Hot!FortiGuard Virus Outbreak Protection Service

Author
rami78
New Member
  • Total Posts : 5
  • Scores: 0
  • Reward points: 0
  • Joined: 2017/11/19 05:04:06
  • Status: offline
2018/01/03 00:34:00 (permalink)
0

FortiGuard Virus Outbreak Protection Service

I saw this "new" license option on Fortimail OS 5.4, however i cannot find any documentation online about how it works exactly and how it differs from regular antivirus which is already licensed
 
Anyone have any idea?
#1

12 Replies Related Threads

    Carl Windsor_FTNT
    Fortinet
    • Total Posts : 249
    • Scores: 42
    • Reward points: 0
    • Joined: 2012/05/02 03:09:16
    • Location: United Kingdom
    • Status: offline
    Re: FortiGuard Virus Outbreak Protection Service 2018/01/03 02:28:29 (permalink)
    5 (3)
    FortiGuard Virus Outbreak Protection Service provides several additional layers of protection in addition to the existing FortiGuard AV:
    • Real-time Data Analytics on FortiGuard Network queries to quickly detect and react to new outbreaks
    • Global sandbox intelligence
    • Pre-signature FortiGuard hashes
    • Pre-signature Cyberthreat Alliance hashes
    We had previously used this service internally to identify new samples for introduction into the AV engine however, due to the nature of email where the risk of false positive is lower than e.g on a desktop (files can just be quarantined rather than potentially disrupting the OS), we can afford to be more aggressive with our detection and block these suspected threats in real-time before AV signatures are available.    We have seen that this service is providing a valuable additional level of protection above normal AV at times of a new, previously unknown outbreak.

    Dr. Carl Windsor
    Field Chief Technology Officer
    Fortinet
    #2
    Hosemacht
    Bronze Member
    • Total Posts : 53
    • Scores: 1
    • Reward points: 0
    • Joined: 2017/04/18 04:06:13
    • Location: Austria
    • Status: offline
    Re: FortiGuard Virus Outbreak Protection Service 2018/01/24 23:23:58 (permalink)
    0
    Hi there,
     
    thanks for the explanation but makes this any sense if i have a fortisandbox cloud service already?
     
    Regards
    #3
    Carl Windsor_FTNT
    Fortinet
    • Total Posts : 249
    • Scores: 42
    • Reward points: 0
    • Joined: 2012/05/02 03:09:16
    • Location: United Kingdom
    • Status: offline
    Re: FortiGuard Virus Outbreak Protection Service 2018/01/25 02:20:28 (permalink)
    0
    Absolutely.  This check is almost instant like our AV check.  It is better to stop threats quickly without loading the FortiSandbox which may take several minutes to queue and explode and detect in the sandbox.

    Dr. Carl Windsor
    Field Chief Technology Officer
    Fortinet
    #4
    wafikmaher
    New Member
    • Total Posts : 7
    • Scores: 2
    • Reward points: 0
    • Joined: 2018/01/06 13:04:31
    • Status: offline
    Re: FortiGuard Virus Outbreak Protection Service 2018/02/28 03:31:38 (permalink)
    0
    Sounds Good, but if there is any Reference to explain those 4 Benefits in more details, things will be more clear.
    #5
    rmoreno_FTNT
    New Member
    • Total Posts : 4
    • Scores: 2
    • Reward points: 0
    • Joined: 2018/04/03 14:51:53
    • Status: offline
    Re: FortiGuard Virus Outbreak Protection Service 2018/05/22 16:17:14 (permalink)
    5 (1)
    Hi!
     
    I have two questions about this topic:
     
    1. When customers migrate from FortiOS 5.4 to FortiOS 6.0, do they automatically have VOS and CDR activated if they had purchased Enterprise Bundle?
     
    2. How does the VOS service defines which files will be hashed for sending their hash to FortiSandbox cloud? Doest FortiGate sends a hash of all the files to FortiSandbox cloud?
     
    Many thanks
     
    Rodrigo
     
     
    #6
    Carl Windsor_FTNT
    Fortinet
    • Total Posts : 249
    • Scores: 42
    • Reward points: 0
    • Joined: 2012/05/02 03:09:16
    • Location: United Kingdom
    • Status: offline
    Re: FortiGuard Virus Outbreak Protection Service 2018/05/29 05:08:07 (permalink)
    0
    1.. If the customer purchased the enterprise bundle in Q2 and have been running this since with 5.4, yes when the upgrade they will get VOS and CDR on upgrade.
     
    2.  The VOS scan happens before the FortiSandbox scan and will rate the file as unknow or bad.  This scan does not impact whether the file gets sent to the Sandbox unless it is a known bad sample and is therefore blocked.
     

    Dr. Carl Windsor
    Field Chief Technology Officer
    Fortinet
    #7
    alejandrol
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/12/17 05:54:38
    • Status: offline
    Re: FortiGuard Virus Outbreak Protection Service 2018/12/17 05:59:44 (permalink)
    0
    Apologies for returning to this topic late.
    I find hard to get information about activating this service. According to what you explained in your previous post, the service is not included in the BDL for those who purchased or renewed FortiGuard services before Q2'18, right?
    Why Fortinet provide services outside the BDL?
    Thanks in advance
    #8
    Carl Windsor_FTNT
    Fortinet
    • Total Posts : 249
    • Scores: 42
    • Reward points: 0
    • Joined: 2012/05/02 03:09:16
    • Location: United Kingdom
    • Status: offline
    Re: FortiGuard Virus Outbreak Protection Service 2018/12/17 06:30:52 (permalink)
    0
    >the service is not included in the BDL for those who purchased or renewed FortiGuard services before Q2'18, right?
     
    Correct.  You can check whether this is included in your license by logging into FortiCare and looking for the FortiGuard Virus Outbreak Protection Service entitlement.
     
    >Why Fortinet provide services outside the BDL?
     
    It was a newly added feature so it wasn't part of the bundle.   In Q2, we created new base and enterprise and included this entitlement in both.
    For pre-Q2 without this entitlement, it can be added a la carte with the 150 SKU e.g. for the FML 200E
     
    FC-10-FE20E-150-02-DDFortiGuard Virus Outbreak Protection Service 
     

    Dr. Carl Windsor
    Field Chief Technology Officer
    Fortinet
    #9
    alejandrol
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/12/17 05:54:38
    • Status: offline
    Re: FortiGuard Virus Outbreak Protection Service 2018/12/17 07:13:52 (permalink)
    0
    I understand, but it seems not to be 100% clear for Fortinet TAC.
    I work as a product manager on a enterprise which is Fortinet Gold Partner. In Q4 price list, the BDL does include the VOS service:

    Hardware plus 24x7 FortiCare and FortiGuard Base Bundle
    Hardware Unit, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, 24x7 FortiCare Support, FortiGuard AS & AV, FortiGuard Virus Outbreak Protection, FortiSandbox Cloud, Click Protect (FECP), Content Disarm & Reconstruction, Business Email Compromise, Identity Based Encryption, Data Loss Prevention, Archiving plus term of contract
     
    Also if you read pag. 8 from this article: https://docs.fortinet.com/uploaded/files/4445/fortimail-v6.0.0-release-notes.pdf it says that the service should be included on basic BDL.
     
    Just to be clear, I'm not trying to convence you, but I'm having different answers from Fortinet, some says it's included, others says it's not.



    #10
    Carl Windsor_FTNT
    Fortinet
    • Total Posts : 249
    • Scores: 42
    • Reward points: 0
    • Joined: 2012/05/02 03:09:16
    • Location: United Kingdom
    • Status: offline
    Re: FortiGuard Virus Outbreak Protection Service 2018/12/17 07:32:09 (permalink)
    0
    What you have pasted above confirms exactly what I stated. 
     
    The "Base Bundle" and "Enterprise ATP Bundle" are the names for the new bundles available since Q2 and include the Virus Outbreak Service. 
     
    Prior to Q2, there were 8x5 and 24x7 Bundles and these did not include the Virus Outbreak Service.  If you want to add Virus Outbreak to these historic bundles it can be added a la carte and aligned with the existing licenses via a coterm.
     
     
     

    Dr. Carl Windsor
    Field Chief Technology Officer
    Fortinet
    #11
    alejandrol
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/12/17 05:54:38
    • Status: offline
    Re: FortiGuard Virus Outbreak Protection Service 2018/12/17 07:40:43 (permalink)
    0
    First of all, thanks for your patience, I really appreciate.
     
    I understand what you said, but what happen with the renewal services?, If I renewed my FortiGuard services before Q2, then I won't have the VOS service. But if I do after Q2, I'll have the service available. Am I right?
    #12
    Carl Windsor_FTNT
    Fortinet
    • Total Posts : 249
    • Scores: 42
    • Reward points: 0
    • Joined: 2012/05/02 03:09:16
    • Location: United Kingdom
    • Status: offline
    Re: FortiGuard Virus Outbreak Protection Service 2018/12/17 13:52:53 (permalink)
    0
    Correct, assuming you renew with the new Bundle SKUs e.g.
     
    FC-10-FExxx-640-02-DD     24x7 FortiCare and FortiGuard Base Bundle Contract
    FC-10-FExxx-641-02-DD     24x7 FortiCare and FortiGuard Enterprise ATP Bundle Contract
     

    Dr. Carl Windsor
    Field Chief Technology Officer
    Fortinet
    #13
    Jump to:
    © 2019 APG vNext Commercial Version 5.5