Business & Technology

Innovation Insights: Extending the Security Fabric: FortiOS 5.6 and Intent-Based Network Security

By John Maddison | January 10, 2017

The financial potential of the new digital economy is driving the rapid evolution of today’s networks. For decades, the substructure of the network remained relatively unchanged: data traffic was routed from point A to point B over a predictable array of devices, cables, and ports using well established protocols and commands. Over the past couple of years, however, things have begun to change dramatically. Virtualization, Software Defined Networks (SDN), and the cloud have fundamentally changed where data is stored and how it is accessed. And the next milestone on the network evolutionary path, Intent-Based Networking (IBN), is set to radically change the nature of network design, connectivity, and productivity even further. 

What is Intent-Based Networking?

According to a recent Gartner report by Joe Skorupa and Andrew Lerner, “Intent-based networking solutions promise to dramatically improve network design and operation. In today's enterprise networks, we are dependent on network architects' ability to understand the totality of the environment, and their ability to generate a design that meets the needs of the applications they support. However, as computing environments become larger, more complex, and more dynamic, it becomes impossible for the architect to achieve more than an "informed best guess" of the required configuration — to verify or prove the correctness of the design/configuration — the intent. This leads to unplanned outages and sometimes long, difficult troubleshooting activities.”

Intent-Based Network technologies will solve these challenges with interconnected, automation, and intelligence. As explained by Gartner, “Unlike any other approach, intent-based networking algorithmically proves the "correctness" of the configuration before deployment and continuously monitors the operation of the network. If it detects a condition that no longer satisfies the intent of the design, it alerts operations and, if possible, takes corrective action to re-establish the correctness.”

Intent-Based Network Security Enables Intent-Based Networking.

In stark contrast to the interoperation and intelligence needed to deliver Intent-Based Networks, most security solutions on the market are struggling to keep up. Most are still isolated, perimeter-based security solutions that simply don’t have the breadth of solutions, raw processing performance, or advanced automation capabilities to support the security demands of intent-based networks. The Fortinet Security Fabric, enhanced with the release of FortiOS 5.6, the world’s most advanced security operating system, provides the critical automation and threat intelligence building blocks needed to deliver the Intent-Based Network Security needed to protect tomorrow’s advanced Intent-Based Networks.

Security Fabric Lays the Foundation of Intent-Based Network Security

FortiOS 5.6 embraces the potential of Intent-Based Networking. Fortinet is laying the groundwork for an intent-based future, arming the Security Fabric with unprecedented visibility and responsiveness across physical and virtual networks, global IT and security operations, corporate devices and IoT, and out to all points of the cloud. This also enables the Security Fabric to configure, orchestrate, and automate changes across heterogeneous network infrastructures using a variety of protocols and open APIs. FortiOS 5.6 unifies the Security Fabric to pull real-time network status for systems under its administrative control, continuously validate that security standards are being met, and take corrective actions when anomalous behavior is detected. And its pre-validated and proactive security recommendations help improve network effectiveness and compliance throughout the infrastructure, allowing the Security Fabric to automatically monitor and respond to threats wherever they arise.

FortiOS Expands Security Fabric Capabilities Across Devices and Applications

Fortinet’s innovative FortiOS 5.6 release delivers universal and centralized capabilities far beyond those provided by traditional security platforms or point solutions available today. New and enhanced features include:

  • Complete IT awareness across the distributed network, with instant visibility into every security element through a single pane-of-glass console, integrated with a suite of open APIs designed to simplify Fabric integration with solutions from Fortinet’s Fabric Ready partners.
  • Expanded vision into Fortinet’s Wireless Access Points, Switches, and Sandboxes, enabling enhanced management and truly centralized control over networking components with advanced threat protections.
  • A revamped User Interface (UI) designed to rapidly convert IT awareness into security action. New network topology visualizations and enhanced interactive views for auditing, logging, and reporting allow IT teams to easily modify their networks in real-time.
  • Dynamically scales from IoT to the Cloud, and across physical, virtual, and hybrid environments to intelligently segment and protect the entire attack surface of even the largest, globally distributed enterprises.

The increased functionality of today’s sophisticated network architectures, and the ability of Intent-Based Networks to dynamically adapt to network demands, are placing unprecedented pressure on legacy network security devices and platforms. The Fortinet Security Fabric is the first architectural-based approach designed to integrate security devices and functions into a cohesive defensive strategy, enabling security administrators to see across the entire distributed network, correlate local and global threat intelligence, and automatically synchronize a defensive response to threats identified anywhere along the distributed network, from IoT to the cloud.