Building a LAN for Today’s Organizations Starts with Security

Digital acceleration—specifically, those efforts to ensure that today’s distributed workforce has access to business-critical applications and resources—has led some to ask whether “the network” is dead. Or, at a minimum, has been diminished in its importance. What seems to escape those asking such questions is that networks are everywhere. For offices, today’s hybrid workforce divides their time between traditional on-premises networks and home offices. And there are plenty of industries, from healthcare to manufacturing, where there is no such thing as “work from anywhere.”

While the cloud has undoubtedly disrupted many aspects of business, the wired and wireless network is still foundational to the user and application experience driving digital acceleration. What is apparent to anyone bothering to look is that rather than abandoning the network, organizations are adopting a hybrid approach that blends physical and virtual networks into a highly flexible and scalable environment.

An effective network starts with security

While hybrid networks are ideal for providing the flexibility today’s organizations require, they also create new challenges. Consistency in user experience and performance can vary widely from one environment to the next, and one of the top challenges for IT teams is to eliminate those differences as much as possible. The other big challenges revolve around security. While the primary job of any network is to push packets from one location to the other as quickly as possible, applying security across that same network can be orders of magnitude more complicated because traffic needs to be inspected and policies enforced without impeding the applications, data, and workflows making their way across different networking environments.

Part of the problem is that security solutions are usually added as an overlay once the network has already been built, which, if you think about it, is precisely the wrong way around. It’s not like anyone will build a network and then maybe not secure it. But far too often, we’ve seen siloed access-layer decisions that take no consideration of how the access layer will be secured. Such LAN networks inevitably end up “bolting on” complex security designs, leaving security gaps and blind spots that cybercriminals are all too eager to exploit.

However, if you start by solving the complex security issues around consistent visibility, inspection, threat detection, segmentation, and policy enforcement, the problem of getting data to where it needs to go is a lot easier to solve. This Security-Driven Networking strategy delivers a unique and differentiated approach to building and operating a wired and wireless infrastructure, which simplifies the creation, management, and secure expansion of today’s hybrid networks. 

Fortinet is redefining the LAN infrastructure

As the security industry’s most innovative developer, Fortinet has more patents than the next several vendors combined. But what many may be surprised to learn is that Fortinet has about as many patents for networking as we have for security. This expertise, fueled by the fundamental understanding that security and networking need to go hand-in-hand, is what we are leveraging as we move into the local area networking space.

Our portfolio of Ethernet switches and Wi-Fi access points have been deliberately engineered and architected to not only provide advanced networking capabilities but to also interconnect with the Fortinet Security Fabric—the world's most widely distributed security platform. Leveraging a FortiGate platform as a network controller allows systems administrators to directly control, configure, and manage FortiAPs and FortiSwitches as part of the FortiGate Next-Generation Firewall (NGFW), providing simple, cost-effective, and secure management of the LAN edge with a single solution.

This unique LAN edge approach provides many benefits that center on simplifying and securing the network while enhancing business value and reducing total cost of ownership.

Reduced Complexity

Complexity is a never-ending nightmare for IT and the bane of good security. Fortinet LAN Edge solutions reduce complexity by integrating and centralizing LAN and security functions, offering a perfect marriage of networking with security that doesn’t overly burden IT staff. It also provides a truly harmonized view of the network. A single view of complex LAN networks that identifies and addresses all issues, whether due to networking issues or malicious activity, makes for easier management with less worry about unintended disruptions​.

This is all possible through our use of a single operating system (FortiOS) to develop, manage, and operate both security and the LAN. Consolidating complex LAN configuration management, including network access control (NAC) functions, with the same configuration file used to control a FortiGate NGFW means that networks can scale and expand without compromising on either performance or protection.

Simplified Management

Most management solutions are an effort to tie together disparate products under one umbrella. But while they may provide a common view for some functions, under the hood, they are still very different solutions—which means that management is not genuinely unified, and identifying and resolving issues can still be complex. Fortinet LAN Edge solutions simplify the management burden by utilizing a single platform for both LAN and network security. This is much more than just an overlay management interface. It’s a common device and operating system that minimizes IT cycles by consolidating all the resources needed to manage and secure the network.

This tight integration, enabled by a common OS, allows intelligence to be gathered consistently across the network so it can be centrally correlated and analyzed in real-time by our AI and machine learning engines. And because these networking and security technologies literally function as a single solution—whether deployed in a physical network or the cloud—network and security troubleshooting tasks can be effectively automated, enabling IT to become a proactive rather than reactive force for network performance and user experience.

Value

While many vendors require standalone wireless LAN controllers bundled with term licenses, no additional license or cost is necessary to enable Fortinet LAN Edge management. Instead, we bundle both a switching and wireless LAN controller into our FortiGate platform to eliminate overlays and reduce TCO because security and simplification benefits automatically drive an operational cost savings to the business. And we continue to disrupt the market by offering NAC features as part of our base offering that can be enabled and leveraged without additional costly licenses.

Fortinet is the only vendor to provide advanced LAN Edge solutions that converge networking and security

Building on the power of Security-Driven Networking and our comprehensive portfolio of high-performance, industry-leading FortiGate NGFWs, Fortinet offers a LAN Edge solution strategy that can scale to any deployment’s needs, from campus to branch to the remote worker. In the case of campus networks, the Fortinet LAN Edge solution creates a single consolidated configuration to reduce the chance for error while enabling a common platform for the day-to-day management of both the network and security. Security-Driven Networking also eliminates the need for additional “bolt-on” solutions to integrate management and security functions.

For campus environments, converging the LAN edge with security simplifies issues like access control, network segmentation, configuration, and zero trust, while maintaining the robust network services campus users require. For the branch, the Fortinet SD-Branch solution consolidates the three main components of managing remote users and networks (SD-WAN, firewall/security, and the network layer) into a single standard platform. This simplifies the oversight and administration needed to manage distributed offices by combining all essential functions into a single converged solution per site. And for teleworkers, leveraging a central FortiGate at HQ or hosted in the cloud reduces configuration and management complexity for IT, while allowing remote users to have the same user experience from home as when connecting to applications from the corporate office.

Converging networking and security is essential for digital acceleration

Today’s hybrid networks not only suffer from complex networking challenges, but they also suffer from an inability to apply security consistently across the network. Vendor and solution sprawl, the continuous troubleshooting needed to keep overlay security tools tuned to the underlying network, and the need for both the network and security to constantly adapt to application and scalability issues all have serious impacts on the performance and security of the network.

Combining security and networking into a single solution built on a common OS ensures a level of visibility, control, adaptability, and automation that is otherwise impossible to achieve anymore. Fortinet’s wired and wireless solutions provide the advanced networking and security solutions today’s organizations need, combined with the Security-Driven Networking approach essential to simplifying and protecting operations while extending consistent availability and security across today’s hybrid networks.

Learn more about securing the LAN edge with Fortinet’s security-driven wired and wireless networking products.