Business & Technology

Fortinet and Oracle Cloud Infrastructure Partnership Offers Customers Reliable Cloud Security and Performance

By Daniel Schrader | July 21, 2021

The new Oracle Cloud Infrastructure (OCI) Flexible Network Load Balancer is ideal for increasing the security and reliability of workloads and applications running in OCI. Fortinet’s FortiGate Next Generation Firewall and FortiWeb WAF have long been available in the Oracle Cloud Infrastructure for securing applications. Oracle’s new load balancing solution provides a cloud native means to scale those solutions and to ensure their availability and performance.

Oracle’s New Flexible Network Load Balancing Supported by Fortinet

OCI already offers a layer 4 (TCP) and layer 7 (HTTP) proxy-based load balancer. The new Flexible Network Load Balancer solution complements this with a non-proxy load balancing solution that performs pass-through load balancing of layer 3 and layer 4 (TCP/UDP/ICMP) workloads. As a result, the Flexible Network Load Balancer can deploy and scale virtual appliances, including the security appliances such as the Fortinet FortiGate NGFW. The combination of the FortiGate along with the Flexible Network Load Balancer creates a highly available and scalable security solution appropriate for protecting mission critical workloads. Additional security can be achieved through the use of the FortiWeb Cloud Web Application Firewall as a Service.

Load balancing has long been used to improve the distribution of workloads across computing resources, such as servers, a computer cluster, network links, central processing units, or disk drives. Load balancing aims to optimize resource use, maximize throughput, minimize response time, and avoid overload of any single resource. Using multiple components with load balancing instead of a single component may increase reliability and availability through redundancy. Network load balancers provide service discovery, health checks of available servers and their underlying hardware and balance traffic between backends based on the health and performance metrics. Some advanced load balancers, such as FortiADC, add security services such as IPS, URL checking, DDoS prevention web application firewall (WAF).

Extending Fortinet’s Partnership with OCI

Figure 1: Sample architecture for load balancing FortiGate Next Generation Firewalls

As seen in figure 1, Fortinet’s recent integrations with OCI creates a “firewall sandwich” with load balancing in front and behind the firewall plane – balancing ingress and egress traffic between firewalls. This common design allows FortiGate instances to be added and or subtracted as business needs change, it prevents any one firewall instance from becoming a single point of failure, and it allows traffic to be routed between firewalls based on a variety of different health checks

Load balancing security services, such as FortiGates, provide several benefits, including:

  • High Availability: Utilizing health checks and various algorithmic techniques, a load balancer can route around a bad or overloaded firewall, allowing the operator to fix a bad backend at their leisure rather than an emergency repair of a production system.
  • Improved Performance: Intelligent load balancing can look at latency, lag and other performance characteristics before directing traffic to a firewall. The result is traffic that has been optimized for best performance. Some load balancers, such as FortiADC, can also offload SSL functions from the firewall, further improving firewall performance.
  • Scalability: Load balancers can signal to spin up or down additional firewall instances as business needs change. The ability to automatically scale up or down services can save money and improve customer experience.

Many organizations will want to monitor and manage their FortiGates, both in the Oracle Cloud Infrastructure and on-premises through Fortinet’s FortiManager and FortiAnalyzer. FortiGate, FortiAnalyzer and FortiManager are all available in Oracle Cloud Marketplace.

Accelerated Security in the Oracle Cloud Infrastructure

FortiGate Next-Generation Firewalls (NGFWs) filter network traffic to protect against both internal and external threats. Along with maintaining features of stateful firewalls such as packet filtering, IPsec and SSL VPN support, network monitoring, and IP mapping features, NGFWs possess deeper content inspection capabilities. These capabilities provide the ability to identify attacks, malware, and other threats, and allow the NGFW to block these threats. NGFWs provide organizations with SSL inspection, application control, intrusion prevention, and advanced visibility across the entire attack surface.

Oracle’s new Flexible Network Load Balancer with FortiGate NGFWs provide high availability, scaling and optimized performance. FortiGate NGFWs along with the Flexible Network Load Balancer can play a critical role in ensuring the security and availability of your applications and data in the Oracle Cloud Infrastructure.

Learn how Fortinet’s adaptive cloud security solutions provide the necessary visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.