by RSS Bill McGee and John Maddison  |  Sep 26, 2016  |  Filed in: Industry Trends & News

Networks are evolving rapidly. The transformation to a digital business model has extended the network beyond the perimeter, which means that today’s networks and their related security are becoming borderless. IoT and cloud solutions require organizations to worry about an attack surface that may not even be visible to IT. Worse, many IoT devices are headless, run simple communications protocols, and are unable to run a client or even be patched. Instead, they rely exclusively on the access layer for security.

In addition, critical and proprietary business data is being moved into the cloud and managed by third parties. Which means that many organizations are simply unaware of where their data is currently located, or what security measures are in place to protect it. And endpoint devices are not only highly mobile, they increasingly blend personal and work profiles, representing real risk as critical data is accessed from public locations, or when devices are lost or stolen.

Securing today’s evolving network environments requires four things:

  1. Visibility – You can’t defend what you can’t see. You need to identify every element on your network, visualize how these components interact in order to identify potential attack vectors, and use that information to establish and enforce more effective policies and mitigation strategies 
  2. Segmentation –End-to-end segmentation, from IoT to the cloud, and across physical and virtual environments, enables deep visibility into traffic that moves laterally across the distributed network, and can be used to limit the spread of malware and allows for the identification and quarantining of infected devices.
  3. Automated Operations  - Dynamically sharing local and global threat intelligence between security devices allows for a centrally orchestrated a coordinated threat response to stop a threat anywhere along the attack chain.
  4. Security Audit – Centralized management and log analysis, combined with next-generation SIEM technology allows a security architecture to automatically determine and monitor trust levels between network segments, collect and store real time threat information for forensic analysis, establish and update security policy, make recommendations based on security posture, and orchestrate appropriate policy enforcement anywhere across the expanded network.

What is increasingly clear is that the sort of security today’s organizations require cannot be delivered by the legacy security solutions they currently have in place. Fortinet’s Security Fabric takes a new approach, by integrating technologies for the endpoint, access layer, network, applications, data center, content, and cloud into a single collaborative security solution that can be orchestrated through a single management interface.

It is based on five innovative attributes:

1. Scalable: The Fortinet Security Fabric is designed to protect the entire Enterprise, from IoT to the Cloud.

A comprehensive security strategy needs both depth (performance and deep inspection) and breadth (end to end.) Security not only needs to scale to meet volume and performance demands, it needs to scale laterally, by seamlessly tracking and securing data from IoT and endpoints, across the distributed network and data center, and into the cloud. The Fortinet Security Fabric also provides the inspection of packet data, application protocols, as well as the resource-intensive deep analysis of unstructured content – all at wire speeds.

2. Secure: The Fortinet Security Fabric shares global and local threat intelligence and direct mitigation information between individual security products, enabling a coordinated response across the network that accelerates the Time to Protect.

Not only does security need to include powerful security tools deployed across the various places and functions of your network, but true security requires that these discrete elements work together as an integrated threat detection and response system. The Fortinet Security Fabric combines local intelligence collected from across the network with Fortinet’s targeted global threat updates, and distributes them as actionable policies to enable a cross-network coordinated response to identified threats and anomalous behavior.

3. Aware: The Security Fabric leverages the power of dynamic network segmentation to expand visibility deep into the network, better detect malware and anomalous behavior, and immediately impose and enforce policy to reduce the risk from advanced threats.

You not only need to see data that flows into and out of your network, but how that data traverses the network once it’s inside the perimeter. The Fortinet Security Fabric enables end-to-end network segmentation for deep visibility and inspection into traffic travelling the network, combined with collaborative control of who and what gets to go where, thereby reducing the risk from advanced threats.

4. Actionable: Fortinet’s cloud-based big data systems correlate collected threat information, log files, and network data to deliver Actionable Threat Intelligence in real time.

It’s not enough to detect bad traffic or block malware using discrete security devices. You need a common set of threat intelligence and centralized orchestration that allows your security to dynamically adapt as a threat is discovered not just in your network, but anywhere in the world. Fortinet’s Big Data cloud systems centralize and correlate threat information, log files, and network data to automatically deliver actionable threat intelligence to every security device in your network’s security fabric, in real time.

5. Open: The Fortinet Security Fabric’s well-defined, open APIs and the next-generation FortiSIEM solution allow leading technology partners to become part of and extend the capability of the fabric.

Of course, a true security fabric will let you maximize your existing investment in security technologies. Not only are the components of the Fortinet Security Fabric designed to work together as a holistic security system, we have also developed a series of APIs that allow Alliance Partners to actively connect to the Fortinet Security Fabric in order to further enhance your organization’s visibility, control, and response.

These API integration points include

  • Cloud
  • Virtualization 
  • SDN Orchestration
  • Endpoint & IoT
  • Vulnerability Management
  • SIEM
  • Management
  • Network & Security Operations.

Integration goes beyond simply allowing third-party solutions to collect or redirect data and traffic. Fabric-Ready Alliance solutions can be integrated with the Fortinet Security Fabric to actively collect and share threat information and mitigation instructions in order to improve threat intelligence, enhance overall threat awareness, and broaden threat response from end to end.

Summary

The enterprise transition to a digital business model is driving the necessary evolution of the network. However, this evolution is also one of the most challenging aspects of network security today. As significant trends in computing and networking continue to drive change across critical business infrastructures, organizations need a new innovative network security approach to help them embrace that change.

The Fortinet Security Fabric provides the scalability, security, awareness, actionable intelligence, and open API strategy today’s organizations need to thrive in the digital economy. Combined, these attributes enable the Security Fabric to provide the holistic visibility and control that today’s highly dynamic and distributed networks require.

by RSS Bill McGee and John Maddison  |  Sep 26, 2016  |  Filed in: Industry Trends & News