How the SD-WAN Cyber Threat Assessment Benefits Partner Business

By Jon Bove | October 31, 2019

Organizations face a constant onslaught of cyber attacks threatening their networks, and are deploying security tools across the perimeter to minimize the chances of a successful breach. The challenge is, these organizations are also going through digital transformation – deploying applications, devices, and cloud environments – often across multiple branch locations. When working in such complex network environments, traditional defenses will not suffice. Organizations that are relying on outdated or disparate security controls may be at more risk than they realize.

To alleviate these risks, Fortinet introduced the Cyber Threat Assessment Program (CTAP) in 2015 with the next-generation firewall assessment followed by the CTAP assessment for email security. Since its inception, partners have leveraged CTAP to provide organizations value by identifying risks and offering security strategy recommendations. This has enabled customers to keep pace with modern cyberattacks, while helping partners solidify their consultative relationships and accelerating their sales cycle. Today, we are introducing a new assessment for Secure SD-WAN.

Cyber Threat Assessment Program

Leveraging CTAP, partners deploy Fortinet devices within prospects’ networks for up to seven days to log information on activity, providing an in-depth look at the current state of customer networks. These devices are deployed alongside existing security infrastructure, and do not impact daily operations. At the end of the evaluation, partners have visibility into the devices and applications running within the network, where performance might be improved, and where customers’ existing security tools are falling short and allowing malicious content to slip past undetected. Based on this information, partners can offer prioritized recommendations based on areas of need.

Many organizations do not have the resources or expertise to regularly evaluate security infrastructure and make updates as the threat landscape evolves – meaning customers may not know that the controls they have in place are lacking. Additionally, IT teams may not have the budget in place to purchase and deploy additional tools. With results from an assessment, IT teams have a clear report they can show to business stakeholders on why security budgets must be increased, and what the consequences might be if they are not.

This enables customers to enhance security with more effective solutions, while partners grow business and increase the chances of an expanded relationship as a trusted advisor.

CTAP for Secure SD-WAN

Fortinet’s CTAP program for next-generation firewalls and email security is well-established, helping partners identify security gaps in perimeter defenses and cloud-based email security using FortiGate and FortiMail respectively.

With today’s launch of an assessment program for Secure SD-WAN deployments, partners will be able to optimize productivity and performance as customers adopt Secure SD-WAN across geographically distributed branch offices.

“Fortinet’s Cyber Threat Assessment Program (CTAP) has been a vital program for SHI to identify security risks and vulnerabilities for our customers. As a Fortinet partner, CTAP has enabled SHI to grow our business by expanding relationships with current customers and prospects,” shared Mike Yurick, Field Solutions Engineer – Enterprise at SHI. “My team has seen firsthand the value of deploying the next-generation firewall assessment for customers and prospects, allowing us to provide recommendations on how to advance security strategies and address gaps in defense that we uncover through the assessment. We’re excited for the addition of the Secure SD-WAN assessment as we recognize the opportunity SD-WAN represents, and it will provide a valuable tool to help us work with customers who are evaluating SD-WAN deployments.”

Why SD-WAN Now?

As organizations undergo digital transformation, the move to SD-WAN from traditional WAN infrastructure is growing in popularity. SaaS applications have become business critical to enable an increasingly mobile workforce, and their performance is often hindered by traditional networking environments. Traditional network architectures are not equipped to accommodate the complex workloads demanded by digital transformation – many of which span multiple clouds.

The demands of WAN edge infrastructure are changing. Customers are likely using separate security, routing and WAN optimization solutions.  These legacy routers and networking solutions do not have SD-WAN capabilities. They rely on a hub and spoke design that reduces visibility and creates bottlenecks - especially between branch locations and the central data center. Furthermore, these solutions often require higher capex investments in hardware that is difficult to scale.

SD-WAN, however, allows for high-speed application performance at the WAN edge, determining the ideal routes for MPLS, 3G/4G, or broadband traffic. To keep up with the evolving demand of WAN edge infrastructure, Fortinet delivers enterprise-grade Secure SD-WAN and next-generation firewalls in an integrated offering.  Advancements in application steering, automation, and centralized management has earned our Secure SD-WAN recognition in the Gartner 2018 Magic Quadrant for WAN Edge Infrastructure.

The SD-WAN Opportunity for Partners

In addition to enhanced performance, the switch to a Secure SD-WAN infrastructure offers customers centralized management, cost reduction, and fewer complexities than a traditional WAN infrastructure.  

Partners can help enable the shift to SD-WAN, providing users with direct connectivity to the enterprise branch and scaling bandwidth capacity based on the prioritized needs of the organization. Working with Fortinet to implement SD-WAN, partners allow customers to communicate securely across distributed networks without the added costs of integrating third-party security controls into their SD-WAN environment.

While SD-WAN is beneficial for distributed networks across branch locations, it often creates gaps in security when it comes to direct internet access. The goal of the Secure SD-WAN assessment is to identify these gaps to ensure security preparedness for direct internet access, WAN cost reduction, and optimal performance. A common challenge customers face when deploying SD-WAN is that the solution is often selected and deployed without consultation from the security team. The security team is then left to figure out how to integrate this new solution into existing security measures, compromising overall security strategy.

The report generated by the cyber threat assessment allows partners to highlight the risks of not integrating security at the outset. This enables partners to speak directly to key stakeholders such as the CISO, VP of Networking, and network architects – circumventing potential account blockers.

The Secure SD-WAN CTAP Report

By deploying a FortiGate within their prospect’s networks, partners can generate an assessment report that offers visibility into application use, threat prevention, and bandwidth utilization.

Ultimately, the Secure SD-WAN assessment will help customers answer:

  • Will IT teams have adequate visibility into and control of applications at the WAN edge?
  • How many external applications are running in the network?
  • Is there visibility into utilization data?
  • Can security infrastructure at branch locations keep up with cloud adoption?
  • Can MPLS costs be optimized as bandwidth requirements grow?

After FortiGates have collected log data from the customer network for several days, partners can generate a Secure SD-WAN assessment report, which will illuminate the most pressing actions to be taken. These reports are broken into three key sections:

Application Visibility

This section of the report visualizes which applications are used in customer’s network and how they are being used – including if they are connecting to internal or external resources. This is important because understanding which applications are communicating externally will allow partners to determine costs for WAN links and where they might be optimized with direct internet. The report classifies applications based on how critical they are to business and their bandwidth usage based on categories such as VoIP/video, collaboration, social media, and more.

Security and Threat Prevention

This section of the report examines the high-risk applications being used within a customer’s or prospects network – specifically examining how traffic from branch locations could be secured. The information here allows partners to demonstrate why a customer or prospect must update or augment their security infrastructure quickly, providing visibility into application vulnerabilities in the network and at-risk devices. This highlights the risks that can accompany SD-WAN if security is not integrated with controls like next-generation firewalls, which ensure security and performance.

Bandwidth Utilization and Performance

Here, the report looks at IP source traffic to determine the origin country of specific requests. This helps teams to identify botnets or remote access sessions that might indicate targeted attacks. The report also illuminates bandwidth usage by the hour and where that use can be optimized on an application basis. Partners add value here by providing recommendations on where WAN links can be made more cost-effective without harming the end-user experience.

Ultimately, all of this data amounts to a list of recommendations partners can make to prospects and customers on how they can get the most out of their investments, earning a position as a trusted advisor. Examples of these types of recommendations are:

  • Use direct internet access for external traffic
  • Deploy sandboxing to detect unknown malware and threats
  • Create SLAs for critical applications

Benefits of CTAP Assessments

The Cyber Threat Assessment Program for FortiGate, Email and SD-WAN allows partners to efficiently and effectively demonstrate how their services and expertise can benefit customers through enhanced security, performance, and spend optimization. This ability will be especially relevant as customers and prospects continue to deploy SD-WAN to increase performance across locations and distributed networks.

Learn more about how to leverage CTAP to grow your business on the Partner Portal.