The Operating System to Enable Digital Innovation Through the Security FabricFortiOS 6.4 Solution Guide
As organizations take on digital innovation (DI) initiatives to keep pace with the demands of today’s business environments, customer experiences, and technology shifts, they are faced with four major challenges:
- An expanding, fragmenting attack surface
- Accelerating advanced threats that take advantage of the resulting networking complexities and fragmentation
- A profusion of disparate security technologies across network, infrastructure, cloud, endpoints, and devices
- Increasingly onerous regulatory demands regarding network security and data privacy
Typically, organzations looking to solve these challenges are required to adopt multi-layer defense-in-depth strategies that translate into numerous sophisticated and evolving security capabilities. Unfortunately, such strategies places large strains on the limited resources organizations have, resulting in trade-offs, further hurdles, and slow downs—exactly the opposite of the intented DI goals.
Instead, organizations need to adopt a true cybersecurity platform such as the Fortinet Security Fabric that enables digital innovations by delivering:
- Broad visibility of the entire digital attack surface to better manage risk
- Integrated solutions that reduce the complexity of supporting multiple point products
- Automated workflows to increase the speed of operations and response
To address today’s risks and deliver the industry’s most comprehensive cybersecurity platform that enables digital innovation, Fortinet continues to enhance the Security Fabric with the latest version of its operating system, FortiOS 6.4 that delivers:
The Security Fabric is the result of almost 20 years of innovation, organically built from the ground up to be broad, integrated, and automated. Every element of the Security Fabric—from the next-generation firewalls to the access points and switches to the network access control (NAC) solution—is engineered to work together, while also integrating with one of the industry’s largest technology alliance partner ecosystems.
What’s New in FortiOS 6.4
With version 6.4, FortiOS adds new features designed to support organizations’ DI goals across the four key pillars of the Security Fabric and FortiGuard Labs:
Secure and accelerate the network and user experience
New intuitive SD-WAN orchestrator and granular application analytics in Fabric Management Center simplify and automate Fortinet Secure SD-WAN deployments.
- Real-time SD-WAN application optimization in FortiGate enables consistent and resilient business application experiences.
- Broader segmentation visibility connects multi-tenant VDOMs into the Security Fabric with FortiGate to protect against internal risk.
- Expanded secure web gateway (SWG) and intrustion prevention system (IPS) use cases enable better protection and simplify administration operations.
- Enhanced SD-Branch capabilities with the FortiAP Controller, simplified operation of LTE links through integrated management with FortiExtender, and broadened FortiAP portfolio with WiFi 6 models.
Zero-trust Network Access
Identify and secure users and devices, on and off the network
- Increased native device visibility across Fortinet Security Fabric through integration of FortiNAC into the Fabric Topology Map with FortiAnalyzer.
- Enhanced profiling of devices within FortiNAC includes better visibility into Linux devices. It also simplifies zero-trust network access implementations with capabilities such as automatic Internet-of-Things (IoT) detection and segmentation, reducing the complexities of securing IoT devices.
- Improved user identification and management with FortiManager docker for FortiAnalyzer Cloud that delivers overall workflow improvements and enhanced SAML in FortiAuthenticator alongside two-factor authentication with FortiToken Cloud.
- On- and off-network visibility and management with Fabric agent telemetry for devices on-network, and secure VPN tunnels with FortiClient as well as secure offsite access with FortiGuard Cloud for devices off-network.
Dynamic Cloud Security
Secure and control cloud infrastructure and applications
- Broader cloud application protection with increased Office 365 security coverage through integrations with FortiMail and FortiCASB. New FortiWeb deep-learning capabilities protect continuously changing applications running anywhere. FortiWeb can be deployed as a physical and virtual appliance, as a Security-as-a-Service (SaaS) offering in public or private clouds, or as a docker container.
- Stronger cloud network security effectiveness through support of advanced hybrid cloud use cases, including SD-WAN for AWS Outposts and GCP Anthos using FortiGate VM, and auto-remediation capabilities with FortiGate VM Cloud IDS.
- Enhanced workload protection capabilities and multi-cloud visibility via FortiCWP asset inventory and streamlined security operations workflows.
AI-driven Security Operations
Automatically prevent, detect, and respond to cyber threats
- Adds new advanced threat detection and prevention capabilities at the endpoint with new next-generation antivirus (NGAV) capabilities. It complements the endpoint-hardening of FortiClient with machine learning-based NGAV, real-time ransomware protection, and the ability to defuse threats in FortiEDR.
- Increased automation in FortiAnalyzer and FortiSIEM, as well as full orchestration with FortiSOAR to reduce the SOC burden and company exposure. While FortiAnalyzer is the foundation of Security Fabric analytics and FortiSIEM extends to multi-vendor environments, FortiSOAR adds the most robust automated collection of additional context and data to enrich incident response (IR), case management for more effective coordination and collaboration across customer security teams, and visual playbook orchestration with guided responses.
- Supplements the Security Fabric with dynamic threat hunting and staff augmentation to extend resource-constrained security teams with Fortinet 24x7 remote monitoring and incident response service.
The Fortinet 360 Protection bundle delivered by FortiGuard Labs provides a complete package of operational support and security services that enable customers to easily deploy and benefit from the full power of the Security Fabric. It also ensures customers are optimized for SD-WAN deployments.
- New services within the Fortinet 360 Protection bundle enable organizations to leverage intuitive SD-WAN orchestration, automated IoT device identification and segmentation, and optimize operations with IP Address Management (IPAM) across the Security Fabric.
- New enhancements to the 360 Protection Security Rating Service allows customers to proactively identify and remediate configuration, policy, security, and compliance gaps, as well as benchmark against industry peers to assess relative posture and investment strategies.
I would like to learn more about FortiOS. Call me now!