SOURCE: Fortinet


January 23, 2012 09:00 ET

Fortinet™ Strengthens Database and Application Security With Major Software Release for FortiDB™ Product Family

FortiDB 4.0 MR4 Adds Critical Features for Enhanced Auditing, Analytics, Real-Time Blocking, Reporting, Data Collection and Ease-of-Use

SUNNYVALE, CA--(Marketwire - Jan 23, 2012) - Fortinet® (NASDAQ: FTNT) -- a world leader in high-performance network security -- today announced a major software release for its FortiDB product line that helps enable mid-to-large sized enterprises, cloud-based service providers and heavily regulated organizations to protect critically important database and application assets from internal and external threats.

The new FortiDB 4.0 MR4 operating software introduces a host of major enhancements that deliver new analytics and reporting capabilities, audit and policy extensions and advanced data collection methods. It also features real-time connection blocking and powerful usability improvements that make FortiDB appliances among the easiest to deploy in the industry. The combination of these new capabilities can substantially reduce deployment time, total cost of ownership and the complexities associated with protecting confidential data in databases and applications. FortiDB 4.0 MR4 adds these new features to its sophisticated database activity monitoring and advanced reporting that automatically document an organization's policy compliance with internally-developed policies as well as government or industry regulations such as PCI-DSS, SOX, Basel II, GLBA and HIPAA.

New Features of FortiDB 4.0 MR4
FortiDB 4.0 MR4 provides major enhancements in five key areas:

  • New Analytics & Reporting: Automates the process of baselining user activity that helps establish normal user behavior. This is a key feature because it simplifies configurations in large-scale, complex environments. When deployed in "sniffing" mode, FortiDB 4.0 MR4 automatically inspects all database traffic and builds a baseline of user activity for database administrators, developers and application users. Based on usage statistics automatically generated by FortiDB, administrators can configure policies with greater efficiency.

    With an enhanced reporting framework, administrators can now create user-defined reports on any type of data with greater granularity than ever before.

  • Audit & Policy Enhancements: FortiDB 4.0 MR4 provides a new policy-based activity auditing function that allows administrators to specify exactly what they want to audit rather than having to audit entire databases. This enables administrators to obtain the relevant data they need for audits with much greater efficiency and improved productivity. The policy-based activity auditing function is tied to the FortiDB's "sniffer" data collection method.

    The new operating software also applies rules for time-range violation and suspicious client IP addresses that enable administrators to specify timeframes and IP addresses for capturing potentially malicious events. Also, to broaden the range of events that can be monitored, FortiDB 4.0 MR4 captures procedure, function and routine executions by utilizing the network sniffer-based data collection method.

    In addition, a new database query policy helps administrators implement schedule-based queries that can be easily customized to retrieve any type of data.

  • Flexible, Non-Intrusive Data Collection: The new FortiDB 4.0 MR4 release optimizes data collection performance when used in TCP sniffer mode. It also provides significant performance improvements in MS-SQL trace mode and enables administrators to configure SQL-trace file settings.

    By supporting all three mainstream data collection methods -- network sniffer, native audit and network protocol agents -- customers can deploy FortiDB appliances in virtually every environment regardless of its complexity.

  • Real-Time Protection: With the new operating software release, FortiDB appliances can enforce connection blocking. This means administrators can reset a connection when a policy is violated and can define which connection to block. It also gives administrators the ability to define the length of time for which to block a specific connection. (Blocking is available when the TCP sniffer-based data collection is implemented).

  • Usability Enhancements: To simplify the administration of database and application security, FortiDB 4.0 MR4 provides a series of usability enhancements. The first is a newly designed dashboard that provides visual displays of the vulnerability assessment (VA) and database activity monitoring components of FortiDB appliances. Easy-to-read information about scheduled and active VA scans and vulnerability summaries are provided, as is a history of alerts.

    A new "system resources" widget has been added to the system information tab that displays CPU, memory and hard disk usage to keep administrators apprised of FortiDB key performance indicators. In addition, support for Asian character sets have been added including GB2312, GBK, CP936, GB18030, BIG5 and SHIFT-JIS.

"Protecting sensitive database and application assets is among the most strategic security and compliance requirements organizations face today," said Patrick Bedwell, vice president of product marketing at Fortinet. "With the release of our FortiDB 4.0 MR4 operating software, we're providing enterprises, service providers and regulated organizations with some of the most effective database security and compliance capabilities in the industry. Our customers have made it clear that deployment simplicity, lower TCO and real-time protection are key requirements. We're delivering all three with this major software release."

FortiDB 4.0 MR4 is available today.

About Fortinet (
Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2011 Fortune Global 100. Fortinet's flagship FortiGate product delivers ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet's broad product line goes beyond UTM to help secure the extended enterprise - from endpoints, to the perimeter and the core, including databases and applications. Fortinet is headquartered in Sunnyvale, Calif., with offices around the world.

Copyright © 2012 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and unregistered trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiManager, FortiMail, FortiClient, FortiCare, FortiAnalyzer, FortiReporter, FortiOS, FortiASIC, FortiWiFi, FortiSwitch, FortiVoIP, FortiBIOS, FortiLog, FortiResponse, FortiCarrier, FortiScan, FortiDB and FortiWeb. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Nothing in this news release constitutes a warranty, guaranty, obligation or contractual commitment by or on behalf of Fortinet. This news release may contain forward-looking statements that involve uncertainties and assumptions. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Any stated expectations regarding these trends may not ultimately be correct. Fortinet assumes no obligation to update any forward-looking statements, and expressly disclaims any obligation to update these forward-looking statements.


Contact Information