Fortinet FortiDeceptor 1000G
Deceive | Expose | Eliminate
Click here to jump to more pricing!
Overview:
Advanced Threat Deception
FortiDeceptor is designed to deceive, expose, and eliminate external and internal threats early in the attack kill chain and proactively block these threats before any significant damage occurs.
Fortinet Security Fabric provides unified, end-to-end protection with Fortinet Next Generation Firewalls to tackle advanced persistent threats. Adding FortiDeceptor as part of a Breach Protection strategy helps evolve your defenses from reactive to proactive with intrusion-based detection layered with contextual intelligence. It automates the blocking of attackers targeting IT devices and OT system controls. FortiDeceptor automatically lays out a layer of decoys and lures, helping you conceal your sensitive and critical assets behind a fabricated Deception Surface to confuse and redirect attackers while revealing their presence on your network.
- DECEIVE external and internal threats with deceptive VM instances aka decoys, managed from a centralized location. Deploy a Deception Surface of real Windows, Linux, VPN, Medical IoT and SCADA VMs with services that are indistinguishable from real assets, e.g. production servers and lures embedded into devices designed to uncover the attackers.
- EXPOSE hacker activity with early and accurate detection and actionable alerts enabled through tracing and correlation of an attacker’s Tactics, Tools, and Procedures (TTPs) and active notification via Web UI, Email, SNMP traps, logs, and events via FortiSIEM and FortiAnalyzer.
- ELIMINATE threats by automating threat response with FortiGates, FortiNAC, FortiSOAR, and third-party security solutions via Fortinet Security Fabric.
Feature Benefits
- Simple and Easy to Use with a wizard-based setup of IT/ OT/ IoT decoys and lures finetuned to your environment and centrally manage a distributed deception deployment across your IT and OT environments
- Rapid investigation with intelligent incident correlation into a campaign timeline of all activities including access, tools used, lateral movement, and more, layered with contextual threat intelligence from FortiGuard Labs
- Eliminate Early Stage Attacks with Security Fabric integration including FortiGate, FortiNAC, FortiSOAR, and third-party. Elevate threat visibility and hunting with FortiSIEM and FortiAnalyzer
Workflow:
Notes:
-
1. FortiDeceptor deploys decoys with different OS types equipped with lures (e.g. RDP/ SMB/ Credentials/ HoneyDocs) that appear indistinguishable from real IT and OT assets and are highly interactive.
-
2. FortiDeceptor acts as an early warning system
that exposes attacker’s
malicious intent and tracks
lateral movement, which
translates to real-time alerts
sent to FortiDeceptor, as
well as FortiAnalyzer and
FortiSIEM for review and
validation. FortiDeceptor
applies analytics powered
by FortiGuard Labs,
FortiSandbox, and
VirusTotal intelligence, to a
consolidated set of security
events and correlates them
to the campaigns with
timeline of activities.
-
3. FortiDeceptor allows
security analyst to manually
investigate and apply
manual remediation or
automatically block these
attacks based on severity
before actual damage
occurs via integration with
FortiGate, FortiNAC, and
FortiSOAR.
Specifications:
FORTIDECEPTOR 1000G |
||
---|---|---|
Capacity and Performance |
||
Size RAM |
DDR4-2400 48 GB ECC RDIMM (16 GB*3) |
|
On Board Flash |
2 GB USB |
|
Decoy VM Support |
Combination of Windows 7, Windows 10, Windows 10 (customizable BYOL), Windows Server 2016 and 2019 (customizable BYOL), Linux, VPN Server, Medical (PACS, Infusion pump), POS, ERP, IoT (Router, Printer and Camera), and/or SCADA, up to 16 Deception VMs and 128 VLANs |
|
Decoy Services |
SSL VPN, SSH, SAMBA, SMB, RDP, HTTP/S, SQL, GIT, DICOM, Telnet, FTP, TFTP, SNMP, MODBUS, S7COMM, BACNET, IPMI, TRICONEX, GUARDIAN-AST, IEC104, EtherNet/IP, DNP3, JET-DIRECT, RTSP, UPnP, CDP and TCP port listener |
|
Deception VMs Shipped |
Deceptor Bundle Contract included license for Deception Decoys, Deception Lure plus FortiGuard Services Subscriptions (AREA, AV, IPS, and Web Filtering).1 VLAN unit price, minimum order of 2 VLANs |
|
Hardware Specifications |
||
Form Factor |
1 RU Rackmount |
|
Total Interfaces |
4 x GE (RJ45), 4 x GE (SFP) |
|
Storage Capacity |
2 TB (2 x 1 TB HDD) |
|
Usable Storage (After RAID) |
1 TB |
|
Removable Hard Drives |
No |
|
RAID 1 |
RAID 1 |
|
Default RAID Level |
1 |
|
Optional (SKU: SP-FSA1000G-PS) |
||
Power Supply |
650W Redundant PSU (1+0) |
|
Additional PSU (SKU: SP-FSA1000G-PS) |
|
|
Dimensions |
||
Height x Width x Length (inches) |
1.73 x 17.24 x 23.62 |
|
Height x Width x Length (cm) |
44 x 438 x 600 |
|
Weight |
27.56 lbs (12.5 kg) |
|
Environments |
||
AC Power Supply |
100-240 VAC, 60-50 Hz, 650W Redundant PSU (1+0) |
|
Power Consumption (Max / Average) |
253.2 W / 202.56 W |
|
Heat Dissipation |
863.92 (BTU/h) |
|
Operating Temperature |
32°F to 104°F (0°C to 40°C) |
|
Storage Temperature |
-13°F to 158°F (-25°C to 70°C) |
|
Humidity |
10% to 90% (non-condensing) |
|
Operating Altitude |
Up to 7,400 ft (2,250 m) * |
|
Compliance |
||
Safety Certifications |
FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB |
Documentation:
Download the Fortinet FortiDeceptor Data Sheet (PDF).
Pricing Notes:
- All prices displayed are Ex-VAT. 20% VAT is added during the checkout process.
- Hardware plus 24x7 FortiCare, FortiGuard Threat Intelligence and Custom VM Bundle (maximum allowed Custom VMs)
Hardware Unit, 24x7 FortiCare Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades (FortiSandbox engine), FortiGuard AV, IPS, Web Filtering, File Query plus subscription for maximum allowed custom sandbox VMs. Does not include Windows or MS Office licenses i.e. BYOL - Hardware plus 24x7 FortiCare, FortiGuard Threat Intelligence and Licensed VM Bundle (maximum allowed Licensed VM)
Hardware Unit, 24x7 FortiCare Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades (FortiSandbox engine), FortiGuard AV, IPS, Web Filtering, File Query plus maximum allowed Licensed Sandbox VMs including the necessary Windows and MS Office licenses - 24x7 FortiCare plus FortiGuard Threat Intelligence
24x7 FortiCare Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades (FortiSandbox engine), and FortiGuard AV, IPS, Web Filtering, File Query - 24x7 FortiCare, FortiGuard Threat Intelligence and Custom VM Bundle (maximum allowed Custom VMs)
24x7 FortiCare Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades (FortiSandbox engine), FortiGuard AV, IPS, Web Filtering, File Query plus subscription for maximum allowed custom sandbox VMs. Does not include Windows or MS Office licenses i.e. BYOL - Prices are for one year of Premium RMA support. Usual discounts can be applied.
- Annual contracts only. No multi-year SKUs are available for these services.
- Contact Fortinet Renewals team for upgrade quotations for existing FortiCare contracts.
- Pricing and product availability subject to change without notice.