 |
|
|
Home >
Solutions > Mobile
|
FortiGate Unified Threat Management (UTM) network Security systems offer a comprehensive set of capabilities that address key challenges to deploying secure wireless LANs. FortiGate Network Security systems can be deployed in conjunction with wireless access points from any vendor, and used to detect and eliminate content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance. In addition to providing application-level protection, FortiGate Network Security systems deliver a full range of network-level services - firewall, VPN, intrusion prevention and traffic shaping - delivering complete network protection services in a dedicated, easily managed platform.
In particular, the VPN encryption, user authentication and directory integration capabilities of FortiGate Network Security systems make it possible to mitigate the security weaknesses of current generation WLAN products and to retrofit complete, high-performance security into any WLAN deployment.
The FortiGate Network Security platform uniquely resolves key issues and concerns currently holding back rapid adoption of wireless LANs in the enterprise, including:
|
Security
Problem with WLAN Deployment . . .
|
Addressed
by the FortiGate Platform
|
| No native
support to enable a wireless access point to distinguish
an employee's WLAN NIC from that of a friendly visitor
or malicious rogue . . . |
User-level
authentication and user/group policies that enable, for
example, employees to have access to specific data resources
and services, provides Internet access to guests for mail
and Web access only, and denies service to rogues
|
| Limited
support for directory integration . . . |
User authentication
through internal database, Radius server or LDAP directory
|
| No native
support for terminal device authentication . . . |
IP/MAC
binding to enable physical authentication of access terminals
|
| Weakness
of WEP encryption . . . |
Strong
encryption including WPA-2 and authentication of wireless links using
IPSec VPN with a choice of triple-DES or AES encryption,
and SHA1 or MD5 for packet-level authentication
|
Content-based
attacks such as virus scanning, script filtering and intrusion
detection/prevention . . .
|
Intrusion
detection and prevention, antivirus/antispyware and Web content filtering of wireless traffic |
No native
support for QoS to ensure appropriate allocation of shared
wireless bandwidth . . .
|
Policy-based
traffic shaping to allocate bandwidth based on user identity
and type of application |
Wireless LANs provide a tremendous amount of freedom and
flexibility and support the increasing desire for always-on,
always-available connectivity. However, wireless LANs also
break down the notion of a definable "network edge,"
and bring significant new challenges for maintaining network
security. With proper augmentation, the security deficiencies
of wireless LANs can be mitigated, enabling the benefits of
connectivity without compromising security.
Fortinet's FortiGate Network Security systems add a critical layer of protection to wireless LANs, extending the life and improving the security of existing systems by providing a foundation for expanded implementations even as wireless standards evolve and mature.
|
| |
|
|
|
