Fortinet
Type | Public (NASDAQ: FTNT) |
---|---|
Industry | Network security & Computer security & Wireless |
Founded | 2000 |
Headquarters | Sunnyvale, California |
Key people |
Founder and CEO: Ken Xie Founder and CTO: Michael Xie |
Products | FortiGate Unified threat management (UTM), Next-generation firewall, Firewalls, Antivirus, Intrusion-prevention system, Antispyware, Antispam, VPN, Virtualization, Wireless (WLAN) Security, Application Control, Web filtering, Content-control software |
Revenue | US$ $533.64 million (2012) |
Employees | 2,100+ (Q2 2013) |
Website | fortinet.com |
Fortinet is an American company that specializes in network security appliances. Fortinet’s flagship product line is sold under the brand name of FortiGate. Fortinet was founded in 2000 by Ken Xie, the founder and former president and CEO of NetScreen and is a publicly held company (in NASDAQ under the ticker symbol FTNT, as of November 18, 2009). Fortinet's position as the revenue leader in Unified Threat Management (UTM) has been validated by IDC several times over.[1]
Fortinet is an international company, headquartered in Sunnyvale, California. Fortinet distributes its systems and subscription-based services using the Channel partner sales method, having over 1,500 worldwide.
In March 2013, Fortinet acquired Coyote Point Systems, an application delivery controller (ADC) manufacturer.[2]
Product overview
Fortinet offers a variety of products including network, content, and application security gateways for small and medium enterprises, data center, government, service provider and large enterprise environments. The company provides numerous products that comprise 24 product lines.
Some Fortigate products prompt users to accept a new root level Fortigate SSL certificate then act as an intermediate instead of connecting the user directly to their intended end SSL server (e.g. Yahoo's mail server). This is necessary in a Unified Threat Management context where total control over incoming malware and viruses is a key attribute. Older corporate firewalls either blocked the HTTPS port completely (preventing users from using their Internet banking from work for example), or they allowed HTTPS but could not filter the encrypted data stream for security threats such as viruses, or breaches of IT policy such as accessing porn from the office.
It is noteworthy, however, that this process is itself a man-in-the-middle technology approach as used by hackers of many types. While this may be a man-in-the-middle attack approved or instructed by office IT managers, there are risks associated with asking or forcing users to accept a new root level certificate in order to achieve their expected functionality. One is privacy related: it is up to the implementing party to inform their users that their SSL protection is compromised compared to use outside the corporate network (see reference to Myanmar below). The second is a social-engineering aspect: the more users are expected to surrender their encryption protection to "trustworthy" corporate, school or hotel firewalls on a regular basis, the more likely they are to get used to just pressing 'connect' when prompted with some future maliciously intended root certificate. (There is also the risk that if the Fortigate certificate itself were compromised, or its presence exploited, a malicious attacker would have full access to the user's SSL data as the user has already accepted the root level Fortigate certifate).[3] [4]
US government sanctions violation
According to the OpenNet Initiative,[5] FortiGuard is used by the dictatorship of Myanmar to block communications critical of the regime carried over the Internet, a system known as the Myanmar Wide Web.[6] Fortinet has promised to investigate the allegations, and the implied violation of US government sanctions against the regime, noting that the software may have been sold to the regime by a third party;[7] meanwhile, the Myanmar government features its adoption of the Fortinet firewall on its official website[8] with other photos showing a Fortinet sales director presenting a gift to the Myanmar Prime Minister during a ceremony.[8] In 2005, after becoming aware that its product may have reached Myanmar, Fortinet conducted an exhaustive review of channel partners and their compliance with import/export controls. The company implemented additional back-end controls which now render a product useless if it is diverted without appropriate authorizations to a party located in a U.S. sanctioned country.
GPL violations
In 2005, the gpl-violations.org project uncovered evidence that Fortinet had used GPL code in its products against the terms of the license, and used cryptographic tools to conceal the violation. The violation was alleged to have occurred in the FortiOS system, which the gpl-violations.org project said contained elements of the Linux kernel. In response, a Munich court granted a temporary injunction against the company, preventing it from selling products until they were in compliance with the necessary license terms;[9] Fortinet was required to make the source code of GPL portions of their FortiOS freely available in compliance with GPL licensing.[10]
See also
References
- ↑ "FFortinet Named Leader of Worldwide Unified Threat Management Market for 23rd Consecutive Quarter by Leading Market Research Firm". 2012-01-11.
- ↑ Kontzer, Tony (2013-03-27). "Fortinet Acquires ADC Vendor Coyote Point". networkcomputing.com. Retrieved 2013-08-06.
- ↑ "Vulnerability Summary for CVE-2012-4948". NIST. 2013-02-26.
- ↑ "FortiGate: man-in-the-middle attack". vigilance.fr. 2012-05-11.
- ↑ "Internet Filtering in Burma in 2005: A Country Study". October 2005. Retrieved 2013-08-06.
- ↑ Zeller, Tom, Jr (2005-10-12). "Study Says Software Makers Supply Tools to Censor Web".
- ↑ Thomson, Iain (2005-10-19). "Fortinet investigates sanctions busting claim". Archived from the original on 2007-11-25. Retrieved 2013-08-06.
- ↑ 8.0 8.1 "Prime Minister attends ceremony to introduce Fortinet Antivirus Firewall". 2004-05-16. Archived from the original on 2010-01-25. Retrieved 2013-08-06.
- ↑ "gpl-violations.org project was granted a preliminary injunction against Fortinet UK Ltd.". gpl-violations.org. 2005-04-14.
- ↑ "Index of /pub/vendors/Fortinet/20050514". gpl-devices.org. 2005-05-22.