Business & Technology

Fortinet Fully Supports VMware NSX-T to Advance Security for Software-Defined Data Centers and the Cloud

By Fortinet | August 26, 2019

Fortinet now provides full interoperability and integration between Fortinet’s FortiGate-VM, powered by the Fortinet Security Fabric, and VMware NSX-T Data Center with Fortinet’s expanded support of East-West traffic. This enhanced functionality allows organizations to seamlessly integrate security across multi-hypervisor environments, public clouds and multi-cloud environments.

VMware NSX-T version 2.4 was a major VMware milestone that saw the introduction of new advanced networking, security and automation capabilities. Through Fortinet’s support of VMware NSX-T, Fortinet will help customers more confidently extend their virtualized infrastructure across multi-hypervisor environments as well as public and private clouds through the deployment of a single, unified security layer. This approach also provides a consistent security posture by enabling a uniform SecOps model. Fortinet has expanded its FortiGate-VM existing North-South protecton capabilities by now also supporting VMware NSX-T with full East-West traffic protection to ensure the consistent application of advanced security across the entire VMware NSX-T environment.

Benefits of Dynamic Cloud Security

As the digital attack surface expands, CISOs and security architects need to effectively manage risks while evolving their security infrastructure. FortiGate-VM for VMware NSX-T virtual cloud networks enables zero-trust security across hypervisors and clouds while mitigating the lateral movement of threats within virtualized data centers and across multi-cloud deployments. Featuring FortiGate-VM virtual SPU (vSPU) technology and parallel-path architecture, FortiGate-VM is the industry’s highest performing virtual NGFW. These features enable it to perform SSL/TLS inspection, in addition to other threat protection tasks, with the least impact on throughput. As a result, organizations can realize the benefits of East-West traffic inspection and visibility without compromising application performance and infrastructure agility.

Some of the benefits of Fortinet’s extended support of VMware NSX-T East-West traffic include:

  • Zero-trust security across hypervisors and clouds. This allows organizations to mitigate the lateral movement of sophisticated threats and vulnerabilities within virtualized data centers and across multiple clouds. This provides advanced security throughout all environments.

  • Advanced protection of lateral traffic moving between different entities inside the virtualized data center and related cloud deployments. This enables customers to deliver advanced security across the Virtual Cloud Network.

  • Fortinet’s approach extends the broad visibility, integrated threat detection and automated response of the Fortinet Security Fabric to leading technology alliance solutions through the Fabric APIs, Fabric Connectors, and DevOps scripts and tools. As a Fabric-Ready Partner, VMware has also enabled Fortinet to natively integrate with its products and solutions. Fortinet’s Fabric Connectors allow deep integration into partner technologies to streamline the application lifecycle management while also reducing operational overhead. Fortinet’s Fabric Connectors automatically update security policies associated with dynamic objects in VMware NSX-T whenever changes are made to application meta-data and annotations. This capability, which also extends to public cloud infrastructures such as AWS, Azure, and GCP, relieves organizations of the need to continously update security policies for every change to the application infrastructure. By eliminating manual intervention from IT teams, their time is freed up for other business-critical duties.

  • Organizations achieve simplified management through Fortinet’s most recent support enhancements. Security can be managed by VMware NSX-T’s user interface and changes will automatically be carried through to the FortiGate-VM instances running in the VMware NSX-T Data Center.

  • Underpinned by the FortiOS operating system and FortiGuard Threat Intelligence services, the FortiGate-VM NGFW delivers industry-leading performance and layered threat protection to virtualized data centers and cloud infrastructure. 

Not only does Fortinet provide the most robust suite of security solutions designed to run on the VMware ESX and NSX platforms, but we are also the only security vendor to provide solutions for every major cloud provider, including AWS, Azure, Google Cloud, IBM Cloud, Oracle Cloud, and Alibaba Cloud. This breadth and depth enables organizations to establish and maintain unparalleled consistent protection across the broadest array of networks – including public, hybrid, and multi-cloud – while supporting and securing applications, data, and workloads that move across and between these platforms.

Implementing a Zero-Trust Network Security Model

As virtualization has increased in popularity, the amount of traffic moving laterally across the data center (East-West) has dwarfed traditional client-server traffic, which moves in and out (North-South). Once bad data packetes such as malware enter into the network they may have unimpeded access to that “East-West” traffic inside the network. To address these risks, FortiGate-VM augments the micro-segmentation provided by VMware NSX-T Data Center 2.4 with advanced L7 security for complete protection against the most sophisticated threats and vulnerabilities in the SDDC and multiple clouds. The result is that organizations can confidently implement a zero-trust network security model that protects the infrastructure without adding to management and control overhead.

VMware NSX-T Data Center 2.4 enhances the policy-based service insertion of the FortiGate-VM to enhance the security of East-West traffic without having to make changes in the topology. Fortinet’s Fabric Connectors allow dynamic object updates to the VMware NSX-T Manager and synchronizes FortiGate-VM NGFW policies. By integrating FortiGate-VM with the VMware NSX-T 2.4 East-West service insertion, organizations can experience robust protection of lateral traffic between different entities inside the cloud deployment, enabling them to expand services and functions without introducing additional risk. 

Learn more about how Fortinet’s multi-cloud solutions provide the necessary visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.

Read these customer case studies to see how Cuebiq and Steelcase implement Fortinet’s multi-cloud services for secure connectivity and application security.