Service providers are delivering data center infrastructure-as-a-service (IaaS) to businesses with more agility through scalable, elastic, multi-tenant cloud platforms. Fortinet’s FortiGate Network Security Platform provides the backbone for cloud service provider’s (CSP) and managed service providers (MSSP) to deliver robust network security to their enterprise tenants, whether in a public or hybrid cloud, or even back to the customer premise.
Fortinet’s industry-leading, high capacity Firewall technologies deliver exceptional throughput and ultra-low latency, enabling the security, flexibility, scalability and manageability you demand in an edge or core platform. FortiGate appliances and chassis-based devices combine a high-performance Firewall with the flexibility to enable fully integrated personalities (such as VPN, Intrusion Prevention, or Application Control) that provide extensive protection profiles for in-depth defense. Fortinet built the FortiGate line of Network Security Platforms, and the accompanying management and reporting tools, to exceed the performance and security requirements of even the most demanding data center environments.
Today’s Data Center Security Requirements:
Virtual Appliances for Security-as-a-Service
FortiGate-VM virtual appliances can also provide performance in multi-tenant environments with support for larger, flatter virtual network topologies that can be used to scale out cloud networks. By deploying network security closer to the virtual machines in cloud environments, FortiGate-VM can inspect east-west server traffic without having to leaving the distributed virtual switch layer, alleviating redundant traffic load and latency to the physical network core.
FortiGate-VM virtual appliances can be orchestrated to deploy on a per-tenant basis, delivering on-demand security-as-a-service seamlessly to IaaS and PaaS with all the tenant benefits of a dedicated Fortinet appliance.
Support for all leading hypervisors including VMware vSphere, Microsoft Hyper-V, KVM, and Xen enables FortiGate-VM virtual appliances work alone or complement FortiGate physical appliances protecting north-south traffic at the network core or data center edge.
To support large-scale multi-tenant cloud infrastructure, network security itself must not only be performant, but also scalable and multi-tenant. Fortinet’s unique virtual domain (VDOM) technology, together with VLAN support, enables high-end FortiGate physical appliances to be divided into hundreds of logical instances for multi-tenant environments, with each instance having fully isolated security policies and management delegation. VDOM technology has long been proven in telco and service provider managed service environments for multi-tenancy.
FortiGate-VM also further supports VDOM and VLAN technology, so whether in virtual appliances only or together with FortiGate physical appliances at the data center network core, service providers have the unique agility and flexibility to leverage both scale-up and scale-out technologies together to deliver extremely high network security performance with unlimited elasticity. As an example, all Layer 2/3 firewall traffic could be driven north-south to a physical FortiGate-5000 series chassis for all tenants, while intrusion prevention and other CPU-intensive Layer-7 application security is deployed with optional per-tenant FortiGate-VM virtual appliances.
Extend and Scale Security Management for Public and Hybrid Clouds
FortiManager and FortiAnalyzer provide a single pane of glass for security policy to multiple FortiGate physical and virtual appliances in hosted cloud environments. Security management and policy can be centrally administered by cloud administrators, or delegated to tenants for self-service to reduce administration costs while maintaining strict mulit-tenant isolation of all infrastructure. Fortinet’s cloud-ready management solutions can themselves be deployed as virtual appliances, FortiManager-VM and FortiAnalyzer-VM, delivering security management itself as scalable SaaS services in the cloud.
Fortinet management solutions are not only ideal for public clouds, but can also seamless unify security management reaching back into enterprise on-premise data centers, presenting an ideal cloud solution for MSSP’s to delivering managed security, or for cloud service providers to unify CSP and MSSP security offerings.
Agile Security for Software-Defined Networks and Data Centers
With the advent of software-defined networking (SDN), the network is poised to become virtualized and transformed with the same agility that x86 virtualization has brought to the server infrastructure. With extensible management API’s and platform and compatibility with leading hypervisors and orchestration platforms, Fortinet security can be deployed and managed in next-generation software-defined data centers.
Solution Guides & White Papers
We think highly of the FortiGate appliances ability to provide various security functions within one appliance, rather than forcing us to implement specific security software one by one. In addition, we liked its clear fee structure for initial licensing based on an annual per store cost. The deployment of FortiGate appliances enabled us to share a huge amount of data in a secure manner. We plan to drive further development, including a management system to understand all aspects of our outlets, such as photo shooting status, the delivery of commercial messages to our customers to highlight our outlets and the delivery of streaming images to our employees as part of training. Furthermore, we will consider developing a dedicated store system tailored for digital photography, rather than use a common POS system for retail outlets modified for photo studios.