FortiGuard Virus Outbreak Protection Service

Forum|Forum|8 years ago
January 3, 2018
1 reply
20188 views

I saw this "new" license option on Fortimail OS 5.4, however i cannot find any documentation online about how it works exactly and how it differs from regular antivirus which is already licensed

Anyone have any idea?

Carl_Windsor_FTNT

Staff

FortiGuard Virus Outbreak Protection Service provides several additional layers of protection in addition to the existing FortiGuard AV:

[ul]

Real-time Data Analytics on FortiGuard Network queries to quickly detect and react to new outbreaks

Global sandbox intelligence

Pre-signature FortiGuard hashes

Pre-signature Cyberthreat Alliance hashes[/ul]

We had previously used this service internally to identify new samples for introduction into the AV engine however, due to the nature of email where the risk of false positive is lower than e.g on a desktop (files can just be quarantined rather than potentially disrupting the OS), we can afford to be more aggressive with our detection and block these suspected threats in real-time before AV signatures are available. We have seen that this service is providing a valuable additional level of protection above normal AV at times of a new, previously unknown outbreak.

Hosemacht

Explorer

Hi there,

thanks for the explanation but makes this any sense if i have a fortisandbox cloud service already?

Regards

Carl_Windsor_FTNT

Staff

Absolutely. This check is almost instant like our AV check. It is better to stop threats quickly without loading the FortiSandbox which may take several minutes to queue and explode and detect in the sandbox.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded