Public Cloud Security

Protect Your Workloads in the Cloud

Read the white paper: Securing Your Public and Hybrid Cloud
Disponibile in:
  • Cloud

Public clouds have become very popular due to their ability to provide elastic and scalable infrastructure for applications, storage, and data. These capabilities change the way the world does business. When organizations choose to consume infrastructure as a service (IaaS) by leading cloud providers, network security needs to be thought of differently than when security was solely on premises. 

Even though the cloud provider’s infrastructure is secured by the cloud provider, organizations are required to implement security controls protecting the applications and data they put into that cloud infrastructure. This must meet or exceed their on-premises security postures.

Every new cloud deployment potentially increases risk for an organization, and the typical organization now has business-critical data and services residing on multiple clouds.  The best network security solution for such an infrastructure is one that uses native integration with each of the major cloud providers, provides a broad set of security tools that covers the entire attack surface, and enables automated centralized management of the entire security infrastructure. 

Cloud Security Solution Functions and Products

 

By leveraging Fortinet Security Fabric Enabled Solutions, organizations can implement optimal cloud application workload security throughout their public cloud and hybrid cloud application deployment. Fortinet secures workloads in public clouds to ensure privacy and confidentiality while leveraging the cloud benefits of scalability, metering, and time-to-market.

 

Fortinet Cloud Security News

11/28/2018: Fortinet Introduces New Security Automation Capabilities on AWS.  Expands Security Fabric offerings and new automation capabilities for AWS to provide streamlined and consistent security management for hybrid infrastructures. 

___________________________________________________________________________________________________

9/28/2018: Securing the Multi-Cloud: 3 Steps for Maintaining Control and Visibility.  Cloud security solutions today must address the unique requirements of each cloud computing infrastructure, whether public, private, or hybrid—including new and increasingly complex multi-cloud environments—as well as weave them together into a single, integrated security framework. 

___________________________________________________________________________________________________

9/26/2018: Cloud-Native and Hybrid Cloud Organizations Need Security Best Practices. Organizations can benefit from implementing best practices for securing multi-cloud environments.

Features and Benefits

Icon automation

Streamlined and automated management

Compliance icon

Consistent security across public and private cloud applications

icon benefits application control

Multi-layer advanced application protection

analytics icon

Flexible pay as you go billing and licensing

icon benefits scalable

Scalable and resilient protection for elastic workloads

cloud ready icon

Support leading IaaS Provders

   

Cloud Security Solution Functions and Products

The Fortinet network security product line is available on all of the leading cloud providers by using a BYOL procurement model as well as on-demand per-usage (PAYG) models billed directly by the cloud provider. Fortinet enables customers to protect their cloud based infrastructures and applications using the most flexible deployment modes across a variety of use cases and cloud infrastructure providers. 

 

Fortinet Security Fabric for the Cloud

Fortinet Security Fabric is an architectural approach that unifies the security technologies deployed across the digital network, including multi-cloud, endpoints, email and web applications, and network access points, into a single security system integrated through a combination of open standards and a common operating system. 

 

Three Pillars

 

  • FortiManager. Cloud-based management for Fortinet products
  • FortiAnalyzer. Cloud-based reporting to streamline SOC operations. 
  • FortiSIEM. Fortinet's multi-vendor Security Information and Event Management solution. 
  • FortiCASB. A security broker controls and monitors the organization's access to SaaS applications. 

 

  • FortiGate: Industry leading next-generation firewall runs in the cloud or on-premise
  • FortiWeb: Fortinet's web-application firewall protects web applications and helps with patching and regulatory compliance. 
  • FortiMail: Secure email gateway protects against email-bourne threats and data loss via email. 
  • FortiSandbox: Offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. 

 

 

  • Fortinet Cloud Connectors: Provide an abstraction layer for Fortinet products to treat cloud infrastructures in a seamless manner by translating. Network addresses into security objects and providing various other security integrations with cloud provider API’s.
  • Fortinet Fabric APIs: The APIs enable automated operations through dynamic sharing of local and global threat intelligence across security components.
  • Fortinet DevOps stiches: Automation recipes making security or infrastructure events automatically trigger actions.

Fortinet offers its industry leading series of network security products over the AWS Public Cloud enabling customers advanced security protection for their cloud based infrastructure and applications. Following is a list of products that can be purchased directly from the AWS Marketplace on a PAYG basis. 

Fortinet offers additional products running over the AWS Public cloud - the following list can be viewed using this link.

Fortinet offers its industry leading series of network security products over the Microsoft Azure Public Cloud enabling customers advanced security protection for their cloud based infrastructure and applications. Following is a list of products that can be purchased directly from the Azure Marketplace on a PAYG basis. 

Fortinet offers additional products running over the Azure Public cloud - the following list can be viewed using this link.

Fortinet offers its industry leading series of network security products over the Google Cloud Platform Public Cloud (GCP) enabling customers advanced security protection for their cloud based infrastructure and applications. Following is a list of products that are available on GCP.

Fortinet offers its industry leading series of network security products over the Oracle Cloud Public Cloud enabling customers advanced security protection for their cloud based infrastructure and applications. Following is a list of products that are available on Oracle Cloud.

FortiGuard Security Services for Public Cloud Security

FG Application Control

Application Control

Improve security and meet compliance with easy enforcement of your acceptable use policy through unmatched, real-time visibility into the applications your users are running. With FortiGuard Application Control, you can quickly create policies to allow, deny, or restrict access to applications or entire categories of applications.

FG Web Filtering

Web Filtering

Protects your organization by blocking access to malicious, hacked, or inappropriate websites.

Icon cloudsandbox

FortiSandbox Cloud

FortiSandbox Cloud Service is an advanced threat detection solution that performs dynamic analysis to identify previously unknown malware. Actionable intelligence generated by FortiCloud Sandbox is fed back into preventive controls within your network—disarming the threat.

FG Antivirus

Antivirus

FortiGuard Antivirus protects against the latest viruses, spyware, and other content-level threats. It uses industry-leading advanced detection engines to prevent both new and evolving threats from gaining a foothold inside your network and accessing its invaluable content.

FG Intrusion Prevention

Intrusion Prevention

FortiGuard IPS protects against the latest network intrusions by detecting and blocking threats before they reach network devices.

Product Category Thumb SS virus outbreak

Virus Outbreak Protection Service

FortiGuard Virus Outbreak Protection Service (VOS) closes the gap between antivirus updates with FortiCloud Sandbox analysis to detect and stop malware threats discovered between signature updates before they can spread throughout an organization. OS initiates a real-time look-up to our Global Threat Intelligence database.

Product Category Thumb SS security audit

Content Disarm & Reconstruction

Content Disarm & Reconstruction (CDR) strips all active content from files in real-time, creating a flat sanitized file. All active content is treated as suspect and removed. CDR processes all incoming files, deconstructs them, and removes all elements that do not match firewall policies.

FG AntiBotnet

IP Reputation & Anti-botnet Security

The FortiGuard IP Reputation Service aggregates malicious source IP data from the Fortinet distributed network of threat sensors, CERTs, MITRE, cooperative competitors, and other global sources that collaborate to provide up-to-date threat intelligence about hostile sources. Near real-time intelligence from distributed network gateways combined with world-class research from FortiGuard Labs helps organizations stay safer and proactively block attacks.

FortiGate Enterprise Bundle

Our Enterprise (ENT) bundle now includes:

  • CASB - providing visibility, compliance, data security and threat protection for your cloud-based services.
  • Industrial Security Service protection – SCADA (supervisory control and data acquisition) and ICS (industrial control systems). These signatures address attacks against critical infrastructure and manufacturing industries, where we are seeing frequent and sophisticated cyberattacks.
  • Security Rating Service - this service performs checks against your fabric-enabled network and provides scoring and recommendations to your operation teams. The subsequent scorecard can be used to gauge adherence to various internal and external organizational polices, standards, and regulations requirements, including providing a ranking of your firm against industry peers. 

The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • CASB
  • Security Rating 
  • Industrial Security Service
  • FortiCare
FortiGate UTM Bundle

The FortiGuard Unified Protection Bundle (UTM) is our traditional Unified Threat Management security bundle. The Unified Protection Bundle extends threat protection across the entire digital attack surface, providing industry-leading defense against sophisticated attacks. The UTM bundle has you covered for web and email-based attacks. The UTM bundle delivers the best package available for a unified threat protection offering. The UTM Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare

The FortiGuard Advantage: 

  • FortiGuard processes over 69 million websites every hour, providing up-to-the-minute reputation and categorization. 
  • Prevent malicious downloads and browser hijacking attacks with top-rated web filtering (VBWeb Verified)
  • Improved email productivity through superior spam prevention validated with 3rd party independent testing (VBSpam + Verified)
FortiGate Advanced Threat Protection Bundle

The FortiGuard Advanced Threat Protection (ATP) bundle provides the foundational security needed to protect and defend against known and unknown cyber threats. The Advanced Threat Protection bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare 24*7
Services Table
Service Advanced Threat Protection
(ATP)
 
Unified Protection
(UTM)
 
Enterprise Protection
(ENT)
 
A La Carte Protection


Threat Intelligence Service
     
Industrial Security Service
   

Security Rating
   

CASB
   

Web Filtering
 

Antivirus + Sandboxing




IPS




Antispam
 

 
Internet DB



 
IP Reputation


 
Application Control



 

Product Demo

The FortiGate cloud firewall can be demonstrated as a free trial directly from leading public cloud marketplaces, with cloud-native scripts available to automatically deploy FortiGate in common cloud usage scenarios.  Trial instances are fully functional and can be converted into paid instances – see each cloud marketplace for more details. 

Public Cloud Security

FortiGate Cloud Firewall Ecosystem

Amazon Web Services
Amazon Web Services

AWS services are trusted by more than a million active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructures, make them more agile, and lower costs.

Solution brief

Learn more on the Fortinet-AWS alliance

Google Cloud Platform
Google Cloud Platform

Google Cloud Platform is a secure, dedicated public cloud computing service operated by Google which provides a range of infrastructure and application services that enable deployments in the cloud. Fortinet provides critical firewalling, advanced security and scalable BYOL protection for elastic compute, container, and machine-learning workloads in Google’s innovative public cloud.

Solution brief

IBM
IBM

IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio enables organizations to effectively manage risk and defend against emerging threats.

Microsoft Azure
Microsoft Azure

Microsoft is the leading platform and productivity company for the mobile-first, cloud-first world, and its mission is to empower every person and every organization on the planet to achieve more.

Oracle
Oracle

Oracle offers a comprehensive and fully integrated stack of cloud applications and platform services.

Solution brief