted enterprise attacks has increased dramatically, with the number of enterprise users attacked by cyber threats almost doubling from 7% in 2014 to 13% in 2015.[i]

With the rise of BYOD and IoT devices, enterprise wired and wireless networks are experiencing a dramatic increase in the size of their attack surface. With the average cost of a data breach reaching a staggering $4 million,[ii] enterprise organizations should re-evaluate whether the network and devices accessing the network are protected as part of a comprehensive security posture.

Why is the Enterprise a Target?

Enterprise organizations offer hackers a large attack surface, valuable data and a history of not being able to detect breaches in a timely manner. The average network data breach remains undetected for 229 days[iii] — making enterprise organizations appealing targets, as the hacker can be long gone before a breach is ever discovered. Enterprise organizations offer hackers:

  • A large volume of data. Across industries, there is a high volume of personal data, as well as potential social security numbers, credit card information, corporate research, insider information and medical or other financial data.
  • Numerous network and data access points. With today’s global economy, enterprise organizations generally have a number of diverse geographic locations, satellite offices and access points. In addition to diverse locations, most enterprise organizations have partners, such as service centers, cloud service suppliers and other outsourced service suppliers that also have access to the network. The amount of access points and the variety of enterprise information hackers can target is staggering.
  • High volumes of network users. Enterprise organizations frequently have a large number of employees, partners and guests accessing the network onsite and from remote locations. These busy, high-traffic networks make it easier for hackers to hide.
  • Disparate silos of information and security. Many enterprise organizations grow through acquisition. This can mean multiple silos of information, as well as different software and security standards in multiple locations. Diverse systems are time-consuming and challenging to manage, which can lead to delays in security patches, inadequate network oversight, slow triage of security events, difficulty finding contextual information and much more.

Providing a secure environment with such a high number of access points and an extremely busy network is a huge challenge. With thousands of alerts per day, and sometimes overwhelming network traffic, many enterprise organizations are looking for an overarching and comprehensive security solution.

Securing Enterprise Networks

The good news is that Bradford Networks product, Network Sentry, is a leading Security Automation and Orchestration solution that accommodates the diverse technologies and geographic locations challenges presented by enterprise networks. Our complete security solution offers:

  • Comprehensive Endpoint and Network Visibility with full context
  • Dynamic Network Access Control
  • Automated Threat Response and Containment

Network Sentry helps manage the entire network security lifecycle, from beginning to end, and integrates with your existing security solutions to further enhance and secure your network. Our solution covers these three stages of network security oversight:

  1. Visibility. You can’t solve a problem unless you can see it. We provide complete network visibility – including profiles for every endpoint and device on your network to ensure you can track and monitor all activity. Every BYOD, IoT, corporate or guest device that connects to your network is profiled so you can see every endpoint and user who accesses the network.
  2. Control. Once you have profiles for all devices and endpoints, Network Sentry provides the invaluable context around each connection and event. This data enables us to provide policy-based network access control, historical and contextual data to analyze and prioritize security alerts and dynamically adjust network access for vulnerable or compromised endpoints. Our platform saves enterprise organizations a significant amount of time with scalable onboarding of thousands of employees, guests and partners in a short period of time. Network access can be provisioned by selecting a standard or pre-defined profile rather than individually configuring privileges for each user.
  3. Response. With most enterprise organizations receiving thousands of security alerts per day, we help streamline and triage the threat alert review process for your security analysts. Network Sentry eliminates error-prone manual intervention and streamlines multi-step workflows to enable automated response for security events, ticketing systems integration and end-point containment. Our software ingests security events from third-party threat prevention, detection and vulnerability assessment solutions, applies context to identify and prioritize critical events and automatically undertakes pre-defined threat containment actions to mitigate risks of data breach.

With historical roots and proven success in the Education space that typically operates like a “wild-west” in terms of compatibility with variety of endpoint and network devices, requiring large scale onboarding, and support for multiple campus networks, Network Sentry is especially well suited for enterprises that demand product stability, scalability and integrations with leading security solutions.

For more information on securing enterprise networks, watch our video: Securing the “Internet of Things” When Everything has an IP Address, or contact us at 1-888-891-9988.



Enhancing Network Visibility On Dynamic Threat Landscapes

Posted on

The constantly changing threat landscape is fueling an arms race between cyber guardians and cyber criminals. As cyberattack surfaces expand, and with new threats coming on the scene almost daily, how can you deliver customers the intelligence and visibility to know their cybersecurity solution can keep up?

It’s an important question, especially as more enterprises adopt emerging mobile, cloud and Internet-of-Things (IoT) initiatives. While they produce key business gains, these new initiatives also leave enterprises open to a variety of new security threats, including:

  • Data breaches: Mobile and bring-your-own-device (BYOD) initiatives can end up with employees accessing and storing critical corporate data on unmanaged or personally owned devices, opening multiple avenues for attack.
  • Shadow IT: When cloud applications are purchased by business units without IT’s knowledge or approval, critical data ends up stored across several cloud environments, all of them unmanaged and outside of IT’s control.
  • Lack of network visibility: Few IoT devices were built with security in mind, and even fewer can be configured with anti-malware or other security applications, creating even more vulnerabilities across the corporate network.

More Tools Leads To Less Security

Faced with these new threats, many information security teams decide to take a defense-in-depth approach and layer on additional point security tools – each aimed at a different application type or new vulnerability – in the hopes of shoring up the gaps. In fact, Gartner predicts global spending on information security will grow to $81.6 billion by 2016, an increase of 7.9% over 2015.

Unfortunately, all these layered on tools lead to more complexity, which in turn, actually leads to less security. As teams rush to deploy and manage tools to prevent every possible attack, they end up being stretched too thin, inundated with competing alerts and ultimately missing key indicators of compromise.  

Cyber Threat Assessment Helps Set Security Priorities

A better approach is to deploy cybersecurity strategically to optimize protection and efficiency – without putting a drain on resources. This means performing regular cyber threat assessments (CTAs) that help set the right priorities, and adapt security controls to best protect and mitigate against the threats that are most likely, costly and impactful. A good CTA:

  • Helps customers prioritize information security threats, understand likely attack techniques and evaluate the capability of controls to prevent, detect and respond to an attack.
  • Assesses each threat against the potential impact to the business, by assessing how systems and applications are used and determining their relative importance to the business as a whole.

Intelligence-Based Cybersecurity Optimizes Protection

Businesses already are buying into the advantages of intelligence-based cybersecurity and focusing a significant part of cybersecurity budgets on driving it. IDC finds the largest areas of growth in security spending are security analytics and threat intelligence (in addition to mobile and cloud security).

Our partner Fortinet offers complimentary CTAs to help your customers start from a position of knowledge. In addition, its FortiAnalyzer enables them to take that knowledge and hone it over time by quickly correlating network events, drilling down into suspicious activities and providing clear, end-to-end visibility across the entire network.

As a value-added distributor of Fortinet cybersecurity products, Fine Tec can help you ensure your customers are prioritizing security based on intelligence. Learn more.



Help Your Customers Reap the Gains IoT Flexibility Brings – Without the Risks

Posted on

The Internet of Things (IoT) provides flexibility to use information in ever more powerful, efficient ways. But as the  IoT expands, it also introduces new security and privacy challenges. Are your customers’ security postures flexible enough to protect systems and data from the risks?

IoT is everywhere—from smart home devices like thermostats and door locks, to smart cars with apps that tell you when to change the oil, to fitness trackers that push you to take more steps each day.

While increasingly common in the consumer space, the IoT is also proliferating throughout the modern business world, as enterprises learn more about its potential to streamline processes, increase revenue and cut costs. Business Insider (BI) estimates that a total of $6 trillion will be invested in IoT solutions over the next five years, with enterprises poised to invest $3 billion and reap an ROI of $7.6 billion between 2015 and 2025.

Enterprise interest in the IoT is being fueled primarily by the flexibility it offers for sharing, using, storing and analyzing data in different ways and places. For example, BI predicts that by 2020, IoT will be big business in:

  • Oil/gas/mining: The industry will deploy 5.4 million IoT devices to provide critical data such as environmental metrics at extraction sites.
  • Agriculture: Up to 75 million IoT sensors will be used to track soil acidity, temperatures and other variables to improve crop yields.
  • Retail: Beacons paired with mobile apps will track consumer behavior and push just-in-time ads, generating an estimated $44.4 billion.
  • Healthcare: The industry will implement 646 million connected devices to handle tasks such as monitoring health issues and regulating/administering medications, reducing costs while improving patient outcomes.  

IoT Flexibility Adds To Network Complexity

Unfortunately, while all of this IoT data and flexibility enables your customers to bolster the bottom line, it also adds to network complexity. Enterprise networks must now support hundreds and even thousands of IoT devices, all of which communicate different data sets from different places at different times and frequencies, adding to congestion and bandwidth concerns.

In addition, many IoT devices are headless and run only the simplest of communications protocols. This hinders their ability to run security agents easily or be patched efficiently, which opens up a slew of new attack surfaces and threat vectors. In fact, a recent HP Fortify study found that common IoT devices on average had 25 vulnerabilities per device.

Attackers know this. With recent hacks proving how attackers can take control of vehicles remotely, spy on your toddler via a baby monitor or send you into cardiac arrest by manipulating your pacemaker, it’s only a matter of time before a major breach of an enterprise IoT deployment makes headlines.

Centralized Control Secures IoT, Preserves Flexibility

Securing IoT while preserving its flexibility to boost revenue, cut costs and deliver ROI requires an approach that enhances visibility, improves response times and helps manage growth. Fortinet’s FortiManager does just that, with centralized control and single-pane-of-glass management, enabling comprehensive logging and reporting, as well as consistent policies and monitoring across thousands of FortiOS-enabled devices. Isn’t it time to recommend Fortinet FortiManager to your customers?

As a value-added distributor for Fortinet, Fine Tec can help ensure your customer’s IoT initiatives remain flexible, profitable and secure. Learn more.



Fortinet Recognized by Gartner as a Visionary in Wired and Wireless LAN Access Infrastructure Magic Quadrant

Posted on

August 2016 – Special Edition- Gartner Magic Quadrant Recognition Updates

In This Edition:

Gartner Magic Quadrant Recognition

  • Gartner Magic Quadrant for the Wired and Wireless LAN Access Infrastructure, August 2016
  • Gartner Magic Quadrant Unified Threat Management (UTM), August 2016
  • Gartner Magic Quadrant Enterprise Network Firewalls, May 2016
  • Gartner Magic Quadrant Web Application Firewalls (WAF), July 2016


Fortinet a Visionary in Gartner Magic Quadrant for the Wired & Wireless LAN Access Infrastructure

It’s been a couple years since Fortinet was last in Gartner’s August 2016 Magic Quadrant for the Wired and Wireless LAN Access Infrastructure, Gartner has recognized Fortinet as a Visionary. We believe this is a great position for Fortinet to be in, which we feel shows the investment and forward thinking of our wired and wireless portfolio, strategy and vision, and our market penetration.

For more information on Fortinet and why we believe Fortinet is recognized in  Gartner’s Wired & WLAN MQ, contact Douglas Ramos or Ron Davis.

Fortinet a Leader in Gartner Magic Quadrant for Unified Threat Management (UTM)

Fortinet is now recognized for the 6th consecutive year in Gartner’s August 2016 MQ for UTM. Fortinet is listed in the “Leaders” quadrant, positioned the furthest for execution and vision.

Continued investment and innovation in our flagship FortiGate, along with integrated wired and wireless networking components among others, we feel helped us maintain the position as a Leader, positioned the furthest for execution and vision.  

For more information on why we believe Fortinet is a Leader in Gartner’s UTM MQ, contact David Finger, Nirav Shah or Ron Davis

Fortinet a challenger in Magic Quadrant for Enterprise Network Firewalls 

The Gartner Magic Quadrant for Enterprise Network Firewalls was released in May 2016, and we believe Fortinet’s results show our strategic motions and product innovations have moved us in the right direction – towards the upper right. Fortinet now straddle the line between the Challengers and Leaders Quadrant, and have been positioned the furthest for execution and vision in the Challengers quadrant.   This is the first time Fortinet has landed on the line, leaning slightly into the Leaders Quadrant, and we should be proud of this accomplishment.

For more information why Fortinet believe they are have been recognized  on Gartner’s Enterprise Network Firewalls MQ, contact Dan Cole or Ron Davis

Fortinet a Challenger in Gartner Magic Quadrant for Web Application Firewalls

In the July 2016 Gartner Magic Quadrant for Web Application Firewalls, Fortinet has moved significantly from 2015 as a “Niche Player” to now a Challenger in the enterprise WAF marketplace with our FortiWeb product line. Fortinet believes their continued sales momentum, new features and enterprise-grade performance are moving the needle in the right direction for FortiWeb. 

For more information on why Fortinet beleive they have improved in Gartner’s WAF MQ, contact Mark Byers or Ron Davis

Note: given that market maturity, no further updates to the June 2015 Magic Quadrant for Secure Email Gateway are planned by Gartner.

For more information, contact David Finger or Ron Davis

For questions, contact Fine Tec on or call 1-888-891-9988

Gartner Disclaimer
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.



How to Simplify WLAN Security in Complex Mobile Network Environments

Posted on

Wireless local-area networks (WLANs) are on the rise as more enterprises embrace a mobile-first strategy, — relying on mobile applications, bring-your-own-device (BYOD) programs and the Internet of Things (IoT) to run their business. Unfortunately, WLAN security is having trouble keeping pace. As your customers struggle with deploying and managing a variety of ad hoc WLAN security tools and applications, consider introducing them to Fortinet’s simplified approach to WLAN security.

Wireless local-area networks (WLANs) are on the rise as more enterprises embrace a mobile-first strategy; relying on mobile applications, bring-your-own-device (BYOD) programs and the Internet of Things (IoT) to run their business. Unfortunately, WLAN security is having trouble keeping pace. As your customers struggle with deploying and managing a variety of ad hoc WLAN security tools and applications, consider introducing them to Fortinet’s simplified approach to WLAN security.

In today’s business world, wired LANs are no longer the de facto enterprise network of choice. While the worldwide WLAN market grew 4.5% year-over-year in Q1 2016, the enterprise WLAN market virtually exploded, growing nearly double that during the same quarter at a year-over-year rate of 8.6%, reports IDC.

WLANs Lucrative Targets for Cyber Attack

As WLANs run more mission-critical, Internet-facing applications and provide access to an increasingly wider range of mobile and IoT devices, they also become lucrative targets for attackers looking to exploit even the smallest vulnerabilities using advanced persistent threats.

Enterprises know this and try to layer on security to address new issues as they arise, only to find themselves struggling to deploy and manage a complex variety of tools and deal with a sea of competing alerts. To cut through the noise and truly secure their networks end-to-end, mobile-first enterprises need to simplify. This is an opportunity to promote the advantages of Fortinet’s FortiSwitch Secure access solution that offers:

  • Complete visibility and control with consistent application and device policies across both wired and wireless environments and multiple devices per user. When a user or device connects to a port, FortiSwitch first identifies and authenticates it, prior to granting access via predefined security policies. Since all policies are managed directly from the integrated FortiGate Network Security Platform, FortiSwitch provides total visibility and control over all users and devices, regardless of how they connect.
  • Outstanding performance. WLAN security is no good if its implementation slows the business down to a halt. FortiSwitch’s dedicated Gigabit Ethernet ports ensure your customers can support the high-performance needs of emerging IoT and mobile applications.
  • Simplified convergence. Mobile-first enterprises struggle with the complexity of managing multiple networks for voice, data and mobile traffic. With its support for VLAN segmentation, FortiSwitch supports converged voice, data and wireless traffic on a single network platform, significantly easing management and control.
  • Network segmentation. FortiSwitch also integrates with Fortinet’s Internal Segmentation Firewall, enabling mobile-first organizations to segment off critical resources to ensure that malware affecting one can’t spread to others, effectively breaking the chain of infection.
  • Easy management. Through its integration with the FortiGate family of firewalls and network security appliances, FortiSwitch enables enterprises to manage their entire converged end-to-end network security from a single pane of glass, significantly improving visibility and response.

As partner of Fortinet, you’re in ideal position to provide more value to your customers by helping them streamline and fine tune their cybersecurity infrastructure to more easily address IoT and mobile technology risks. Fine Tec is a value-added distributor of leading cybersecurity products from Fortinet. Contact us if you’d like to know more.




FortiClient Announcement- FortiClient v5.4.1

Posted on

For Fortinet’s Partners and Customers–

With the release of FortiClient version 5.4.1 on June 24th, customers will enjoy important new features such as vulnerability management, endpoint awareness, compliance and enforcement within FortiGate and Fortinet’s Security Fabric, and more.

At the same time, important enhancements have been made to Enterprise Management Server (EMS) which provides end-to-end endpoint deployment, registration, management and monitoring at an enterprise scale. You can centrally administer endpoint Antivirus, Web Security, Remote Access (IPsec and SSL VPN), Application Firewall, Vulnerability Scan and related advanced features. You can also remotely trigger AV scans and quarantine infected endpoints. Note, with version 5.4.1, EMS will provide sole management of FortiClients.

Please refer to FortiClient v5.4.1 release notes for details on these new enhancements –

How am I impacted?

Customers using FortiClient and FortiOS versions prior to v5.4.1 are not be impacted. Customers using FortiClient and FortiOS v5.4.1 will no longer be able to use FortiGate for FortiClient management. EMS is required for FortiClient management. Our team understands the change this inconvenience has caused you as a FortiClient customer managing endpoint security via FortiGate and is offering a free EMS license to customers who have licensed FortiClient through FortiGate before July 1st, 2016.

What do I need to do?

Please log into your FortiCare account and download your free EMS license. Step-by-step instructions:

1. Go to and logon to your account.

2. On the top navigation, go to ‘Asset > Manage/View Products’. Find the newly listed EMS with a Serial Number FCTEMSxxx’ with a description “EMS for FortiOS 5.2 to 5.4 Upgrade”.

3. Click on this serial number and you will be taken to the product detail page. On the right navigation, click on ‘General’ and you will notice the Hardware ID is empty. FortiClient Announcement FortiClient v5.4.1 For Fortinet’s Partners and Customers FORTINET PAGE 2

4. Click on the ‘Edit’ button and input the Hardware ID1 and then hit ‘Save’. Once done, click on ‘License and Key’ in the right navigation panel then click ‘Get The License File’ with the following description ‘FortiClient Enterprise Management Server Endpoint License (expiration date: total number of seats: )’

1 To obtain the Hardware ID, refer to FortiClient EMS – Administration Guide version 1.0.1, under ‘Licensing and registering FortiClient EMS’ Chapter.

Should you have any question or concern, please contact your local representative for assistance or contact us.



Deliver a Next-Generation Firewall to Fight New-Generation Threats

Posted on

Short Summary: How do you offer customers protection from the onslaught of billions of connected devices knocking on their networks’ door? With network attack surfaces being as large as they are — and with the vast majority of cyber attacks inflicted by internal threats — you need to help customers bring their security up to par.

Robots in the warehouse? Smart meters? Wearable medical devices? Today, just about every “thing” can connect to a computer over the Internet. Technology consulting firm Gartner estimates that 6.4 billion connected devices will be in use worldwide this year, and predicts that number will grow to nearly 21 billion by 2020.

The Internet of Things (IoT) boosts productivity in just about every industry. But consider the security risks. If just about anything can be connected, then just about anything connected can be hacked.

This begs the question: How do you offer customers protection from the onslaught of billions of connected devices knocking on their networks’ door? With network attack surfaces being as large as they are — and with the vast majority of cyber attacks inflicted by internal threats — you need to help customers bring their security up to par.

Conventional Firewalls Can’t Stand Up To Advanced Threats

Before the IoT revolution, the standard go-to technology was a firewall to monitor traffic going in and out of the network.

But conventional firewalls lack the stamina to stand up to the onslaught of communications through billions of connected devices. It’s no longer enough to “patch” spotty security holes; or rely on technology that can’t protect data or secure connections between the network and devices. Next Generation Firewalls (NGFWs) have emerged to address these shortcomings by offering:

360-degree Visibility

Traditional firewalls monitor traffic from OSI Layers 2 through 4, which doesn’t help when attacks enter through layers 5 to 7. NGFWs offer full network visibility by monitoring layers 2 to 7, so you can stop small threats from escalating to big disasters.

Pattern and Behavior Detection

An Intrusion Protection System (IPS) detects attacks through threat signatures and other methods, checking for anomalies in traffic patterns and analyzing behavior. Traditional firewalls monitor traffic without actually inspecting it, requiring IT to add an IPS as a separate appliance. For example, if a packet comes in on Port 80 (HTTP), a traditional firewall assumes it’s HTTP traffic, giving hackers an opening to infiltrate the network with malicious programs and code disguised as HTTP traffic.

NGFWs, on the other hand, have IPS technology built in. They don’t believe everything they see, and can detect traffic patterns and behaviors to stop hackers before they get in the door.

High Performance at Low-latency

NGFWs deliver high firewall performance with low latency, even down to 2 microseconds. With a content processor that works outside direct traffic, they offer high-speed cryptography and content inspection without separate appliances.

The Power of Next Generation Firewalls

With more and more devices connecting to networks, your customers need an information security platform that provides effective data protection and high network performance simultaneously. Next-generation firewalls are the answer.

A partner of Fortinet, you can deliver a state-of-the-art NGFW solution that performs at wire speeds and is validated by independent testing authorities. Let us know how we can help.

Fine Tec is a value-added distributor of leading cybersecurity products from Fortinet.