Application Risk and Control

Report Date: June 14, 2020 13:25

Data Range: 2020-06-07 00:00 2020-06-13 23:59 NPT (FAZ local)
 Table of Contents

Executive Summary 3
High Risk Applications By Category 4
High Risk Applications 4
Application Risk Definition 5
Key Applications Crossing The Network 6
Application Categories 7
Web Applications 8
Web Categories In Use 9
Application Vulnerability Exploits 10
Malware: Viruses, Bots, Spyware/Adware 12
Zero-day Attacks Detected On The Network 13
Files/File Types Transferred by Applications 14
Recommended Actions 15
About FortiGuard Key Services 16

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 1 of 17

Complete Protection Powered by FortiGuard

Starting with FortiOS 3.0, Fortinet has given our customers the power to manage the
content and applications used on their networks, regardless of port or protocol.
FortiGuard Labs is the driving force behind this protection. The culmination of years
worth of security research, FortiGuard’s team of hundreds of researchers and analysts
work tirelessly to identify new applications, research new threats as they appear and
develop solutions to protect your network twenty-four hours a day, seven days a week.

Your Fortinet devices have the ability to identify more applications than any other
vendor in the market, and allow you to selectively block application behavior to
minimize the risk of data loss, network compromise or other threats to your
network and employees. You have to power to determine a wealth of valuable
information, such as:

What applications are slowing down the network?

What types of malware are typically attacking our employees?
Who is using Facebook the most or consuming excessive bandwidth?

Traditional firewalls and perimeter gateway devices typically are unable to provide
this level of visibility - they can’t see the bigger or the smaller picture.

Complete Protection
Being able to accurately assess network risks requires you to have visibility to all of
the content traversing your network. Fortinet’s complete content protection goes
far beyond simply identifying applications and allowing or denying traffic. Using
application control along with identity-based policy enforcement of content
enables you to utilize all of the advanced features included in the FortiGate
platform:

Traffic Shaping
IPS
DLP
AntiVirus and AntiSpyware

Complete content protection protects your network against malicious content that
may be hidden within applications and data, even if that content is embedded
inside a trusted application or from a trusted source.

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 2 of 17

Executive Summary
This report provides findings of application risk analysis that Fortinet conducted for your organization. Fortinet next generation
firewall is used for the analysis. This document begins with a summary of these findings, followed by details of the applications,
types of content found and closes with a set of recommended actions.

Below is a summary of the critical and high risk security events detected:
Application Visibility & Control

Proxy 3
Remote.Access 2
7
High Risk Apps
Botnet 2

Threats Detection & Prevention

Critical & High Intrusion Attack 21 23

Malware & Botnet C&C 2 Threat

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 3 of 17

High Risk Applications By Category
Modern security organizations need increasingly complex security processes in place to handle the myriad applications in use on
the network and in the data center. The problem is determining which applications in your environment are most likely to cause
harm. The following charts provide a breakdown of the high risk applications identified on the network. It has been determined
by FortiGuard Labs that these applications represent possible vectors for data compromise, network intrusion, or a reduction in
network performance.

Proxy 42.86%
Remote.Access 28.57% High Risk Apps
Botnet 28.57%

Figure 1: Breakdown of High Risk Applications

High Risk Applications

Top 20 high risk applications are listed below. These applications have the risk rating of 5 (critical risk) or 4(high risk). Each
application is listed with its respective category, technology, number of users, bandwidth and sessions.

# Risk Application Name Category Technology User Bandwidth Session

1 Proxy.HTTP Proxy Network-Protocol 24 206.62 KB 50
2 SOCKS4 Proxy Network-Protocol 1 1.61 KB 6
3 SOCKS5 Proxy Network-Protocol 2 640 B 6
4 Bladabindi.Botnet Botnet Client-Server 1 968 B 2
5 AnyDesk Remote.Access Client-Server 2 2.33 MB 36
6 RDP Remote.Access Client-Server 10 13.14 MB 31
7 Mirai.Botnet Botnet Client-Server 24 101.18 KB 30

Figure 2: High risk applications (rating of 4 or 5) that are traversing the network.

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 4 of 17

Application Risk Definition
The FortiGuard research team assigns a risk rating of 1 to 5 to an application based on the application behavioral characteristics.
The risk rating can help administrators to identify the high risk applications quickly and make a better decision on the application
control policy.

Risk Rating Behavior Characteristics Examples

Critical Malicious applications or the applications that can bypass security Applications in Botnet or Proxy category

High Applications that can cause data leakage or malware infection: often these Applications in P2P or Remote.Access category

applications are used for personal file-sharing or tunnelling other

applications

Medium Applications are used for personal communication or have known Applications in IM/Email/Storage.Backup category

vulnerabilities

Elevated Applications consume bandwidth or affect productivity Applications in Game/Social.Media/Video/Audio category

Low Business applications or software update applications Applications in Update/Business category

Application Behavioral Characteristics

100%
Percentage

80%

60%

40%

20%

0%
g

us
y
in

ox

io
el

pr

ic
nn

al
tu

Figure 3: Behavioral characteristics of the high risk application detected

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 5 of 17

Key Applications Crossing The Network
The section below shows the top 30 applications crossing the network based on the amount of bandwidth they are using, sorted
by application category and technology. The risk rating is also listed for each application along with its session count. This
provides a more complete view for the applications running on the network and results in better decision-making for overall
application control policies and business risk management.

# Risk Application Name Category Technology User Bandwidth Session

1 HTTPS.BROWSER Web.Client Browser-Based 4,086 48.07 GB 312,209
2 NFS Storage.Backup Client-Server 4 26.35 GB 13
3 SMB.v3 Network.Service Client-Server 4 20.27 GB 88
4 Oracle.TNS Business Client-Server 12 9.33 GB 332,407
5 DNS Network.Service Network-Protocol 323 2.38 GB 100,324
6 Microsoft.Portal Collaboration Browser-Based 9 2.24 GB 2,602
7 SSH Network.Service Network-Protocol 2 1.43 GB 5
8 MS.Windows.Update Update Client-Server 7 669.33 MB 1,493
9 SSL_TLSv1.2 Network.Service Network-Protocol 67 83.50 MB 2,287
10 HTTP.BROWSER Web.Client Browser-Based 264 48.54 MB 1,357
11 HTTP.BROWSER_IE Web.Client Browser-Based 18 34.34 MB 216
12 Symantec.AV.Update Update Client-Server 4 29.37 MB 23
13 RDP Remote.Access Client-Server 10 13.14 MB 31
14 HTTP.BROWSER_Chro Web.Client Browser-Based 356 6.06 MB 1,180
me
15 AnyDesk Remote.Access Client-Server 2 2.33 MB 36
16 QUIC Network.Service Network-Protocol 1 1.85 MB 245
17 Ping Network.Service Network-Protocol 566 1.65 MB 8,449
18 Google.Services General.Interest Browser-Based 5 1.60 MB 123
19 Ubuntu.Update Update Client-Server 1 889.49 KB 6
20 SSL Network.Service Network-Protocol 44 772.50 KB 206
21 NTP Network.Service Network-Protocol 19 697.49 KB 4,764
22 File.Upload.HTTP Network.Service Browser-Based 1 627.66 KB 1
23 Root.Certificate.URL Update Client-Server 8 627.06 KB 446
24 HTTP.BROWSER_Firef Web.Client Browser-Based 80 571.23 KB 281
ox
25 LDAP Network.Service Network-Protocol 3 528.25 KB 697
26 Microsoft.Authenticati Collaboration Browser-Based 3 334.12 KB 15
on
27 Kerberos Network.Service Network-Protocol 3 301.38 KB 275
28 MS.RPC Network.Service Client-Server 3 266.94 KB 178
29 SMTPS Email Network-Protocol 1 234.86 KB 33
30 HTTP.Download.Accel General.Interest Browser-Based 1 228.96 KB 9
erator

Figure 4: Top applications that are consuming the most bandwidth, sorted by category and technology

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 6 of 17

Application Categories
The FortiGuard research team categorizes applications into different categories based on the application behavioral
characteristics, underlying technology, and the related traffic transaction characteristics. The categories allow for better
application management. For application category details, see: http://www.fortiguard.com/appcontrol

The following section shows the application category breakdown of all the applications on the network, sorted by bandwidth. This
information helps network administrators to identify where the bandwidth is used, and how many applications use it. Armed with
this information, the administrators can effectively prioritize the applications based on the business needs: for example, allow
business applications but traffic shape the applications for personal use.

Web.Client 43.35%
Storage.Backup 23.72%
Network.Service 21.75%
Business 8.40%
Collaboration 2.02%
Update 0.62% App Categories
Unknown 0.13%
Remote.Access 0.01%
General.Interest 0.00%
Email 0.00%
Others 0.00%

Figure 5: Top 10 application categories by bandwidth usage

Number of
# Application Category Number of Users Bandwidth Session
Applications
1 Web.Client 13 4,578 48.16 GB 315,345
2 Storage.Backup 1 4 26.35 GB 13
3 Network.Service 20 1,025 24.17 GB 117,812
4 Business 1 12 9.33 GB 332,407
5 Collaboration 4 9 2.24 GB 2,836
6 Update 5 10 700.37 MB 2,019
7 Unknown 19 3,977 151.95 MB 115,717
8 Remote.Access 2 12 15.47 MB 67
9 General.Interest 3 6 1.82 MB 135
10 Email 1 1 234.86 KB 33
11 Proxy 4 26 209.56 KB 65
12 Botnet 2 25 102.13 KB 32
13 Mobile 2 4 5.05 KB 4
14 Video/Audio 1 1 1.48 KB 4

Figure 6: Category breakdown of all applications, sorted by bandwidth usage

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 7 of 17

Web Applications
Web applications allow users to submit and retrieve content over the Internet and they pose a great security risk to the business.
Sensitive customer data or confidential business trade secrets can be leaked by employees using vulnerable web applications;
applications that can be exploited by attackers using code injection to trick users and redirect them towards phishing or
malicious sites. Recent research shows that the majority of cyber attacks are done at the web application level. Knowing what
web applications are running on the network and what risk ratings they have is critical for the administrators to determine the
appropriate policies for these applications.

The following section shows the top 25 web applications with their application risk ratings, sorted by bandwidth usage.

# Risk Web Application Technology User Bandwidth Session

1 HTTPS.BROWSER Browser-Based 4,086 48.07 GB 312,020
2 Microsoft.Portal Browser-Based 9 2.24 GB 2,602
3 MS.Windows.Update Client-Server 7 669.33 MB 1,493
4 SSL_TLSv1.2 Network-Protocol 67 83.50 MB 2,287
5 HTTP.BROWSER Browser-Based 252 42.62 MB 648
6 Symantec.AV.Update Client-Server 4 29.37 MB 23
7 HTTP.BROWSER_IE Browser-Based 12 8.30 MB 141
8 HTTP.BROWSER_Chrome Browser-Based 353 6.01 MB 1,107
9 AnyDesk Client-Server 2 1.64 MB 32
10 Google.Services Browser-Based 5 1.60 MB 123
11 Ubuntu.Update Client-Server 1 889.49 KB 6
12 SSL Network-Protocol 40 764.46 KB 179
13 File.Upload.HTTP Browser-Based 1 627.66 KB 1
14 Root.Certificate.URL Client-Server 8 627.06 KB 446
15 HTTP.BROWSER_Firefox Browser-Based 79 557.91 KB 275
16 Microsoft.Authentication Browser-Based 3 334.12 KB 15
17 HTTP.Download.Accelerator Browser-Based 1 228.96 KB 9
18 Yum.Tool Client-Server 1 201.54 KB 51
19 Proxy.HTTP Network-Protocol 15 186.79 KB 35
20 Mirai.Botnet Client-Server 24 101.18 KB 26
21 Microsoft.Office.365.Portal Browser-Based 1 97.98 KB 214
22 HTTP.Segmented.Download Browser-Based 1 43.42 KB 9
23 MS.MSN.Bing.Bot Client-Server 12 39.84 KB 23
24 SSL_SSLv3 Network-Protocol 6 38.82 KB 6
25 Microsoft.Office.Online Browser-Based,Client-Server 1 37.08 KB 5

Figure 7: Top 25 web applications sorted by bandwidth

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 8 of 17

Web Categories In Use
Identifying which web categories and websites are accessed by applications provides additional data points for administrators to
understand the network traffic usage. Defining appropriate application policies along with web filtering policies will greatly
reduce the business risk.

Fortinet’s proprietary web filtering database is developed by the FortiGuard research team. The database contains more than 47
million rated websites with real-time updates; the websites are categorized into 76 web categories to allow highly-granular web
filtering policies. For web filter categories see: http://www.fortiguard.com/webfilter

The following section shows the most commonly visited web categories with their respective bandwidth usage.

# URL Category User Count Bandwidth

1 Information Technology 15 4,115 637.27 MB
2 Unrated 3 2,040 7.88 MB
3 Finance and Banking 1 214 1.70 MB
4 Government and Legal Organizations 2 170 1.49 MB
5 Information and Computer Security 5 34 440.60 KB
6 Business 1 30 26.21 MB
7 Search Engines and Portals 8 28 408.37 KB
8 Education 1 19 2.68 MB
9 Content Servers 1 1 7.65 KB

Figure 8: Top web categories visited

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 9 of 17

Application Vulnerability Exploits
An application vulnerability could be exploited to compromise the security of the network. Once an application vulnerability has
been found, the attacker can exploit it to facilitate a cyber crime. These crimes often target the confidential data of a business, or
availability of business resources and services. The visibility into application vulnerability exploits enables the administrator to
take immediate action against a threat and to protect business assets. It also helps the administrator to tighten the policies for
vulnerable applications.

The FortiGuard research team analyses application traffic patterns and application vulnerabilities and then develops signatures
to prevent the vulnerability exploits. The FortiGuard Intrusion Prevention Service (IPS) provides Fortinet customers with the latest
defenses against stealthy network-level threats. It uses a customizable database of more than 5,100 known threats to stop
attacks that evade traditional firewall systems. It also provides behavior based heuristics analysis to enable the FortiGate
systems to recognize zero-day attacks. For Application Vulnerability and IPS see: http://www.fortiguard.com/intrusion

The section below shows application vulnerabilities discovered on the network, ranked by severity and count.

# Severity Threat Name Type CVE-ID Victim Source Count

1 Joomla!.Core.Session. Code Injection CVE-2015-8562 4 4 30
Remote.Code.Execution
2 ThinkPHP.Controller.P Code Injection CVE-2019-9082,CVE-20 7 5 25
arameter.Remote.Code.Ex 18-20062
ecution
3 vBulletin.Routestring. Code Injection CVE-2019-16759 4 4 25
widgetConfig.Remote.Cod
e.Execution
4 NETGEAR.DGN1000.C Code Injection 5 5 7
GI.Unauthenticated.Remo
te.Code.Execution
5 Linear.eMerge.card_sc 1 1 5
an_decoder.php.Comman
d.Injection
6 DrayTek.Vigor.Router. 4 4 5
Web.Management.Page.C
ommand.Injection
7 PHPUnit.Eval-stdin.PH Code Injection CVE-2017-9841 3 1 5
P.Remote.Code.Execution
8 Drupal.Core.Form.Ren OS Command Injection CVE-2018-7600 3 3 3
dering.Component.Remot
e.Code.Execution
9 D-Link.Devices.HNAP. OS Command Injection CVE-2015-2051 2 3 3
SOAPAction-Header.Com
mand.Execution
10 Dasan.GPON.Remote. OS Command Injection CVE-2018-10561,CVE-2 1 1 1
Code.Execution 018-10562
11 PHP.CGI.Argument.Inj Code Injection CVE-2012-1823,CVE-20 4 4 18
ection 12-2311
12 PhpStudy.Web.Server. 4 4 14
Remote.Code.Execution
13 HTTP.Unix.Shell.IFS.Re OS Command Injection 7 14 14
mote.Code.Execution
14 JAWS.DVR.CCTV.Shell. OS Command Injection 5 7 7
Unauthenticated.Comma
nd.Execution

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 10 of 17

# Severity Threat Name Type CVE-ID Victim Source Count
15 Netlink.GPON.Router.f 2 4 4
ormPing.Remote.Comma
nd.Injection
16 ThinkPHP.Request.Me Code Injection 4 4 4
thod.Remote.Code.Execut
ion
17 Tongda.Office.Anywhe 4 4 4
re.Unauthorized.File.Uplo
ad
18 ThinkPHP.HTTP.VARS. Code Injection 3 3 3
S.Remote.Code.Injection
19 Seeyon.Office.Anywhe 3 3 3
re.htmlofficeservlet.Arbitr
ary.File.Upload
20 HTTP.Header.SQL.Inje SQL Injection 2 2 2
ction
21 Linksys.Routers.Admin Permission/Priviledge/Access 1 1 1
istrative.Console.Authenti Control
cation.Bypass
22 PHP.Diescan Anomaly 4 4 32
23 Apache.Axis2.Default. Other CVE-2010-0219 4 4 4
Password.Access
24 STUNSHELL.Web.Shell. Code Injection 1 1 1
Remote.Code.Execution

Figure 9: Top vulnerabilities identified, sorted by severity and count

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 11 of 17

Malware: Viruses, Bots, Spyware/Adware
Malware infections can be caused by attackers exploiting vulnerable applications, or by tricking users to download infected files
from the Internet using non-vulnerable applications. Malware often targets sensitive personal, financial, or business information
for monetary gain. For a malware to accomplish its goals, it must be able to run without being detected. Providing visibility into
applications on the network, and the ability to detect/block malware helps administrators to guard the business assets and stop
imminent threats.

The FortiGuard AntiVirus Service employs advanced virus, spyware, and heuristic detection engines to enable FortiGate systems
to detect and prevent both new and evolving threats. For AntiVirus see:http://www.fortiguard.com/encyclopedia

The tables below show the common viruses discovered, the botnet C&C communications detected and the spyware/adware
found.

No matching log data for this report

# Botnet Name Malware Type Victim Source Count

1 Mirai.Botnet Botnet C&C 8 24 26
2 Bladabindi.Botnet Botnet C&C 2 1 2

Figure 10: Common viruses, botnet C&C communications, spyware/adware, sorted by count

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 12 of 17

Zero-day Attacks Detected On The Network
A zero-day vulnerability is a previously unknown threat that does not yet have a patch available from the vendor. Commonly used
applications such as web browsers and e-mail client applications are often targeted for the zero-day exploits because of their
widespread distribution and usage; for example, attacks can send a zero-day malware as e-mail attachments which exploit
vulnerabilities in the application opening the attachment.

FortiGuard research team proactively monitors threat landscape and looks for zero-day vulnerabilities; once a zero-day
vulnerability is identified, an advanced signature(s) is developed and pushed out to the customers before a vendor’s patch
release is available. These signatures are unique to Fortinet and play an critical role in the fight against advanced persistent
threats (APTs).

The section below provides a summary of the files analyzed by FortiCloud Sandbox during the last period.

No matching log data for this report

Figure 11: Zero-day malware detected on the network by the on-box AntiVirus scanning, sorted by count

Files analyzed by FortiCloud Sandbox during the last period:

No matching log data for this report

Figure 12: Files analyzed by FortiCloud Sandbox

The list below provides some examples of the malicious files detected by FortiCloud Sandbox.

No matching log data for this report

Figure 13: Examples of malicious files detected by FortiCloud Sandbox

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 13 of 17

Files/File Types Transferred by Applications
Applications that have ability to transfer files can pose a significant risk of data loss: company’s customer data, intellectual
property and confidential business trade secrets can be sent out of the organization via these applications. Knowing which types
of files and content are transferred crossing the network can help administrators to mitigate the risk by setting up appropriate
application policies along with data leak prevention rules on the Fortinet next generation firewall system.

The section below lists the most common files and file types along with the associated application.

No matching log data for this report

Figure 14: Files transferred by applications on the network

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 14 of 17

Recommended Actions
Botnet Infections ( 2 )
Bots can be used for launching denial-of-service (DoS) attacks, distributing spam, spyware and adware, propagating malicious
code, and harvesting confidential information which can lead to serious financial and legal consequences. Botnet infections need
to be taken seriously and immediate action is required. Identify botnet infected computers and clean-up the computers using
AntiVirus software. Fortinet AntiVirus product FortiClient can be used to scan the infected computers and remote botnets from
the computer

Evasive Applications ( 0 )
Proxy applications are often used to conceal their activity and bypass the security control. This represents both business and
security risks to your organization. Implement the application policies to dictate the use of these applications.

P2P and Filesharing Applications ( 0 )

These applications can be used to bypass existing content controls and lead to unauthorized data transfer and data policy
violations. Policies on appropriate use of these applications need to be implmented

Bandwidth Consuming Applications ( 2 )

Applying application policies to regain control in the use of these applications. One of the options would be a traffic shaping rule
to limit consumption.

Deploy a Fortinet Next Generation Firewall to Ensure Application Visibility and Control
Fortinet next-generation firewalls enable organizations to gain visibility on all application traffic and deliver scalable and secure
application control for enterprises. Deploying a Fortinet firewall in your organization and creating secure application policies to
ensure that your network is being used according to the organization’s priorities.

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 15 of 17

About FortiGuard Key Services
Fortinet next-generation firewalls provide the visibility to detect advanced threats within legitimate content, even from
trusted sources and authorized applications. This protection safely enables new applications into your network, but
automatically block any malicious content or behavior. FortiGuard delivers rapid product/service updates and detailed
security knowledge, providing protection from new and emerging threats.

AntiVirus
The FortiGuard AntiVirus Service provides fully automated updates to ensure protection against the latest content level
threats. It employs advanced virus, spyware, and heuristic detection engines to enable FortiGate, FortiMail, and
FortiWiFi appliances, and FortiClient end point security agents, to prevent both new and evolving threats from gaining
access to your network and its valuable content and applications.

AntiSpam
The FortiGuard AntiSpam Service uses both a sender IP reputation database and a spam signature database, along
with sophisticated spam filtering tools on Fortinet appliances and agents, to detect and block a wide range of spam
messages.

Application Control
Application Control protects managed desktops and servers by allowing or denying network application usage based
on policies established by the network administrator. Enterprise applications, databases, web mail, social networking
applications, IM/P2P, and file transfer protocols can all be identified accurately by sophisticated detection signatures.
Application Control signature updates are provided via the global FortiGuard distribution network.

Intrusion Prevention
The FortiGuard Intrusion Prevention Service provides Fortinet customers with the latest defenses against stealthy
network-level threats. It uses a customizable database of more than 5,100 known threats to enable FortiGate and
FortiWiFi appliances to stop attacks that evade conventional firewall defenses. It also provides behavior-based
heuristics, enabling the system to recognize threats for which no signature has yet been developed. The combination
of known and unknown threat prevention enables FortiGate systems to stop the most damaging attacks at the network
border regardless of whether the network is wired or wireless, or whether it is at corporate headquarters or a branch
office.

FortiCloud
FortiCloud is a hosted Security Management and Log Retention service for the FortiGate® product line. It gives you a
centralized reporting, traffic analysis, configuration and log retention tool without the need for additional hardware
and software.

Cloud Sandbox
Identifies custom malware that is not controlled through traditional signatures by directly executing the files in a
cloudbased, virtualized sandbox environment. FortiCloud Sandbox observes and monitors malicious behaviors and
delivers the result to the customer. If the file is malicious, a signature is developed and delivered to the user
community.

IP Reputation
The FortiGuard IP Reputation Service aggregates data from locations and sources around the world that collaborate to
provide up to date information about threatening sources. With breaking intelligence from distributed network
gateways combined with world class research done from FortiGuard Labs, organizations can stay up to date and
proactively block attacks.

Premier Signature Service

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 16 of 17

The FortiGuard Premier Signature Service provides enhanced virus detection and threat analysis support. With the
FortiGuard Premier Signature Service, you can submit requests for custom AV or IPS/ApplicationControl signatures on
a 24x7 basis for prioritized support with guaranteed response times.

Web Filtering
Web Filtering Service provides URL filtering to block access to harmful, inappropriate, and dangerous websites that
may contain phishing/pharming attacks, malware such as spyware, or objectionable content that can expose
organizations to legal liability. Based on automatic research tools and targeted research analysis, real-time updates
enable you to apply highly-granular policies that filter web access based on more than 75 web content categories, and
more than 47 million rated websites - all continuously updated via the FortiGuard Network.

Vulnerability Management Service

The FortiGuard Vulnerability Management Service enables organizations to minimize the risk of vulnerabilities by
quickly discovering vulnerabilities, measuring the potential risk, and then providing the information necessary to
mitigate those risks. Additionally, a compliance reporting function provides organizations with actionable reports that
can identify areas for remediation. These policies are continuously updated to ensure OS regulatory compliance
requirements are met and releases are delivered via the FortiGuard global distribution network.

Application Risk and Control - FortiAnalyzer Host Name: FCGO-FMG200D page 17 of 17