Fortinet earns 'Recommended' rating from NSS Labs for the company's Advanced Persistent Threats breach detection systems

FortiSandbox-3000D achieves high ranking for APT Threat detection, stability and throughput.


Anton Jacobsz, Managing Director, Networks Unlimited.

Anton Jacobsz, Managing Director, Networks Unlimited.


Fortinet, a global leader in high-performance network security, announced its FortiSandbox-3000D as one of the top rated Breach Detection Systems (BDS), delivering 99% breach detection and zero false positives, based on real-world comparative analysis conducted by third party NSS Labs.

A Recommended rating from NSS Labs indicates that a product has performed well and deserves strong consideration. Only the top technical products earn a Recommended rating from NSS – regardless of market share, company size or brand recognition.

The full report with Security Value Map and testing methodology can be downloaded here:

"Real-world third-party validation is an essential resource for enterprises considering security products to help cut through confusion caused by vendor marketing," said Fortinet CEO Ken Xie. "NSS Labs' testing continues to demonstrate Fortinet's commitment to meet high industry standards for security detection, performance, reliability, management and value. In this case, Fortinet's FortiGuard Labs expertise was integral in meeting and exceeding those high benchmarks, which are increasingly necessary to combat sophisticated cyber-threats and today's stealthy Advanced Persistent Threats."

Leveraging sophisticated research and test infrastructure that collects real threats and attack methods for concurrent delivery to the systems under test (SUT), NSS Labs utilised empirical data from its first ever Breach Detection Systems Group Test to produce a Security Value Map (SVM). The SVM measures the security effectiveness and value (cost per protected Mbps) of tested product configurations. Fortinet's FortiSandbox-3000D is one of the top performing systems out of six network security vendors (see Figure 1).

NSS Labs: "Recommends" FortiSandbox

As a result of testing against five other vendors' products, Fortinet's FortiSandbox-3000D earned a "Recommended" rating based on real-world testing that evaluated detection rate, device stability and reliability, effective management, performance and total cost of ownership. This latest vendor roundup is the industry's most comprehensive third-party test of Breach Detection Systems to date.

According to the NSS Labs' benchmark results, Fortinet's FortiSandbox-3000D passed 100% of the tests that gauged the reliability and stability of the device. In addition, NSS analysis found the FortiSandbox-3000D to have a 99% threat detection rate in a real-world testing environment that included more than 1 800 live exploits and malware samples. Both threat detection and reliability and stability scores were factored into a metric that led to a 99% rating in overall security effectiveness.

NSS Labs tests also confirmed the FortiSandbox-3000D as a high-performance BDS solution, with the majority of detections happening in three minutes or less. The FortiSandbox-3000D tied for the highest number of TCP connections per second at 225 000, and the appliance accurately delivered on stated throughput claims.

The "Recommended" rating speaks to the criticality of real-world third party testing and Fortinet's commitment to meeting and exceeding high industry standards.

When FortiSandbox is used in conjunction with a FortiGate NGFW and FortiGuard, Fortinet's Advanced Threat Protection (ATP) solution provides access control, threat prevention, behavioral analysis, continuous and monitoring to provide the best protection against targeted attacks.

"The Fortinet FortiSandbox-3000D was tested and rated by NSS at 1 000 Mbps, which is in line with the vendor's claim (Fortinet rates this device at 1 000 Mbps). NSS rated throughput is calculated as an average of the 'Real World' Protocol Mixes (Enterprise Perimeter, Education), and the 21 KB HTTP response-­based tests," according to NSS Labs. "The Fortinet FortiSandbox-3000D detected 99% of HTTP malware, 98% of email malware, and 100% of exploits, giving an overall breach detection rating of 99.0%. The device passed all stability and reliability tests and detected 83% of evasions."

About FortiSandbox-3000D

The FortiSandbox-3000D is a key component to help combat sophisticated malware and Advanced Persistent Threats (APTs) as part of a broader, integrated security framework.

The FortiSandbox consolidates specialised threat detection and intelligence services across protocols and functions into a single, high-performance and highly affordable appliance. At the core of the solution is a dual-level sandbox that effectively deals with the increasing sophistication of attacks that require more advanced inspection.

Key features include:

* Proactive antimalware
* Real-time cloud query of community results
* Code emulation
* Full virtual environment
* Callback detection
* Actionable dashboards and reports
* Optional submission to FortiGuard

The FortiSandbox-3000D can be integrated with Fortinet's FortiGate and FortiMail platforms for enhanced detection and threat mitigation or deployed on-premise on its own without changing any network configuration.

FortiSandbox product family

Further demonstrating the company's commitment to the Breach Detection Systems space, in February this year, Fortinet announced theFortiSandbox-1000D, a unique dual-level sandbox that features proactive pre-filtering, dynamic threat intelligence and rich reporting for small to mid-sized enterprises. As with the FortiSandbox-3000D, the FortiSandbox-1000D offers a consolidated approach to covering all protocols and functions in one appliance with the ability to deploy stand-alone or as an integrated extension of FortiGate and FortiMail appliances.


The FortiSandbox-3000D is available now, and the FortiSandbox-1000D is expected to ship later this month. To learn more about the FortiSandbox family of Advanced Threat Detection products or other Fortinet network security products, please visit For a no-risk evaluation of our FortiGate family of High Performance Data Center Firewalls, Enterprise Next Generation Firewalls or smaller Unified Threat Management devices, please visit: 

Fortinet Webinar: Beyond the Hype: NSS Labs Tests Today's Breach Detection Systems

On Tuesday, 13 May at 9:00 a.m. PT, Fortinet will host a live webinar with NSS Labs that will cover:

* Establishing real-world test methodology for BDS
* Real-world test results, including "Recommendations" and "Cautions"
* How Fortinet's FortiSandbox performed in real-world conditions

Register for the event here:

Subscribe now to receive our latest updates and promotions

Networks Unlimited
Offering the best and latest solutions within the converged technology, data centre, networking, and security landscapes.

Copyright 2019 Networks Unlimited | The Key to IT Security & Networking Communications.