How Fortinet Connects with Communications Service Providers (CSPs)

By Lizzie Cohen | May 15, 2018

Communications Service Providers (CSPs) are rapidly evolving from traditional businesses (e.g., telecommunications, media, hosting) into new agile service models.

Fortinet’s charter with CSPs is to interpret market trends, address key issues, and help drive carrier businesses forward. By improving your competitive positioning, we help everyone make money. This happens through coordination with local teams, unifying efforts across countries and regions, and developing ecosystem of partners. We engage with CSPs in three main capacities.

TO: We sell Fortinet solutions to CSPs for internal use as a traditional customer. Fortinet secures legacy carrier operations—such as cloud and data center environments, email defenses, and DDoS mitigation. We also sell to mobile operators to secure their evolved packet core (EPC).

THROUGH: Fortinet works in a business partner relationship with CSP resellers providing Fortinet solutions as security-as-a-service to their customers in both the enterprise and SMB markets.

Managed Security Service Provider (MSSP): We also partner with MSSPs, offering Fortinet-based managed security solutions to customers on-site or via the cloud.

Adding Value to Managed Services

Managed security services are expected to grow at an annual rate of 14.5% for the next four years, reaching more than $45 billion by 2022. One reason is that every year, more companies shift toward the model of security as a utility. As enterprises shift IT infrastructure from capex to opex-based spending, carriers can increase their offerings and accelerate revenues through value-added security across a heterogeneous range of services.

But CSPs must carefully consider which services are important to offer, what revenue-generating features will be most desirable, the appropriate price points, and the engineering needed to support those features.

  1. Define service offerings with the requirements of common or targeted customer-location sizes. New security providers must delineate a handful of discrete security service packages that customers can choose from that will reduce custom configuration requests.
  1. Keep pricing model as simple as possible. Customers moving away from managing their own security are looking for simplicity in configuring the MSSP environment. An overly complicated list of available options will not be appealing.
  1. Build business around a standardized technology stack. Managing disjointed security architectures and multiple vendors will require considerably more effort than managing a standardized technology stack. The more vendor-trained resources a security provider needs to manage customer solutions, the lower its margin and likelihood of customer satisfaction.
  1. Carefully define the level of support included at each price point, down to the number of calls per month. The security provider must meet the typical customer’s needs, but unlimited support calls for a fixed monthly rate could quickly drain margins.


Standardizing on a limited set of security products to meet specific customer needs is crucial to profitability down the road. The different security solutions must integrate tightly with one another and streamline management. A point security product approach that is not integrated would be just as time-consuming for the security provider’s staff as it would be for customers. Therefore, emerging security providers need to minimize the number of different vendors in their technology stack.

The evolving role of CSPs is to leverage their presence and installed base of existing users to provide customers with connectivity plus value-added services. In terms of our broad selection of value-added security options, Fortinet is an outstanding business partner.

Service Enablement

Fortinet helps CSPs earn additional incremental revenue through innovative solutions that enable them to generate more business and differentiate themselves in an increasingly competitive marketplace. Our solutions empower MSSPs with best-in-breed, adaptive security that fits any environment or security requirement—from small and medium businesses to enterprise, data center, and service provider networks.

Software-defined wide area network (SD-WAN) offers a great example. As businesses migrate to SD-WAN for managing branch and remote site networking, carriers in particular are positioned to lose MPLS revenue as their customers move away from those more expensive connections.

Fortinet FortiGate next-generation firewalls feature integrated secure SD-WAN capabilities. This gives MSSPs the ability to extend their customer’s security needs to a new network environment, while expanding the business relationship into a new provided service.

Follow the Fabric Path

Today MSSP offerings revolve around firewall services. But in the digital transformation era—that extends networks and exposes new vulnerabilities beyond perimeter defenses—CSPs need to evolve into areas of intrusion prevention, cloud security, and protecting complex IoT infrastructures. The Fortinet Security Fabric architecture provides both the path and solutions to expand additional services to upsell.

The growth of IoT will rely on the mobile carrier network. So for mobile carriers, preparations for things like the upcoming release of 5G includes checking on customer security needs in those related use cases. Looking slightly further ahead, future MSSP services will include regulatory compliance, incident response, threat intelligence, and advanced analytics.


Read more to learn about three security service models that can help increase revenue and provide more ways to find new revenue opportunities. Also, learn how a security fabric approach improves business efficiencies and can empower IoT infrastructure and services.