Business & Technology

Defining Security-driven Networking

By Nirav Shah | February 18, 2020

Digital transformation has changed networks so thoroughly and so rapidly that traditional security tools can no longer provide the consistent security that networks require. Fortinet’s Security-driven Networking is defining a new, third generation of security solutions and strategies designed to meet the security and networking demands of today’s highly dynamic and hybrid networks. 

Traditionally, security solutions could be easily deployed after a network was designed and deployed because all needed to do was secure fixed perimeters and monitor the predictable traffic and workflows moving between static network servers and devices. But the last decade has put increasing pressure on this model. 

The traditional network is being replaced by the acceleration of digital transformation, including the transition to virtualization and the cloud, the rapid adoption and integration of IoT, and the reliance on applications as a central pillar of modern business. And as Big Data, hyperscale architectures, SD-WAN, 5G, Edge networking, and smart systems such as cars, cities, and infrastructures become mainstream, networks will be forced to change even further.

Security-driven Networks Are Designed for Today’s Digital Business

Fortinet’s Security-driven Networking strategy tightly integrates an organization’s network infrastructure and security architecture, enabling the network to scale and change without compromising security. This next generation approach is essential for effectively defending today’s highly dynamic environments – not only by providing consistent enforcement across today’s highly flexible perimeters, but by also weaving security deep into the network itself.

Fortinet’s Security-driven Network is the first security strategy designed to encompass the entire network development and deployment life cycle, ensuring that security functions as the central consideration for all business-driven infrastructure decisions. With security at the core, networks can evolve, expand, and adapt without concerns that an expanded attack surface or security gap could compromise the organization.

Security-driven Networking encompasses five critical network elements:

Planning and Design

A Security-driven Networking strategy starts in the planning stages, where everyone agrees that new infrastructures and applications and devices need to meet and support a central security strategy built around a Security Fabric. Want a new cloud infrastructure? It not only needs to be secure, it needs to be built using an integrated Security Platform to ensure it is part of the central Security Fabric. New application? The Security Fabric not only needs to be able to see and inspect it, but it should also be built using the same security tools used to protect the rest of the network. And when virtual devices need to spin up or out, or when connections between a branch office and business applications in the cloud need to roll over, the Security Fabric needs to literally be part of that process so security is never forced to try and keep up.

Access Control and Segmentation

When new devices are added to the network, FortiNAC ensures they are automatically identified and rules related to accessing network resources are applied. Fortinet’s Intent-Based Segmentation ensures they are automatically assigned to secured network segments that have been enhanced with authentication for increased control and flexibility. These network segments are then monitored by the Security Fabric to prevent unauthorized behaviors, inspect applications, and secure workflows. And because security and networking are tied together, changes to the network infrastructure automatically include changes to security.

Consistent Protection for Workflows and Applications

Data never stays in one place. It gets shared, cross-referenced, mined, and processed. Security-driven Networking protects data, applications, and workflows along their entire data path through the implementation of a single, integrated Security Fabric. This fabric relies on integrated security platforms deployed across the network to consistently secure that traffic even as it passes across and between different network segments, dynamic multi-cloud environments, data centers, and devices. 

The Expanding Perimeter

Todays new perimeter is not only expanding outward as organizations embrace new devices, new network platforms, and new compute and application models, but it is also expanding into the network through the adoption of connected IoT devices, the extension of the network across multiple network environments, and the interconnection of networks to support smart systems. Security-driven Networks, powered by a uniform fabric of connected platforms deployed in every possible environment, provide consistent visibility across the entire perimeter as it adapts and changes.

Branch Offices and Secure SD-WAN

The best example of the implementation of Security-driven Networking is currently realized in Fortinet’s Secure SD-WAN solution. Traditional MPLS connections limit application performance and dynamic communications. Fortinet’s Security-driven Networking approach combines the built-in protections of a FortiGuard NGFW appliance with advanced SD-WAN networking capabilities to eliminate MPLS-required traffic backhauling, prioritize business-critical applications, and improve overall user experience without ever compromising on security. 

By integrating security and networking in this way, hundreds of SD-WAN deployments can be controlled through a single management interface to ensure that networking and security services are always in sync. And by integrating Secure SD-WAN into the wired and wireless access points of the branch office, network security and network controls can be easily extended into the branch LAN to enable deeper integration, stronger authentication, dynamic access control and network segmentation, and consistent security enforcement.

Security-driven Networking for the New Generation of Security

Security-driven Networking is an essential strategy for securing today’s dynamic and evolving digital infrastructures. Security platforms integrated into a unified Security Fabric enable organizations to embrace digital innovation and expand their digital footprint without exposing critical resources to new risks compounded by the loss of visibility and control – expanding and adapting in tune with the network while traditional security solutions fail to provide the flexible protections and controls today’s digital businesses require.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.

Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution.

Read these customer case studies to see how Warrior Invictus Holding Co., Inc. and the District School Board of Niagara implemented Fortinet’s Secure SD-WAN to alleviate network complexity, increase bandwidth, and reduce security costs.