Fortinet Security Fabric for Alibaba Cloud

Fortinet solutions for Alibaba Cloud are designed to provide enterprise class security to your cloud-based applications. The solutions feature native integration into Alibaba cloud for seamless security and ease of automation, broad protection against both common and advanced threats, and central management and automation across clouds and data centers.

logo alibaba cloud

Fortinet Security Fabric for Alibaba Cloud

The Fortinet Security Fabric for Alibaba extends consistent, best-in-class security to the Alibaba Cloud. The Security Fabric protects business workloads across on-premises data center and cloud environments, including multi-layered security for born-in-the-cloud applications. Fortinet’s broad, integrated solution protects applications, data and the infrastructure supporting them.

 

   

Features and Benefits:

 

icon artificial intelligent

Complete visibility and automated, AI-driven threat protection across the entire attack surface

reduce cash icon

Flexible bring your own license (BYOL) options for scalable cloud workload deployment

icon benefits management

Integrated cloud security competency with top-rated protection, tested by NSS Labs, Virus Bulletin, and AV-Comparatives

cloud ready icon

Cloud-ready, multilayered, and virtual domain (vDOM) support for granular security and intent-based segmentation

Visibility Management

Single-pane-of-glass visibility and management of security and policies both inside and outside the Alibaba Cloud

Fortinet Use Cases for Alibaba Cloud

Cloud Workload Protection

Applications being built in or migrated to the cloud need to be protected against traditional internet-originated threats, as well as from new threats that propagate across workloads and are introduced via application programming interfaces.

The combination of inline protection for north-south traffic, host-based protection for east-west traffic, and protection for cloud API and configuration risks offers the tightest security solution for the cloud. Leverage FortiGate VM to protect virtual cloud networks from internet-originated threats as well as providing inter-cloud secure connectivity. Utilize FortiWeb VM to secure applications. Extend security within the cloud by using FortiClient on VMs, assuring compliance and connectivity. FortiCASB-Cloud protects from unwanted or unsupervised configurations at the cloud-account level.

Secure Hybrid Cloud

Security posture is often inconsistent between data centers and clouds, leading to poor network visibility and complex security management. Connectivity needs to be protected between cloud environments and data centers.

FortiGate next-generation firewall (NGFW) and Fortinet cloud security solutions offer best-of-breed secure connectivity, network segmentation, and application security for hybrid cloud-based deployments. They provide centralized, consistent security policy enforcement and connect through a high-speed VPN tunnel. FortiGate VMs deployed in the public cloud can securely communicate and share consistent policies with FortiGate NGFWs of any form factor provisioned across clouds or in a private data center.

Intent-based Segmentation

Segmenting cloud environments is challenging because dynamic provisioning results in constantly changing IP addresses. Network segmentation based on static IP addresses is ineffective. FortiGate VMs provide intent-based segmentation, which builds access rules and segments based on user identity or business logic and adjusts rules dynamically in response to a continuous trust assessment. FortiGate VMs leverage metadata or tags associated with cloud-based resources across multiple clouds as an element in enforcing security policies.

Cloud-based Security Management and Analytics

Leverage the multi-regional and global presence of top cloud infrastructure providers to deploy centralized and global security management and analytics systems in the cloud. FortiManager VM, FortiAnalyzer VM, and FortiSIEM VM can all be deployed in the cloud to scale and globalize.

Click here to learn more about these use cases.

Featured Fortinet Products on the Alibaba Cloud

Fortinet offers its industry-leading series of network security products on the Alibaba Cloud, enabling advanced security for your cloud-based infrastructure and applications.
 
icon sm fortigate

The FortiGate VM on the Alibaba Cloud delivers next-generation firewall (NGFW) capabilities for organizations of all sizes, with the flexibility to be deployed as a NGFW and/or a VPN gateway. 

On-Demand  |  Bring Your Own License (BYOL)

icon sm fortiweb

The FortiWeb Web Application Firewall (WAF) provides advanced security and AI-based machine learning that defends web applications from vulnerability exploits, bots, malware uploads, DDoS attacks, advanced persistent threats (APTs), and zero-day attacks.

Learn More

icon sm fortimanager

FortiManager provides single-pane-of-glass management for unified, end-to-end protection across the extended enterprise. It delivers insight into network traffic and offers enterprise-class features for threat containment.

Bring Your Own License (BYOL)

icon sm fortianalyzer

FortiAnalyzer delivers critical insight into threats across the entire attack surface and provides instant visibility, situational awareness, real-time threat intelligence, and actionable analytics.

Bring Your Own License (BYOL)

icon sm fortiguard

FortiGuard Threat Intelligence Service arms security professionals with actionable and prioritized threat intelligence that integrates into Fortinet security solutions, enabling a fast and proactive response to targeted attacks.

Visit Alibaba Marketplace for a complete list of Fortinet products available on Alibaba Cloud.

FortiGuard Security Services for Alibaba Cloud

FG Antivirus

Antivirus

FortiGuard Antivirus protects against the latest viruses, spyware, and other content-level threats. It uses industry-leading advanced detection engines to prevent both new and evolving threats from gaining a foothold inside your network and accessing its invaluable content.

FG Application Control

Application Control

Improve security and meet compliance with easy enforcement of your acceptable use policy through unmatched, real-time visibility into the applications your users are running. With FortiGuard Application Control, you can quickly create policies to allow, deny, or restrict access to applications or entire categories of applications.

security audit service icon

Content Disarm & Reconstruction

Content Disarm & Reconstruction (CDR) strips all active content from files in real-time, creating a flat sanitized file. All active content is treated as suspect and removed. CDR processes all incoming files, deconstructs them, and removes all elements that do not match firewall policies.

FG Intrusion Prevention

Intrusion Prevention

FortiGuard IPS protects against the latest network intrusions by detecting and blocking threats before they reach network devices.

FG AntiBotnet

IP Reputation & Anti-botnet Security

The FortiGuard IP Reputation Service aggregates malicious source IP data from the Fortinet distributed network of threat sensors, CERTs, MITRE, cooperative competitors, and other global sources that collaborate to provide up-to-date threat intelligence about hostile sources. Near real-time intelligence from distributed network gateways combined with world-class research from FortiGuard Labs helps organizations stay safer and proactively block attacks.

virus outbreak service icon

Virus Outbreak Protection Service

FortiGuard Virus Outbreak Protection Service (VOS) closes the gap between antivirus updates with FortiCloud Sandbox analysis to detect and stop malware threats discovered between signature updates before they can spread throughout an organization. OS initiates a real-time look-up to our Global Threat Intelligence database.

FG Web Filtering

Web Filtering

Protects your organization by blocking access to malicious, hacked, or inappropriate websites.

   

FortiGuard Enterprise Bundle

Our Enterprise (ENT) bundle now includes:

  • CWP - providing visibility, compliance, data security and threat protection for your cloud-based services.
  • Industrial Security Service protection – SCADA (supervisory control and data acquisition) and ICS (industrial control systems). These signatures address attacks against critical infrastructure and manufacturing industries, where we are seeing frequent and sophisticated cyberattacks.
  • Security Rating Service - this service performs checks against your fabric-enabled network and provides scoring and recommendations to your operation teams. The subsequent scorecard can be used to gauge adherence to various internal and external organizational polices, standards, and regulations requirements, including providing a ranking of your firm against industry peers. 

The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • CWP
  • Security Rating 
  • Industrial Security Service
  • FortiCare
FortiGuard UTM Bundle

The FortiGuard Unified Protection Bundle (UTM) is our traditional Unified Threat Management security bundle. The Unified Protection Bundle extends threat protection across the entire digital attack surface, providing industry-leading defense against sophisticated attacks. The UTM bundle has you covered for web and email-based attacks. The UTM bundle delivers the best package available for a unified threat protection offering. The UTM Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare

The FortiGuard Advantage: 

  • FortiGuard processes over 69 million websites every hour, providing up-to-the-minute reputation and categorization. 
  • Prevent malicious downloads and browser hijacking attacks with top-rated web filtering (VBWeb Verified)
  • Improved email productivity through superior spam prevention validated with 3rd party independent testing (VBSpam + Verified)
FortiGuard Advanced Threat Protection Bundle

The FortiGuard Advanced Threat Protection (ATP) bundle provides the foundational security needed to protect and defend against known and unknown cyber threats. The Advanced Threat Protection bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare 24*7
Services Table
Service Advanced Threat Protection
(ATP)
 
Unified Protection
(UTM)
 
Enterprise Protection
(ENT)
 
360 Protection


FortiManager Cloud
     
FortiAnalyzer Cloud
     
SD-WAN Cloud Assist Monitoring
     
SD-WAN One Click VPN Overlay
     
FortiConverter Service
     
Industrial Security Service
   

Security Rating
   

CWP
   

Anti-Spam
 


Web Filtering
 

Advanced Malware Protection




IPS




FortiCare + Application Control