Skip to content Skip to navigation Skip to footer
New Enterprise Strategy Group finds Fortinet Security Operations solutions improve security team operational efficiency and reduce risk to the organization by up to 99%
Overview
Security Services
Models & Specs
Support & Services
Resources

Overview

FortiNDR enables full-lifecycle network protection, detection, and response. It leverages AI, ML, behavioral, and human analysis to analyze network traffic so security teams can spot attacker behavior and remediate the threat. FortiNDR provides network-traffic and file-based analysis, root-cause identification, scope of incidents, and the tools to remediate incidents quickly.

video integrated ai powered ndr

Clear Advantage Over Adversaries

To counter the sophistication of today’s cyberthreats and the volume of network activity where attackers can hide, Fortinet leverages artificial intelligence to reduce the time-intensive tasks a SOC analyst needs to perform. A machine learning (ML) model works to understand normal network activity and identifies deviations. It classifies code associated with abnormal traffic and performs an outbreak search to scope potential incidents. When integrated with other tools across the Fortinet Security Fabric, FortiNDR can initiate automatic responses to improve SOC efficiency.

Watch Now

Virtual and Human Security Analysis for Faster Response

FortiNDR includes our Virtual Security Analyst that can identify malicious network activity and files, resulting in real-time identification of advanced threats, including zero-day attacks. FortiNDR Cloud combines ML/AI with human analysis and expertise to improve your security posture and reduce false positives.

Seasoned, advanced threat researchers from FortiGuard Labs monitor cybercriminal activity, perform reverse engineering, and continuously update detection rules against adversary behavior. This first-hand knowledge provides practical AI/ML observations and human-based analysis before and during high-pressure incidents.

Features and Benefits

FortiNDR detects threats that may slip past traditional security solutions by using ML and AI, combined with FortiGuard Labs threat intelligence, updates, and expertise.

Faster Incident Detection

ML, DL, and other advanced analytics assess the “big data” of network activity

Efficient Investigations

Automated threat hunting, streamlined workflows, playbooks accelerate in-house team triage

Accelerated Threat Response

Dynamic threat intelligence sharing enables automated and coordinated action

Proven AI

10+ years of experience applying AI to threat data yields supervised & unsupervised detection models

Historical Network Visibility

Up to 365-day retention of enriched network metadata facilitates thorough investigations

Open Platform Approach

Integration with the Fabric and APIs for third parties ensures fit within security infrastructure

FortiNDR Use Cases

icon ai analytics
NETWORK ANOMALY DETECTION
Monitor and profile traffic using ML models and other analytics from FortiGuard Labs to identify potential intrusions.
icon threat hunting
THREAT HUNTING
Proactively search network metadata for signs and scope of cyber intrusion.
Malware
ZERO-DAY MALWARE PROTECTION
Analyze unknown code, inline or out-of-band, to classify against 20+ attack classes using more than 6 billion file attributes.

Enterprise Analyst Validation

ESG Economic Validation on Fortinet SecOps Fabric
ESG Economic Validation: The Quantified Benefits of Fortinet Security Operations Solutions. Improved security team operational efficiency and reduced risk to the organization, each by up to 99%. Written by Aviv Kaufmann, Practice Director and Principal Economic Validation Analyst at Enterprise Strategy Group. July 2023
The Quantified Benefits of Fortinet Security Operations Solutions
As enterprises evolve, new technologies emerge, and cybercriminals introduce more sophisticated attacks, security leaders and their teams face a variety of challenges in securing the organization’s networks. This new report published by Enterprise Strategy Group details the benefits of using Fortinet Security Operations solutions, including improved operational efficiency and more effective risk management.
Download Report »

FortiGuard AI-Powered Security Services

FortiGuard Labs - Fortinet’s elite cybersecurity threat intelligence and research organization comprised of experienced threat hunters, researchers, analysts, engineers, and data scientists - develops and enhances FortiGuard AI-powered Security Services as well as provides valuable expert help through FortiGuard Expert-driven Security Services.

Show All Services
Content Security
Web Security
Device Security
Application Security
SOC NOC Security
Antivirus Service
Antivirus Service

Protects against the latest polymorphic attacks, viruses, malware (including ransomware), and other threats.

FortiGuard Intrusion Prevention Service | Fortinet
FortiGuard IPS Service

Provides the most up-to-date defenses against both known and previously unknown threats and vulnerabilities.

Inline Sandbox Service
Inline Sandbox Service

Protects against sophisticated malware and zero-day threats using advanced file analysis in a protected environment.

IP Reputation & Anti-botnet Security
IP Reputation & Anti-botnet Security

Aggregates malicious source IP data from the Fortinet distributed network of threat sensors, CERTs, MITRE, and other sources that collaborate to provide up-to-date threat intelligence.

Feature Comparison

Organizations can choose a self-contained, on-premises deployment powered by our Virtual Security Analyst with FortiNDR, or a guided SaaS with FortiNDR Cloud maintained by FortiGuard advanced threat experts.

Features FortiNDR (HW/VM) FortiNDR Cloud
Deployment On-prem SaaS
Security Analyst Virtual Security Analyst™ Guided-SaaS with TSM (Technical Success Manager)
Data Storage Location On-prem Cloud-based (US)
Data Retention Throughput/Disk-dependent 365 days
Investigation/Threat Hunting Outbreak search Guided playbooks and parallel hunting
NetFlow/IPFIX support Yes​ --
High Throughput Malware Scan / NFS Scanning Yes
ANN1 with On-prem learning		 Hash lookup
MITRE ATT&CK Framework Mapping Malware mapped to MITRE ATT&CK Framework Detections mapped to MITRE ATT&CK framework
Response Integration Fortinet Security Fabric
Third-party API (Rest)
MetaStream with Signals
Sensors Hardware - FortiNDR-3500F​
Hardware - FortiNDR-1000F
VM16/VM32 (ESXi/KVM)​
AWS/Azure/GCP/Alibaba​		 Hardware - FortiNDRCloud-900F (Large sensor)​
Hardware - FortiNDRCloud-500F (Small sensor)​
Virtual sensors (AWS/Azure/ESXi/KVM)​
FortiGuard Labs Threat Research

1. Artificial Neural Networks

FortiCare Support & Professional Services

Fortinet is dedicated to helping our customers succeed, and every year FortiCare services help thousands of organizations get the most from their investments in Fortinet's products and services. To achieve this, FortiCare follows the life-cycle approach and provides unique services to help our customers in their success journeys.

Technical Support Services

Technical Support Services

Various per-device options are available for efficient operations. FortiCare Elite option provides a 15-minute response time for critical products.

RMA

RMA

Premium RMA options are available across the product family for expedited replacement of defective hardware to meet your availability objectives.

Resources

Data Sheets
White Paper
eBooks
Solution Briefs
FortiNDR Ordering Guide
FortiNDR Ordering Guide »

FortiNDR Ordering Guide

FortiNDR and FortiNDR Cloud Data Sheet
FortiNDR and FortiNDR Cloud Data Sheet »

FortiNDR and FortiNDR Cloud Datasheet

Help Wanted: Next-generation AI for the Emerging Threat Landscape
Help Wanted: Next-generation AI for the Emerging Threat Landscape »

Re-evaluating security risks driven by an Automated and AI-based cyber threat landscape

Use an AI-based Virtual Security Analyst to Modernize Your SOC
Use an AI-based Virtual Security Analyst to Modernize Your SOC »

Solve cybersecurity skills gap with AI

FortiNDR Proactively Identifies and Responds to Network Intrusions
FortiNDR Proactively Identifies and Responds to Network Intrusions »

FortiNDR applies AI—including machine learning (ML) and deep learning (DL)—as well as other analytics to an organization’s network traffic metadata to improve security operations center (SOC) efficiency while also providing high-fidelity adversary detections for a rapid and informed response.

Free Product Demo

FortiNDR represents the future of AI-driven breach protection technology, designed for short-staffed SOC teams to defend against threats. A trained Virtual Security Analyst™ helps identify, classify, and respond to threats. FortiNDR employs deep neural networks based on advanced AI and artificial neural network to provide sub-second investigation.

Quick Links

links image 1 139x100

Free Product Demo

Explore key features and capabilities, and experience user interfaces.
resource center icon 139X159

Resource Center

Download from a wide range of educational material and documents.
links image 2 139x121

Free Trials

Test our products and solutions.
contact sales icon 139x85

Contact Sales

Have a question? We're here to help.