Next-Generation Security for Microsoft Azure

Consistent Multi-layered security from across clouds and datacenters to Microsoft Azure

Extending Advanced Security for Microsoft Azure
web product icon azure cloud

Fortinet Security Fabric for Microsoft Azure

More and more enterprises are turning to Microsoft Azure to extend internal data centers and take advantage of the agility of the public cloud. While Azure secures the infrastructure, organizations are responsible for protecting everything they put in it. Fortinet Security Fabric provides Azure and Office 365 users broad protection, native integration and automated management enabling customers with consistent enforcement and visibility across their multi-cloud infrastructure. The Fortinet Security Fabric offers deep multi-layer-security protection and operational benefits for securing web applications, mail applications, preventing zero-day threats and managing global security infrastructures from the cloud.

Fortinet helps customers Connect to the cloud, Protect cloud applications, and Deliver security from the cloud With Fortinet

 

Connect

As organizations increase their utilization of cloud services, so does the need to securely and efficiently connect to the cloud. Fortinet provides customers with secure and reliable solutions to connect to Azure-based workloads and resources. Fortinet offers a variety of secure connectivity options for Azure, helping customers select the connectivity option that best suits their needs whether they are looking for secure remote access, secure hybrid cloud connectivity or a full-feature cloud security services hub.  FortiGate-VMs can be deployed within Azure to provide fully optimized and highly secure communications between SD-WAN branches, datacenters and the cloud. Fortinet’s SD-WAN branch solutions can also seamlessly integrate with Azure’s Virtual WAN.

 

Protect

As organizations increase their compute footprint in the cloud, Fortinet also provides customers with a broad array of security solutions to protect Azure based resources and workloads. Fortinet solutions are tightly integrated and designed to help customers maintain a consistent security posture across applications, clouds and datacenters. Fortinet protects Azure-based applications with solutions including FortiGate-VM next generation firewalls, FortiCWP for cloud platform security, and FortiWeb for web application and API protection (available as a VM, a container, and as a SaaS running in Azure). Fortinet is the only provider offering customers such a broad array of integrated core cloud security products. Furthermore, Fortinet offers the broadest set of security solutions that are natively integrated into the Azure infrastructure and available on the Azure marketplace. Products are available as both pay as you go (PAYG) and bring your own license (BYOL) procurement.

 

Deliver

As organizations are strained with limited cloud security resources and expertise, there is a growing preference to consume certain security functionality as a service (SaaS), eliminating the need to manage and maintain security devices. Various Fortinet offerings are available as a Service, forming a rich and broad set of Security as a Service (SECaaS) portfolio. Fortinet’s SECaaS solutions are help organizations address security reduce capital costs and allow fast and simple deployment of new security services.  Fortinet SaaS offerings include the new FortiWeb Cloud as a Service which can be procured through the Azure Marketplace.

 

 

 

Features and Benefits:

 

reduce cash icon

Available as Flexible Bring-Your-Own-License (BYOL), Pay-As-You-Go (PAYG) licensing, or Security-as-a-Service, for scalable cloud workload deployments

icon benefits management

Centralized management and analytics with actionable insights to understand targeted attacks and meet compliance regulations

cloud ready icon

Natively integrated, broad set of security solutions to address the entire attack surface

Icon automation

APIs and templates for programmatic automation and orchestration

FortiGate Next-Generation Firewall on Microsoft Azure

In this quick video, learn how Fortinet delivers a natively integrated solution for Microsoft Azure users to protect application workloads beyond standard Azure security services. Fortinet’s Next Generation Firewall (NGFW) enables the broadest protection and automated management for consistent enforcement and visibility across your hybrid cloud infrastructure.

立即观看

FortiWeb Cloud WAF-as-a-Service

FortiWeb Cloud WAF-as-a-Service is a Security-as-a-Service SaaS cloud-based web application firewall (WAF) that protects public cloud-hosted web applications from the OWASP Top 10, zero-day threats, and other application layer attacks.

Requiring no hardware or software, the FortiWeb colony of WAF gateways can run in most Azure regions. This allows organizations to scrub application traffic within the same region their applications reside, addressing performance and regulation concerns, as well as keeping traffic cost to a minimum.

More information

 

Cloud Workload Protection with FortiCWP

FortiCWP is Fortinet’s Cloud Workload Protection (CWP) solution. FortiCWP uses API level integration into Microsoft Azure management and security services including the Azure Security Center to monitor and track cloud resources including their configurations, activity, traffic flows. FortiCWP will also scan cloud data stores such as Azure Blobs for sensitive or malicious content and produce reports on an organization’s compliance with common regulatory standards. FortiCWP also supports Amazon AWS and Google Cloud Platform.

Learn more

Fortinet Security Fabric supports these use cases for Microsoft Azure security:

Hybrid Cloud

Hybrid Cloud

Businesses need seamless security orchestration that scales along with cloud workloads. The Fortinet Security Fabric includes next-generation firewalls (NGFWs) that compliment native Azure security functions while supporting secured and encrypted connectivity across every flavor of cloud infrastructure.  They can be managed from either a public cloud deployment or on-premises in a private data center.

Advanced application protection

Advanced Threat Protection

An increasingly essential percentage of modern business applications are deployed over public cloud infrastructures. At the same time, web and mail applications are responsible for the highest number of breaches per pattern. The Fortinet Security Fabric for Azure includes solutions designed to protect these kinds of business-critical applications from known and zero-day attacks by leveraging Security Fabric solutions such as FortiWeb, FortiMail and FortiSandbox

Secure Access VPN

Secure Access VPN

The Fortinet Security Fabric delivers best-in-class performance for securing VPN traffic for remote access VPN in Azure.  By leveraging Azure's multi-region global infrastructure, organizations can instantaneously scale their services globally and offer remote access VPN termination close to the end user.  Remote access VPN can be used to enable access to cloud-based applications as well as on premises applications that are connected to the cloud over other forms of private links or VPN. 

Cloud Services Hub

Cloud Services Hub (vNET)

Cloud-provider connectivity far outperforms that of the typical mid-sized enterprise. An Azure-based virtual network (vNET) allows organizations to share security services to multiple networks worldwide. By leveraging the extent of the Fortinet’s solutions—including network visibility, VPN connectivity, next generation firewall (NGFW), advanced web application firewall, sandboxing, and mail security—the Security Fabric provides far more services while leveraging cloud elasticity and on-demand scalability for optimized price/performance.

Securing Office 365

Securing Office 365

Due to the high attachment rate of Office 365 with Azure cloud deployments, alongside the fact that most threats find their way into organizations via email, the need to secure Office 365-based email and business applications is as high as ever. The combination of FortiMail, FortiSandbox, and FortiCASB provides critical capabilities when securing Office 365. In particular, the Security Fabric enables deep visibility into mail messages for protection from zero-day threats and monitoring of the Office 365 API layer. 

Featured Products on Microsoft Azure:

Fortinet offers its industry leading series of network security products over the Microsoft Azure Public Cloud enabling customers advanced security protection for their cloud based infrastructure and applications. Following is a list of products that can be purchased directly from the Azure Marketplace.

FortiGuard Security Services for Azure

FG Application Control

应用控制

通过实时、全面了解用户正在运行的应用,轻松实施可接受的使用策略,从而提高安全性,并满足合规要求。借助 FortiGuard 应用控制服务,您可以快速创建策略,以允许、拒绝或限制对应用或整个应用类别的访问。

FG Web Filtering

Web过滤

通过阻止访问恶意网站、受攻击网站或不良网站来保护组织。

icon sandbox cloud

FortiCloud 沙箱

FortiCloud 沙箱服务是一款高级威胁检测解决方案,可执行动态分析,以识别以前未知的恶意软件。FortiCloud 沙箱生成的可执行情报将应用到您网络内的预防控制系统中,从而消除威胁。

FG Antivirus

反病毒

FortiGuard 反病毒服务可抵御最新病毒、间谍软件及其他内容级威胁。它使用行业领先的高级检测引擎来防止不断演进的新威胁侵袭您的网络并访问重要内容。

FG Intrusion Prevention

入侵防御

FortiGuard入侵防御服务保护组织免遭最新的网络入侵威胁

Product Category Thumb SS virus outbreak

病毒爆发防护服务

FortiGuard 病毒爆发防护服务 (VOS) 通过 FortiCloud 沙箱分析填补了杀毒更新之间的空白,可检测并阻止在特征库更新期间发现的恶意软件威胁,以免波及整个组织。操作系统将启动对我们全球威胁情报数据库的实时查阅。

Product Category Thumb SS security audit

内容消除与重建

内容消除与重建 (CDR) 能够实时清除文件中的所有“活动”内容,并生成干净的文件。所有“活动”内容均被视为可疑内容,并予以删除。CDR 将处理所有传入文件,对其进行解构,并删除所有不符合防火墙策略的元素。

FG AntiBotnet

IP 信誉和反僵尸网络

FortiGuard IP 信誉服务能够从威胁传感器、CERT、MITRE、合作友商及其他全球来源组成的 Fortinet 分布式网络中聚合恶意源 IP 数据,这些信息来源将协同提供有关恶意数据源的最新威胁情报。从分布式网络网关获取的近乎实时的情报与 FortiGuard 实验室提供的一流研究成果相结合,可确保组织安全无虞,并助力主动拦截攻击。

FortiGate Enterprise Bundle

Our Enterprise (ENT) bundle now includes:

  • CASB - providing visibility, compliance, data security and threat protection for your cloud-based services.
  • Industrial Security Service protection – SCADA (supervisory control and data acquisition) and ICS (industrial control systems). These signatures address attacks against critical infrastructure and manufacturing industries, where we are seeing frequent and sophisticated cyberattacks.
  • Security Rating Service - this service performs checks against your fabric-enabled network and provides scoring and recommendations to your operation teams. The subsequent scorecard can be used to gauge adherence to various internal and external organizational polices, standards, and regulations requirements, including providing a ranking of your firm against industry peers. 

The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • CASB
  • Security Rating 
  • Industrial Security Service
  • FortiCare
FortiGate UTM Bundle

The FortiGuard Unified Protection Bundle (UTM) is our traditional Unified Threat Management security bundle. The Unified Protection Bundle extends threat protection across the entire digital attack surface, providing industry-leading defense against sophisticated attacks. The UTM bundle has you covered for web and email-based attacks. The UTM bundle delivers the best package available for a unified threat protection offering. The UTM Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare

The FortiGuard Advantage: 

  • FortiGuard processes over 69 million websites every hour, providing up-to-the-minute reputation and categorization. 
  • Prevent malicious downloads and browser hijacking attacks with top-rated web filtering (VBWeb Verified)
  • Improved email productivity through superior spam prevention validated with 3rd party independent testing (VBSpam + Verified)
FortiGate Advanced Threat Protection Bundle

The FortiGuard Advanced Threat Protection (ATP) bundle provides the foundational security needed to protect and defend against known and unknown cyber threats. The Advanced Threat Protection bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare 24*7
Services Table
Service Advanced Threat Protection
(ATP)
 
Unified Protection
(UTM)
 
Enterprise Protection
(ENT)
 
A La Carte Protection


Threat Intelligence Service
     
Industrial Security Service
   

Security Rating
   

CASB
   

Web Filtering
 

Antivirus + Sandboxing




IPS




Antispam
 

 
Internet DB



 
IP Reputation


 
Application Control