Service providers are delivering data center infrastructure-as-a-service (IaaS) to businesses with more agility through scalable, elastic, multi-tenant cloud platforms. Fortinet’s FortiGate Network Security Platform provides the backbone for cloud service provider’s (CSP) and managed service providers (MSSP) to deliver robust network security to their enterprise tenants, whether in a public or hybrid cloud, or even back to the customer premise.
Fortinet’s industry-leading, high capacity Firewall technologies deliver exceptional throughput and ultra-low latency, enabling the security, flexibility, scalability and manageability you demand in an edge or core platform. FortiGate appliances and chassis-based devices combine a high-performance Firewall with the flexibility to enable fully integrated personalities (such as VPN, Intrusion Prevention, or Application Control) that provide extensive protection profiles for in-depth defense. Fortinet built the FortiGate line of Network Security Platforms, and the accompanying management and reporting tools, to exceed the performance and security requirements of even the most demanding data center environments.
Today’s Data Center Security Requirements:
Virtual Appliances for Security-as-a-Service
FortiGate-VM virtual appliances can also provide performance in multi-tenant environments with support for larger, flatter virtual network topologies that can be used to scale out cloud networks. By deploying network security closer to the virtual machines in cloud environments, FortiGate-VM can inspect east-west server traffic without having to leaving the distributed virtual switch layer, alleviating redundant traffic load and latency to the physical network core.
FortiGate-VM virtual appliances can be orchestrated to deploy on a per-tenant basis, delivering on-demand security-as-a-service seamlessly to IaaS and PaaS with all the tenant benefits of a dedicated Fortinet appliance.
Support for all leading hypervisors including VMware vSphere, Microsoft Hyper-V, KVM, and Xen enables FortiGate-VM virtual appliances work alone or complement FortiGate physical appliances protecting north-south traffic at the network core or data center edge.
To support large-scale multi-tenant cloud infrastructure, network security itself must not only be performant, but also scalable and multi-tenant. Fortinet’s unique virtual domain (VDOM) technology, together with VLAN support, enables high-end FortiGate physical appliances to be divided into hundreds of logical instances for multi-tenant environments, with each instance having fully isolated security policies and management delegation. VDOM technology has long been proven in telco and service provider managed service environments for multi-tenancy.
FortiGate-VM also further supports VDOM and VLAN technology, so whether in virtual appliances only or together with FortiGate physical appliances at the data center network core, service providers have the unique agility and flexibility to leverage both scale-up and scale-out technologies together to deliver extremely high network security performance with unlimited elasticity. As an example, all Layer 2/3 firewall traffic could be driven north-south to a physical FortiGate-5000 series chassis for all tenants, while intrusion prevention and other CPU-intensive Layer-7 application security is deployed with optional per-tenant FortiGate-VM virtual appliances.
Extend and Scale Security Management for Public and Hybrid Clouds
FortiManager and FortiAnalyzer provide a single pane of glass for security policy to multiple FortiGate physical and virtual appliances in hosted cloud environments. Security management and policy can be centrally administered by cloud administrators, or delegated to tenants for self-service to reduce administration costs while maintaining strict mulit-tenant isolation of all infrastructure. Fortinet’s cloud-ready management solutions can themselves be deployed as virtual appliances, FortiManager-VM and FortiAnalyzer-VM, delivering security management itself as scalable SaaS services in the cloud.
Fortinet management solutions are not only ideal for public clouds, but can also seamless unify security management reaching back into enterprise on-premise data centers, presenting an ideal cloud solution for MSSP’s to delivering managed security, or for cloud service providers to unify CSP and MSSP security offerings.
Agile Security for Software-Defined Networks and Data Centers
With the advent of software-defined networking (SDN), the network is poised to become virtualized and transformed with the same agility that x86 virtualization has brought to the server infrastructure. With extensible management API’s and platform and compatibility with leading hypervisors and orchestration platforms, Fortinet security can be deployed and managed in next-generation software-defined data centers.
Solution Guides & White Papers
Only a few vendors can provide security appliances with such high firewall performance. We were very happy with the high level of security, service reliability and cost-effectiveness provided by Fortinet's solutions, so it was a natural progression to look at Fortinet's recently introduced enterprise security appliance. The tests conducted on the FortiGate-3810A proved that Fortinet's new system addressed our high network bandwidth and security performance requirements.