Securing Google Cloud Platform with Fortinet Security Fabric

Consistent Multi-layered security from across clouds and datacenters to GCP

Extending Advanced Security for GCP
web product icon google cloud

Fortinet Dynamic Cloud Security for GCP

Organizations are modernizing their IT operations to develop applications faster and accelerate time to innovate to maintain their competitive position in the digital innovation era. Google Cloud provides customers with modern approaches to enable business innovation. Cloud computing expands digital services across hybrid and multi-cloud infrastructures.

The Fortinet dynamic cloud security for Google Cloud provides consistent, best-in-class enterprise security to Google Cloud-based environments. The Security Fabric protects business workloads across on-premises, data centers and cloud environments — providing multi-layered security for cloud-based applications. The solution offers Network, Application, and Cloud platform security capabilities provided in a variety of form factors including VM-, container-, and SaaS delivered protection that natively integrates Fortinet security functionality into Google Cloud.

 

diagram-product-gcp-1.jpg

 

Fortinet breaks down the barriers that inhibit security visibility and management across private, public, and hybrid cloud platforms. The Fortinet Dynamic Cloud Security solution for GCP helps organizations maintain operationally viable consistent security protection in a shared responsibility model, from on-premises to the cloud.

 

Features and Benefits:

 

simple icon

Simplify security management with single-pane control across GCP and on-premises data centers

visibility icon

Gain cloud-native visibility and control into your GCP workloads and applications

cloud ready icon

Leverage Fortinet Cloud Security Services Hub for scalable and multi-layer secure connectivity

platform support icon

Security offerings in VM, and SaaS form factors with flexible BYOL and PAYG billing options

FortiGate Next-Generation Firewall on GCP

The FortiGate Next Firewall on GCP delivers next generation firewall and SD-WAN capabilities for organizations of all sizes, with the flexibility to be deployed as next generation firewall and/or VPN gateway. It enables broad protection and automated management for consistent enforcement and visibility across your hybrid cloud infrastructure. FortiGate scales from the

More Information

 

FortiWeb Cloud WAF-as-a-Service

FortiWeb Cloud WAF-as-a-Service is a Security-as-a-Service SaaS cloud-based web application firewall (WAF) that protects public cloud-hosted web applications from the OWASP Top 10, zero-day threats, and other application layer attacks.

Requiring no hardware or software, the FortiWeb colony of WAF gateways can run in several GCP regions. This allows organizations to scrub application traffic within the same region their applications reside, addressing performance and regulation concerns, as well as keeping traffic cost to a minimum.

More Information

 

Cloud Workload Protection with FortiCWP

FortiCWP is Fortinet’s Cloud Workload Protection (CWP) solution. FortiCWP uses API level integration into GCP management and security services to monitor and track cloud resources including their configurations, activity, traffic flows. FortiCWP will also scan cloud data stores for sensitive or malicious content and produce reports on an organization’s compliance with common regulatory standards. FortiCWP also supports Microsoft Azure and AWS.

Learn more

 

Fortinet Use Cases for GCP

Fortinet Dynamic Cloud Security enables the broadest set of use cases for GCP.

Cloud Platform Visibility and Control

  • Cloud infrastructure visibility and control
    Monitor activity and configuration of multiple cloud resources while simplifying regulatory compliance reporting.

  • Compliance in the cloud
    Automate compliance auditing and reporting for on-premises and cloud environments.

  • Cloud-based security management and analytics
    Leverage the global presence of GCP to deploy centralized and global security management and analytics systems in the cloud.

Application Security

  • Web Application Security
    Secure web applications from known and unknown attacks using Fortinet's unique Web Application Security solutions

  • Container Security
    Enable security for all stages of container deployment and rollout.

Network Security.

  • Secure Hybrid Cloud
    Deploy secure connectivity, network segmentation, and application security for hybrid-cloud-based deployments.

  • Cloud Security Services Hub
    Unify disparate environments through a central security services hub, or transit network.

  • Logical (intent-based) Segmentation
    Deploy intent-based segmentation, which builds access rules and segments based on user identity or business logic, and adjusts rules dynamically in response to a continuous trust assessment.

Click here to learn more about these use cases. 

Featured Products on Google Cloud Platform:

Fortinet offers its industry leading series of network security products over the Google Cloud Platform enabling customers advanced security protection for their cloud based infrastructure and applications. Following is a list of products that can be purchased directly from the Google Cloud Platform Marketplace.

FortiGuard Security Services for Google Cloud Platform

FG Application Control

应用控制

通过实时、全面了解用户正在运行的应用,轻松实施可接受的使用策略,从而提高安全性,并满足合规要求。借助 FortiGuard 应用控制服务,您可以快速创建策略,以允许、拒绝或限制对应用或整个应用类别的访问。

FG Web Filtering

Web过滤

通过阻止访问恶意网站、受攻击网站或不良网站来保护组织。

icon sandbox cloud

FortiCloud 沙箱

FortiCloud 沙箱服务是一款高级威胁检测解决方案,可执行动态分析,以识别以前未知的恶意软件。FortiCloud 沙箱生成的可执行情报将应用到您网络内的预防控制系统中,从而消除威胁。

FG Antivirus

反病毒

FortiGuard 反病毒服务可抵御最新病毒、间谍软件及其他内容级威胁。它使用行业领先的高级检测引擎来防止不断演进的新威胁侵袭您的网络并访问重要内容。

FG Intrusion Prevention

入侵防御

FortiGuard入侵防御服务保护组织免遭最新的网络入侵威胁

Product Category Thumb SS virus outbreak

病毒爆发防护服务

FortiGuard 病毒爆发防护服务 (VOS) 通过 FortiCloud 沙箱分析填补了杀毒更新之间的空白,可检测并阻止在特征库更新期间发现的恶意软件威胁,以免波及整个组织。操作系统将启动对我们全球威胁情报数据库的实时查阅。

Product Category Thumb SS security audit

内容消除与重建

内容消除与重建 (CDR) 能够实时清除文件中的所有“活动”内容,并生成干净的文件。所有“活动”内容均被视为可疑内容,并予以删除。CDR 将处理所有传入文件,对其进行解构,并删除所有不符合防火墙策略的元素。

FG AntiBotnet

IP 信誉和反僵尸网络

FortiGuard IP 信誉服务能够从威胁传感器、CERT、MITRE、合作友商及其他全球来源组成的 Fortinet 分布式网络中聚合恶意源 IP 数据,这些信息来源将协同提供有关恶意数据源的最新威胁情报。从分布式网络网关获取的近乎实时的情报与 FortiGuard 实验室提供的一流研究成果相结合,可确保组织安全无虞,并助力主动拦截攻击。

FortiGate Enterprise Bundle

Our Enterprise (ENT) bundle now includes:

  • CASB - providing visibility, compliance, data security and threat protection for your cloud-based services.
  • Industrial Security Service protection – SCADA (supervisory control and data acquisition) and ICS (industrial control systems). These signatures address attacks against critical infrastructure and manufacturing industries, where we are seeing frequent and sophisticated cyberattacks.
  • Security Rating Service - this service performs checks against your fabric-enabled network and provides scoring and recommendations to your operation teams. The subsequent scorecard can be used to gauge adherence to various internal and external organizational polices, standards, and regulations requirements, including providing a ranking of your firm against industry peers. 

The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • CASB
  • Security Rating 
  • Industrial Security Service
  • FortiCare
FortiGate UTM Bundle

The FortiGuard Unified Protection Bundle (UTM) is our traditional Unified Threat Management security bundle. The Unified Protection Bundle extends threat protection across the entire digital attack surface, providing industry-leading defense against sophisticated attacks. The UTM bundle has you covered for web and email-based attacks. The UTM bundle delivers the best package available for a unified threat protection offering. The UTM Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare

The FortiGuard Advantage: 

  • FortiGuard processes over 69 million websites every hour, providing up-to-the-minute reputation and categorization. 
  • Prevent malicious downloads and browser hijacking attacks with top-rated web filtering (VBWeb Verified)
  • Improved email productivity through superior spam prevention validated with 3rd party independent testing (VBSpam + Verified)
FortiGate Advanced Threat Protection Bundle

The FortiGuard Advanced Threat Protection (ATP) bundle provides the foundational security needed to protect and defend against known and unknown cyber threats. The Advanced Threat Protection bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare 24*7
Services Table
Service Advanced Threat Protection
(ATP)
 
Unified Protection
(UTM)
 
Enterprise Protection
(ENT)
 
A La Carte Protection


Threat Intelligence Service
     
Industrial Security Service
   

Security Rating
   

CASB
   

Web Filtering
 

Antivirus + Sandboxing




IPS




Antispam
 

 
Internet DB



 
IP Reputation


 
Application Control