Innovation Insights: Defining Open with the Fortinet Security Fabric

Securing networks has been a serious challenge ever since DEC salesman Gary Thuerk sent the first spam message to 400 unsuspecting users of the ARPANET back in 1978. Sure, security devices have become more sophisticated over time, and their evolution is a fascinating subject. But they all tend to suffer from a common problem: because they are a siloed technology, they can only solve the problem sitting right in front of them.

This is one of the reasons why, in spite of the millions being spent on security by today’s organizations, the incidents of successful security breaches continue to grow. Cybercriminals have developed a set of very sophisticated capabilities designed to discover network vulnerabilities, circumvent security, evade detection, and then either cripple the network or retrieve valuable data. Or both.

Which is why Fortinet has developed the Security Fabric, an architectural framework innovation that addresses cyberthreat capabilities with a dynamic set of interoperable, collaborative, and adaptive security solutions and capabilities of its own. It is designed to stop the attack chain through a continuous security cycle:

1. Preparing the network for proactive threat defense through things like intelligent segmentation, establishing strong security processes, and proper training

2. Preventing attacks through the integration of security technologies for the endpoint, access layer, network, applications, data center, and cloud into a single collaborative security architecture that can be orchestrated through a single management interface.

3. Detecting threats before they get into the network through a combination of shared threat intelligence and collaborative defenses designed to see and stop even sophisticated multi-vector attacks

4. Responding to attacks with an automated response to identified threats that breaks the infection chain, immediately protects network resources, and actively identifies and isolates affected devices.

The cycle continues as protections from detected threats are implemented across the distributed network to improve the organization’s preparation against future attacks.

Interoperability

A critical component of the success of an architectural approach to security is the purpose-built interoperability between its individual security solutions. The Fortinet Security Fabric is built around a series of tiered interconnectivity and open API strategies that allow Fortinet and third-party solutions from Alliance Partners to collect and share threat intelligence, and coordinate a response when anomalous behavior or malware is detected.

Inner Core Network Security - The foundation of the Fortinet Security Fabric relies on the tight integration and dynamic interoperability between three foundational Fortinet security technologies: FortiGate, FortiManager, and FortiAnalyzer. These solutions are built on a common operating system, and utilize centralized orchestration to harden the core of the network and actively monitor, analyze, and correlate threat activity.

Outer Core Network Security - The next tier of the Fortinet Security Fabric is focused on expanding the security implemented at the network’s inner core out to the dynamic edges of the borderless network. This includes things like hardening wireless access points, seamlessly tracking and enforcing policy as it moves into the cloud, securing endpoint devices and BYOD strategies, and dynamically segmenting the network as organizations adopt IoT.

Extended Security – Security also needs to extend to common attack vectors, like email and the web to proactively analyze data and traffic for unknown and zero-day threats. This extended protection is a critical function of the security fabric, and includes the Fortinet Advanced Threat Protection (ATP) solution, including FortiSandbox, as well as FortiMail and FortiWeb, designed to close the gap on what are still the most common attack vectors for malware and data loss.

Global Threat Intelligence – While the Security Fabric generates and shares a great deal of local threat intelligence, it is essential that it is constantly tuned against the latest threats occurring in the wild. Fortinet’s global threat research team actively monitors the world’s networks to find, analyze, and develop protection against known and unknown security threats. They then automatically deliver continuous threat updates to firewall, antivirus, intrusion prevention, web filtering, email, and antispam services.

Network & Security Operations – Fortinet’s network security and analysis tools are designed to provide a more holistic approach to threat intelligence gathering by actively synthesizing and correlating threat data between security tools and such devices as FortiSIEM and Fortinet’s suite of hardened network devices, such as FortiAP-U and FortiSwitch. The Security Fabric can also extend the coordination of a threat response through our alliance of fabric-ready and fabric-compliant partners.

Visibility and Control

Intelligence plays a critical role in establishing broad visibility and granular, proactive control across the Security Fabric. On average, security breaches take nearly eight months to detect. Part of the reason for this delay is that enterprise security teams trying to track more than a dozen different security monitoring and management consoles. And they still have to hand-correlate events and data to detect today’s evasive advanced threats. If you can't see what's happening, threats will persist and proliferate, which can have devastating consequences for your business.

FortiSIEM, our latest security technology solution, is an all-in-one next-generation security information and event management platform that provides deep, coordinated insight to what’s happening in the network. It enables organizations to rapidly find and fix security threats and manage compliance standards – all while reducing complexity, increasing critical application availability, and enhancing IT management efficiency. And its open design allows it to both collect and share critical threat intelligence from third-party solutions.

Summary

The evolving enterprise network and its transition to a digital business model is one of the most challenging aspects of network security today. As significant trends in computing and networking continue to drive changes across many critical business infrastructures, architectures, and practices, organizations require a new, innovative approach to network security that enables them to quickly embrace those changes.

The Fortinet Security Fabric provides the integrated and collaborative security strategy your organization needs. It enables the protection, flexibility, scalability, adaptability, and manageability you demand across your distributed and highly dynamic network, from IoT to the cloud.