Securing Google Cloud Platform with Fortinet Security Fabric
Consistent Multi-layered security from across clouds and datacenters to GCP
Extending Advanced Security for GCP
Fortinet Dynamic Cloud Security for GCP
Organizations are modernizing their IT operations to develop applications faster and accelerate time to innovate to maintain their competitive position in the digital innovation era. Google Cloud provides customers with modern approaches to enable business innovation. Cloud computing expands digital services across hybrid and multi-cloud infrastructures.
The Fortinet dynamic cloud security for Google Cloud provides consistent, best-in-class enterprise security to Google Cloud-based environments. The Security Fabric protects business workloads across on-premises, data centers and cloud environments — providing multi-layered security for cloud-based applications. The solution offers Network, Application, and Cloud platform security capabilities provided in a variety of form factors including VM-, container-, and SaaS delivered protection that natively integrates Fortinet security functionality into Google Cloud.
Fortinet breaks down the barriers that inhibit security visibility and management across private, public, and hybrid cloud platforms. The Fortinet Dynamic Cloud Security solution for GCP helps organizations maintain operationally viable consistent security protection in a shared responsibility model, from on-premises to the cloud.
Features and Benefits:
Simplify security management with single-pane control across GCP and on-premises data centers
Gain cloud-native visibility and control into your GCP workloads and applications
Leverage Fortinet Cloud Security Services Hub for scalable and multi-layer secure connectivity
Security offerings in VM, and SaaS form factors with flexible BYOL and PAYG billing options
FortiGate Next-Generation Firewall on GCP
The FortiGate Next Firewall on GCP delivers next generation firewall and SD-WAN capabilities for organizations of all sizes, with the flexibility to be deployed as next generation firewall and/or VPN gateway. It enables broad protection and automated management for consistent enforcement and visibility across your hybrid cloud infrastructure. FortiGate scales from the
FortiWeb Cloud WAF-as-a-Service
FortiWeb Cloud WAF-as-a-Service is a Security-as-a-Service SaaS cloud-based web application firewall (WAF) that protects public cloud-hosted web applications from the OWASP Top 10, zero-day threats, and other application layer attacks.
Requiring no hardware or software, the FortiWeb colony of WAF gateways can run in several GCP regions. This allows organizations to scrub application traffic within the same region their applications reside, addressing performance and regulation concerns, as well as keeping traffic cost to a minimum.
Cloud Workload Protection with FortiCWP
FortiCWP is Fortinet’s Cloud Workload Protection (CWP) solution. FortiCWP uses API level integration into GCP management and security services to monitor and track cloud resources including their configurations, activity, traffic flows. FortiCWP will also scan cloud data stores for sensitive or malicious content and produce reports on an organization’s compliance with common regulatory standards. FortiCWP also supports Microsoft Azure and AWS.
Fortinet Use Cases for GCP
Fortinet Dynamic Cloud Security enables the broadest set of use cases for GCP.
Cloud Platform Visibility and Control
- Cloud infrastructure visibility and control
Monitor activity and configuration of multiple cloud resources while simplifying regulatory compliance reporting. - Compliance in the cloud
Automate compliance auditing and reporting for on-premises and cloud environments. - Cloud-based security management and analytics
Leverage the global presence of GCP to deploy centralized and global security management and analytics systems in the cloud.
Application Security
- Web Application Security
Secure web applications from known and unknown attacks using Fortinet's unique Web Application Security solutions - Container Security
Enable security for all stages of container deployment and rollout.
Network Security.
- Secure Hybrid Cloud
Deploy secure connectivity, network segmentation, and application security for hybrid-cloud-based deployments. - Cloud Security Services Hub
Unify disparate environments through a central security services hub, or transit network. - Logical (intent-based) Segmentation
Deploy intent-based segmentation, which builds access rules and segments based on user identity or business logic, and adjusts rules dynamically in response to a continuous trust assessment.
Click here to learn more about these use cases.
Featured Products on Google Cloud Platform:
FortiGuard Security Services for Google Cloud Platform
应用控制
通过实时、全面了解用户正在运行的应用,轻松实施可接受的使用策略,从而提高安全性,并满足合规要求。借助 FortiGuard 应用控制服务,您可以快速创建策略,以允许、拒绝或限制对应用或整个应用类别的访问。
FortiCloud 沙箱
FortiCloud 沙箱服务是一款高级威胁检测解决方案,可执行动态分析,以识别以前未知的恶意软件。FortiCloud 沙箱生成的可执行情报将应用到您网络内的预防控制系统中,从而消除威胁。
病毒爆发防护服务
FortiGuard 病毒爆发防护服务 (VOS) 通过 FortiCloud 沙箱分析填补了杀毒更新之间的空白,可检测并阻止在特征库更新期间发现的恶意软件威胁,以免波及整个组织。操作系统将启动对我们全球威胁情报数据库的实时查阅。
内容消除与重建
内容消除与重建 (CDR) 能够实时清除文件中的所有“活动”内容,并生成干净的文件。所有“活动”内容均被视为可疑内容,并予以删除。CDR 将处理所有传入文件,对其进行解构,并删除所有不符合防火墙策略的元素。
IP 信誉和反僵尸网络
FortiGuard IP 信誉服务能够从威胁传感器、CERT、MITRE、合作友商及其他全球来源组成的 Fortinet 分布式网络中聚合恶意源 IP 数据,这些信息来源将协同提供有关恶意数据源的最新威胁情报。从分布式网络网关获取的近乎实时的情报与 FortiGuard 实验室提供的一流研究成果相结合,可确保组织安全无虞,并助力主动拦截攻击。
Our Enterprise (ENT) bundle now includes:
- CASB - providing visibility, compliance, data security and threat protection for your cloud-based services.
- Industrial Security Service protection – SCADA (supervisory control and data acquisition) and ICS (industrial control systems). These signatures address attacks against critical infrastructure and manufacturing industries, where we are seeing frequent and sophisticated cyberattacks.
- Security Rating Service - this service performs checks against your fabric-enabled network and provides scoring and recommendations to your operation teams. The subsequent scorecard can be used to gauge adherence to various internal and external organizational polices, standards, and regulations requirements, including providing a ranking of your firm against industry peers.
The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- Web Filtering
- Antispam
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- CASB
- Security Rating
- Industrial Security Service
- FortiCare
The FortiGuard Unified Protection Bundle (UTM) is our traditional Unified Threat Management security bundle. The Unified Protection Bundle extends threat protection across the entire digital attack surface, providing industry-leading defense against sophisticated attacks. The UTM bundle has you covered for web and email-based attacks. The UTM bundle delivers the best package available for a unified threat protection offering. The UTM Bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- Web Filtering
- Antispam
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- FortiCare
The FortiGuard Advantage:
- FortiGuard processes over 69 million websites every hour, providing up-to-the-minute reputation and categorization.
- Prevent malicious downloads and browser hijacking attacks with top-rated web filtering (VBWeb Verified)
- Improved email productivity through superior spam prevention validated with 3rd party independent testing (VBSpam + Verified)
The FortiGuard Advanced Threat Protection (ATP) bundle provides the foundational security needed to protect and defend against known and unknown cyber threats. The Advanced Threat Protection bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- FortiCare 24*7
| Service | Advanced Threat Protection (ATP) |
Unified Protection (UTM) |
Enterprise Protection (ENT) |
A La Carte Protection |
| Threat Intelligence Service |
✔ |
|||
| Industrial Security Service |
✔ |
✔ |
||
| Security Rating |
✔ |
✔ |
||
| CASB |
✔ |
✔ |
||
| Web Filtering |
✔ | ✔ |
✔ |
|
| Antivirus + Sandboxing |
✔ |
✔ |
✔ |
✔ |
| IPS |
✔ |
✔ |
✔ |
✔ |
| Antispam |
✔ |
✔ |
||
| Internet DB |
✔ |
✔ |
✔ |
|
| IP Reputation |
✔ |
✔ |
✔ | |
| Application Control |
✔ |
✔ |
✔ |