Fortinet: Difference between revisions

Fortinet, Inc.
Company type	Public (Nasdaq: FTNT)
Industry	Network security & Computer security & Wireless
Founded	2000
Headquarters	Sunnyvale, California
Key people	Founder and CEO: Ken Xie; Founder and CTO: Michael Xie
Products	FortiGate Unified threat management (UTM), Next-generation firewall, Firewalls, Antivirus, Intrusion-prevention system, Antispyware, Antispam, VPN, Virtualization, Wireless (WLAN) Security, Application Control, Web filtering, Content-control software
Revenue	US$ $533.64 million (2012)
Number of employees	2,100+ (Q2 2013)
Website	fortinet.com

Browse history interactively

← Previous edit Next edit →

Content deleted Content added

VisualWikitext

Inline

Revision as of 23:55, 31 March 2014

Fortinet is an American multinational corporation that sells high performance network security solutions^[1]. Fortinet’s flagship product line is sold under the brand name of FortiGate. Fortinet was founded in 2000 by Ken Xie, the founder and former president and CEO of NetScreen and is a publicly held company (in NASDAQ under the ticker symbol FTNT, as of November 18, 2009). Fortinet's position as the revenue leader in Unified Threat Management (UTM) has been validated by IDC several times over.^[2]

Fortinet is an international company, headquartered in Sunnyvale, California. Fortinet distributes its systems and subscription-based services using the Channel partner sales method, having over 1,500 worldwide.

In April 2011, Fortinet acquired TalkSwitch, a VoIP (Voice over IP) manufacturer ^[3]

In March 2013, Fortinet acquired Coyote Point Systems, an application delivery controller (ADC) manufacturer.^[4]

Product overview

Fortinet offers a variety of products including network, content, and application security gateways for small and medium enterprises, data center, government, service provider and large enterprise environments. The company provides numerous products that comprise 24 product lines.

Some Fortunate products prompt users to accept a new root level Fortigate SSL certificate then act as an intermediate instead of connecting the user directly to their intended end SSL server (e.g. Yahoo's mail server). This is necessary in a Unified Threat Management context where total control over incoming malware and viruses is a key attribute. Older corporate firewalls either blocked the HTTPS port completely (preventing users from using their Internet banking from work for example), or they allowed HTTPS but could not filter the encrypted data stream for security threats such as viruses, or breaches of IT policy such as accessing porn from the office.

It is noteworthy, however, that this process is itself a man-in-the-middle technology approach as used by hackers of many types. While this may be a man-in-the-middle attack approved or instructed by office IT managers, there are risks associated with asking or forcing users to accept a new root level certificate in order to achieve their expected functionality. One is privacy related: it is up to the implementing party to inform their users that their SSL protection is compromised compared to use outside the corporate network (see reference to Myanmar below). The second is a social-engineering aspect: the more users are expected to surrender their encryption protection to "trustworthy" corporate, school or hotel firewalls on a regular basis, the more likely they are to get used to just pressing 'connect' when prompted with some future maliciously intended root certificate. (There is also the risk that if the Fortigate certificate itself were compromised, or its presence exploited, a malicious attacker would have full access to the user's SSL data as the user has already accepted the root level Fortigate certifate).^[5] ^[6]

US government sanctions violation

According to the OpenNet Initiative,^[7] FortiGuard is used by the dictatorship of Myanmar to block communications critical of the regime carried over the Internet, a system known as the Myanmar Wide Web.^[8] Fortinet has promised to investigate the allegations, and the implied violation of US government sanctions against the regime, noting that the software may have been sold to the regime by a third party;^[9] meanwhile, the Myanmar government features its adoption of the Fortinet firewall on its official website^[10] with other photos showing a Fortinet sales director presenting a gift to the Myanmar Prime Minister during a ceremony.^[10] In 2005, after becoming aware that its product may have reached Myanmar, Fortinet conducted an exhaustive review of channel partners and their compliance with import/export controls. The company implemented additional back-end controls which now render a product useless if it is diverted without appropriate authorizations to a party located in a U.S. sanctioned country.

GPL violations

In 2005, the gpl-violations.org project uncovered evidence that Fortinet had used GPL code in its products against the terms of the license, and used cryptographic tools to conceal the violation. The violation was alleged to have occurred in the FortiOS system, which the gpl-violations.org project said contained elements of the Linux kernel. In response, a Munich court granted a temporary injunction against the company, preventing it from selling products until they were in compliance with the necessary license terms;^[11] Fortinet was required to make the source code of GPL portions of their FortiOS freely available in compliance with GPL licensing.^[12]

References

^ Cite error: The named reference Fortinet-Dec-2013-10-K was invoked but never defined (see the help page).
^ "FFortinet Named Leader of Worldwide Unified Threat Management Market for 23rd Consecutive Quarter by Leading Market Research Firm". 2012-01-11.
^ "Fortinet Acquires TalkSwitch to Further Expand into Multi-Service Business Gateway Market". 2011-04-27.
^ Kontzer, Tony (2013-03-27). "Fortinet Acquires ADC Vendor Coyote Point". networkcomputing.com. Retrieved 2013-08-06.
^ "Vulnerability Summary for CVE-2012-4948". NIST. 2013-02-26.
^ "FortiGate: man-in-the-middle attack". vigilance.fr. 2012-05-11.
^ "Internet Filtering in Burma in 2005: A Country Study". October 2005. Retrieved 2013-08-06.
^ Zeller, Tom, Jr (2005-10-12). "Study Says Software Makers Supply Tools to Censor Web".{{cite web}}: CS1 maint: multiple names: authors list (link)
^ Thomson, Iain (2005-10-19). "Fortinet investigates sanctions busting claim". Archived from the original on 2007-11-25. Retrieved 2013-08-06. {{cite web}}: Unknown parameter |deadurl= ignored (|url-status= suggested) (help)
^ ^a ^b "Prime Minister attends ceremony to introduce Fortinet Antivirus Firewall". 2004-05-16. Archived from the original on 2010-01-25. Retrieved 2013-08-06. {{cite web}}: Unknown parameter |deadurl= ignored (|url-status= suggested) (help)
^ "gpl-violations.org project was granted a preliminary injunction against Fortinet UK Ltd". gpl-violations.org. 2005-04-14.
^ "Index of /pub/vendors/Fortinet/20050514". gpl-devices.org. 2005-05-22.

External links

Official website

[Fortinet-Dec-2013-10-K-1] Cite error: The named reference Fortinet-Dec-2013-10-K was invoked but never defined (see the help page).

[2] "FFortinet Named Leader of Worldwide Unified Threat Management Market for 23rd Consecutive Quarter by Leading Market Research Firm". 2012-01-11.

[3] "Fortinet Acquires TalkSwitch to Further Expand into Multi-Service Business Gateway Market". 2011-04-27.

[4] Kontzer, Tony (2013-03-27). "Fortinet Acquires ADC Vendor Coyote Point". networkcomputing.com. Retrieved 2013-08-06.

[5] "Vulnerability Summary for CVE-2012-4948". NIST. 2013-02-26.

[6] "FortiGate: man-in-the-middle attack". vigilance.fr. 2012-05-11.

[7] "Internet Filtering in Burma in 2005: A Country Study". October 2005. Retrieved 2013-08-06.

[8] Zeller, Tom, Jr (2005-10-12). "Study Says Software Makers Supply Tools to Censor Web".{{cite web}}: CS1 maint: multiple names: authors list (link)

[9] Thomson, Iain (2005-10-19). "Fortinet investigates sanctions busting claim". Archived from the original on 2007-11-25. Retrieved 2013-08-06. {{cite web}}: Unknown parameter |deadurl= ignored (|url-status= suggested) (help)

[myanmar-gov-10] "Prime Minister attends ceremony to introduce Fortinet Antivirus Firewall". 2004-05-16. Archived from the original on 2010-01-25. Retrieved 2013-08-06. {{cite web}}: Unknown parameter |deadurl= ignored (|url-status= suggested) (help)

[11] "gpl-violations.org project was granted a preliminary injunction against Fortinet UK Ltd". gpl-violations.org. 2005-04-14.

[12] "Index of /pub/vendors/Fortinet/20050514". gpl-devices.org. 2005-05-22.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

@@ Line 18: / Line 18: @@
 {{Refimprove section|date=December 2012}}
-'''Fortinet''' is an American company that specializes in [[network security]] appliances. Fortinet’s flagship product line is sold under the brand name of FortiGate. Fortinet was founded in 2000 by [[Ken Xie]], the founder and former president and CEO of [[NetScreen Technologies|NetScreen]] and is a publicly held company (in NASDAQ under the ticker symbol FTNT, as of November 18, 2009). Fortinet's position as the revenue leader in [[Unified Threat Management]] (UTM) has been validated by [[International Data Corporation|IDC]] several times over.<ref>{{cite web
+'''Fortinet''' is an American [[multinational corporation]] that sells high performance [[network security]] solutions<ref name="Fortinet-Dec-2013-10-K"/>. Fortinet’s flagship product line is sold under the brand name of FortiGate. Fortinet was founded in 2000 by [[Ken Xie]], the founder and former president and CEO of [[NetScreen Technologies|NetScreen]] and is a publicly held company (in NASDAQ under the ticker symbol FTNT, as of November 18, 2009). Fortinet's position as the revenue leader in [[Unified Threat Management]] (UTM) has been validated by [[International Data Corporation|IDC]] several times over.<ref>{{cite web
 | url=http://www.fortinet.com/press_releases/120111.html
 | title=FFortinet Named Leader of Worldwide Unified Threat Management Market for 23rd Consecutive Quarter by Leading Market Research Firm