Orange Business Services and Fortinet partner on SASE

Orange Business Services and Fortinet are partnering to deliver a disruptive approach to Secure Access Service Edge (SASE) by integrating Fortinet’s Security-driven Networking technologies into the Orange telco cloud infrastructure. 

This next chapter in the Orange-Fortinet partnership, which has also yielded Flexible SD-WAN based on Fortinet Secure SD-WAN, provides the foundation for cloud-native transformations at scale for improved business agility and resilience. The result is a fully controlled end-to-end globally available SASE solution that bridges the gap between the user and the application. It delivers a secure and managed service from the Orange telco cloud infrastructure, boosted by cybersecurity expertise and capabilities with Orange Cyberdefense.

“Digital acceleration and the shift to support ‘work from anywhere’ is driving the hybrid convergence of networking and security to enable zero trust across all edges. Expanding upon our longstanding relationship with Orange, we’re pleased to further integrate our Security-driven Networking technology into the Orange infrastructure to enable a converged networking and security solution, unmatched in terms of visibility, management capabilities, resilience, and user experience,” explains John Maddison, EVP of products and CMO, Fortinet.

“This innovative partnership is a continuation of our cloud-focused network evolution. By integrating Fortinet Security-driven Networking technologies into the Orange telco cloud infrastructure, we enable our customers to easily adopt a cloud-native environment that is increasingly critical for businesses globally. At Orange Business Services, we facilitate the deployment and take-up of technologies that drive innovation and business growth for our customers in a fast and secure way,” says Anne-Marie Thiollet, EVP, Global Solutions, Orange Business Services.

Read More

Fortinet cites 7 new SD-WAN Service Provider partnerships

Fortinet announced seven new service providers – Convergia, Eastern Communications, Halo Global, Lintasarta, Ooredoo Qatar, PLDT, and Transtelco – have added Fortinet Secure SD-WAN to their managed service portfolios. 

Fortinet Secure SD-WAN integrates SD-WAN, next-generation firewall (NGFW), advanced routing, and ZTNA access proxy functions, and has recently received a number of third-party recognitions from industry analysts. Fortinet was named a Leader in the 2021 Gartner Magic Quadrant for WAN Edge Infrastructure and ranked #1 for three out of five use cases in the 2021 Gartner Critical Capabilities for WAN Edge Infrastructure. Fortinet was also named a top SD-WAN vendor in the 2021 Frost Radar and received Frost & Sullivan’s 2021 Global SD-WAN Vendor Product Leadership Award.

“Fortinet Secure SD-WAN empowers MSSPs with a Security-driven Networking approach through the convergence of networking and security to deliver value-added services that solve their customers’ biggest challenges, such as securing digital acceleration and enabling work-from-anywhere. Seamless integration with the Fortinet Security Fabric, the industry’s highest performing cybersecurity mesh platform, ensures MSSPs can easily grow their business with new and differentiated managed SD-WAN and security services,” states John Maddison, EVP of Products and CMO at Fortinet.

https://www.fortinet.com

Read More

Verizon Business adds Fortinet to its SD-WAN portfolio

Verizon Business has added Fortinet Secure SD WAN to its global SD WAN offering.

“The quick transition to hybrid and/or remote working models opened new avenues for cyber threat actors,” said Sampath Sowmyanarayan, Chief Revenue Officer for Verizon Business. “Solutions like Verizon’s Software Defined Secure Branch with Fortinet add those layers of security that help safeguard your employees, your business and ultimately your customers against cyberattacks.”

 Fortinet Secure SD WAN, which integrates SD WAN, firewall, and advanced routing, works with many types of network transports including MPLS, broadband, and wireless.

“Fortinet is committed to supporting our partners and customers with innovative Secure SD WAN technology based on a security-driven networking approach that tightly integrates an organization’s network infrastructure and security architecture,” said John Maddison, EVP of products and CMO at Fortinet. “By leveraging Fortinet Secure SD WAN, Verizon enables organizations to take a ‘work from anywhere’ approach to their network and security to support remote and hybrid workforces.”

 

Read More

AT&T Cybersecurity launches Managed SASE with Fortinet

AT&T launched managed Secure Access Service Edge (SASE) powered by Fortinet.

AT&T SASE with Fortinet is a global managed SASE solution at scale that unifies software-defined wide-area network (SD-WAN) with essential network security functions of the SASE framework and 24x7 management. 

As the largest SD-WAN Managed Service Provider in North America, and one of the world’s largest Managed Security Services Providers (MSSPs), AT&T said it has a unique understanding of what businesses need as they modernize and transform their networks, including the importance of security being a critical component of any business initiative. The inclusion of around-the-clock management helps relieve the burden of deployment and day-to-day support, with Security Operations Center (SOC) analysts acting as an extension to a business’ network and security teams.

AT&T SASE with Fortinet integrates with AT&T Alien Labs Threat Intelligence platform, enabling and unlocking multiple response actions, which provide SOC analysts visibility into network security, allowing them to respond to alarms effectively and efficiently.

“With the convergence of networking and security, organizations are struggling with managing and protecting applications and data accessing the network. AT&T’s heritage in providing integrated business solutions with managed services, and our best-in-class fiber and 5G connectivity solutions, uniquely position us to deliver on the promise of SASE. The solution will provide visibility and management for a more resilient network, making it safer for businesses to adapt and innovate,” states Rupesh Chokshi, VP, AT&T Cybersecurity.

Read More

Masergy adds SASE to SD-WAN

Masergy is strengthening its SD-WAN Secure solution to offer Secure Access Service Edge (SASE) capabilities, including:

Cloud Firewalls Expanding to All Global POPs: Fortinet’s FortiGate Next-Generation Firewalls integrate NGFW and SD-WAN capabilities on a single platform and are deployed in all of Masergy’s SD-network points of presence (POPs) as well as integrated into its SD-WAN and security policies. This not only allows for consistent security policies across all SD-WAN devices and security alert metrics all within one portal, but the expanded global infrastructure also enables fully managed firewall services across the globe.

Cloud firewalls have the distinct advantage of fast deployment and agility, but clients with larger offices may still prefer on-premise firewall appliances when performance, user experience, and total cost of ownership are key goals. For this reason, Masergy provides hybrid options with the ability to put firewalls in the cloud and at the network edge. While the SASE market is still rapidly evolving, this flexibility is unique and purposely designed to serve the enterprise.

CASB from Bitglass: Masergy has tightly integrated the Bitglass CASB solution into its software-defined network and cloud platform.

Secure Web Gateway from Fortinet: Masergy has standardized its cloud platform around Fortinet's best-in-class secure web gateway (SWG) solution. Fortinet firewalls protect network traffic at a packet level, and the FortiGate SWG protects IP traffic at an application level—both in the cloud and on-premise.

In addition to SWG, cloud-based application control and content filters include granular per-app and per-user visibility with Masergy’s Identity-Based WAN Analytics. And as a managed security services provider, Masergy also offers a full complement of cybersecurity solutions—from threat monitoring and endpoint detection and response, all the way up to full 24/7 management.

High-Performance SD-WAN Built on 20 Years of Experience: Centralized management features make SD-networks the standard operating system used to converge SASE technologies, and Masergy began pioneering SD-networking platforms 20 years ago. SASE services also depend on cloud infrastructure and performance, so it is only logical that network stability is crucial for success. With the industry’s most competitive service level agreements, Masergy’s network and cloud platform consistently delivers less than 1 millisecond of jitter.

Zero Trust Network Access: Masergy continues to build out Zero Trust Network Access capabilities with a near-term roadmap that includes single sign on (SSO), authentication, and authorization based on user, device, and location, which enforces highly granular access controls on a need-to-have basis.

Additionally, the company is integrating its AIOps solution so that it seamlessly interoperates across its SASE capabilities. Masergy AIOps acts as a virtual network engineer, automatically evaluating the network and making recommendations to optimize performance. Masergy aims to deliver AI-driven SASE solutions and autonomous networking.

https://www.masergy.com/press-releases

Read More

Fortinet acquires OPAQ Networks for SASE

Fortinet has acquired OPAQ Networks, a Secure Access Service Edge (SASE) cloud provider based in Herndon, Virginia. Financial terms were not disclosed.

OPAQ’s Zero Trust Network Access (ZTNA) cloud solution protects organizations’ distributed networks – from data centers, to branch offices, to remote users, and Internet of Things (IoT) devices.

Fortinet said OPAQ’s patented ZTNA solution enhances its own SASE offering to form the best-in-class SASE cloud security platform with the industry’s only true Zero Trust access and security by providing industry-leading next-generation firewall and SD-WAN capabilities, web security, sandboxing, advanced endpoint, identity/multi factor authentication, multi-cloud workload protection, cloud application security broker (CASB), browser isolation, and web application firewalling capabilities.

Ken Xie, Founder, Chairman of the Board, and CEO, states: "The recent SASE market momentum further validates our Security-driven Networking approach and underscores what we’ve been saying for years. In the era of hyperconnectivity and expanding networks, with the network edge stretching across the entire digital infrastructure, networking and security must converge. In fact the acquisition of OPAQ actually further enhances our existing SASE offering. Now, we will deliver the most complete SASE platform on the market with the broadest security and industry-leading SD-WAN and networking offerings that can all be delivered to customers and partners through a flexible, cost efficient and patented zero-trust cloud architecture."

Read More

Spark NZ picks Fortinet Secure SD-WAN

Spark NZ has chosen Fortinet Secure SD-WAN to expand and differentiate its service offerings to corporate, enterprise and government customers. 

Fortinet is building on a partnership with Spark that, most recently, resulted in delivering one of the largest technology migrations in New Zealand. The physical migration of 2,500 sites, many in remote locations, was aided by API-driven automation to successfully and seamlessly finish ahead of schedule. Fortinet is now partnering with Spark to achieve complete WAN transformation for a number of other major clients across New Zealand.

In addition to leveraging Fortinet Secure SD-WAN to deliver services to their customers, Spark has also chosen to deploy Fortinet Secure SD-WAN across their own retail locations, resulting in improved performance, strengthened services from an infrastructure perspective, and increased network stability.

“We’re proud to partner with Spark NZ and share its commitment to delivering security-driven networking solutions. Fortinet Secure SD-WAN offers service providers like Spark the ability to onboard customers faster and deliver a solution that enhances customers’ application and cloud experience,” states John Maddison, EVP of products and CMO at Fortinet.

NTT West picks Fortinet Secure SD-WAN and SD-Branch

Thursday, May 07, 2020  Fortinet, NTT, SD-WAN  

NTT West has selected Fortinet’s Secure SD-WAN and SD-Branch solutions as the foundation of its "FLET’S SDx" subscription service. NTT West's service, which enables centralized management of both WAN and LAN, comes with built-in security features enabled by Fortinet’s FortiGate Next-Generation Firewall (NGFW) to provide customers with a flexible, secure network environment that adapts rapidly to change. Fortinet cited the following advantages to...

READ MORE

Read More

NTT West picks Fortinet Secure SD-WAN and SD-Branch

NTT West has selected Fortinet’s Secure SD-WAN and SD-Branch solutions as the foundation of its "FLET’S SDx" subscription service.

NTT West's service, which enables centralized management of both WAN and LAN, comes with built-in security features enabled by Fortinet’s FortiGate Next-Generation Firewall (NGFW) to provide customers with a flexible, secure network environment that adapts rapidly to change.

Fortinet cited the following advantages to its platform:

• Centralized management for the entire branch: Organizations can manage both their WAN Edge and LAN from a central location, which consolidates the entire branch operations and improves visibility, control, and operational efficiency.
• Automation-driven operations: As part of its Secure SD-WAN solution, Fortinet offers zero-touch provisioning, which eliminates the need for local configuration even at remote office locations, reducing the need for additional IT personnel.
• Integrated Security: Advanced security features such as next-generation firewall, antivirus, web filtering, intrusion prevention and application control are integrated into the FLET’s SDx service to protect enterprise networks.

“Through our Secure SD-WAN and SD-Branch solutions, Fortinet is positioned to support NTT West as it delivers a flexible, agile solution to customers,” said John Maddison, EVP of Products and CMO of Fortinet. “By leveraging a security-driven networking approach, Fortinet’s solution addresses multiple uses cases and can grow with businesses as they require further connectivity to multiple clouds, open new branch offices, and adapt to digital innovation requirements.”

Read More

Fortinet reports Q1 sales of $576.9 million, up 22% YoY

Fortinet reported Q1 2020 total revenue of $576.9 million, an increase of 22.1% compared to $472.6 million for the same quarter of 2019. GAAP net income was $104.0 million for the first quarter of 2020, including $28.3 million from gain on intellectual property matter, net of tax, compared to GAAP net income of $58.8 million for the same quarter of 2019. Non-GAAP net income was $104.4 million for the first quarter of 2020, compared to non-GAAP net income of $80.8 million for the same quarter of 2019.

“Our strong first quarter performance is the result of strategic internal investments we made to deliver industry-leading products and services, expand into adjacent addressable markets, grow our global sales force and invest in the channel,” said Ken Xie, Founder, Chairman and Chief Executive Officer. “Fortinet is an important strategic partner to our customers. Our proprietary FortiASIC security processing unit (SPU) can deliver 10 times the VPN throughput capacity of comparable competitor solutions to support teleworkers. This significant competitive advantage is one reason we believe we will continue to gain market share during a period of tougher economic conditions. We believe our industry-validated teleworker and secure SD-WAN offerings, along with our SPU-driven FortiGates, Security Fabric platform and hybrid- and multi-cloud offerings, provide companies with more cost-effective solutions across their entire digital infrastructure.”

Some highlights:

• Product revenue was $192.3 million for the first quarter of 2020, an increase of 18.2% compared to $162.7 million for the same quarter of 2019.
• Service revenue was $384.6 million for the first quarter of 2020, an increase of 24.1% compared to $309.9 million for the same quarter of 2019.

Read More

GTT adds Fortinet to SD-WAN portfolio

GTT Communications has expanded its SD-WAN service offering by adding Fortinet Secure SD-WAN as a technology option over any last-mile access. It includes Fortinet's integrated next generation firewall and unified threat management functionality combined with an SD-WAN edge device and router.

“Clients rely on GTT to securely connect their locations across the world and to every application in the cloud,” stated Rick Calder, GTT president and CEO. “Our broad portfolio of SD-WAN service options, that now includes Fortinet, ensures that clients can run their applications with superior security, performance and reliability to support their business goals.”

Read More

Blueprint: The Power of Intent-Based Segmentation

by Peter Newton, senior director of products and solutions, Fortinet

Time-to-market pressures are driving digital transformation (DX) at organizations. This is not only putting pressure on the organization to adapt to a more agile business model, but it is also creating significant challenges for IT teams. In addition to having to build out new public and private cloud networks, update WAN connectivity to branch offices, adopt aggressive application development strategies to meet evolving consumer demands, and support a growing number of IoT and privately-owned end-user devices, those same overburdened IT workers need to secure that entire extended network, from core to cloud.

Of course, that’s easier said than done.

Too many organizations have fallen down the rabbit hole of building one security environment after the other to secure the DX project du jour. The result is an often slap-dashed collection of isolated security tools that actually diminish visibility and restrict control across the entire distributed network. What’s needed is a comprehensively integrated security architecture and security-driven networking strategy that ensures that not a single device, virtual or physical, is deployed without there being a security strategy in place to protect it. And what’s more, those security devices need to be seamlessly integrated together into a holistic security fabric that can be centrally managed and orchestrated.

The Limits of Traditional Segmentation Strategies

Of course, this is fine for new projects that will expand the potential attack surface. But how do you retroactively go back and secure your existing networked environments and the potentially thousands of IoT and other devices already deployed there? CISOs who understand the dynamics of modern network evolution are insisting that their teams move beyond perimeter security. Their aim is to respond more assertively to attack surfaces that are expanding on all fronts across the enterprise.
Typically, this involves segmenting the network and infrastructure and providing defense in-depth leveraging multiple forms of security. Unfortunately, traditional segmentation methods have proven to be insufficient in meeting DX security and compliance demands, and too complicated to be sustainable. Traditional network segmentation suffers from three key challenges:

1. A limited ability to adapt to business and compliance requirements – especially in environments where the infrastructure is constantly adapting to shifting business demands.
2. Unnecessary risk due to static or implicit trust – especially when data can move and devices can be repurposed on demand
3. Poor security visibility and enforcement – especially when the attack surface is in a state of constant flux

The Power of Intent-based Segmentation

To address these concerns, organizations are instead transitioning to Intent-based Segmentation to establish and maintain a security-driven networking strategy because it addresses the shortcomings of traditional segmentation in the following ways:

• Intent-based Segmentation uses business needs, rather than the network architecture alone, to establish the logic by which users, devices, and applications are segmented, grouped, and isolated.
• It provides finely tunable access controls and uses those to achieve continuous, adaptive trust.
• It uses high-performance, advanced Layer 7 (application-level) security across the network
• It performs comprehensive content inspection and shares that information centrally to attain full visibility and thwart attacks

By using business intent to the drive the segmentation of the network, and establishing access controls using continuous trust assessments, intent-based segmentation provides comprehensive visibility of everything flowing across the network, enabling real-time access control tuning and threat mitigation.

Intent-based Segmentation and the Challenges of IoT

One of the most challenging elements of DX from a security perspective has been the rapid adoption and deployment of IoT devices. As most are aware, IoT devices are not only highly vulnerable to cyberattacks, but most are also headless, meaning they cannot be updated or patched. To protect the network from the potential of an IoT device becoming part of a botnet or delivering malicious code to other devices or places in the network, intent-based segmentation must be a fundamental element of any security strategy.

To begin, the three most important aspects of any IoT security strategy are device identification, proper network segmentation, and network traffic analytics. First, the network needs to be able to identify any devices being connected to the network. By combining intent-based segmentation with Network Access Control (NAC), devices can be identified, their proper roles and functions can be determined, and they can then be dynamically assigned to a segment of the network based on who they belong to, their function, where they are located, and other contextual criteria. The network can then monitor those IoT devices based on that criteria. That way, if a digital camera, for example, stops transmitting data and instead starts requesting it, the network knows it has been compromised and can pull it out of production.

The trick is in understanding the business intent of each device and building that into the formula for keeping it secured. IT teams that rely heavily on IoT security best practices, such as those developed by the National Institute of Standards and Technology (NIST), may wind up developing highly restrictive network segmentation rules that lead to operational disruptions. If an IoT device is deployed in an unexpected way, for example, standard segmentation may block some essential service it provides, while intent-based segmentation can secure it in a different way, such as tying it to a specific application or workflow rather than the sort of simple binary rules IT teams traditionally rely on. Such is the case with wireless infusion pumps, heart monitors and other critical-care devices in hospitals. When medical staff suddenly cannot access these devices over the network because of certain rigidities in the VLAN-based segmentation design, patients’ lives may be at risk. With Intent-based Segmentation, these devices would be tagged according to their medical use, regardless of their location on the network. Access permissions would then be tailored to those devices.

Adding Trust to the Mix

Of course, the opposite is true as well. Allowing implicit or static trust based on some pre-configured segmentation standard could expose critical resources to compromise should a section of the network become compromised. To determine the appropriate level of access for every user, device, or application, an Intent-based Segmentation solution must also assess their level of trustworthiness. Various trust databases exist that provide this information.

Trust, however, is not an attribute that is set once and forgotten. Trusted employees and contractors can go rogue and inflict extensive damage before they are discovered, as several large corporate breaches have proven. IoT devices are especially prone to compromise and can be manipulated for attacks, data exfiltration, and takeovers. And common attacks against business-critical applications – especially those used by suppliers, customers, and other players in the supply chain – can inflict damage far and wide if their trust status is only sporadically updated. Trust needs to be continually updated through an integrated security strategy. Behavioral analysis baselines and monitors the behaviors of users. Web application firewalls inspects applications during development and validates transactions once they are in production. And the trustworthiness of devices is maintained not only by strict access control and continuous monitoring of their data and traffic, but also by preventing them from performing functions outside of their intended purpose.

Ironically, one of the most effective strategies for establishing and maintaining trust is by creating a zero-trust network where all access is needs to be authenticated, all traffic and transcations are monitored, and all access is restricted by dynamic intent-based segmentation.

Securing Digital Transformation with a Single Security Fabric

Finally, the entire distributed network need to be wrapped in a single cocoon of integrated security solutions that span and see across the entire network. And that entire security fabric should enable granular control of any element of the network – whether physical or virtual, local or remote, static or mobile, or in the core or in the cloud – in a consistent fashion through a single management console. By combining verifiable trustworthiness, intent-based segmentation, and integrated security tools into a single solution, organizations can establish a trustworthy, security-driven networking strategy that can dynamically adapt to meet all of the security demands of the rapidly evolving digital marketplace.

About the author

Peter Newton is senior director of products and solutions – IoT and OT at Fortinet. He has more than 20 years of experience in the enterprise networking and security industry and serves as Fortinet’s products and solutions lead for IoT and operational technology solutions, including ICS and SCADA.

Read More

Fortinet tops 21,000 SD-WAN customers

Fortinet announced a company milestone: 21,000 organizations across different industries and verticals have adopted its Fortinet Secure SD-WAN solution.

Fortinet delivers full-featured SD-WAN via the FortiGate next-generation firewall.

Fortinet said its security-driven networking approach to SD-WAN seamlessly integrates enterprise-grade SD-WAN, advanced security, and advanced routing in a unified offering to modernize customers’ WAN edge and help achieve their digital innovation goals with FortiManager Orchestration that can scale to support up to 100,000 SD-WAN sites.

https://nginfrastructure.com/sd-wan/

Read More

Video - SD-WAN Security: 3 Things Customers Look For - Fortinet

MEF Annual Meeting – July/August 2019, Joan Ross, Field CISO, Fortinet, highlights 3 key things customers are looking for with SD-WAN security and shares her view on the importance of MEF standardization work on the subject.

“MEF’s work is so important right now to SD-WAN and specifically to SD-WAN security….We look at the customers who are using SD-WAN….and how MEF can help drive standards so that across SD-WAN solutions – whether at the customer level or the service provider level – the integration is seamless and security means the same thing across, end to end."

MEF’s Application Security for SD-WAN project – jointly led by Fortinet – is focused on defining policy criteria and actions to protect applications (application flows) over an SD-WAN service. Work includes defining threats, security functions, and security policy terminology and attributes, and then describing what actions a security policy should take in response to certain threats.

Download the SD-WAN Standard
In July 2019, MEF published the industry’s first global standard defining an SD-WAN service and its service attributes to help accelerate SD-WAN market growth and facilitate creation of powerful new hybrid networking solutions that are optimized for digital transformation. MEF’s SD-WAN Service Attributes and Services (MEF 70) standard describes requirements for an application-aware, over-the-top WAN connectivity service that uses policies to determine how application flows are directed over multiple underlay networks irrespective of the underlay technologies or service providers who deliver them. Download here: https://www.mef.net/resources/technic...

To explore the latest on industry innovations and engage with industry-leading service and technology experts, attend MEF19 (http://www.MEF19.com), held 18-22 November 2019 in Los Angeles, California.

Read More

Fortinet intros Intent-based, next-gen firewalls

Fortinet introduced its new line of high-performance FortiGate Next-Generation Firewalls (NGFWs) for intent-based segmentation of security architecture. The idea with intent-based Segmentation is to allow organizations to achieve granular access control, continuous trust assessment, end-to-end visibility and automated threat protection. The new platforms are powered by customized Security Processor Units (SPUs).

Some highlights:

• FortiGate 3600E Series deliver 30Gbps threat protection performance and 34Gbps SSL inspection performance. With high-density interfaces of 10G, 40G and 100G, it offers product consolidation and meets the needs of diverse deployments. Fortinet’s FortiGate Next-Generation Firewalls offer one of the industry’s highest marked SSL inspection performance and threat protection throughput.
• The FortiGate 3400E Series provide 23Gbps threat protection performance and 30Gbps SSL inspection performance. Combined with high-density interfaces of 10G, 40G, 100G, the FortiGate 3400E Series meet the needs of a variety of deployments by offering input/output flexibility, reducing complexity to achieve operational efficiency
• FortiGate 600E Series achieve 7Gbps threat protection and 8Gbps of SSL inspection performance with diverse 1G and 10G interfaces, allowing deployment flexibility.
• FortiGate 400E Series deliver 5Gbps threat protection and 4.8Gbps SSL inspection performance with high 1G port density to suit the needs of branch offices.
• The new FortiGate NGFWs, as part of Fortinet’s Security Fabric, leverage Fabric Connectors to seamlessly integrate with external security ecosystems, sharing threat intelligence quickly for automated remediation. Fabric Connectors provide open APIs, allowing the FortiGate NGFWs to integrate with third-party solutions and Fabric-Ready Partners. This gives users advanced high-performance security integration with industry-leading solutions, such as VMWare NSX and Cisco ACI.

"Segmentation is becoming as fundamental as patching vulnerable systems. Intent-based Segmentation aligns business goals with infrastructure changes and ultimately, dynamically separates infrastructure to protect users, data and systems. A fundamental element of Intent-based Segmentation is the high-performance NGFW."

Read More

MEF18 PoC - Zero Touch SD-WAN + SECaaS + Virtual Cloud Exchange

MEF18 Proof of Concept, 29 - 31 Oct - Zero Touch Automation for SD-WAN + SECaaS + Virtual Cloud Exchange (VCX). PoC Participants: Tata Communications and Fortinet.

Speakers: Nicolas Thomas, Consulting Systems Engineer, Fortinet and Vineet Anshuman, Global Product Manager, Tata Communications Transformation Services.

The PoC goal is zero touch automation for SD-WAN with Security as a Service and Virtual Cloud Exchange for seamless connectivity to public cloud. The idea is to prove that we can operate in a fully automated service deployment in the cloud as well as multiple branches with secured SD-WAN at the same time. This is zero touch and TOSCA model-driven within the LSO Framework.

A typical use case is: a large, regulated mutli-national enterprise wants to do a confidential townhall live. We will deploy the streaming service and SD-WAN adaptations in the branches from one model to allow a good latency and priority on the day for live streaming. Then another model will change the priority for the replay of the video when normal business resumes.

Fortinet is leading the Security-as-a-Service group in MEF. This is part of the MEF 3.0 SD-WAN sub-committee that is helping shape a fully automated, cross-service provider, software-defined federation of capabilities in order for telcos to provide end-to-end protection and service quality to their end customers.

Tata Communications Transformation Services (TCTS), a 100% subsidiary of Tata Communications Ltd, provides leading business transformation, managed network operations, network outsourcing and consultancy services to telecommunication companies around the world. TCTS delivers operational efficiency, cost transformation and revenue acceleration solutions for all the stages of the carrier process lifecycle, including but not limited to network engineering and design, implementation and operations functions.

Save the date for MEF19, 18-22 November 2019, JW Marriott, LA LIVE, Los Angeles.

https://youtu.be/e8Bf_iPM9hk

Read More

Fortinet acquires ZoneFox for ML threat detection

Fortinet has acquired ZoneFox Limited, a privately-held cloud-based insider threat detection and response company headquartered in Edinburgh, Scotland. Financial terms were not disclosed.

ZoneFox uses machine learning to automatically detect when a user’s behavior changes, rapidly spot compromised user accounts being used to harvest valuable IP and confidential data, and identify users who present a security threat.

Fortinet said the acquisition enhances its Security Fabric and strengthens its existing endpoint and SIEM security business by providing customers with:

• Deeper visibility into endpoints and associated data flow and user behavior, both on and off the network
• Machine learning capabilities able to distill billions of events per day into high-quality threat leads to uncover blind spots and alert users of suspicious activities
• A unique cloud-based architecture that captures essential data around five core factors - user, device, resource, process, and behavior - to analyze and configure policies easily
• Full forensics timeline recording of information, combined with a simple search interface that helps analysts quickly determine the actions needed to boost an enterprise’s security posture
• A zero-configuration agent that is easy and fast to deploy; the solution can scale up to support over 10,000 agents without performance loss
• Out-of-the-box support for GDPR, ISO 27001, HIPAA and PCI DSS, with “ready-to-go” policies

Dr. Jamie Graves, chief executive officer and founder, ZoneFox said “We’re pleased to join the Fortinet team and bring together our shared vision of alleviating CISO concerns about insider threats. Integrating our solution with the Fortinet Security Fabric will allow us to extend our reach to a broad spectrum of Fortinet and third-party solutions to solve customers’ most difficult challenges in network security.”

https://www.zonefox.com/

Read More

Fortinet acquires Bradford Network for endpoint visibility

Fortinet has acquired Bradford Networks for an undisclosed sum.

Bradford, which was founded in 2000 and is based in Boston, provides a Network Sentry solution that continuously assesses the risk of every user and endpoint, and automatically contains compromised devices that act as backdoors for cyber criminals.  The platform integrates with leading endpoint security, firewall and threat detection solutions to enhance the fidelity of security events with contextual awareness.

Fortinet said the acquisition enhances its own Security Fabric by converging access control and IoT security solutions to provide large enterprise with broader visibility and security for their complex networks including:

• Complete, continuous, agentless visibility of endpoints, users, trusted and untrusted devices and applications accessing the network including IoT and headless devices.
• Enhanced IoT security through device micro-segmentation, dynamic classification of headless devices by type, profile, as well as automatic policy assignment to enable granular isolation of unsecure devices, all using a simple web user interface.
• Accurate event triage and threat containment in seconds through automated workflow integrations that prevent lateral movement.
• Easy, cost-effective deployment due to highly scalable architecture that eliminates deployment at every location of a multi-site installation.

“We are excited to join with Fortinet, the leader in network security to deliver exceptional visibility and security at scale to large enterprise organizations. Bradford Networks’ technology is already integrated with Fortinet’s Security Fabric including FortiGate, FortiSIEM, FortiSwitch and FortiAP products to minimize the risk and impact of cyber threats in even the toughest security environments such as critical infrastructure - power, oil and gas and manufacturing,” stated Rob Scott, chief executive officer, Bradford Networks.

Read More

Fortinet presents Secure SD-WAN at #MEF17

Fortinet has just released an SD-WAN solution that provides tight integration of security from Layer 3 to Layer 7.  This makes connectivity to the cloud much more secure, says Sony Kogin, Director of Service Provider Marketing, Fortinet.

See video:  https://youtu.be/3ytpBXHB6u4

Read More

Defining Security as a Service - #MEF17

How do you provide services across secure Service Provider boundaries? Fortinet is working with other MEF members to define Security-as-a-Service, explains Richard Orgias, Director of Segment and Audience Marketing, Fortinet.

See video: https://youtu.be/wHwpqRUy2fc

Read More

Fortinet Extends Presence in Azure Government Cloud

Fortinet and Microsoft announced an extension of their partnership to protect the cloud environments of their joint government customers.

Specifically, Fortinet’s Security Fabric solutions for the cloud have been released on the Azure Government Cloud platform to provide comprehensive security, threat intelligence, and the visibility to detect, isolate, and respond to threats in real time for workloads running in the Government Cloud.

This includes virtual security products, such as Fortinet’s enterprise firewall (FortiGate), web application firewall (FortiWeb), mail security (FortiMail), as well as its integrated security management (FortiManager) and analytics (FortiAnalyzer) solutions are now available. Fortinet is also a go-to-market partner with Microsoft’s Azure Security Center.

https://blog.fortinet.com/

Read More