Organizations are increasingly deploying a variety of workloads across multiple clouds. In turn, business-critical data and services are increasingly scattered across this distributed infrastructure. Using the shared responsibility model as a guiding principle, enterprises rely on cloud providers to protect the network, storage, and computing layers, while enterprises own the security for everything that is built, deployed, or stored in the public cloud. Due to multi-cloud adoption, most enterprises maintain heterogeneous environments, with tools from each cloud platform differing significantly.
Cloud Security Analytics and Posture ManagementGet control of your public cloud infrastructure here is why
Organizations are embracing multiple public cloud platforms, resulting in increased complexity of management which impacts security and risk. Additionally, the built-in security tools that come with various cloud platforms are unique to each, compounding the challenge of consistently managing risk across all clouds in a multi-cloud world. This challenge renders security operations time consuming and ineffective. As the attack surface expands, organizations need to protect from not only from risks of configuration and management of the application elements themselves, but also from risks originating via cloud application programming interfaces (APIs) and UIs.
FortiCWP offers security administrators and DevOps teams the ability to evaluate their cloud configuration security posture, detect potential threats originating from misconfiguration of cloud resources, analyze traffic across cloud resources (in and out of the cloud), and evaluate cloud configuration against best practices. It enables the ability to manage risk throughout multi-cloud infrastructures, provides regulatory compliance reporting, and integrates remediation into the cloud infrastructure lifecycle automation framework.
2019년 9월 25일Introducing FortiCWP for Comprehensive Cloud Workload ProtectionTo help organizations address the security challenges presented by the cloud, Fortinet has introduced FortiCWP – a cloud workload protection solution. Learn more.
2019년 9월 19일Fortinet Recognized as a Leader in the Gartner Magic Quadrant for Network FirewallsMarks 10th time in a row that Fortinet is in the Magic Quadrant for Network Firewalls
2019년 4월 9일Fortinet Raises the Bar for Cloud Security. Again.Fortinet continues to be committed to solving the wide range of cloud adoption initiatives organizations are considering or implementing, whether migrating applications and infrastructure to the cloud, building cloud native applications, or consuming SaaS applications
FortiCWP Product Details
- Risk management enables security teams to focus on high priority issues and take quick remediation actions
- Data security provides configuration assessments and analyzes documents inside cloud storage repositories
- Traffic analysis and investigation ensures visibility into all cloud resources to identify and monitor application traffic
- Threat detection and response delivers continuous threat monitoring across the entire security infrastructure
- Gain compliance reports for standards such as PCI, HIPPA, SOX, GDPR, ISO 27001, and NIST
Features and Benefits
Leverages the latest and most advanced API’s from leading cloud providers
Offers remediation integration and insights that easily integrate with the DevOps process
Customizable Threat Discovery
Fully customizable to identify new risks as per customer needs
Comprehensive and easy-to-use visual tools quickly identify risks and policy violations
Compliance Reporting and Policies
Predefined regulatory compliance reporting options
Cloud Blind Spot Elimination
Eliminates cloud traffic blind spots by leveraging threat, resource, and flow information from the cloud platform
FortiCWP Models and Specifications
FortiCWP centrally manages data stored in SaaS and public cloud applications through a hosted service offering that spans both on-network and remote user access.
If you are an existing customer, you can directly access the FortiCWP.com service.
FortiCWP Free Trial
Experience how FortiCWP can protect your cloud infrastructure with a free 30-day trial single cloud account license. Please contact us for more information.
Fortinet Use Cases for FortiCWP:
Continuous configuration assessments and risk analysis presents actionable information enabling security teams to focus on the highest priority issues, take quick remediation actions, and automatically fix known configuration errors to manage and mitigate risk. Protect public clouds including: Amazon S3, Amazon Elastic Compute Cloud, Amazon EKS, IBM Identity and Access Manager roles, and more.
- Reduce risk with central visibility and control in distributed/multi-cloud environments.
- Prioritize vulnerabilities based on individual risk score.
FortiCWP analyzes configurations, files, and documents in cloud storage services to identify and monitor insecure configurations, sensitive data, and malware. By drilling down to document profiles from generated alerts, customers can monitor and analyze sensitive data activity to investigate data leakage in their environment.
- Identify sensitive data, assess data leakage, and discover misconfigurations across the cloud environment.
- Assess risk by drilling down to document profiles from alerts to investigate data leakage and misconfigurations.
Traffic Analysis and Investigation
Obtain comprehensive visibility into all network resource topologies. FortiCWP also identifies and monitors network traffic for attacks, with drill-down capabilities on resource profiles. It provides contextual understanding of the cloud environment, helping eliminate blind spots, reduce incident response time, and analyze incident impact to improve security posture.
Gain complete visibility and visualize Infrastructure-as-a-Service (IaaS) environments to:
- Quickly implement effective control and security policies.
- Protect resources against inside or outside threats in major public cloud infrastructures.
Threat Detection and Response
Continuously monitor/track all security activity, including configurations, user activity, traffic flow logs, and data storage in public cloud environments. Predefined policies detect any potential risk such as: malicious traffic, suspicious user activity, vulnerability configuration, and sensitive data leaks and malware.
- Detect complex threats and user activity in public cloud environments.
- Identify suspicious host/IP and provide details on violated policies.
- Rapid response to identified threats based on contextual alerts.
For organizations operating in a highly regulated industry, FortiCWP provides out-of-the-box policies for standards and mandates, and allows organizations to quickly generate compliance reports for auditing teams so they can identify policy violations and take necessary remedial actions.
- Enhanced visibility and control maintains historical snapshots of public cloud environments.
- Continuous monitoring of security and compliance assessment policies.
- Comprehensive reporting to stay compliant and reduce risk.