Fortinet, Inc. : Fortinet™ Strengthens Database and Application Security with Major Software Release for FortiDB™ Product Family

SUNNYVALE, Calif., January 23, 2012 - Fortinet® (NASDAQ: FTNT) - a world leader in high-performance network security - today announced a major software release for its FortiDB product line that helps enable mid-to-large sized enterprises, cloud-based service providers and heavily regulated organizations to protect critically important database and application assets from internal and external threats.

The new FortiDB 4.0 MR4 operating software introduces a host of major enhancements that deliver new analytics and reporting capabilities, audit and policy extensions and advanced data collection methods. It also features real-time connection blocking and powerful usability improvements that make FortiDB appliances among the easiest to deploy in the industry. The combination of these new capabilities can substantially reduce deployment time, total cost of ownership and the complexities associated with protecting confidential data in databases and applications. FortiDB 4.0 MR4 adds these new features to its sophisticated database activity monitoring and advanced reporting that automatically document an organization's policy compliance with internally-developed policies as well as government or industry regulations such as PCI-DSS, SOX, Basel II, GLBA and HIPAA.

New Features of FortiDB 4.0 MR4

• FortiDB 4.0 MR4 provides major enhancements in five key areas:
• New Analytics & Reporting: Automates the process of baselining user activity that helps establish normal user behavior. This is a key feature because it simplifies configurations in large-scale, complex environments. When deployed in "sniffing" mode, FortiDB 4.0 MR4 automatically inspects all database traffic and builds a baseline of user activity for database administrators, developers and application users. Based on usage statistics automatically generated by FortiDB, administrators can configure policies with greater efficiency.

  With an enhanced reporting framework, administrators can now create user-defined reports on any type of data with greater granularity than ever before.

• Audit & Policy Enhancements: FortiDB 4.0 MR4 provides a new policy-based activity auditing function that allows administrators to specify exactly what they want to audit rather than having to audit entire databases. This enables administrators to obtain the relevant data they need for audits with much greater efficiency and improved productivity. The policy-based activity auditing function is tied to the FortiDB's "sniffer" data collection method.

  The new operating software also applies rules for time-range violation and suspicious client IP addresses that enable administrators to specify timeframes and IP addresses for capturing potentially malicious events. Also, to broaden the range of events that can be monitored, FortiDB 4.0 MR4 captures procedure, function and routine executions by utilizing the network sniffer-based data collection method.

  In addition, a new database query policy helps administrators implement schedule-based queries that can be easily customized to retrieve any type of data.

• Flexible, Non-Intrusive Data Collection: The new FortiDB 4.0 MR4 release optimizes data collection performance when used in TCP sniffer mode. It also provides significant performance improvements in MS-SQL trace mode and enables administrators to configure SQL-trace file settings.

  By supporting all three mainstream data collection methods - network sniffer, native audit and network protocol agents - customers can deploy FortiDB appliances in virtually every environment regardless of its complexity.

• Real-Time Protection: With the new operating software release, FortiDB appliances can enforce connection blocking. This means administrators can reset a connection when a policy is violated and can define which connection to block. It also gives administrators the ability to define the length of time for which to block a specific connection. (Blocking is available when the TCP sniffer-based data collection is implemented).
• Usability Enhancements: To simplify the administration of database and application security, FortiDB 4.0 MR4 provides a series of usability enhancements. The first is a newly designed dashboard that provides visual displays of the vulnerability assessment (VA) and database activity monitoring components of FortiDB appliances. Easy-to-read information about scheduled and active VA scans and vulnerability summaries are provided, as is a history of alerts.

  A new "system resources" widget has been added to the system information tab that displays CPU, memory and hard disk usage to keep administrators apprised of FortiDB key performance indicators. In addition, support for Asian character sets have been added including GB2312, GBK, CP936, GB18030, BIG5 and SHIFT-JIS.

"Protecting sensitive database and application assets is among the most strategic security and compliance requirements organizations face today," said Patrick Bedwell, vice president of product marketing at Fortinet. "With the release of our FortiDB 4.0 MR4 operating software, we're providing enterprises, service providers and regulated organizations with some of the most effective database security and compliance capabilities in the industry. Our customers have made it clear that deployment simplicity, lower TCO and real-time protection are key requirements. We're delivering all three with this major software release."

Availability
FortiDB 4.0 MR4 is available today.