Business & Technology
If you are a network practitioner, you have likely implemented—or at least considered implementing—segmentation based on IP subnets, VLANs, or VXLANs in the network. While these techniques allow administrators to separate IT assets using network semantics, they do not inherently include security, meaning there are no in-built mechanisms in place to perform authentication, admission control, and trust assessment.
So while you may have separated one traffic stream from another, you have actually only tackled a tiny fraction of the larger problem of needing to combine the isolation of network and IT assets with granular access controls, and then integrating that with high-performance advanced security. Planning, designing, and maintaining such a strategy can quickly exhaust limited IT and security resources. Fortunately, Intent-based Segmenation is a solution to this multi-dimensional problem, which includes the following.
Powered by our patented Security Processing Units (SPUs), FortiGate devices provide the industry’s most cost effective and highest-performing full inspection against-mandated ciphers, combined with comprehensive threat protection to enable and secure Intent-based Segmentation that extends from endpoint devices to the branch and campus, and out to the distributed data center and multi-cloud environments.
To that end, Fortinet today announced, a new series of high-performance FortiGate Next-Generation Firewalls (NGFWs), comprised of the FortiGate 3600E, FortiGate 3400E, FortiGate 600E, and FortiGate 400E Series that enable organizations to implement Intent-based Segmentation deep into their security architecture.
The SSL inspection performance of each of these solutions is the industry’s highest for their class. In addition, FortiGate has a longstanding history of earning NSS Labs Recommended ratings in the Next-Generation Firewalls group tests, with their high SSL inspection performance with minimal performance degradation cited as one of the reasons.