• No results found

Stormshield Network Security vs Fortinet

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Stormshield Network Security vs Fortinet"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Stormshield Network Security

vs Fortinet

(2)

Stormshield Network Security Fortinet

Performance 

Protection mechanisms provide an optimal level of security while preserving performance.

Published performance is the result of actual measurements

Published performance becomes a far cry from actual performance once protection

mecha-nisms are enabled

Log management 

Long-term log management on the whole range* (thanks to SD card storage for entry-level

appliances) * except SN150

No long-term log management on entry-level appliances

Antivirus 

Kaspersky Antivirus whose superior effective-ness has been recognized, especially against

unknown malware

Proprietary antivirus, moderate effectiveness and strong impact on performance

Connectivity

Splitting of network interface between multiple zones, hybrid mode. Up to 12 operator links supported. On appliances higher up in the range, unequaled connectivity: up to 58 interfaces on a

2U appliance

Unable to manage more than two operator links (WAN)

Vulnerability management 

Passive vulnerability scanner: constant detec-tion in traffic going through the appliance, with zero impact on teams and resources analyzed

Agent requiring deployment on all workstations or active vulnerability scanner that needs to be operated by the administrator and opens

intrusive connections

Differentiating factors

• Published performance corresponding to use in actual conditions with an optimal level of security

• Storage adapted to long-term log management through the whole range

• Recognized antivirus solution

• Vulnerable management based on an unintrusive risk-free passive scanner without additional administration expenses

• Usable network port density that can be adapted to requirements

• Advanced network features to adapt to all infrastructures

Advantages

(3)

Impact of the IPS on

performance

In general, the performance of the Fortinet range appears to be much more affected than the Storm-shield Network Security range once the IPS is enabled.

This is an important parameter to take into account in the comparative study of two appliances which may seem equivalent in terms of their firewall per-formance.

Ratio of IPS performance vs. Firewall performance

Managing

counterarguments

FORTINET APPLIANCES OFFER

BETTER FUNCTIONAL COVERAGE

Fortinet is indeed known for offering many features. However, in reality, it becomes obvious that several of these features do not always offer the expected level of quality and performance.

For example, actual performance observed is not up to par with published performance values and the antivirus is not on the same level as vendors that are references in this field.

Stormshield Network Security appliances offer a level of quality and performance on all features that would allow administrators to use them in a produc-tion environment with total peace of mind.

FORTINET HAS A MUCH RICHER APPLICATIONS

DATABASE THAN STORMSHIELD NETWORK

SECURITY DOES

In terms of quantity, indeed Fortinet has an extre-mely well furnished applications database.

However, Stormshield Network Security favors a qualitative approach. Instead of drowning the admi-nistrator in thousands of applications of little bene-fit, the database offers applications that are truly relevant for monitoring how corporate users use network resources, e.g. bandwidth-hungry strea-ming and TV channel replay sites that seriously threaten productivity or file download sites that may pose a threat to network security.

Administrators may indicate to Stormshield Network Security through a dedicated portal the applications they need and which have not yet been included in the database.

(4)

Additional

detailed information

PUBLISHED PERFORMANCE VALUES

FOR ACTUAL TRAFFIC

WITH AN OPTIMAL LEVEL OF SECURITY

According to Gartner, users often report that docu-mentation published by Fortinet publish perfor-mance values higher than those actually observed, especially once the various security processes such as antivirus or URL filtering are enabled.

Stormshield publishes performance values resul-ting from tests conducted with reputed professional devices (Spirent) when the various security mecha-nisms are enabled.

Stormshield Network Security’s proprietary IPS is subtly integrated into the core of the operating sys-tem. This enables it to perform all security processes – even complex ones – by reducing the latency caused by such processes on network packets. Likewise, Extended Web Control URL filtering gua-rantees high-quality website filtering in real time while keeping throughput high (even on entry-level appliances).

LONG-TERM LOGS AND REPORTS

ON THE WHOLE RANGE

Entry-level Fortinet appliances do not have any sto-rage peripherals, and are therefore unable to archive logs over an extended period: auditing a past event, reading reports over a long period or archiving all logs to meet legal requirements is impossible on these appliances.

The only solution lies therefore in the addition of external components (server, storage peripheral), which increases the overall acquisition and opera-ting cost of the solution.

Stormshield Network Security appliances offer, from the SN200 product upwards, the possibility of mee-ting storage and log reading requirements over time. Even on the smallest models (except SN150) wit-hout high-capacity hard disks, the addition of a simple SD card allows extending storage capacity.

The entire range therefore allows meeting all au-diting needs without any additional server or ap-pliance. Legal requirements governing the retention of logs over time will also be met.

AN ANTIVIRUS SOLUTION RECOGNIZED

FOR ITS EFFECTIVENESS

Stormshield Network Security appliances build in Kaspersky’s antivirus technology, which is a reco-gnized name on the market and outperforms Forti-net’s proprietary antivirus, as shown in independent tests http://av-comparatives.org.

Thanks to its code emulation technology, Kaspers-ky protects against viruses, malware and known and unknown attacks on programs.

UNINTRUSIVE VULNERABILITY MANAGEMENT

WITH NO ADDITIONAL ADMINISTRATION COST

Security involves the availability of as many protec-tion measures as possible, as well as proper visi-bility over the status of protected resources. Forti-net appliances offer a vulnerability scanner based either on an agent to be deployed on all machines to be monitored, or on scans performed by the Fortinet appliance to these resources.

These techniques are highly intrusive as it is as-sumed that they modify or actively draw on the network’s resources. It is therefore likely that these actions adversely affect performance or even cause malfunctions on monitored resources!

The deployment of agents or the activation (manual or programmed) of scans therefore involves both a greater administration load for operations teams as well as a significant risk to the proper operation of the fleet.

Stormshield Network Vulnerability Management technology automatically gathers information from network traffic that passes through the analysis and filtering engine. This information allows it to deter-mine the risks each user and each host represents. Reports then allow the administrator to estimate the greatest risks and then guide him through remedia-tion soluremedia-tions by indicating the necessary security

WWW.STORMSHIELD.EU

Netasq

Parc Scientifique Haute Borne - Parc Horizon, Bat 6, Avenue de l’Horizon 59650 Villeneuve d’Ascq - FRANCE

(5)

updates. These reports also allow the administrator to quickly modify the security policy applied to these resources in order to contain risks while awaiting their updates.

This unique and innovative technology does not rely on any agent or any active scan of network resources. It allows gaining greater control over the network and in-creasing its security in an unintrusive risk-free manner.

FOCUS ON…

ADVANCED NETWORK FEATURES

TO FIT INTO ALL TOPOLOGIES

On Stormshield Network Security appliances, every interface can be associated with a dif-ferent network zone, or grouped with other inter-faces (bridge) to attach several hosts belonging to the same network zone.

The appliance can therefore easily keep up with changes to the protected network. Models higher up in the range offer greater scalability thanks to extension modules that increase connectivity on appliances.

An unrivalled port density of up to 58 individual interfaces can therefore be attained on a 2U ap-pliance.

Our appliances also allow protecting networks with more specific requirements, such as mana-ging up to 12 operator links for a single appliance.

WWW.STORMSHIELD.EU

Netasq

Parc Scientifique Haute Borne - Parc Horizon, Bat 6, Avenue de l’Horizon 59650 Villeneuve d’Ascq - FRANCE

Arkoon & Netasq © Copyright 2014

Phone

+33 9 69 32 96 29

References

Download now ( PDF - 5 Page - 578.71 KB )

Related documents

Journeys and Destinations

Virginia Commonwealth University, Richmond, Virginia Studio Art (Painting and Mixed Media concentration). 1996 Bachelor of Liberal Studies in

A. Title 5, United States Code (U.S.C.), Section 552a, Records Maintained On Individuals (The Privacy Act of 1974)

Is managed to ensure that data stewards apply the standards of data governance and data quality, consistent with guidance provided by OHS advisory and oversight offices such

Detailed Guidelines for Improved Tax Administration in Latin America and the Caribbean Chapter 10. Collections

With experience and a base of statistics, the supervisor will be able to determine standard times for various activities and types of tax debts, such as the

Analysis of the Effectiveness of Traditional Versus Hybrid Student Performance for an Elementary Statistics Course

The meta- analysis determined that, on average, students in online learning conditions (this means both online and hybrid) had slightly higher performance than those students

Fortinet Secure Wireless LAN

Fortinet is a global provider of high‐performance network security solutions that provide our customers with the  power  to  protect  and  control  their 

High performance security for low-latency networks

Fortinet consolidated security platforms replace multiple security point solutions, drastically reducing the complexity and cost of network security deployment and management..

CERTIFICATION PROGRAM TRAINING NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

CERTIFIED STORMSHIELD NETWORK ADMINISTRATOR INSTRUCTOR (CSNAI) The aim of this exam is to confirm that the candidate has mastered the practical exercises in the CSNA course to the

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS ADMINISTRATION TOOLS NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Stormshield Network Centralized Mana- ger helps you to save a considerable amount of time in the daily management of large appliance infrastructures and in the deploy- ment of