SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Enterprise firewalls – Foundation for pervasive security
Wed, 18th Jan 2017
FYI, this story is more than a year old

Cyber resiliency starts with the enterprise firewall. Today's next generation firewalls provide the foundation for pervasive security – at the gateway, inside the network, for remote devices and into the cloud.

Threats come from all directions and enterprises need a security solution that fends off attacks regardless of where they originate or how they try to penetrate the network. Bad actors are upping their game and your challenge is to ensure that your clients can maintain business continuity in the face of a rapidly evolving threat landscape.

“The next generation firewall (NGFW) extends and enhances the functionality of the traditional packet inspection firewall,” says Andrew Khan, Fortinet Senior Business Manager at Ingram Micro, New Zealand's largest distributor of Fortinet's cyber security solutions, “by adding deep packet and stateful inspection as well as IPS, antivirus/malware prevention, application control, encryption, compression, QoS and other capabilities.

In addition, the NGFW enterprise firewall provides a platform for more advanced security and operational functions such as authentication, advanced threat protection, security event and information management (SIEM) and analysis and reporting. In short, the NGFW is at the very heart of a cyber resilient enterprise."

The Fortinet advantages

Fortinet's next generation firewalls, the FortiGate range, incorporate a number of features that place them head and shoulders above competing solutions. “The first differentiator is the FortiOS operating system,” explains Khan. “Tightly integrated into network operations, FortiOS provides a single platform for managing all aspects of the security fabric including configurations, upgrades, reporting and analytics. Network managers have single pane of glass visibility that provides granular level transparency into all aspects of their operations.

“The second feature are the FortiASIC chips,” he continues. “Fortinet's Content Processor FortiASIC (CP8) works outside of the direct flow of traffic, providing high-speed cryptography and content inspection services whilst Fortinet's latest Network Processor FortiASIC (NP6) works in-line with FortiOS functions delivering superior firewall performance for IPV4, IPV6 and multicast traffic with ultra-low latency down to three microseconds.

Fortinet integrates the functions of the content and network processors along with a RISC-based CPU into a single processor - SOC3 - for entry-level FortiGate security appliances used for smaller networks. This simplifies appliance design and enables breakthrough performance without compromising on security. All of these provide the fastest throughput available on the market.

Internal segmentation is another unique feature that sets Fortinet above the competitors. “This is key,” explains Khan, “as internal segmentation isolates data and applications inside the network to provide an extra layer of protection so that even if an intruder sneaks past the gateway the trail into sensitive information will be barred.

Fortinet's security fabric and secure access architecture

These three features – a dedicated secure operating system, super-fast chips and internal segmentation – define Fortinet's security fabric and secure access architecture and provide a platform for extending security to all aspects of the network.

For instance, FortiAnalyser integrates logging, analytics, and reporting into one system so analysts can quickly identify and react to network security threats. FortiAnalyzer supports detailed data capture for forensics and compliance. Similarly, FortiAuthenticator adds advanced user identity management and single sign-on. It also supports two-factor authentication with FortiTokens.

And new to the line-up is FortiSIEM which provides greater visibility into all network operations for tighter control and management. All of these solutions are designed to work together and can all be managed from the FortiOS dashboard.

Continuous updates

To complement the ‘out of the box' security features of Fortinet's FortiGate NGFWs, Fortinet's Security Subscription Services automatically deliver comprehensive security updates directly to your client's firewall. “For enterprise networks,” says Khan, “the FortiGuard Enterprise Bundle includes all of the major and emerging security functions – such as application control, ATP, IPS and more – to help keep your client's network protection one step ahead of attackers. Plus the service provides an on-going revenue stream for you and encourages communications between you and your clients.

‘No computer safe'

With all the focus on state hacking and data leaks, people are realising that total network security is problematic. “Anyone with enough money, time and skills can hack into any system,” concludes Khan. “But with a comprehensive, agile and proactive security fabric in place, like Fortinet's, network managers can immediately detect any unauthorised activity, isolate the malevolent code, mitigate any damage and update their defences to ensure that the attackers cannot perform an encore.

For further information, please contact:

Andrew Khan, Senior Business Manager Email: andrew.khan@ingrammicro.com M: 021 819 793

David Hills, Solutions Architect Email: david.hills@ingrammicro.com M: 021 245 0437

Hugo Hutchinson, Business Development Manager Email: hugo.hutchinson@ingrammicro.com P: 09 414 0261 | M: 021 245 8276