Skip to content Skip to navigation Skip to footer

Public Cloud Security Solutions

Secure Your Public Cloud Infrastructure and Workloads

Key Principles and Strategies for Securing the Enterprise Cloud
Public Cloud Security Solutions banner background banner dots


Available in:
  • aws icon
  • azure icon
  • oracle icon
  • google icon
  • alibaba icon

Gain Visibility and Control Over Your Cloud Environments and Applications

Organizations are increasingly deploying a variety of workloads across multiple clouds. In turn, business-critical data and services are increasingly scattered across this distributed infrastructure. Using the shared responsibility model as a guiding principle, enterprises rely on cloud providers to protect the network, storage, and computing layers, while enterprises own the security for everything that is built, deployed, or stored in the public cloud. Due to multi-cloud adoption, most enterprises maintain heterogeneous environments, with tools from each cloud platform differing significantly.

Watch Now

Fortinet Cloud Security Solution Functions and Products

Fortinet adaptive cloud security solutions and products complement the power and scalability of cloud providers by breaking down the barriers that complicate security visibility and management across an organization’s entire infrastructure. At the same time, Fortinet streamlines operations, policy management, and visibility for improved security lifecycle management with full automation capabilities. And with native integration of security capabilities to each cloud platform, Fortinet products enable broad protection of applications and support for the broadest set of cloud use cases


The Fortinet network security product line is available on all of the leading cloud providers with BYOL or on-demand per-usage (PAYG) options.

View by:


  • FortiManager. Cloud-based management for Fortinet products
  • FortiAnalyzer. Cloud-based reporting to streamline SOC operations. 
  • FortiSIEM. Fortinet's multi-vendor Security Information and Event Management solution. 
  • FortiCWP. A security broker controls and monitors the organization's management of public cloud infrastructures.      


  • FortiGate: Industry leading next-generation firewall runs in the cloud or on-premise
  • FortiWeb: Fortinet's web-application firewall protects web applications and helps with patching and regulatory compliance. 
  • FortiMail: Secure email gateway protects against email-bourne threats and data loss via email. 
  • FortiSandbox: Offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. 



  • Fortinet Cloud Connectors: Provide an abstraction layer for Fortinet products to treat cloud infrastructures in a seamless manner by translating. Network addresses into security objects and providing various other security integrations with cloud provider API’s.
  • Fortinet Fabric APIs: The APIs enable automated operations through dynamic sharing of local and global threat intelligence across security components.
  • Fortinet DevOps stiches: Automation recipes making security or infrastructure events automatically trigger actions.

View by:

Fortinet offers its industry leading series of network security products on AWS Marketplace enabling advanced security protection for your cloud based infrastructure and applications. Featured products:

Learn more about Fortinet Solutions on AWS. 

Fortinet offers its industry leading series of network security products on the Microsoft Azure Marketplace enabling advanced security protection for your cloud based infrastructure and applications. 

Learn more about Fortinet Solutions on Azure. 

Fortinet offers its industry leading series of network security products on the Google Cloud Platform Marketplace enabling advanced security protection for your cloud based infrastructure and applications. 

Learn more about Fortinet Solutions on Google Cloud Platform

Fortinet offers its industry leading series of network security products over the Oracle Cloud enabling you advanced security protection for your cloud based infrastructure and applications. 

Featured products:

Learn more about Fortinet Solutions on Oracle Cloud. 

Fortinet offers its industry-leading series of network security products on the Alibaba Cloud, enabling advanced security for your cloud-based infrastructure and applications.

Featured products:

Learn more about Fortinet Solutions on Alibaba Cloud. 

Faster time to activation is key in supporting the pace of digital innovation. FortiGuard market-leading, AI-enabled Security-as-a-Service capabilities are designed from the ground up to seamlessly work together to provide context-aware security policy and coordinated real-time attack prevention. Flexible consumption options are available across networks, endpoints, and clouds.

Mix and match our market-leading security capabilities to fit your diverse set of use cases for the data center, clouds, and applications across the organization. Our context-aware coordinated security policy will automatically asses the risks and adjust your security. It does this consistently across cloud and hybrid deployments based on granular user and application data.

Our suite of security services complements the power and scalability of cloud providers with native integration of security capabilities to each cloud platform, and a unified security and management framework for multi-cloud and hybrid deployments.

In addition to traditional software-based cloud security, our rich product portfolio provides purpose-built products for defending critical applications with FortiWeb, FortiMail, and FortiCASB.

For Security Services purchasing options on different products within this category, please look in the product datasheet and ordering guides.

Find out more about our FortiGuard Scurity-as-a-Service offering


FortiGuard Security As-A-Service offering for Clouds


World-class Global Support and Professional Services

Mission critical security-driven networks deserve the best support available.  FortiCare provides 24x7 support options to help keep your FortiGates up and running.  We also have services to help you recover in the rare moments when bigger bumps seem to come out of nowhere such as our Premium RMA options with 4-hour replacements. 

Want faster resolution?  Choose our Advanced Support option.

Need help to get going with new deployments and integrations?  FortiCare can do it, too, with Professional Services and Resident Engineers!  Contact Sales to find out how.

Delivering world-class security is not all that we do! We can help our customers lower their total cost of ownership (TCO) and simplify day-to-day security operations through our FortiOps services, which provide cloud-based management, visibility, and automation across their Fortinet Security Fabric.


Cloud-based Management, Visibility, and Operations

FortiGate Enterprise Bundle

Our Enterprise (ENT) bundle now includes:

  • Industrial Security Service protection – SCADA (supervisory control and data acquisition) and ICS (industrial control systems). These signatures address attacks against critical infrastructure and manufacturing industries, where we are seeing frequent and sophisticated cyberattacks.
  • Security Rating Service - this service performs checks against your fabric-enabled network and provides scoring and recommendations to your operation teams. The subsequent scorecard can be used to gauge adherence to various internal and external organizational polices, standards, and regulations requirements, including providing a ranking of your firm against industry peers. 

The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • Security Rating 
  • Industrial Security Service
  • FortiCare
FortiGate UTM Bundle

The FortiGuard Unified Protection Bundle (UTM) is our traditional Unified Threat Management security bundle. The Unified Protection Bundle extends threat protection across the entire digital attack surface, providing industry-leading defense against sophisticated attacks. The UTM bundle has you covered for web and email-based attacks. The UTM bundle delivers the best package available for a unified threat protection offering. The UTM Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare

The FortiGuard Advantage: 

  • FortiGuard processes over 69 million websites every hour, providing up-to-the-minute reputation and categorization. 
  • Prevent malicious downloads and browser hijacking attacks with top-rated web filtering (VBWeb Verified)
  • Improved email productivity through superior spam prevention validated with 3rd party independent testing (VBSpam + Verified)
FortiGate Advanced Threat Protection Bundle

The FortiGuard Advanced Threat Protection (ATP) bundle provides the foundational security needed to protect and defend against known and unknown cyber threats. The Advanced Threat Protection bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare 24*7
Services Table
Service Advanced Threat Protection
Unified Protection
Enterprise Protection
360 Protection

FortiManager Cloud
FortiAnalyzer Cloud
SD-WAN Cloud Assist Monitoring
SD-WAN One Click VPN Overlay
FortiConverter Service
Industrial Security Service

Security Rating


Web Filtering

Advanced Malware Protection


FortiCare + Application Control

View by:

Fuse Community

FortiGate Cloud Firewall Ecosystem

Public Cloud Security Use Cases:

Security in the cloud is intended to increase the organizations confidence to deploy applications in the cloud and by such improve overall organizational agility and ability to respond to market demand. By leveraging Fortinet’s Security Fabric solutions to deploy use case driven security capabilities, organizations benefit from market leading security with streamlined management functionality. Following is a set of common deployment scenarios of Fortinet’s Security Fabric:


View by:

Compliance in the Cloud

Compliance in the Cloud

Automates compliance-related configurations, achieve compliance with corporate and regulatory mandates

Achieves compliance requirements:

  • Simplified compliance tracking and reporting
  • Consistent visibility across multiple public cloud IaaS environments
  • Proactive management of security standards
  • Manage and remediate unsecure provisioning and configurations
Cloud Based Security Management and Analytics

As cloud use increases, so does the likelihood of misconfiguration. Analysts estimate that by 2023, misconfiguration will cause 99% of cloud-related risk, leading to disrupted services and unexpected costs.


Cloud infrastructure visibility and control use case



FortiCWP aggregates and organizes security information from multiple cloud services and API’s into meaningful compliance reports and live compliance dashboards.

FortiSIEM provides a broader view of compliance across multiple clouds, Fortinet Security Fabric products and third-party products. It can create compliance reports at the push of a button.

FortiAnalyzer collects logs from Fortinet Security Fabric elements, and FortiManager enables changes to be audited, reviewed, approved, and implemented. Together, they close the loop on compliance gap mitigation. All systems support automated processes to facilitate compliance policy management and workflow, reducing risk when policies are changed.


  • Simplified compliance tracking and reporting for various regulations
  • Consistent visibility across multiple public cloud IaaS environments
  • Proactive management of security standards
  • dentification and remediation of unsecure provisioning and configurations
  • Continuous compliance monitoring and reporting.
Web Application Security

Commonly cloud-based applications are using web services to communicate internally as well as outwards. Such applications are vulnerable to various threats and the organizations operating these applications are often required to meet compliance requirements.


Web Application Security use case



Fortinet offers a variety of web application security solutions that are ideally suited for cloud-based customers. FortiWeb-VMa purpose-built industry-leading web application firewall offered on all major cloud platforms, secures web services application programming interfaces (APIs), as well as front-end web applications to protect from known and unknown threats. Through integration with FortiWeb, FortiGate-VMs centrally enforce security policies and provide increased visibility. FortiCloud Sandbox Service performs dynamic analysis to identify previously unknown malware.


  • Provide centralized protection for web applications
  • Enhance regulatory compliance for applications
  • Deploy API-specific security packages
  • Automate threat responses with the Fortinet Security Fabric: FortiWeb detects threats and FortiGate blocks them

Read the Solution Brief

Container Security

Teams need to be able to rapidly develop modular applications in containers, whether on-premises, in the cloud, or within an orchestration tool such as Kubernetes. In addition, each application needs consistent protection against threats.


Container Security

Embeds security throughout container lifecycle, builds CI/CD pipeline, enhances compliance to Security best practices and visibility into runtime container activities

Deploy Container Workloads with Confidence:

  • Centralized visibility and monitoring for container security elements and relationships
  • Automates security and builds CI/CD pipeline
  • Detects vulnerabilities and misconfigurations
  • Enhances compliance to Security best practices
Secure Productivity

As organizations increasingly outsource the IT management aspect of productivity and email applications, the visibility and control over these applications is reduced. Security teams need the ability to provide consistent purpose-built security across multi-cloud environments.


Secure productivity use case



The combination of FortiMail, FortiSandbox, and FortiCASB-SaaS provides critical capabilities when securing Microsoft Office 365. The Fortinet Security Fabric enables deep visibility into email for protection from zero-day threats and monitoring the Office 365 application programming interface (API) layer.


  • Consistent on cloud / off cloud security
  • Strong authentication, email security and cloud visibility

Read the Solution Brief

Cloud Infrastructure Visibility and Control

Shadow IT Discovery

Consolidated multi-cloud visibility into risk posture to identify and protect against threats

Secures multi-cloud workloads:

  • Discovery and management for cloud workloads, resources and relationships
  • Simplifies compliance tracking and on demand reports for audit tracking
  • Detects malware and sensitive data​
SaaS Visibility and Control

Software-as-a-Service (SaaS) application usage is often unregulated and unsecure. A lack of visibility and control on SaaS applications usage heightens risk.


Secure SaaS Usage

Visibility into risk posture for user activities and behaviors, scans for sensitive and malicious files, and prevents data breaches

Secure SaaS Applications:

  • Centralize visibility over usage of SaaS applications in a consolidated dashboard
  • Gives you visibility into traffic, users and data to identify and manage risks
  • Provides predefined compliance policies for many regulations and compliance standards with on-demand reports for audit tracking
  • Predefined compliance policies and on demand reporting for audit tracking
  • Identifies malware and sensitive data
Shadow IT

Shadow IT Discovery

Centralized visibility and risk posture for all sanctioned and unsanctioned cloud applications

Fortinet’s FortiCASB can discover and assess all SaaS application activity:

  • Discovery and management of all applications (sanctioned and malicious) being used across the organization
  • In-depth logging, reporting and analytics for cloud-based services
  • Manage access for unsanctioned applications
  • Predefined compliance policies and on demand reporting for audit tracking
  • Detects malware and sensitive data
Secure Hybrid Cloud

Security posture is often inconsistent between data centers and clouds, leading to poor network visibility and complex security management. Connectivity needs to be protected between cloud environments and data centers.


Secure hybrid cloud use case



FortiGate next-generation firewall (NGFW) and cloud security solutions offer best-of-breed secure connectivity, network segmentation, and application security for hybrid-cloud-based deployments. They provide centralized, consistent security policy enforcement and connect through a high-speed VPN tunnel. FortiGate-VMs deployed in the public cloud can securely communicate and share consistent policies with FortiGate NGFWs of any form factor provisioned in a private data center.


  • High-speed virtual private network (VPN) connections protect data without compromising performance
  • Security policies enforced consistently across all environments
  • Single-pane-of-glass management

Read the Solution Brief

Cloud Security Services Hub

When teams develop applications in separate virtual networks and clouds, there is no centralized security management, making it challenging to secure the resulting applications and separate environments.


Cloud Security Services hub use case



Security teams looking to unify disparate environments need a central security services hub, or transit network. The hub splits security from application development to provide centralized, shared, and consistent security enforcement. It also securely connects networks, locations, clouds, and data centers. Additionally, it analyzes and enforces security polices on inbound and outbound traffic between cloud and the internet.


  • Security enforced consistently across all networks 
  • Secure connections enforced between locations
  • Teams can develop security solutions autonomously without waiting for security policies to be applied, reducing risk

Read the Solution Brief

Logical (Intent-Based) Segmentation

Segmenting cloud environments is challenging because dynamic provisioning results in constantly changing IP addresses. Network segmentation based on static IP address rules is therefore ineffective.


Logical intent-based segmentation use case



FortiGate-VMs provide intent-based segmentation, which builds access rules and segments based on user identity or business logic, and adjusts rules dynamically in response to a continuous trust assessment. FortiGate-VMs leverage metadata or tags associated with cloud-based resources across multiple clouds as an element in enforcing security policies. As a result, they intuitively define which workloads and elements in the cloud are allowed to communicate with other workloads and elements, whether they are inside or outside the cloud.


  • Able to dynamically adjust security policies based on logical roles of resources, accommodating the fluidity of changes
  • Effectively blocks lateral attack movement and is able to inspect north-south and east-west traffic

Read the Solution Brief

Secure Remote Access

Organizations need global, on-demand, secure access to cloud resources. Traditional remote access VPNs, however, cannot meet these requirements.


Secure remote access use case



Security teams need configuration templates that enable secure remote access termination in the cloud. Then, they can dynamically provision FortiGate-VM instances that are pre-configured with these templates globally. This enables mobile workforces, customers, and business partners to connect to the virtual organization network. It also connects the cloud network to business applications through VPN tunnels, whether deployed in the cloud or on-premises.


  • Low-latency, always-on connectivity to business applications through closest entry point into the network
  • Consistent user experience regardless of application location
  • Global high availability design eliminates impact of network single point of failure


Features and Benefits

Icon automation

Streamlined and automated management

Compliance icon

Consistent security across public and private cloud applications

icon benefits application control

Multi-layer advanced application protection

analytics icon

Flexible pay as you go billing and licensing


Scalable and resilient protection for elastic workloads

cloud ready icon

Support leading IaaS Provders

Deploy Any Application In Any Cloud With Fortinet

As the leader in multi-cloud security, Fortinet gives you the confidence to deploy any application in any cloud. Our solutions provide broad protection across the entire digital attack surface, both on-premises and in public clouds. Native integration with each of the major cloud providers enables automated, centralized management across all clouds uniformly and seamlessly. Giving you unified visibility and control and policy management that supports risk management and compliance requirements.


Fortinet cloud security addresses customer components such as your data and applications, operating systems, access and identity management, encryption, APIs, and network traffic. This complements the public cloud provider’s security features to provide complete and compliant protection.

Native Integration with Your Cloud Provider

Fortinet’s cloud security solutions and products enable secure workloads through tight integration with all major public cloud providers to ensure privacy and confidentiality while leveraging the benefits of scalability, metering, and time to market.

Our purpose-built cloud security solutions collaborate with key Fortinet products for varying cloud deployment models and use cases, while allowing for centralized management, open API integrations, metering consumption, cloud platform orchestration, and automation.



Fortinet Cloud Security Videos

Secure SD-WAN with Dynamic Cloud Security
FortiGate Next-Generation Firewall on AWS
Autodesk Leverages Fortinet in AWS to Scale Cloud Security With Ease

Fortinet Cloud Security News