Dynamic Cloud Security for Oracle Cloud Infrastructure
Consistent multi-layered security from across clouds and data centers to Oracle Cloud Infrastructure (OCI)
Dynamic Cloud Security for OCI Solution Brief
Fortinet Solutions to Secure Applications in OCI
Enterprises are turning to Oracle’s Generation 2 Cloud Infrastructure to build new applications, extend internal data centers, and ultimately take advantage of the elasticity of the public cloud. Those same enterprises are turning to Fortinet to help protect their applications and data in the Oracle Cloud.
Fortinet Dynamic Cloud Security solutions protect workloads and applications across on-premises data centers and cloud environments—with multilayer security for cloud-based applications. The Fortinet Security Fabric spans data centers and clouds to provide a consolidated view of security posture, a single console for policy management and governance reporting, and event monitoring regardless of physical, virtual, or cloud infrastructure, and across private, public, and hybrid clouds.
Fortinet solutions are available in the Oracle Cloud Marketplace both as on demand and bring-your-own-license (BYOL) listings.
Fortinet Dynamic Security for OCI
Fortinet breaks down the barriers that inhibit security visibility and management across private, public, and hybrid cloud platforms. With Fortinet, customers can enjoy the same level of security and identical security policies wherever their compute resides—from legacy data center to virtualized private cloud to major public cloud.
Fortinet security solutions help organizations maintain operationally viable, consistent security in a shared responsibility model from on-premises to the cloud. They deliver comprehensive and programmable multi-layer security and threat prevention capabilities for OCI applications and data.
Read the OCI Security Blueprint for more information.
Features and Benefits
Natively integrated, broad set of security solutions to address the entire attack surface.
Available as flexible BYOL or pay-as-you-go (PAYG) licensing.
APIs and templates for programmatic automation and orchestration.
Powered by security services from FortiGuard Labs—Fortinet’s leading research team that leverages a global network of security sensors and advanced machine learning (ML) technologies.
Centralized management and analytics with actionable insights to understand targeted attacks and meet compliance regulations.
FortiGate Next-Generation Firewall (NGFW) on OCI
FortiGate on OCI delivers enterprise-class NGFW capabilities for organizations of all sizes, with the flexibility to be deployed as a NGFW and/or VPN gateway. It enables broad protection and automated management for consistent enforcement and visibility across hybrid cloud infrastructures. FortiGate scales from the smallest footprint in the industry to the highest capacity NGFW virtual appliance on OCI.
FortiWeb Web Application Firewall
The FortiWeb web application firewall (WAF) delivers dedicated security with artificial intelligence (AI)-based detection engines and ML to dynamically understand normal and abnormal traffic patterns to defend applications from vulnerability exploits, bots, malware uploads, DDoS attacks, advanced persistent threats (APTs), and zero-day attacks.
FortiManager
Manage all Fortinet devices in a single-console central management system. FortiManager provides full visibility of the network, offering streamlined provisioning and innovative automation tools. Fully integrated with the Fortinet Security Fabric, the FortiManager automation-driven network operations capabilities provide a foundation to secure and optimize network security, such as provisioning and monitoring SD-WANs and cloud security.
FortiAnalyzer
Integrated with the Fortinet Security Fabric, FortiAnalyzer simplifies the complexity of analyzing and monitoring new and emerging technologies that have expanded the attack surface, and delivers end-to-end visibility, helping organizations to identify and eliminate threats. FortiAnalyzer provides advanced threat detection and correlation, automated workflows and compliance reporting, and scalable log management of Fortinet product logs, generic syslogs, and more.
Fortinet Oracle Cloud News
Fortinet Security Fabric supports these use cases for Oracle Cloud Platform:
The Fortinet Security Fabric for public cloud extends consistent, best-in-class enterprise security to OCI. The Security Fabric protects business workloads across on-premises and cloud environments, including multi-layered protection for born-in-the-cloud applications. Fortinet Security Fabric for OCI supports a variety of common enterprise cloud use cases, including:
Hybrid Cloud
Businesses need seamless security orchestration that scales along with cloud workloads. The Fortinet Security Fabric includes next generation firewalls (NGFWs) that complement native public cloud security functions while supporting secured and encrypted connectivity across every flavor of cloud infrastructure. They can be managed from either a public cloud deployment or on-premises in a private data center.
Secure Access VPN
As organizations increasingly adopt a “cloud-first” approach, they’re building out large, cloud-heavy infrastructures to support future IT growth and instant services to internal line-of-business customers. But they still require secure remote access to these new IT infrastructures, including all internal applications and work-related tools. Fortinet delivers best-in-class performance for securing VPN traffic and enables organizations to leverage the public cloud for building remote access VPN in the cloud. Fortinet delivers access to both applications residing in the cloud as well as on-premises applications connecting to the cloud over IPSec VPN tunnels.
Advanced Application Protection
For web applications and mail servers, the combinations of FortiGate and FortiWeb offer unique in-depth protection. This solution offers capabilities that help organizations comply with regulatory and security requirements such as PCI, SOX, GLBA, or HIPAA. Additionally, these capabilities help with relieving the need to constantly apply patches to web servers and reduce the risk from advanced threats.
Featured Products on Oracle Cloud Platform:
- Fortinet FortiGate-VM Next-Generation Firewall (NGFW) for OCI-Classic
- Fortinet FortiGate-VM Next-Generation Firewall (NGFW) for OCI
- Fortinet FortiManager-VM Centralized Security Management
- Fortinet FortiAnalyzer-VM Centralized Logging/Reporting
- Fortinet FortiWeb-VM Web Application Firewall (WAF)
- Fortinet FortiADC Application Delivery Controller
FortiGuard Security Services for Oracle Cloud
应用控制
通过实时、全面了解用户正在运行的应用,轻松实施可接受的使用策略,从而提高安全性,并满足合规要求。借助 FortiGuard 应用控制服务,您可以快速创建策略,以允许、拒绝或限制对应用或整个应用类别的访问。
FortiCloud 沙箱
FortiCloud 沙箱服务是一款高级威胁检测解决方案,可执行动态分析,以识别以前未知的恶意软件。FortiCloud 沙箱生成的可执行情报将应用到您网络内的预防控制系统中,从而消除威胁。
病毒爆发防护服务
FortiGuard 病毒爆发防护服务 (VOS) 通过 FortiCloud 沙箱分析填补了杀毒更新之间的空白,可检测并阻止在特征库更新期间发现的恶意软件威胁,以免波及整个组织。操作系统将启动对我们全球威胁情报数据库的实时查阅。
内容消除与重建
内容消除与重建 (CDR) 能够实时清除文件中的所有“活动”内容,并生成干净的文件。所有“活动”内容均被视为可疑内容,并予以删除。CDR 将处理所有传入文件,对其进行解构,并删除所有不符合防火墙策略的元素。
IP 信誉和反僵尸网络
FortiGuard IP 信誉服务能够从威胁传感器、CERT、MITRE、合作友商及其他全球来源组成的 Fortinet 分布式网络中聚合恶意源 IP 数据,这些信息来源将协同提供有关恶意数据源的最新威胁情报。从分布式网络网关获取的近乎实时的情报与 FortiGuard 实验室提供的一流研究成果相结合,可确保组织安全无虞,并助力主动拦截攻击。
Our Enterprise (ENT) bundle now includes:
- CASB - providing visibility, compliance, data security and threat protection for your cloud-based services.
- Industrial Security Service protection – SCADA (supervisory control and data acquisition) and ICS (industrial control systems). These signatures address attacks against critical infrastructure and manufacturing industries, where we are seeing frequent and sophisticated cyberattacks.
- Security Rating Service - this service performs checks against your fabric-enabled network and provides scoring and recommendations to your operation teams. The subsequent scorecard can be used to gauge adherence to various internal and external organizational polices, standards, and regulations requirements, including providing a ranking of your firm against industry peers.
The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- Web Filtering
- Antispam
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- CASB
- Security Rating
- Industrial Security Service
- FortiCare
The FortiGuard Unified Protection Bundle (UTM) is our traditional Unified Threat Management security bundle. The Unified Protection Bundle extends threat protection across the entire digital attack surface, providing industry-leading defense against sophisticated attacks. The UTM bundle has you covered for web and email-based attacks. The UTM bundle delivers the best package available for a unified threat protection offering. The UTM Bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- Web Filtering
- Antispam
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- FortiCare
The FortiGuard Advantage:
- FortiGuard processes over 69 million websites every hour, providing up-to-the-minute reputation and categorization.
- Prevent malicious downloads and browser hijacking attacks with top-rated web filtering (VBWeb Verified)
- Improved email productivity through superior spam prevention validated with 3rd party independent testing (VBSpam + Verified)
The FortiGuard Advanced Threat Protection (ATP) bundle provides the foundational security needed to protect and defend against known and unknown cyber threats. The Advanced Threat Protection bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- FortiCare 24*7
| Service | Advanced Threat Protection (ATP) |
Unified Protection (UTM) |
Enterprise Protection (ENT) |
A La Carte Protection |
| Threat Intelligence Service |
✔ |
|||
| Industrial Security Service |
✔ |
✔ |
||
| Security Rating |
✔ |
✔ |
||
| CASB |
✔ |
✔ |
||
| Web Filtering |
✔ | ✔ |
✔ |
|
| Antivirus + Sandboxing |
✔ |
✔ |
✔ |
✔ |
| IPS |
✔ |
✔ |
✔ |
✔ |
| Antispam |
✔ |
✔ |
||
| Internet DB |
✔ |
✔ |
✔ |
|
| IP Reputation |
✔ |
✔ |
✔ | |
| Application Control |
✔ |
✔ |
✔ |