fortinet maxtec

FortiEDR Product Details

FortiEDR is the only endpoint protection solution that provides both comprehensive machine-learning anti-malware execution and real-time post-infection protection. From day one, it automatically detects and defuses potential threats in real time even on already infected hosts. The defusing post-infection protection layer controls outbound communications and file systems modifications to prevent data exfiltration, lateral movement and C2 communications, as well as file tampering and ransomwares.

With automated EDR functions for threat hunting and incident response, FortiEDR eliminates the breach response time gap, dwell time, and alert fatigue. Additionally, it protects systems and supports broad OS coverage workstations, servers, and virtual machines, including legacy operating and embedded systems.

FortiEDR Overview

Advanced attacks can take just minutes, if not seconds, to compromise the endpoints. First-generation endpoint detection and response (EDR) tools simply cannot keep pace. They require manual triage and responses that are not only too slow for fast moving threats but they also generate a huge volume of indicators that burden already overstretched security teams. Further, legacy EDR tools drive up the cost of security operations and can slow processes, negatively impacting business.

FortiEDR delivers advanced, real-time threat protection for endpoints both pre- and post-infection. It proactively reduces the attack surface, prevents malware infection, detects and defuses potential threats in real time, and can automate response and remediation procedures with customizable playbooks. FortiEDR helps organizations stop breaches in real-time automatically and efficiently, without overwhelming security teams with a slew of false alarms or disrupting business operations.

Download the Solutions Brief

Secure SD-WAN

As the use of business-critical, cloud-based applications and tools continue to increase, distributed organizations with multiple remote offices are switching from performance-inhibited wide-area networks (WANs) to SD-WAN. SD-WAN is a software-defined wide-area network architecture to enable digital innovations. SD-WAN solutions transform an organization’s capabilities by leveraging the corporate WAN as well as multi-cloud connectivity to deliver high-speed application performance at the WAN Edge of branch sites. SD-WAN provides a dynamic path selection between—MPLS, 4G/5G, or broadband—ensuring organizations can quickly and easily access business-critical cloud applications. But SD-WAN solutions don’t provide in-built security which is critical for direct internet access. Secure SD-WAN enables organizations to enable NGFW with SD-WAN in simplified offering.

Application Awareness

With traditional WAN solutions, organizations suffer a less than ideal quality of experience and have a hard time delivering high-performance bandwidth for critical applications. Since legacy WAN architectures rely on packet routing, they lack in-depth application visibility. SD-WAN solutions, however, intelligently identify applications on the very first packet of data traffic. Network teams gain the visibility they need about which applications are used most widely across the organization, which helps them make smarter, more well-informed decisions and policies.

Application Awareness

With traditional WAN solutions, organizations suffer a less than ideal quality of experience and have a hard time delivering high-performance bandwidth for critical applications. Since legacy WAN architectures rely on packet routing, they lack in-depth application visibility. SD-WAN solutions, however, intelligently identify applications on the very first packet of data traffic. Network teams gain the visibility they need about which applications are used most widely across the organization, which helps them make smarter, more well-informed decisions and policies.

Application Awareness

With traditional WAN solutions, organizations suffer a less than ideal quality of experience and have a hard time delivering high-performance bandwidth for critical applications. Since legacy WAN architectures rely on packet routing, they lack in-depth application visibility. SD-WAN solutions, however, intelligently identify applications on the very first packet of data traffic. Network teams gain the visibility they need about which applications are used most widely across the organization, which helps them make smarter, more well-informed decisions and policies.

Download the Solutions Briefs

Secure Remote Access for Your Workforce at Scale

The ability to securely support a remote workforce is an essential component of any organization’s business continuity and disaster recovery plan. An organization may be incapable of sustaining normal operations onsite, due to a power outage or similar event, or illness or flooding may make it unsafe for employees to travel onsite.

In these scenarios, an organization must be capable of supporting secure, remote connectivity to the corporate network. For over 400,000 Fortinet customers, their existing technology deployment already contains this functionality. FortiGate NGFWs have integrated support for IPsec VPNs, enabling secure connectivity for employees working from alternate work sites.

Securing the Remote Workforce with FortiGate NGFWs

The IPsec and SSL VPNs integrated into every FortiGate NGFW offer an extremely flexible deployment model. Remote workers can either take advantage of a clientless experience or gain access to additional features through a thick client built into the FortiClient endpoint security solution. Power users and super users would benefit from deploying a FortiAP or a FortiGate NGFW for additional capabilities.

Fortinet customers that deploy FortiGate solutions in the cloud, on-premise, or at remote locations are able to take advantage of its single pane of glass management, enabling the control and orchestration of multiple firewalls across locations to establish and maintain consistent security and user experience. Fortinet understands that business performance largely depends on user productivity, access to content and applications, at any location, at any time. With remote access and the ability to manage performance across locations using Secure SD-WAN as a core capability the Fortinet Security Fabric securely provides flexible options for mobile and fixed access to cloud resources at massive scale.


Stop Ransomware & Phishing and Protect the Entire Business from Infection and Spread

Ransomware continues to be the prevailing form of malware used by attackers for illicit gain and to cause disruption. For many organizations, the loss of critical business cycles and revenues from systems that have ground to a halt far outweigh the price of the ransom itself. With so many potential points of entry, businesses need complete security to ward off this ongoing threat.

The Fortinet Security Fabric brings end-to-end security to organizations of all sizes to prevent ransomware across all points of entry. Powered by intelligence from FortiGuard Labs, Fortinet combines market-leading prevention, detection and mitigation with top-rated threat intelligence to combat today’s most advanced threats.

One-Time Password Application Software Token

FortiToken Mobile: An application for iOS or Android providing strong authentication security without additional hardware.

  • OATH compliant, time-based OTP
  • No hardware necessary

Passwords alone don’t keep unwanted guests out of your network. Password-only authentication has led to security breaches, malware infections, and policy violations. With two-factor authentication, a password is used along with a security token and authentication server to provide far better security.  Authorized employees can access company resources safely using a variety of devices, ranging from laptops to mobile phones.

FortiToken Mobile is an application for iOS or Android that acts like a hardware token but utilises hardware the majority of users posses, a mobile phone.

FortiToken Mobile includes:

  • Reduced costs by leveraging existing FortiGate as the authentication server
  • Minimised overhead with unique online activation option
  • A scalable solution for low entry cost and low total cost of ownership

Enterprise Firewall

FortiGates are Security Fabric enabled, providing the broad visibility, automated protection and integrated threat intelligence required to protect the valuable assets and data of organizations worldwide.

FortiGate includes:

  • Consolidated, validated highest efficacy advanced security services
  • Real-time response based on threat intelligence to protect any point of vulnerability in the network
  • Integrated audit and compliance services to improve cybersecurity
  • Industry’s fastest SSL inspection engine to help protect against malware hiding in encrypted traffic
  • Single-pane-of-glass management to simplify deployment and enable consistent security policies with granular control and visibility
  • Multiple network deployments – as a next-generation firewall, data center firewall, internal segmentation firewall, or high speed firewall and VPN

Virtualized Next-Generation Firewall

To provide consistently top-rated security, greater visibility, and unmatched performance, FortiGate virtual appliances give you the unique combination of the most advanced threat intelligence from FortiGuard Labs with a common FortiOS Operating System, simplifying management across physical, virtual, and cloud deployments.

FortiGate virtualized next-generation firewalls include:

  • Top-rated protection with FortiGuard security services as tested by NSS Labs, Virus Bulletin, and AV-Comparatives
  • East-west traffic visibility with granular control of applications, devices, and users
  • Simplified security with easy-to-manage, single platform across physical, virtual, and cloud
  • Actionable reports to enforce policies, understand targeted attacks, and meet compliance
  • Support for all major hypervisor, cloud, and SDN platforms
  • Flexible licensing and provisioning to support on-demand consumption (via service providers)

Secure Wi-Fi

Large campuses, distributed enterprises, and small businesses all have diverse WLAN architecture needs but also a common requirement for security. That’s why Fortinet provides a full suite of WLAN products as part of our Secure Access solution designed to address the unique requirements of every organization.

Configuration and control of your wireless environment can be done directly with a FortiGate or via our Wireless LAN controllers.  Fortinet also offers FortiManager and FortiCloud as management solutions for the entire Fortinet security fabric.

Fortinet Secure Wi-Fi includes:

  • Single-pane-of-glass management for wireless, wired, and security policies
  • Zero-touch deployment – no requirement for onsite tech support
  • Simplicity of the cloud with integrated UTM service in AP (FortiAP S-Series)
  • Industry-leading customer analytics and engagement tools for retailers


While traditionally deployed as software on-premises and more recently as an easier-to-manage physical appliance, one of the fastest-growing preferences is to select a SEG as a cloud service. This could be a SaaS offering managed by an expert security vendor or as a public cloud service that offers cloud scalability with the policy control of a virtual appliance.

FortiMail includes:

  • Consistently demonstrated 99%+ antispam effectiveness to save employee time
  • Top-rated anti-malware protection (including sandboxing) to stop ransomware, phishing, and other email attacks
  • Robust data loss prevention (DLP) features, including predefined dictionaries, identifiers, and digital fingerprinting to simplify compliance with privacy regulations
  • Identity-based encryption to securely deliver messages containing sensitive data
  • Integrated email archiving to meet legal and regulatory retention requirements as well as e-discovery

Intrusion Prevention System (IPS)

Whether part of a firewall solution or a separate standalone appliance, Intrusion Prevention Systems (IPS) technology is becoming an increasingly ubiquitous part of network security defenses. The protection offered by deep IPS inspection into network traffic is key to stopping today’s sophisticated and targeted attacks.

FortiGate IPS includes:

  • Deep inspection for advanced threats, botnets, zero days and targeted attacks on the network
  • Independent third-party validation to demonstrate superior detection and best price performance
  • Innovative security processor (SPU) technology for high-performance network throughput and deep security inspection
  • Seamless integration – appliance or cloud service – with world-class sandboxing for advanced threats
  • Special security controls for web servers and applications, including cross-site scripting and SQL injection
  • Data protection controls to prevent sensitive data exfiltration


With the increasing volume and sophistication of cyber-attacks, it takes only one threat to slip through security for a data breach to occur. CISOs have adopted sandboxing as an essential component of their security strategies to help combat previously unknown threats.

While attack surfaces are becoming more dynamic due to the rise of IoT and cloud-based services, a continuing shortage of cyber security talent is driving organizations to integrate sandboxing with greater controls and a high degree of automation.

FortiSandbox includes:

  • Critical protection against advanced and emerging threats
  • Broad integration with Fortinet and third-party security solutions to help protect an organization’s dynamic attack surface
  • Automated sharing of threat intelligence in real time to disrupt attacks early in the cycle without human intervention
  • Flexible form factors to help support various industry requirements

Protecting Your Public Cloud Workloads with Next-Generation Security

The Fortinet Security Fabric delivers consistent end-to-end policies and scales security bandwidth across multiple cloud platforms.

Cloud Firewall includes:

  • Comprehensive advanced security for leading public cloud platforms
  • End-to-end security orchestration and management

Web Application Firewall

Unprotected web applications are the easiest point of entry for hackers and vulnerable to a number of attack types. Our multi-layered and correlated approach protects your web apps from the OWASP Top 10 and more. Our Web Application Security Service from FortiGuard Labs uses information based on the latest application vulnerabilities, bots, suspicious URL and data patterns, and specialized heuristic detection engines to keep your applications safe from:

  • Sophisticated threats such as SQL injection, cross-site scripting, buffer overflows, and cookie poisoning
  • Malicious sources
  • DoS attacks

FortiWeb includes:

  • Vulnerability scanning and patching
  • IP reputation, web application attack signatures, credential stuffing defense, anti-virus, and FortiSandbox Cloud powered by FortiGuard
  • Real-time attack insights and reporting with advanced visual analytics toolsIntegration with FortiGate and FortiSandbox for ATP detection
  • Behavioral attack detection
  • Advanced false positive and negative detection avoidance

Secure Switching

FortiSwitch Data Center and Secure Access Switches offer a broad portfolio of secure, simple, and scalable Ethernet solutions for applications that range from desktop to data center. Our Secure Access and Data Center Switches can be managed standalone or integrate directly into the Fortinet Security Fabric via the FortiLink protocol. FortiLink is a key supporting technology of the FortiSwitch, which enables its ports to become logical extensions of our FortiGate security appliance.

Secure switching includes:

  • Security features to protect vulnerable infrastructure with no slowdown
  • Data separation compliance with network segmentation
  • FortiLink port-level network access option, centrally manageable from any FortiGate
  • Ability to enable voice, data, and wireless traffic across a single network
  • High scalability with 1/10 GE or 40 GE port density

Application Delivery Controller

With bandwidth demand growing faster than budgets and cyber-attacks constantly on the rise, it can be challenging to securely and efficiently deliver applications at the speed your users expect. Fortinet Application Delivery Controller (ADC) appliances optimize the availability, user experience, and scalability of enterprise application delivery. They enable fast, secure, and intelligent acceleration and distribution of even the most demanding enterprise applications.

FortiADCs include:

  • Security processor (SPU)-accelerated SSL offloading
  • Application-aware traffic management
  • 24×7 application availability through automatic failover, global server load balancing, and link load balancing to optimize WAN connectivity
  • Web application firewall
  • Bandwidth prioritization with Quality of Service (QoS)
  • Custom scripting

FortiGate Secure Web Gateway

The FortiGate SWG protects against web attacks with URL filtering, visibility and control of encrypted web traffic via SSL inspection, and application of granular web application policies. Fortinet is the first and only security vendor to earn Virus Bulletin’s VBWeb certification for web filtering effectiveness. With FortiGate SWG you can realize the benefits of a secure web gateway, while reducing the complexity of maintaining one.

FortiGate SWG includes:

Visibility into encrypted web traffic

Flexible deployment modes covering inline, explicit, and transparent deployments

Authentication of users and enforcement of compliance restrictions using granular web application policies

Integration with NSS Recommended FortiSandbox and FortiClient endpoint technology to protect users from advanced attacks

Network Security Management

Security teams globally are challenged by resource constraints, both in terms of the number of staff and raw security talent. Moreover, security teams are asked to do more, often in more complex networks and with growing numbers of alerts from multiple systems. Successful security teams allay these challenges by implementing three best practices. First, they demand simplified configuration management, shortening deployment time and mitigating misconfiguration due to human error. Second, they build their environment for a single point of inspection, creating the big picture perspective that focuses them on real priorities. Third, they implement next-level analysis to cut through the noise and leverage their own security expertise.

Fortunately, these security operations best practices are embodied in the Fortinet management solution which includes, FortiAnalyzer, FortiManager and FortiCloud.



The complexity of managing network and security operations is resulting in increases in breaches worldwide.  Discovery, isolation, and remediation of these incidents are measured in hundreds of days. And with a dwindling pool of skilled cyber security personnel able to manage the wide array of devices and data sources to protect their network assets, success requires a new approach.

FortiSIEM provides organizations of all sizes with a comprehensive, holistic, and scalable solution for security, performance, and compliance management, from IoT to the cloud.

FortiSIEM includes:

  • Asset Self-Discovery for adaptive awareness of the threat landscape
  • Rapid integrations and scalability for an ever-changing network environment
  • NOC & SOC analytics for rapid detection of potential threats
  • Mult-tenancy for MSPs and segmented enterprise domains
  • Single pane of glass view for consolidated visibility
cyber threat assessment fortinet

Identity Access Management

Establishing identity through secure authentication is important for implementing an effective security policy. Many of today’s most damaging security breaches have been due to users being provided with inappropriate levels of access, or worse—compromised static passwords.

Identity Access Management includes:

  • Intuitive, centralized authentication and authorization services that establish identity in the implementation of security policy
  • Single-sign-on (SSO) for both web/cloud and network resources
  • Two-factor strong authentication and management
  • Guest, BYOD, and certificate management
  • Simple deployment and licensing
fortinet south africa


Distributed Denial of Service (DDoS) attacks are ever-evolving and use a variety of technologies. To successfully combat these attacks, you need a dynamic, multi-layered security solution. FortiDDoS protects from both known and zero day attacks with very low latency. It’s easy to deploy and manage, and includes comprehensive reporting and analysis tools.

FortiDDoS includes:

  • 100% security processor (SPU)-based layer 3, 4, and 7 DDoS protection application-aware traffic management
  • Behavior-based DDoS protection to eliminate need for signature files
  • Minimal false-positive detections through continuous threat evaluation
  • Ability to monitor hundreds of thousands of parameters simultaneously
  • Defense against every DDoS attack: bulk volumetric, layer 7 application, and SSL/HTTPS
  • Attack protection for DNS services via specialized tools


The proliferation of Internet of Things (IoT) devices, has made it necessary for organizations to improve their visibility into what is attached to their networks. They need to know every device and every user accessing their networks. IoT devices enable digital transformation initiatives and improve efficiency, flexibility, and optimization. However, they are inherently untrustworthy, with designs that prioritize low-cost over security. FortiNAC provides the network visibility to see everything connected to the network, as well as the ability to control those devices and users, including dynamic, automated responses.  

Request a Free Cyber Threat Assessment Below and one of our consultants will get back to you to.

Fortinet Security Fabric

Organizations today require a fast and secure network to be successful. Whether or not you have the right protection immediately responding to threats throughout your network can determine if your business runs smoothly or is the victim of a security breach.

Fortinet is the only company with an architectural approach that unifies the security technologies deployed across the digital network, including multi-cloud, endpoints, email and web applications, and network access points, into a single security system designed as an integrated and collaborative security fabric. This also means we are the only company that can truly provide you with a powerful, integrated end-to-end security solution across the entire attack surface.

To enable an effective defense, the data and security elements across all of your various environments must be well-integrated, able to share intelligence, and visible. The Fortinet Security Fabric gives you control, integration, and easy management of security across your entire organization, from IoT to the cloud.