Business & Technology
The new Oracle Cloud Infrastructure (OCI) Flexible Network Load Balancer is ideal for increasing the security and reliability of workloads and applications running in OCI. Fortinet’s FortiGate Next Generation Firewall and FortiWeb WAF have long been available in the Oracle Cloud Infrastructure for securing applications. Oracle’s new load balancing solution provides a cloud native means to scale those solutions and to ensure their availability and performance.
OCI already offers a layer 4 (TCP) and layer 7 (HTTP) proxy-based load balancer. The new Flexible Network Load Balancer solution complements this with a non-proxy load balancing solution that performs pass-through load balancing of layer 3 and layer 4 (TCP/UDP/ICMP) workloads. As a result, the Flexible Network Load Balancer can deploy and scale virtual appliances, including the security appliances such as the Fortinet FortiGate NGFW. The combination of the FortiGate along with the Flexible Network Load Balancer creates a highly available and scalable security solution appropriate for protecting mission critical workloads. Additional security can be achieved through the use of the FortiWeb Cloud Web Application Firewall as a Service.
Load balancing has long been used to improve the distribution of workloads across computing resources, such as servers, a computer cluster, network links, central processing units, or disk drives. Load balancing aims to optimize resource use, maximize throughput, minimize response time, and avoid overload of any single resource. Using multiple components with load balancing instead of a single component may increase reliability and availability through redundancy. Network load balancers provide service discovery, health checks of available servers and their underlying hardware and balance traffic between backends based on the health and performance metrics. Some advanced load balancers, such as FortiADC, add security services such as IPS, URL checking, DDoS prevention web application firewall (WAF).
As seen in figure 1, Fortinet’s recent integrations with OCI creates a “firewall sandwich” with load balancing in front and behind the firewall plane – balancing ingress and egress traffic between firewalls. This common design allows FortiGate instances to be added and or subtracted as business needs change, it prevents any one firewall instance from becoming a single point of failure, and it allows traffic to be routed between firewalls based on a variety of different health checks.
Load balancing security services, such as FortiGates, provide several benefits, including:
Many organizations will want to monitor and manage their FortiGates, both in the Oracle Cloud Infrastructure and on-premises through Fortinet’s FortiManager and FortiAnalyzer. FortiGate, FortiAnalyzer and FortiManager are all available in Oracle Cloud Marketplace.
FortiGate Next-Generation Firewalls (NGFWs) filter network traffic to protect against both internal and external threats. Along with maintaining features of stateful firewalls such as packet filtering, IPsec and SSL VPN support, network monitoring, and IP mapping features, NGFWs possess deeper content inspection capabilities. These capabilities provide the ability to identify attacks, malware, and other threats, and allow the NGFW to block these threats. NGFWs provide organizations with SSL inspection, application control, intrusion prevention, and advanced visibility across the entire attack surface.
Oracle’s new Flexible Network Load Balancer with FortiGate NGFWs provide high availability, scaling and optimized performance. FortiGate NGFWs along with the Flexible Network Load Balancer can play a critical role in ensuring the security and availability of your applications and data in the Oracle Cloud Infrastructure.
Learn how Fortinet’s adaptive cloud security solutions provide the necessary visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.