FireEye vs Fortinet for Continuous Security

Posted by UpGuard

FireEye vs Fortinet for Continuous Security

How does the fourth-largest network security company by revenue hold up against the first cybersecurity firm certified by the U.S. Department of Homeland Security? Fortinet's appliances and next generation firewalls (NGFW) have made it a category leader in unified threat management (UTM); let's see how they stack up against FireEye's comprehensive suite of enterprise security solutions.

FireEye is perhaps the more recognizable of the two firms, as the company has been the go-to security firm in many high-profile data breaches in the past few years. As mentioned previously, it was the first cyber security company awarded SAFETY Act certifications by the Department of Homeland Security. Earlier this year, it acquired iSight Partners to expand its threat intelligence capabilities, as well as Mandiant back in 2014 for its endpoint security platform and additional security intelligence resources. Sunnyvale-based Fortinet is another prominent player in the security space: it founded the Cyber Threat Alliance with Palo Alto Networks, McAfee, and Symantec in 2014 to share security threat data across vendors, and runs its FortiGuard Labs internal security research team and Network Security Academy and certification/training program with eight levels of NSE certification.

Free DevOps and Security eBooks

FireEye

Milpitas, CA-based FireEye builds security solutions that focus on network, email, endpoint, mobile, and content security. The company is primarily known for its NX network security devices and HX series endpoint security solutions—widely considered best-in-class, despite the recent discovery of several critical product vulnerabilities. It also provides analytics and forensics via Mandiant, its security consulting firm (acquired in 2014).

Screen_Shot_2016-10-20_at_6.00.28_AM.pngThe FireEye UI. Source: fireeye.com.

Fortinet

Founded in 2000, Fortinet is known for its FortiGate family of solutions: UTM physical and virtual appliances offering firewall, intrusion prevention, web-filtering and malware/spam protection services, among others. Its products include the flagship FortiGate (UTM) line, FortiClient (endpoint security), FortiDB (database security and compliance), and FortiWeb WAF (web application firewall), among others.

fortigate.jpg

The Fortinet interface. Source: Fortinet Video Library / YouTube.com.

 

Side-by-Side Scoring: FireEye vs. Fortinet

1. Capability Set

Fortinet's products are highly capable yet cost-effective even for SMBs. Additionally, its NGFWs utilize advanced application-specific integrated circuit (ASIC) chips for high performance hardware acceleration, low latency, and increased throughput. FireEye has made several key acquisitions as of late in efforts to expand its capability set: Mandiant, nPulse Technologies, iSIGHT Partners, and Invotas. These give FireEye considerable coverage when it comes to end-to-end threat detection and incident response. 

FireEye score_4.png
Fortinet score_4.png

2. Ease of Use

For operators, sysadmins, and network administrators,FireEye's NX-series devices are trivial to configure and deploy. Fortinent's products, however, can be somewhat difficult to use, especially when compared to competing products (e.g., setting up FortiGate web policies and filtering).

 

FireEye score_5.png
Fortinet score_3.png

3. Community Support

Both Fortinet and FireEye have sizable customer bases across the globe and significant followings. Subsequently, community support and resources for the two vendors are abundant: FireEye maintains its own community portal, while Fortinent's Technical Discussion Forums, Fuse Community, and Developer Network offer a plethora of public support resources.

FireEye score_5.png
Fortinet score_5.png

4. Release Rate

Both vendors' solutions are continually updated and patched—Fortinent keeps a public history of its releases on its corporate website (FortiGate/FortiOS is currently at 5.4), while information regarding FireEye's releases can be had through accessing its documentation portal.

FireEye score_4.png
Fortinet score_4.png

5. Pricing and Support

Though FireEye’s entry-level NX 900 appliance has a list price of $9,600, a typical total cost of ownership for its layered protection can exceeds $100,000, making it cost prohibitive for price-conscious firms. In contrast, Fortinet is targeted directly at the SMB: most of its low-end FortiGate NGFWs can be had for well-under $5,000. On the high-end, however, FortiGate firewalls can run between $15,000-30,000.

In terms of support, both vendors offer competent enterprise and paid support options.

FireEye score_570-2-1.png
Fortinet

score_4.png

6. API and Extensibility

FireEye provides APIs across most of its offerings, as well as integrations via API to third-party threat intelligence sources. Fortinet provides an expansive set of well-documented RESTful APIs for most of its products, from FortiWeb Manager to FortiGate/FortiOS.

FireEye score_4.png
Fortinet score_5.png

7. 3rd Party Integrations

Both Fortinet and FireEye products are commonly integrated with 3rd party solutions to scaffold an organization's layered, continuous security framework. Fortinet calls this layered security its Security Fabric and offers an array of fabric-ready integrations out-of-the-box: Carbon BlackBrocade, Centrify, Nozomi Networks, Palerra, Pulse Secure, Qualys, VeriSign, WhiteHat Security, and more. FireEye integration partners include MobileIron, ThreatSync, and Blue Coat, to name a few. 

FireEye score_570.png
Fortinet score_5.png

8. Companies that Use It

Fortinet boasts most of the Fortune 500 as its customer base: ASU, Barnabas Health, NASDAQ OMX, and NEC Group, to name a few. Similarly, FireEye products are in use by Fortune 500s across the world. Customers include Finansbank, Japan Advanced Institute of Science and Technology, Investis, and D-Wave Systems, among others.

FireEye score_570.png
Fortinet score_570.png

9. Learning Curve

Learning how to deploy a rudimentary FireEye installation is trivial but can be difficult when dealing with more expansive infrastructures. Fortinet products do not present users with an especially steep learning curve, except when it comes to configuring policy rules and filters in its FortiGate NGFWs.

FireEye score_570.png
Fortinet score_570.png

10. CSTAR

FireEye scores a solid 807 CSTAR score—similarly, Fortinet's 777 CSTAR score means that its website perimeter security is free from major flaws. However, both lack HttpOnly/secure cookies; additionally, Fortinet's 66% CEO approval rating make the firm's IT assets more susceptible to insider attacks.

FireEye

Screen Shot 2016-10-24 at 6.25.18 AM.png

Fortinet

Screen_Shot_2016-10-20_at_5.54.46_AM.png

 

Scoreboard and Summary

  FireEye Fortinet
Capability Set score_570.png score_570.png
Ease of Use score_570.png score_3.png
Community Support score_570.png score_570.png
Release Rate score_570.png score_570.png
Pricing and Support score_570.png score_570.png
API and Extensibility score_570.png score_570.png
3rd Party Integrations score_570.png score_570.png
Companies that Use It score_570.png score_570.png
Learning Curve score_570.png score_4.png
CSTAR

Screen Shot 2016-10-24 at 6.25.18 AM.png

Screen_Shot_2016-10-20_at_5.54.46_AM.png

Total  4.1 out of 5  4.3 out of 5

Despite the increasing inability to fend off threats on their own, traditional cybersecurity solutions like endpoint protection and firewalls are nonetheless crucial to enterprise security, comprising one layer of an enterprise's layered continuous security framework. UpGuard's resilience platform provides the critical layer of integrity validation for ensuring that all IT assets in your environment—including Fortinet and FireEye appliances, security devices, switches, IoT devices, web apps, and more—are regularly scanned and monitored for misconfigurations and vulnerabilities. Give it a try today, it's free for the first 10 nodes.

Get the Digital Resilience eBook

More Articles

Datadog vs. New Relic

Monitoring tools have come a long way since the early days of Big Brother. Today's solutions have evolved into powerful software troubleshooting and performance analytics platforms capable of deconstructing and analyzing the entire application stack—infrastructure up—for bugs and issues.

 

 

Cisco vs. FireEye for Continuous Security

Who provides better continuous security: the world's largest maker of networking equipment or the first cybersecurity firm certified by the U.S. Department of Homeland Security?

Read Article >

AlienVault vs. Tenable for Continuous Security

As perimeter-based cyber protection falls to the wayside, a new breed of continuous security solutions are emerging that combine traditional endpoint protection with newer technologies like security information and event management (SIEM) and crowdsourced threat intelligence.

Read Article 

 

Topics: vulnerabilities, continuous security

UpGuard customers