Business & Technology
Today, Fortinet announced the expansion of our cloud security integration with Microsoft Azure with three new or updated offerings being featured at this week’s Microsoft Ignite event in Orlando. In this blog we will take a look at each of these. But first, let’s step back and look at the bigger picture.
Fortinet now has 12 different security products designed for Microsoft Azure. This represents a breadth of security solutions that is unmatched.
The list includes:
Even more impressive, most of these solutions also work across multiple clouds, virtual networks, and physical and virtual datacenters. This enables organizations to uniquely build and deploy a fully integrated and powerful cloud security fabric that can span even the most distributed network environments.
Of course, some may ask, “why do we need so many security solutions for Azure, since Microsoft (like all cloud vendors) has a security story all of its own?” But the answer lies in the shared security responsibility model which I have written about previously. According to this model, Microsoft is only responsible for securing its own elements, such as physical access to the Azure datacenters, infrastructure security, and the like. The cloud customer is still responsible for securing all other elements of their cloud environment.
However, this question also reflects the fact that security is a specialty field requiring highly-evolved technology – such as the AI and machine learning used by FortiWeb and FortiSandBox – that are only offered by a organization like Fortinet that specializes in security. And at the same time, truly effective security also requires tools that work together across datacenters and clouds to deliver seamless and consistent protection and management across multiple network ecosystems, not just the cloud. The truth is, security is hard, relying on isolated point or platform-specific security solutions makes it even harder.
FortiCWP is a relatively new solution, so it warrants a closer look. FortiCWP is a cloud workload protection solution that hunts for and resolves security issues (misconfigurations, anomalous behavior, malicious content, etc.) in cloud-based workloads – not just in Azure, but in the AWS and Google Cloud Platforms as well. It also can scan for sensitive data and malware in places like cloud storage environments to check for compliance with common regulatory frameworks such as HIPAA, SOX/COBIT, and PCI/DSS. FortiCWP is designed specifically for infrastructure as a service (IaaS) deployments. Fortinet’s sister solution, FortiCASB, monitors SaaS applications such as Office365 and Salesforce to provide complete cloud-based application protections and secure the network from things like shadow IT.
One of the key ways FortiCWP performs its magic is through deep integration with the Azure Security Center. FortiCWP uses Azure-specific APIs to interrogate Azure Network Watcher, NSG Flow Events, Activity logs, and more to gain insight into security configuration and events as well as into data on user behaviors and traffic flows. For this to happen, you do need an Azure account with the proper rights. Make sure your role is "Global Administrator" and that you have the AzureAD "Premium P2" license. Without the AzureAD "Premium P2" license, FortiCWP's Discovery feature cannot see user entitlements. A Storage account with blob log monitoring enabled will also be required.
This API level integration provides FortiCWP with the data it needs to monitor user activity, check configurations, and scan data blobs. FortiCWP also monitors user activity over time for risk assessment. This technique, called, “User Entity Behavior Analytics,” is a security process that monitors the normal actions of users and other entities combined with risk scoring techniques and advanced algorithms to detect anomalies over time.
Enabling comprehensive security with a cloud infrastructure environment like Microsoft Azure can be challenging. It is even more so when that security strategy needs to be extended across a multi-cloud network or span extended physical, virtual, and cloud environments. Fortinet provides the widest array of security solutions in the market, designed to operate natively within all major cloud environments, and function seamlessly across and between a variety of networked ecosystems. Rather than complicating an organization’s security footprint through vendor and solutions sprawl, this approach enables organizations to build, deploy, manage, and optimize a single, integrated security fabric that can operate consistently and seamlessly across even the most dynamic and highly distributed network environments.
Learn more about how Fortinet’s dynamic cloud security solutions give organizations the confidence to deploy any application on any cloud infrastructure.