Consistent multi-layered security from across clouds and data centers to Amazon Web Services (AWS)
Adaptive Cloud Security for AWS Solution Brief
Many enterprises are turning to AWS to build new applications, extend internal data centers, and ultimately take advantage of the elasticity of the public cloud. While AWS security covers its infrastructure, customers are responsible for protecting everything they build and store within it.
Fortinet accelerates the journey to AWS with purpose-built cloud security. Fortinet adaptive cloud security solutions protect workloads and business applications across on-premises data centers and cloud environments—with multilayer security for cloud-based applications. Organizations can achieve: a consolidated view of their security posture, a single console for policy management and governance reporting, and event monitoring regardless of physical, virtual, or cloud infrastructure, and across private, public, and hybrid clouds.
Fortinet offers Software-as-a-Service (SaaS), virtual machine (VM), container, and API-based protection that delivers natively integrated security functionality that complements AWS services such as GuardDuty, Security Hub, and AWS Outposts. Supporting the broadest set of use cases, Fortinet products offer comprehensive security for AWS workloads including firewall, security gateway, intrusion prevention, and web application security.
|
Listen as Anish John, senior network engineer at Autodesk, describes how they use AWS Transit Gateway and Fortinet Cloud Security Services Hub to scale security and greatly reduce latency.
Watch NowFortinet offers its industry leading series of network security products over the AWS Public Cloud enabling customers advanced security protection for their cloud based infrastructure and applications. Following is a list of products that can be purchased directly from the AWS Marketplace.
The FortiGate-VM on AWS delivers next-generation firewall (NGFW) capabilities for organizations of all sizes, with the flexibility to be deployed as a NGFW and/or a VPN gateway.
The FortiWeb web application firewall (WAF) defends web-based applications from known and unknown zero-day threats. Its AI-based machine learning identifies threats with virtually no false-positive detections.
FortiWeb rule sets are additional security signatures that can be used to enhance the protections included in the base AWS WAF product. They are based on FortiWeb security service signatures, and are updated on a regular basis to include the latest threat information from FortiGuard Labs.
Complete OWASP Top 10 | General and Known Exploits | SQLi/XSS | Malicious Bots | API Gateway
Fortinet Managed IPS Rules deliver curated and automatically updated rulesets for AWS Network Firewall based on the latest threat information from FortiGuard Labs.
FortiManager provides single-pane-of-glass management for unified, end-to-end protection across the extended enterprise. It delivers insight into network traffic and offers enterprise-class features for threat containment.
FortiAnalyzer delivers critical insight into threats across the entire attack surface and provides Instant visibility, situation awareness, real-time threat intelligence, and actionable analytics.
Secured by FortiGuard, FortiMail delivers the latest technologies and intelligence, including integrated sandboxing, to stop even the most sophisticated email-borne threats.
FortiSandbox for AWS enables organizations to defend against advanced threats natively in the cloud, working alongside network, application, email, endpoint security, and other third-party security solutions, or as an extension to their on-premises security architectures to leverage cloud elasticity and scale.
Visit AWS Marketplace for a complete list of Fortinet products on AWS
Improve security and meet compliance with easy enforcement of your acceptable use policy through unmatched, real-time visibility into the applications your users are running. With FortiGuard Application Control, you can quickly create policies to allow, deny, or restrict access to applications or entire categories of applications.
Protects your organization by blocking access to malicious, hacked, or inappropriate websites.
FortiSandbox Cloud Service is an advanced threat detection solution that performs dynamic analysis to identify previously unknown malware. Actionable intelligence generated by FortiSandbox Cloud is fed back into preventive controls within your network—disarming the threat.
FortiGuard Antivirus protects against the latest viruses, spyware, and other content-level threats. It uses industry-leading advanced detection engines to prevent both new and evolving threats from gaining a foothold inside your network and accessing its invaluable content.
FortiGuard IPS protects against the latest network intrusions by detecting and blocking threats before they reach network devices.
FortiGuard Virus Outbreak Protection Service (VOS) closes the gap between antivirus updates with FortiSandbox Cloud analysis to detect and stop malware threats discovered between signature updates before they can spread throughout an organization. OS initiates a real-time look-up to our Global Threat Intelligence database.
Content Disarm & Reconstruction (CDR) strips all active content from files in real-time, creating a flat sanitized file. All active content is treated as suspect and removed. CDR processes all incoming files, deconstructs them, and removes all elements that do not match firewall policies.
The FortiGuard IP Reputation Service aggregates malicious source IP data from the Fortinet distributed network of threat sensors, CERTs, MITRE, cooperative competitors, and other global sources that collaborate to provide up-to-date threat intelligence about hostile sources. Near real-time intelligence from distributed network gateways combined with world-class research from FortiGuard Labs helps organizations stay safer and proactively block attacks.
Our Enterprise (ENT) bundle now includes:
The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes:
The FortiGuard Unified Protection Bundle (UTM) is our traditional Unified Threat Management security bundle. The Unified Protection Bundle extends threat protection across the entire digital attack surface, providing industry-leading defense against sophisticated attacks. The UTM bundle has you covered for web and email-based attacks. The UTM bundle delivers the best package available for a unified threat protection offering. The UTM Bundle includes:
The FortiGuard Advantage:
The FortiGuard Advanced Threat Protection (ATP) bundle provides the foundational security needed to protect and defend against known and unknown cyber threats. The Advanced Threat Protection bundle includes:
| Service | Advanced Threat Protection (ATP) |
Unified Protection (UTM) |
Enterprise Protection (ENT) |
360 Protection |
| FortiManager Cloud |
✔ |
|||
| FortiAnalyzer Cloud |
✔ |
|||
| SD-WAN Cloud Assist Monitoring |
✔ |
|||
| SD-WAN One Click VPN Overlay |
✔ |
|||
| FortiConverter Service |
✔ |
|||
| Industrial Security Service |
✔ |
✔ |
||
| Security Rating |
✔ |
✔ |
||
| CASB |
✔ |
|||
| Anti-Spam |
✔ |
✔ |
✔ |
|
| Web Filtering |
✔ |
✔ | ✔ |
|
| Advanced Malware Protection |
✔ |
✔ |
✔ |
✔ |
| IPS |
✔ |
✔ |
✔ |
✔ |
| FortiCare + Application Control |
✔ |
✔ |
✔ |
✔ |
View by:
Enhance security and improve high availability practices in your AWS environment. View the various deployment scenarios.
Fortinet adaptive cloud security enables the broadest set of use cases for AWS.
Click here to learn more about these use cases.
Simplify security management with single-pane control across AWS and on-premises data centers
Leverage Fortinet Cloud Security Services Hub for scalable and multilayer secure connectivity
Gain cloud-native visibility and control into AWS workloads and applications
Security offerings in VM, container, and SaaS form factors with flexible bring-your-own-license (BYOL) and pay-as-you-go (PAYG) billing options.
Fortinet breaks down the barriers that inhibit security visibility and management across private, public, and hybrid cloud platforms. The Fortinet adaptive cloud security solution for AWS helps organizations maintain operationally viable, consistent security in a shared responsibility model from on-premises to the cloud. It delivers comprehensive and fully programmable multilayer security and threat prevention capabilities for AWS users.
Read the AWS reference architecture for more information.
|
FortiGate on AWS delivers NGFW capabilities for organizations of all sizes, with the flexibility to be deployed as a NGFW and/or VPN gateway. It enables broad protection and automated management for consistent enforcement and visibility across hybrid cloud infrastructures. FortiGate scales from the smallest footprint in the industry to the highest capacity NGFW virtual appliance on AWS.
Watch Now
Deploy a FortiGate auto-scaling baseline on AWS in just a few steps to quickly test the comprehensive suite of powerful security features. Includes a 15-day free trial on Marketplace.
FortiWeb Cloud WAF-as-a-Service is a Security-as-a-Service SaaS cloud-based web application firewall (WAF) that protects public cloud-hosted web applications from the OWASP Top 10, zero-day threats, and other application layer attacks.
Requiring no hardware or software, the FortiWeb colony of WAF gateways can run in most AWS regions. This allows organizations to scrub application traffic within the same region their applications reside, addressing performance and regulation concerns, as well as keeping traffic cost to a minimum.
FortiCWP is Fortinet’s Cloud Workload Protection (CWP) solution. FortiCWP uses API level integration into AWS management and security services to monitor and track cloud resources including their configurations, activity, traffic flows. FortiCWP will also scan cloud data stores for sensitive or malicious content and produce reports on an organization’s compliance with common regulatory standards. FortiCWP also supports Microsoft Azure and Google Cloud Platform.
