Call a Specialist Today! 020 3958 0662 Free Delivery! Free Delivery!

Fortinet FortiDeceptor 100G
A Non-Intrusive, Agentless Deception Solution to Detect and Stop Active In-Network Attacks


Fortinet FortiDeceptor 100G
Fortinet Products
FortiDeceptor-100G Rugged Appliance
FortiDeceptor-100G Rugged Appliance, Support up to 8 Deception VMs and 48 VLANS
#FDR-100G
List Price: £25,151.78
Our Price: Request a Quote

Click here to jump to more pricing!

Live Demo! Click here to load

Overview:

FortiDeceptor is Fortinet’s non-intrusive, agentless deception platform that puts the power back into the hand of defenders, with the ability to deceive attackers into engaging with fake assets and ultimately revealing themselves.

A force multiplier to current security defenses, FortiDeceptor combines the concept of honeypot with threat analytics and threat mitigation capabilities. This is achieved by distributing a layer of deception assets across the network—decoys and tokens, such as fake keys and files on endpoints and servers—and creating a system of traps that look and operate like any other real asset across IT, OT, and IoT networks, intended to deceive, detect, and isolate known and unknown human and automated attacks.

With FortiDeceptor, instead of waiting for the threat actor to make a mistake and then detect their presence, you can now embrace an active defense approach where any step the attacker takes—whether they try to escalate privileges or run malware—becomes an opportunity for you to detect them.

Early Threat Detection, Minimal Network Impact

FortiDeceptor works by deploying and running decoys from the FortiDeceptor console using available IP addresses. As decoys leverage unused IP addresses across the different network segments, they do not impact network availability and, to the attacker, they seem like an integral part on your network. These IP addresses do not correspond to any real host or device on the network.

The FortiDeceptor platform consists of several deception components that together provide an authentic and scalable layer of deception assets that are identical to other assets across your network. These decoys are fake assets, such as industrial control systems, medical devices, ATMs, tank gauges, POS devices, IoT devices, network infrastructure, and more, that run real operating systems and services and generate fake but limited traffic to lure attackers to them, diverting them away from sensitive assets. FortiDeceptor provides an extensive inventory of decoys. You can also ‘bring your own decoys’ and upload your own golden images.

To expand the deception layer event further, FortiDeceptor places breadcrumbs (or tokens) on real endpoints and servers. These are fake documents, files, or fake credentials, that attackers look to leverage to move laterally or encrypt. The breadcrumbs, which are indistinguishable from real files and credentials, are designed to deceive the attacker or malware to laterally move to the decoy. FortiDeceptor immediately detects any use of fake credentials, generates alerts, and automatically isolates the endpoint using built-in endpoint isolation capabilities or security orchestration, automation, and response (SOAR) playbooks.

Accelerated Incident Response

The solution generates high-fidelity, zero false-positive alerts, providing security teams with a unique advantage over malicious activity, and unparalleled visibility to detect and stop attacks, credential thefts, lateral movement, and malware activity. It also provides compensating security control when patching or when other security controls aren’t an option. A good example of this is in OT environments where patches aren’t available; even when patches are available, the time and effort required for maintenance is arduous.

Once a malware or human attacker engages with a fake or a decoy asset, an alert is generated and sent to security information and event management (SIEM), SOAR, or any threat intelligence platform you’re using. The decoy then starts capturing and analyzing the activities in real time and generates threat intelligence using eight built-in intelligence engines for detailed and accurate analysis.

FortiDeceptor does not require highly skilled security analysts to deploy or manage the solution. It centralizes and automates the entire process—from deception deployment to evidence analytics to quarantined and unquarantined attacks to the implementation of dynamic protection layers.

Protection Against Evolving Threats

To combat emerging threats, FortiDeceptor enables on-demand creation of deception decoys based on newly discovered vulnerabilities or suspicious activity, providing automated, dynamic protection across IT, OT, and IoT environments

  • Implement zero-day protection: Attackers often target vulnerable assets first. With FortiDeceptor’s advanced outbreak feature, you can now purposefully deploy decoys with recently disclosed vulnerabilities to attract, automatically detect, and quarantine malicious activities early in the kill chain. When a vulnerability is reported by FortiGuard Labs, the vulnerability emulator is automatically pushed as a feed to the outbreak decoy without requiring a software update.
  • Rapid threat hunting to identify indicators of compromise (IOCs): FortiDeceptor’s integration with SOAR provides on-demand deception asset deployment, triggered by SOAR playbooks to help hunt and quarantine any malicious activity. When suspicious activity is detected, a SOAR playbook can automatically initiate the deployment of decoys and tokens in that specific segment to help detect an attack and capture intel.

In addition, FortiDeceptor offers integrations with leading security tools, as well as with the Fortinet Security Fabric, providing orchestrated threat mitigation and enriched attack intelligence

Deception for OT and IoT environments

OT environments are diverse, with numerous, multi-vendor devices and systems often designed without built-in security. Hardening mostly legacy systems via monitoring agents or security patching to mitigate risks is not always an option due to continuity, costs, patch availability, and more. FortiDeceptor’s decoys simulate various types of IT, OT, ICS, and IoT devices, as well as critical applications such as SAP and ERP that can be deployed across all levels of the Purdue model.

FortiDeceptor works by automatically running active and passive asset discovery, creating asset inventory, and recommending optimized decoy placement across the IT and OT network. It can operate in online or air-gapped modes, and is also available as an industrially-hardened rugged appliance: the FortiDeceptor Rugged 100G, designed specifically for harsh industrial environments.

Feature Benefits

  • Provide actionable insights, increase SOC effectiveness
  • Extend support to challenging areas (IoT and OT environments)
  • Provide early, substantiated warning (no false-positives)
  • Scale automatically as the risk level increases
  • Detect new or unknown threats and malicious insiders

Benefits:

Accurate, Early Detection and Fast Response

  • Reduces dwell time and false-positives
  • Detects early reconnaissance and lateral movements
  • Built-in, automated attack quarantine capabilities stop attacks before they spread
  • Automatically scales as risk level rises
  • Helps mitigate ransomware by leading malware to encrypt fake files, triggering automatic blocking of the infected endpoint
  • Automatically deploys vulnerable decoys based on FortiGuard Labs latest outbreak alerts
  • Integrates with the Fortinet Security Fabric and third-party security controls

Enrich Actionable Insights, Increase SOC Effectiveness

  • Generates high-fidelity, actionable alerts based on real-time interactions with adversaries
  • Correlates malicious activities using eight different forensic engines to help analysts investigate, gather forensic evidence, monitor, and automatically stop attacks in progress
  • Closes visibility gaps with in-progress attack intel and detailed forensics
  • Provides attack replays and attack visualizations
  • Low-friction deployment and maintenance via automation

Extend Support to Challenging Areas

  • Optimized OT, IoT, and IoMT decoys designed to expose and block threats to industrial systems, IoT, and IoMT devices
  • Agentless and non-intrusive, with zero impact on mission-critical operations
  • Ease of installation (one-day operation) and use; does not require any network topology changes
  • Detects threats to assets that cannot provide their own telemetry
  • Available across every attack surface, including on-premise, cloud, and IT, OT, IoT, and IoMT environments
  • Operates in both online and air-gapped modes

Specifications:


FORTIDECEPTOR 100G

Capacity and Performance

Size RAM

DDR4-2400 48 GB ECC RDIMM (16GBx1 + 32GBx1)

On Board Flash

16GB (M.2 2242)

Decoy VM Support

Combination of Windows 7, Windows 10, Windows 10 (customizable BYOL), Windows Server 2016 and 2019 (customizable BYOL), Linux, VPN Server, Medical (PACS, Infusion pump), POS, ERP, IoT (Router, Printer and Camera), SAP and/or SCADA, up to 8 Deception VMs and 48 VLANs, Outbreak,VOIP, TOMCAT, ESXi, Elastic-Search

Decoy Services

SSL VPN, SSH, SAMBA, SMB, RDP, HTTP/S, SQL, GIT, DICOM, Telnet, FTP, TFTP, SNMP, MODBUS, S7COMM, BACNET, IPMI, TRICONEX, GUARDIAN-AST, IEC104, EtherNet/IP, DNP3, JET-DIRECT, RTSP, UPnP, CDP and TCP port listener, SMTP, RADIUS, Mysql, MQTT, SIP, XMPP

Deception VMs Shipped

Deceptor Bundle Contract included license for Deception Decoys, Deception Lure plus FortiGuard Services Subscriptions (AREA, AV, IPS, and Web Filtering).1 VLAN unit price, minimum order of 2 VLAN

Hardware Specifications

Form Factor

Desktop - fanless

Total Interfaces

6x 1GbE RJ-45 ports

Storage Capacity

2.5 inch SATA SSD 1TB (1TBx1)

Usable Storage (After RAID)

2GB USB DOM, SATA-DOM or M.2 (SATA)

Removable Hard Drives

No

RAID 1

No

Default RAID Level

No

Power Supply

Powered by External DC Power Adapter, 100-240V, 1.8A, 50-60Hz

Dimensions

Height x Width x Length (inches)

3.85 x 10.82 x 8.86

Height x Width x Length (cm)

98 x 275 x 225

Weight

16.63 lbs (5.73 kg)

Environments

AC Power Supply

N/A

DC Power Supply

Input: 24-48Vdc 3.45-1.77A

Power Consumption (Max / Average)

+24V (66.11W), +48V (73.92W)/ +24V (54.1W), +48V (60.5W)

Maximum Current

+24V (3.45A), +48V (1.77A)

Heat Dissipation

+24V (259.69 BTU/h), +48V (286.34 BTU/h)

Operating Temperature

32°F to 104°F (0°C to 40°C)

Storage Temperature

-40°F to 158°F (-40°C to 70°C)

Humidity

5% to 95% (non-condensing)

Operating Altitude

Up to 13 123 ft (4000 m)

IP Rating

IP40

Compliance

Safety Certifications

Onboard flash is 8GB Safety Certifications – FCC, ICES, CE, RCM, VCCI class A CB: Low Voltage Directive (LVD) 2014/35/EU IEC 62368-1 2nd Edition IEC 62368-1 3rd Edition UL/CSA: UL 62368-1 3rd Edition

Documentation:

Download the FortiDeceptor Data Sheet (PDF).

It appears you don't have a PDF plugin for this browser. No biggie... you can click here to download the PDF file.

Pricing Notes:

Fortinet Products
FortiDeceptor-100G Rugged Appliance
FortiDeceptor-100G Rugged Appliance, Support up to 8 Deception VMs and 48 VLANS
#FDR-100G
List Price: £25,151.78
Our Price: Request a Quote
FortiDeceptorRugged-100G Deceptor Bundle Contract
FortiDeceptorRugged-100G 1 Year Deceptor Bundle Contract included license for Deception Decoys, Deception Lure plus FortiGuard Services Subscriptions (ARAE, AV, IPS, and Web Filtering).1 VLAN unit price, minimum order of 2 VLANs.
#FC1-10-DR1HG-495-02-12
List Price: £954.04
Our Price: Request a Quote
FortiDeceptorRugged-100G 3 Year Deceptor Bundle Contract included license for Deception Decoys, Deception Lure plus FortiGuard Services Subscriptions (ARAE, AV, IPS, and Web Filtering).1 VLAN unit price, minimum order of 2 VLANs.
#FC1-10-DR1HG-495-02-36
List Price: £2,862.10
Our Price: Request a Quote
FortiDeceptorRugged-100G 5 Year Deceptor Bundle Contract included license for Deception Decoys, Deception Lure plus FortiGuard Services Subscriptions (ARAE, AV, IPS, and Web Filtering).1 VLAN unit price, minimum order of 2 VLANs.
#FC1-10-DR1HG-495-02-60
List Price: £4,770.17
Our Price: Request a Quote
FortiDeceptorRugged-100G FortiCare Premium Support
FortiDeceptorRugged-100G 1 Year FortiCare Premium Support
#FC-10-DR1HG-247-02-12
List Price: £5,030.36
Our Price: Request a Quote
FortiDeceptorRugged-100G 3 Year FortiCare Premium Support
#FC-10-DR1HG-247-02-36
List Price: £15,091.07
Our Price: Request a Quote
FortiDeceptorRugged-100G 5 Year FortiCare Premium Support
#FC-10-DR1HG-247-02-60
List Price: £25,151.78
Our Price: Request a Quote
FortiDeceptor Central Management license Central Management seat license per FortiDeceptor device. 1 manageable appliance unit price, minimum order of 2 manageable appliances
FortiDeceptor Central Management license 1 Year Central Management seat license per FortiDeceptor device. 1 manageable appliance unit price, minimum order of 2 manageable appliances.
#FC1-10-FDCCM-497-02-12
List Price: £216.83
Our Price: Request a Quote
FortiDeceptor Central Management license 3 Year Central Management seat license per FortiDeceptor device. 1 manageable appliance unit price, minimum order of 2 manageable appliances.
#FC1-10-FDCCM-497-02-36
List Price: £650.48
Our Price: Request a Quote
FortiDeceptor Central Management license 5 Year Central Management seat license per FortiDeceptor device. 1 manageable appliance unit price, minimum order of 2 manageable appliances.
#FC1-10-FDCCM-497-02-60
List Price: £1,084.13
Our Price: Request a Quote
FortiDeceptor-VM Support License FortiCare premium support Contract for FortiDeceptor-Edge virtual appliance supports local FDC manager and DaaS platform and can extend up to 128 VLANs.
FortiDeceptor-VM Support License 1 Year FortiCare premium support Contract for FortiDeceptor-Edge virtual appliance supports local FDC manager and DaaS platform and can extend up to 128 VLANs.
#FC-10-DCVME-248-02-12
List Price: £216.83
Our Price: Request a Quote
FortiDeceptor-VM Support License 3 Year FortiCare premium support Contract for FortiDeceptor-Edge virtual appliance supports local FDC manager and DaaS platform and can extend up to 128 VLANs.
#FC-10-DCVME-248-02-36
List Price: £650.48
Our Price: Request a Quote
FortiDeceptor-VM Support License 5 Year FortiCare premium support Contract for FortiDeceptor-Edge virtual appliance supports local FDC manager and DaaS platform and can extend up to 128 VLANs.
#FC-10-DCVME-248-02-60
List Price: £1,084.13
Our Price: Request a Quote
FortiDeceptor-100G Appliance,support both Local FDC manager and DAAS platform and up to 128 VLANS.
FortiDeceptor-100G Appliance,support both Local FDC manager and DAAS platform and up to 128 VLANS.
#FDC-100G
List Price: £3,469.22
Our Price: Request a Quote
FortiDeceptor-100G FortiCare Premium Support
FortiDeceptor-100G 1 Year FortiCare Premium Support
#FC-10-DC1HG-247-02-12
List Price: £693.85
Our Price: Request a Quote
FortiDeceptor-100G 3 Year FortiCare Premium Support
#FC-10-DC1HG-247-02-36
List Price: £2,081.53
Our Price: Request a Quote
FortiDeceptor-100G 5 Year FortiCare Premium Support
#FC-10-DC1HG-247-02-60
List Price: £3,469.22
Our Price: Request a Quote
Accessories
AC power adaptor with 2-pin terminal plug for FDR-100G
#SP-FDR100G-PA
List Price: £346.93
Our Price: Request a Quote