Next-Generation Security for Microsoft Azure
Consistent Multi-layered security from across clouds and datacenters to Microsoft Azure
Extending Advanced Security for Microsoft Azure
Fortinet Security Fabric for Microsoft Azure
More and more enterprises are turning to Microsoft Azure to extend internal data centers and take advantage of the elasticity of the public cloud. While Azure secures the infrastructure, you are responsible for protecting everything you put in it. Fortinet Security Fabric provides Azure and Office 365 users the broad protection, native integration and automated management enabling customers with consistent enforcement and visibility across their multi-cloud infrastructure. The Fortinet Security Fabric offers deep multi-layer-security protection and operational benefits for securing web applications, mail applications, preventing zero day threats and managing global security infrastructures from the cloud.
Features and Benefits:
Flexible Bring-Your-Own-License (BYOL) and Pay-As-You-Go (PAYG) licensing for scalable cloud workload deployments
Centralized management with actionable insights to understand targeted attacks and meet compliance regulations
Cloud-ready and multilayered for granular security function segmentation
APIs for automation and orchestration with cloud and SDN extensions
Fortinet Security Fabric supports these use cases for Microsoft Azure security:
Hybrid Cloud
Businesses need seamless security orchestration that scales along with cloud workloads. The Fortinet Security Fabric includes next-generation firewalls (NGFWs) that compliment native Azure security functions while supporting secured and encrypted connectivity across every flavor of cloud infrastructure. They can be managed from either a public cloud deployment or on-premises in a private data center.
Advanced Threat Protection
An increasingly essential percentage of modern business applications are deployed over public cloud infrastructures. At the same time, web and mail applications are responsible for the highest number of breaches per pattern. The Fortinet Security Fabric for Azure includes solutions designed to protect these kinds of business-critical applications from known and zero-day attacks by leveraging Security Fabric solutions such as FortiWeb, FortiMail and FortiSandbox
Secure Access VPN
The Fortinet Security Fabric delivers best-in-class performance for securing VPN traffic for remote access VPN in Azure. By leveraging Azure's multi-region global infrastructure, organizations can instantaneously scale their services globally and offer remote access VPN termination close to the end user. Remote access VPN can be used to enable access to cloud-based applications as well as on premises applications that are connected to the cloud over other forms of private links or VPN.
Cloud Services Hub (vNET)
Cloud-provider connectivity far outperforms that of the typical mid-sized enterprise. An Azure-based virtual network (vNET) allows organizations to share security services to multiple networks worldwide. By leveraging the extent of the Fortinet’s solutions—including network visibility, VPN connectivity, next generation firewall (NGFW), advanced web application firewall, sandboxing, and mail security—the Security Fabric provides far more services while leveraging cloud elasticity and on-demand scalability for optimized price/performance.
Securing Office 365
Due to the high attachment rate of Office 365 with Azure cloud deployments, alongside the fact that most threats find their way into organizations via email, the need to secure Office 365-based email and business applications is as high as ever. The combination of FortiMail, FortiSandbox, and FortiCASB provides critical capabilities when securing Office 365. In particular, the Security Fabric enables deep visibility into mail messages for protection from zero-day threats and monitoring of the Office 365 API layer.
Featured Products on Microsoft Azure:
FortiGuard Security Services for Azure
应用控制
通过实时、全面了解用户正在运行的应用,轻松实施可接受的使用策略,从而提高安全性,并满足合规要求。借助 FortiGuard 应用控制服务,您可以快速创建策略,以允许、拒绝或限制对应用或整个应用类别的访问。
FortiCloud 沙箱
FortiCloud 沙箱服务是一款高级威胁检测解决方案,可执行动态分析,以识别以前未知的恶意软件。FortiCloud 沙箱生成的可执行情报将应用到您网络内的预防控制系统中,从而消除威胁。
病毒爆发防护服务
FortiGuard 病毒爆发防护服务 (VOS) 通过 FortiCloud 沙箱分析填补了杀毒更新之间的空白,可检测并阻止在特征库更新期间发现的恶意软件威胁,以免波及整个组织。操作系统将启动对我们全球威胁情报数据库的实时查阅。
内容消除与重建
内容消除与重建 (CDR) 能够实时清除文件中的所有“活动”内容,并生成干净的文件。所有“活动”内容均被视为可疑内容,并予以删除。CDR 将处理所有传入文件,对其进行解构,并删除所有不符合防火墙策略的元素。
IP 信誉和反僵尸网络
FortiGuard IP 信誉服务能够从威胁传感器、CERT、MITRE、合作友商及其他全球来源组成的 Fortinet 分布式网络中聚合恶意源 IP 数据,这些信息来源将协同提供有关恶意数据源的最新威胁情报。从分布式网络网关获取的近乎实时的情报与 FortiGuard 实验室提供的一流研究成果相结合,可确保组织安全无虞,并助力主动拦截攻击。
Our Enterprise (ENT) bundle now includes:
- CASB - providing visibility, compliance, data security and threat protection for your cloud-based services.
- Industrial Security Service protection – SCADA (supervisory control and data acquisition) and ICS (industrial control systems). These signatures address attacks against critical infrastructure and manufacturing industries, where we are seeing frequent and sophisticated cyberattacks.
- Security Rating Service - this service performs checks against your fabric-enabled network and provides scoring and recommendations to your operation teams. The subsequent scorecard can be used to gauge adherence to various internal and external organizational polices, standards, and regulations requirements, including providing a ranking of your firm against industry peers.
The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- Web Filtering
- Antispam
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- CASB
- Security Rating
- Industrial Security Service
- FortiCare
The FortiGuard Unified Protection Bundle (UTM) is our traditional Unified Threat Management security bundle. The Unified Protection Bundle extends threat protection across the entire digital attack surface, providing industry-leading defense against sophisticated attacks. The UTM bundle has you covered for web and email-based attacks. The UTM bundle delivers the best package available for a unified threat protection offering. The UTM Bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- Web Filtering
- Antispam
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- FortiCare
The FortiGuard Advantage:
- FortiGuard processes over 69 million websites every hour, providing up-to-the-minute reputation and categorization.
- Prevent malicious downloads and browser hijacking attacks with top-rated web filtering (VBWeb Verified)
- Improved email productivity through superior spam prevention validated with 3rd party independent testing (VBSpam + Verified)
The FortiGuard Advanced Threat Protection (ATP) bundle provides the foundational security needed to protect and defend against known and unknown cyber threats. The Advanced Threat Protection bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- FortiCare 24*7
| Service | Advanced Threat Protection (ATP) |
Unified Protection (UTM) |
Enterprise Protection (ENT) |
A La Carte Protection |
| Threat Intelligence Service |
✔ |
|||
| Industrial Security Service |
✔ |
✔ |
||
| Security Rating |
✔ |
✔ |
||
| CASB |
✔ |
✔ |
||
| Web Filtering |
✔ | ✔ |
✔ |
|
| Antivirus + Sandboxing |
✔ |
✔ |
✔ |
✔ |
| IPS |
✔ |
✔ |
✔ |
✔ |
| Antispam |
✔ |
✔ |
||
| Internet DB |
✔ |
✔ |
✔ |
|
| IP Reputation |
✔ |
✔ |
✔ | |
| Application Control |
✔ |
✔ |
✔ |