Networks are currently undergoing dramatic change. Organizations are simultaneously wrestling with issues such as BYOD, IoT, virtualization, SDN, cloud, the proliferation of applications, Big Data, and the expectations of the next generation of employees to blend their work and their personal lives on a single device of their choosing, with instant access to any data, at any time, from any location.
This has exponentially increased the attack surface that organizations need to be concerned with. For example:
- IoT and cloud solutions mean organizations need to worry about an attack surface that many times may not be visible to IT.
- Many IoT devices are headless, run simple communications protocols, and are unable to run a client or even be patched. They rely exclusively on the access network for security.
- Critical and proprietary business data is being moved into the cloud and managed by third parties. Known as Shadow IT, this trend is expanding, with many organizations simply unaware of where data is currently located or what security measures are in place to protect it.
- The transformation to a digital business model has extended the network beyond the perimeter, which means that today’s networks and their related security are becoming borderless.
- BYOD devices are highly mobile, blend personal and work profiles, and represent real risk as critical data is accessed from public locations, or when devices are lost or stolen.
The problem is compounded by the proliferation of point security products embedded across the distributed network. The tendency as our networks become more complicated is to add new security devices to an already overburdened wiring closet. But the truth is that complexity is the enemy of security. Siloed security solutions with separate management interfaces and no meaningful way to gather or share threat information with other devices on your network are only marginally useful. The truth is, many new solutions never actually get fully deployed because there simply isn’t enough manpower to assign to installing, managing, optimizing, and updating another complicated device.
Instead, the response to increasingly complicated networked environments needs to be simplicity. Securing these evolving environments requires three things:
- Collaborative intelligence – Local and global threat intelligence needs to be shared between security devices, and a coordinated response between devices needs to be orchestrated centrally.
- Segmentation – Networks need to be intelligently segmented into functional security zones. End to end segmentation, from IoT to the cloud, and across physical and virtual environments, provides deep visibility into traffic that moves laterally across the distributed network, limits the spread of malware, and allows for the identification and quarantining of infected devices.
- Universal policy – A centralized security policy engine that determines trust levels between network segments, collects real time threat information, establishes a unified security policy, and distributes appropriate orchestrated policy enforcement
Which is why Fortinet has introduced its new security fabric architecture. It is designed to integrate security technologies for the endpoint, access layer, network, applications, data center, content, and cloud into a single collaborative security solution that can be orchestrated through a single management interface.
The Fortinet Security Fabric’s architectural-based approach is based on five key principles:
1. Scalability: The Fortinet Security Fabric protects the Enterprise from IoT to the Cloud.
A comprehensive security strategy needs both depth (performance and deep inspection) and breadth (end to end.) Security not only needs to scale to meet volume and performance demands, it needs to scale laterally, seamlessly tracking and securing data from IoT and endpoints, across the distributed network and data center, and into the cloud.
The Fortinet Security Fabric provides seamless, ubiquitous protection across the distributed Enterprise, from IoT to the Cloud, as well as inspection of packet data, application protocols, and deep analysis of unstructured content – all at wire speeds.
2. Awareness: The Fabric behaves as a single entity from a Policy and Logging perspective, enabling end-to-end Segmentation in order to reduce the risk from advanced threats.
You not only need to see data that flows into and out of your network, but how that data traverses the network once it’s inside the perimeter.
The Fortinet Security Fabric enables end-to-end network segmentation for deep visibility and inspection of traffic travelling across the network, and control of who and what gets to go where, thereby reducing the risk from advanced threats. This includes high-performance decryption and inspection of encrypted SSL traffic, where many new threats like to hide because most security technologies don’t have enough resources to inspect this data.
3. Security: Global and Local threat intelligence and mitigation information can be shared across individual products to decrease Time to Protect.
Not only does security need to include powerful security tools for the various places and functions of your network, but true visibility and control requires that these discrete elements work together as an integrated security system.
The Fortinet Security Fabric behaves as a single collaborative entity from a Policy and Logging perspective, allowing individual device elements to share Global and Local threat intelligence and threat mitigation information.
4. Actionable: Big Data cloud systems correlate threat information and network data to deliver Actionable Threat Intelligence in real time.
It’s not enough to detect bad traffic or block malware using discrete security devices. You need a common set of threat intelligence and centralized orchestration that allows your security to dynamically adapt as a threat is discovered anywhere, not just in your network, but anywhere in the world.
Fortinet’s Big Data cloud systems centralize and correlate global threat intelligence with local network data to deliver consistent, actionable threat intelligence to every security device in the Fortinet Security Fabric in real time. This ensures that your security devices have a unified view across the distributed attack surface, can share threat intelligence, and respond to threats in a coordinated fashion.
5. Open: Well-defined, open APIs allow leading technology partners to become part of the fabric.
Most organizations have deployed security devices from a dozen or more vendors inside their networks. This represents an significant investment in money and resources. Of course, a truly integrated security fabric will let you maximize these existing investments in security technologies.
This is why Fortinet has developed a series of well-defined, open APIs that allow technology partners to become part of the Fortinet Security Fabric at a number of critical interaction points, including at the hypervisor, the SDN orchestration controller, in the cloud, in the sandbox to detect day-zero threats, and through logging and policy management.
The Fortinet Security Fabric is designed to provide the scalability, awareness, security, , actionable intelligence, and open API strategy your organization needs to secure your evolving digital business. It enables the security, flexibility, performance, collaboration, adaptability, and manageability you demand across your physical, virtual, and cloud environments, from IoT to the cloud.
Learn more about the Fortinet Security Fabric here: http://www.fortinet.com/