FortiGuard AI-Powered Security Services Bundles for FortiGate NGFWs
Flexible, layered AI-powered bundles deliver cost-effective and proactive protection
Download Bundles Brief Download Ordering Guide
FortiGuard Bundles
Flexible, Comprehensive Security for the Modern Threat Landscape
In an era defined by complex compliance, shadow AI, and AI-supercharged malware, your security needs to be intelligent, adaptable, and scalable. FortiGuard AI-Powered Security Services provide the real-time, dynamic, comprehensive protection your organization demands.
Real-time, Always-on, AI-Powered Defense
FortiGuard Labs delivers more than 20 services, integrated across the Fortinet Security Fabric. This unified approach delivers AI-powered, layered, and proactive defense against all manner of known and new, evolving threats. These include attacks ranging from AI-enhanced ransomware, malware, and zero-day exploits to evasive emerging threats like promptware and AI-driven attacks, targeting IT and OT networks. FortiGuard services help ensure compliance and maintain a high security posture.
These AI-powered services are available a-la-carte or as bundles. They are designed to protect all critical assets: networks, files, content, applications, web traffic, SaaS deployments, data, users, and critical infrastructure.
The Modern Threat: Undermining Security, Compliance, and Data Trust
Organizations today are under siege by a perfect storm of evolving AI-powered threats, making it harder than ever to secure data, maintain regulatory compliance, and control sensitive information. This foundational instability is driven by three core, compounding problems:
- Complex Compliance and Regulatory OverloadThe modern attack surface is vast, fragmented, and poorly understood, leading to significant security blind spots. Compliance in the era of AI is getting more complicated, and organizations suffer from poor visibility into their full attack surface. As a result, critical vulnerabilities and configuration weaknesses often go undetected.
- The Rise of Shadow AI and Data ExfiltrationThe convenience of AI tools is introducing uncontrolled risks to sensitive corporate data. The increasing use of shadow AI is directly driving up the risk of data exfiltration. Employees are pasting confidential content into external AI tools and sharing source code to online communities, creating severe, unmonitored data loss vectors.
- AI-Supercharged Malware and Exploit EscalationThreat actors are leveraging AI to accelerate attacks, making traditional security defenses struggle to keep pace. We are seeing a major increase in file-based malware supercharged by AI and a rise in sophisticated zero-day exploits. Furthermore, outdated out-of-band inspection methods are slowing down critical business operations.
FortiGuard Bundles
FortiGuard AI-Powered Security Services protect your entire attack surface against these critical threats while offering the flexibility to tailor protection to your specific requirements. Choose a-la-carte or select from our powerful, building-block bundles: The ENT bundle for comprehensive attack surface security, the UTP bundle for web + network security, and the ATP bundle as a first line of defense to ensure you receive the real-time protection and maximum value your organization requires.
- ENT Bundle: Comprehensive Defense
What it is: Ultimate security for your entire attack surface - networks, web, file, SaaS, data, and devices. Includes ATP and UTP.
Why ENT? Protect against AI threats, meet compliance, scale, and future-proof security with the lowest cost per service.
What's included: All ATP + UTP features, plus, DLP, attack surface security monitoring and risk scoring, AI-based inline malware prevention, and IoT detection and vulnerability correlation.
What's not included: OT-specific device and protocol recognition. Add the OT Security Service for OT environments.
- UTP Bundle: Advanced Defense for Web and the Modern Network
What it is: Advanced protection across the network and web. Includes ATP services. Blocks more threat vectors. Included in the ENT bundle.
Why UTP? Protect against the rising tide of web-based threats, intrusions, and malware.
What's included: Everything in ATP + URL/DNS filtering, video filtering, and anti-botnet/C2 communication services.
What's not included: Advanced DLP, inline malware protection, IoT detection, attack surface monitoring. Consider the ENT bundle (above) for comprehensive security.
- ATP Bundle: Essential First Line of Defense
What it is: Protection against known network intrusions and malware. Included in the ENT Bundle.
Why ATP?: Provides core security services necessary to protect your core network and file-based threats.
What's included: Foundational security services including: IPS, antivirus, FortiSandbox SaaS, application control, and inline CASB.
What's not included: Critical web/DNS security (URL/DNS filtering, anti-botnet), DLP, inline malware prevention service, IoT security, attack surface monitoring. Consider the ENT bundle (see above) for comprehensive security against the modern threat landscape.
Features and Benefits
Fights AI with AI
Proactive, real-time defense against AI threats powered by FortiGuard Labs
Scales Protection Tiers
Scalable security that adapts to your evolving threat landscape
Targets Risk Protection
Curated, AI-powered services that directly address specific threat vectors and organizational risks
Optimizes Cost Efficiency
Significant cost savings, maximizing the value of your security investment
Streamlines Management
Simplified procurement and reduced operational complexity, with bundled services
Use Cases
Shadow AI Protection
Enhanced data security to secure sensitive content and prevent data exfiltration
Attack Surface Visibility
Unified, correlated intelligence for clear visibility into all assets and immediate risk scoring
Data Center Security
Protects north-south traffic into and out of the data center and secures access with ZTNA
Internal Network Segmentation
Isolates internal network segments to prevent lateral movement of threats and contain breaches, protecting critical workloads and applications
Complex Environments
Protects organizations with a complex attack surface that includes on-premises, hybrid, and cloud across IT and OT
Edge and Internet Perimeter
Provides robust protection at your network edge, securing direct internet access from advanced threats, malware, and web-based risks
SASE
Delivers converged network and security services for distributed users and cloud resources, ensuring secure access from anywhere, anytime
Regulatory compliance
Helps HQ, branch, and campus environments meet compliance mandates, especially in regulated environments
Cloud and SaaS Deployments
Extends consistent protection to cloud infrastructure and SaaS applications, enabling secure adoption and defense in hybrid environments
Comparing Bundles
| FortiGuard Security Services | Available A La Carte | Advanced Threat Protection | Unified Threat Protection | Enterprise Protection |
|---|---|---|---|---|
| Intrusion Prevention System (IPS) | ✔ | ✔ | ✔ | ✔ |
| Advanced Malware Protection (AMP) | ✔ | ✔ | ✔ | ✔ |
Antivirus |
✔ | ✔ | ✔ | ✔ |
Botnet |
✔ | ✔ | ✔ | ✔ |
Mobile Malware |
✔ | ✔ | ✔ | ✔ |
Outbreak Prevention |
✔ | ✔ | ✔ | ✔ |
Sandbox SaaS (detection only) |
✔ | ✔ | ✔ | ✔ |
| AI-based Inline Malware Prevention | ✔ | ✔ | ||
| Web Security | ✔ | ✔ | ✔ | |
Web and Content Filtering |
✔ | ✔ | ✔ | |
Secure DNS Filtering |
✔ | ✔ | ✔ | |
Video Filtering |
✔ | ✔ | ✔ | |
Anti-Botnet & C2 |
✔ | ✔ | ||
| Attack Surface Security Rating | ✔ | ✔ | ||
IoT Security |
✔ | ✔ | ||
Security Self-check |
✔ | ✔ | ||
| Inline SaaS Application Security (CASB) | ✔ | ✔ | ✔ | ✔ |
| Data Loss Prevention | ✔ | ✔ | ||
| OT Security | ✔ | |||
OT Device Detection |
✔ | |||
OT Virtual Patching |
✔ | |||
OT Industrial Signature |
✔ | |||
| SD-WAN and SASE Services | Available A La Carte | Advanced Threat Protection | Unified Threat Protection | Enterprise Protection |
| SD-WAN Underlay Bandwidth and Quality Monitoring | ✔ | |||
| SD-WAN Overlay Orchestration Management | ✔ | |||
| SD-WAN Connector for SASE Secure Private Access | ✔ | |||
| SASE for FortiGate (including 10 Mbps) | ✔ | |||
| NOC and SOC Services | Available A La Carte | Advanced Threat Protection | Unified Threat Protection | Enterprise Protection |
| FortiConverter | ✔ | ✔ | ||
| FortiManager Cloud | ✔ | |||
| FortiAnalyzer Cloud | ✔ | |||
Indicator of Compromise Detection |
✔ | |||
Outbreak Alerts |
✔ | |||
| Managed FortiGate (NOC) | ✔ | |||
| SOC-as-a-service | ✔ |
Available FortiCare Support
| FortiCare Included Features | Per-device Service Options | |
|---|---|---|
| FortiCare Premium (included) | FortiCare Elite (upgrade) | |
| RMA | Advanced replacement (PRMA available) | Advanced replacement (PRMA available) |
| Web Support | ✔ | ✔ |
| Telephone Support | ✔ | ✔ |
| Firmware Updates | ✔ | ✔ |
| Asset Management Portal | ✔ | ✔ |
| Response Time (critical issue) | 1 hour | 15 mins |
| Response Time (non-critical issue) | Next business day | 2 business hours |
| Extended End-of-Engineering-Support (E-EoES) for Long Term Supported Firmware (LTS) of 18 months* | - | ✔ |
| Device Insights and Monitoring Portal (FortiCare Elite Portal) | - | ✔ |
*Currently available for FortiGate only
FortiGuard AI-Powered Security Services
Powered by FortiGuard Labs, Fortinet’s cybersecurity threat research and development organization, FortiGuard AI-powered security services offer real-time, proactive, and layered protection for organizations anywhere, anytime. Always on, this suite of 20+ services identifies, protects, and responds to a broad range of threats. These include everything from the most common ransomware, malware, known and unknown threats to emerging promptware, unseen, and AI-driven cyberthreats.
FortiGuard Antivirus Service
Protects against the latest polymorphic attacks, viruses, malware (including ransomware), and other threats.
FortiGuard AI-based Inline Malware Prevention Service
Performs AI-powered real-time inspection of files for protection against unknown threats, zero-days, and sophisticated file-based attacks.
FortiGuard IPS Service
Utilizes the latest threat intelligence to perform deep packet inspection/SSL inspection of network traffic to detect and block malicious traffic and activities.
FortiGuard DNS Security Service
Provides full visibility into DNS traffic while blocking high-risk domains including malicious newly registered domains (NRDs) and parked domains.
FortiGuard URL Filtering Service
Uses AI-powered behavior analysis and correlation to block unknown malicious URLs almost immediately, with near-zero false negatives.
FortiGuard Attack Surface Security Service
Assesses and rates your Security Fabric infrastructure and controls against best practices and major security and compliance frameworks. Includes coverage for connected IoT devices.
FortiGuard Anti-botnet and C2 Service
Blocks unauthorized attempts to communicate with compromised remote servers for both receiving malicious commands and extracting information.
FortiGuard Data Loss Prevention Service
Enterprise DLP services protect against data breaches, insider threats, and data exfiltration. Explore FortiGuard DLP Service to safeguard sensitive information and ensure compliance with over 500 data patterns.
FortiGuard Application Control Service
Allows the creation of policies to allow, deny, or restrict access to applications and keep malicious, risky, and unwanted applications out of the network.
Cloud Access Security Broker
Provides a dual-mode (inline and API-based) cloud access security broker (CASB) solution for securing applications, monitoring their usage, and safeguarding related data.
FortiGuard OT Security Service
Extends IPS protections to identify and police most of the common ICS/OT/SCADA protocols to detect and block exploits targeting OT vulnerabilities.
FortiGuard AntiSpam Service
Dramatically reduces spam at the perimeter through a multi-layered approach to filtering unwanted and malicious email.
Resources
Get Comprehensive, Scalable Protection with FortiGuard AI-Powered Security Services Bundles for FortiGate Next-Generation Firewalls »
Optimized for FortiGate NGFWs, these curated service bundles help security and network teams protect their environments with layered, adaptive defense, whether at the branch, campus, data center, or in the cloud.
FortiGuard AI-Powered Security Services »
The suite of FortiGuard AI-Powered Security Services delivers real-time multilayered, proactive defense to safeguard networks, applications, files, web traffic, data, devices, cloud workloads, and users from traditional and AI-driven attacks.
FortiGate Subscriptions & FortiGuard Bundles Ordering Guide »
FortiGate Subscriptions & FortiGuard Bundles Ordering Guide
AI-Powered Threat Protection for Small and Midsize Businesses »
SMBs need the same caliber of protections that enterprises do. FortiGuard AIPowered Security Services is developed and continually updated with the latest threat intelligence of FortiGuard Labs.
Stop Zero-Day Threats with the FortiGuard AI-based Inline Malware Prevention Service »
Instead of forcing a choice between security and performance, the FortiGuard AI-based Inline Malware Prevention Service holds suspicious files until they are found to be safe, without any performance impact.
FortiGuard DNS Filtering Service Brief »
The FortiGuard DNS Filtering Service provides full visibility into DNS traffic while blocking high-risk domains. It protects against sophisticated DNS-based threats including DNS tunneling, DNS spoofing, dynamic DNS, and Domain Generation Algorithms (DGAs).
FortiGuard URL Filtering Service Brief »
Stop web-based threats by blocking URLs associated with malicious websites and webpages, including those used in phishing, credential theft, and malicious payloads, such as downloaders and ransomware.
FortiGuard Antivirus Service Brief »
By leveraging the technology stack and FortiGuard Labs global threat intelligence, FortiGuard Antivirus provides comprehensive protection against a wide range of threats, including viruses, malware, ransomware, and zero-day attacks.
FortiGuard Attack Surface Security Service »
The FortiGuard Attack Surface Security Service is integrated into FortiGate Next-Generation Firewalls (NGFWs) and continuously monitors and assesses the Fortinet Security Fabric infrastructure and controls at your organization to provide an overall rating of your security posture.
