Enterprise security tools continuously evolve, starting from simpler computer-installed firewall software, and later becoming next-generation firewall (NGFWs) appliances that stand guard over today’s busy data centers. However, because of changes in the world around us, the number of devices protecting these corporate networks needed to grow. Unified Threat Management (UTM) products help drop some of IT’s administrative overhead, however corporate networks then went global thanks to the advent of faster, more reliable connectivity between distant endpoints, and then the Cloud. Now, corporate networks can go global, operating beyond the physical limitations traditionally set by data center walls.
Fortinet’s Security Fabric is designed to alleviate the complexities of today’s infrastructures, by streamlining workflows, simplifying hybrid environments, and giving all levels of IT a clear “state-of-the-network” view.
The minimum configuration needed to implement a Fortinet Security Fabric includes a Fortigate, Fortigate ISFWs, FortiAnalyzer, and FortiTelemetry:
A root FortiGate, Fortinet’s enterprise-class NGFW, sits at the core of the Security Fabric solution, critically positioned upstream at the edge of a network. Available as a physical, virtual or cloud appliance, FortiGates range from entry-level to ultra-high-end models, each using purpose-built security processors and running FortiOS, Fortinet’s own intuitive operating system. FortiGates run four main services; a next generation firewall, intent-based segmentation, IPS, and mobile security services for 4G, 5G and IoT.
Downstream from the root FortiGate, additional FortiGates, referred to as Internal Segmentation Firewalls (ISFWs), strategically enhance the Security Fabric. Placed in specific segments of the network, ISFWs are configured to secure assets sitting behind their protection, such as storage devices holding mission critical information, or end-user computer VLANs. Running double duty, these ISFWs not only protect their segments of the overall infrastructure, but also report back important information to the root FortiGate, contributing to the “single pane of glass” view IT needs.
FortiAnalyzer, the last of the Fortinet Security Fabric core components, connects to the root FortiGate, the ISFWs, and other FortiNet devices. FortiAnalyzer collects network-related log data from each Fortinet device, adding even more to the “single pane of glass” view mentioned before. Monitored threats, events, and other activities are collected, becoming alerts and critical real-time intelligence that helps IT identify and respond to problems on the network.
Binding Fortinet’s Security Fabric is FortiTelemetry, a protocol similar to the FortiGate Clustering Protocol (FGCP) high-availability heartbeat. In order to participate in the Security Fabric, devices need FortiTelemetry enabled in order to pass dynamic status updates between the Security Fabric’s devices.
Once the root FortiGate, ISFWs, and FortiAnalyzer are configured, and FortiTelemetry is enabled, the core foundation of Fortinet’s Security Fabric is ready for operation, however, adding other Fortinet devices and services greatly expand the Security Fabric’s capabilities. These products include FortAP, FortiClient and FortiClient EMS, FortiMail, FortiManager, FortiSandbox, FortiSwitch, FortiWeb, and other vendors’ Fortinet “Fabric Ready” products. These additional devices and services can significantly expand Fortinet’s capabilities, adding value to a critical IT investment, providing better security for a complex network, and building out with greater scalability for today’s ever-growing infrastructures.
For more about Fortinet products, services and events, visit Fortinet.com, and be sure to subscribe to the EXN Newsletter for additional information!