Next-Generation Security for Microsoft Azure

Dynamic security across clouds and datacenters with Fortinet and Microsoft Azure

Extending Advanced Security for Microsoft Azure
web product icon azure cloud

Fortinet Security Fabric for Microsoft Azure

More and more enterprises are turning to Microsoft Azure to extend internal data centers and take advantage of the agility of the public cloud. While Azure secures the infrastructure, organizations are responsible for protecting everything they put in it. Fortinet Security Fabric provides Azure and Office 365 users broad protection, native integration and automated management enabling customers with consistent enforcement and visibility across their multi-cloud infrastructure. The Fortinet Security Fabric offers deep multi-layer-security protection and operational benefits for securing web applications, mail applications, preventing zero-day threats and managing global security infrastructures from the cloud.

Fortinet helps customers Connect to the cloud, Protect cloud applications, and Deliver security from the cloud With Fortinet

 

Connect

As organizations increase their utilization of cloud services, so does the need to securely and efficiently connect to the cloud. Fortinet provides customers with secure and reliable solutions to connect to Azure-based workloads and resources. Fortinet offers a variety of secure connectivity options for Azure, helping customers select the connectivity option that best suits their needs whether they are looking for secure remote access, secure hybrid cloud connectivity or a full-feature cloud security services hub.  FortiGate-VMs can be deployed within Azure to provide fully optimized and highly secure communications between SD-WAN branches, datacenters and the cloud. Fortinet’s SD-WAN branch solutions can also seamlessly integrate with Azure’s Virtual WAN.

 

Protect

As organizations increase their compute footprint in the cloud, Fortinet also provides customers with a broad array of security solutions to protect Azure based resources and workloads. Fortinet solutions are tightly integrated and designed to help customers maintain a consistent security posture across applications, clouds and datacenters. Fortinet protects Azure-based applications with solutions including FortiGate-VM next generation firewalls, FortiCWP for cloud platform security, and FortiWeb for web application and API protection (available as a VM, a container, and as a SaaS running in Azure). Fortinet is the only provider offering customers such a broad array of integrated core cloud security products. Furthermore, Fortinet offers the broadest set of security solutions that are natively integrated into the Azure infrastructure and available on the Azure marketplace. Products are available as both pay as you go (PAYG) and bring your own license (BYOL) procurement.

 

Deliver

As organizations are strained with limited cloud security resources and expertise, there is a growing preference to consume certain security functionality as a service (SaaS), eliminating the need to manage and maintain security devices. Various Fortinet offerings are available as a Service, forming a rich and broad set of Security as a Service (SECaaS) portfolio. Fortinet’s SECaaS solutions are help organizations address security reduce capital costs and allow fast and simple deployment of new security services.  Fortinet SaaS offerings include the new FortiWeb Cloud as a Service which can be procured through the Azure Marketplace.

 

 

 

Features and Benefits:

 

reduce cash icon

Available as Flexible Bring-Your-Own-License (BYOL), Pay-As-You-Go (PAYG) licensing, or Security-as-a-Service, for scalable cloud workload deployments

icon benefits management

Centralized management and analytics with actionable insights to understand targeted attacks and meet compliance regulations

cloud ready icon

Natively integrated, broad set of security solutions to address the entire attack surface

Icon automation

APIs and templates for programmatic automation and orchestration

FortiGate Next-Generation Firewall on Microsoft Azure

In this quick video, learn how Fortinet delivers a natively integrated solution for Microsoft Azure users to protect application workloads beyond standard Azure security services. Fortinet’s Next Generation Firewall (NGFW) enables the broadest protection and automated management for consistent enforcement and visibility across your hybrid cloud infrastructure.

Watch Now

FortiWeb Cloud WAF-as-a-Service

FortiWeb Cloud WAF-as-a-Service is a Security-as-a-Service SaaS cloud-based web application firewall (WAF) that protects public cloud-hosted web applications from the OWASP Top 10, zero-day threats, and other application layer attacks.

Requiring no hardware or software, the FortiWeb colony of WAF gateways can run in most Azure regions. This allows organizations to scrub application traffic within the same region their applications reside, addressing performance and regulation concerns, as well as keeping traffic cost to a minimum.

More infomation

 

Cloud Workload Protection with FortiCWP

FortiCWP is Fortinet’s Cloud Workload Protection (CWP) solution. FortiCWP uses API level integration into Microsoft Azure management and security services including the Azure Security Center to monitor and track cloud resources including their configurations, activity, traffic flows. FortiCWP will also scan cloud data stores such as Azure Blobs for sensitive or malicious content and produce reports on an organization’s compliance with common regulatory standards. FortiCWP also supports Amazon AWS and Google Cloud Platform.

Learn more

Fortinet Use Cases for Microsoft Azure

Visibility & Control

  • Cloud Infrastructure Visibility and Control
  • Compliance in the Cloud
  • Cloud Based Security Management & Analytics

Application Security

  • Web Application Security
  • Logical (Intent-based) Segmentation
  • Container Security
  • Cloud Workload Protection

Secure Connectivity

  • Secure Hybrid Cloud
  • Cloud Security Services Hub
  • Secure Remote Access

Click here to learn more about these use cases. 

Featured Products on Microsoft Azure

Fortinet offers its industry-leading series of network security products on Microsoft Azure Public Cloud, enabling advanced security protection for your cloud-based infrastructure and applications.
 
icon sm forticwp

FortiCWP provides ability to evaluate cloud security posture, detect threats originating from misconfiguration, analyze traffic, evaluate user behavior for threats, and track compliance of workloads in public clouds.

icon sm fortiweb cloud

FortiWeb Cloud WAF-as-a-Service is a SaaS cloud-based web application firewall (WAF) that protects public cloud-hosted web applications from the OWASP Top 10, zero-day threats, and other application layer attacks.

icon sm fortigate

The FortiGate-VM on Microsoft Azure delivers NGFW capabilities for organizations of all sizes, with the flexibility to be deployed as a NGFW and/or a VPN gateway. 

icon sm fortigate

Designed to ensure easy, consistent deployment for the most efficient system and application uptime with minimal disruption using Azure Load Blancer (LB) and two FortiGate NGFW VMs.

icon sm fortiweb

The FortiWeb Web Application Firewall (WAF) provides advanced features and AI-based machine learning detection engines that defend web applications from vulnerability exploits, bots, malware uploads, DDoS attacks, advanced persistent threats (APTs), and zero-day attacks.

icon sm fortisandbox

FortiSandbox for Azure enables organizations to defend against advanced threats natively in the cloud, working alongside network, application, email, endpoint security, and other third-party security solutions, or as an extension to their on-premises security architectures to leverage cloud elasticity and scale.

icon sm fortimail

Secured by FortiGuard, FortiMail delivers the latest technologies and intelligence, including integrated sandboxing, to stop even the most sophisticated email-borne threats.

icon sm fortimanager

FortiManager provides single-pane-of-glass management for unified, end-to-end protection across the extended enterprise. It delivers insight into network traffic and offers enterprise-class features for threat containment. 

icon sm fortianalyzer

FortiAnalyzer delivers critical insight into threats across the entire attack surface and provides Instant visibility, situation awareness, real-time threat intelligence, and actionable analytics.

Visit Azure Marketplace for a complete list of Fortinet products available on Azure

FortiGuard Security Services for Azure

FG Application Control

Application Control

Improve security and meet compliance with easy enforcement of your acceptable use policy through unmatched, real-time visibility into the applications your users are running. With FortiGuard Application Control, you can quickly create policies to allow, deny, or restrict access to applications or entire categories of applications.

FG Web Filtering

Web Filtering

Protects your organization by blocking access to malicious, hacked, or inappropriate websites.

Icon cloudsandbox

FortiCloud Sandbox

FortiCloud Sandbox Service is an advanced threat detection solution that performs dynamic analysis to identify previously unknown malware. Actionable intelligence generated by FortiCloud Sandbox is fed back into preventive controls within your network—disarming the threat.

FG Antivirus

Antivirus

FortiGuard Antivirus protects against the latest viruses, spyware, and other content-level threats. It uses industry-leading advanced detection engines to prevent both new and evolving threats from gaining a foothold inside your network and accessing its invaluable content.

FG Intrusion Prevention

Intrusion Prevention

FortiGuard IPS protects against the latest network intrusions by detecting and blocking threats before they reach network devices.

virus outbreak service icon

Virus Outbreak Protection Service

FortiGuard Virus Outbreak Protection Service (VOS) closes the gap between antivirus updates with FortiCloud Sandbox analysis to detect and stop malware threats discovered between signature updates before they can spread throughout an organization. OS initiates a real-time look-up to our Global Threat Intelligence database.

security audit service icon

Content Disarm & Reconstruction

Content Disarm & Reconstruction (CDR) strips all active content from files in real-time, creating a flat sanitized file. All active content is treated as suspect and removed. CDR processes all incoming files, deconstructs them, and removes all elements that do not match firewall policies.

FG AntiBotnet

IP Reputation & Anti-botnet Security

The FortiGuard IP Reputation Service aggregates malicious source IP data from the Fortinet distributed network of threat sensors, CERTs, MITRE, cooperative competitors, and other global sources that collaborate to provide up-to-date threat intelligence about hostile sources. Near real-time intelligence from distributed network gateways combined with world-class research from FortiGuard Labs helps organizations stay safer and proactively block attacks.

FortiGate Enterprise Bundle

Our Enterprise (ENT) bundle now includes:

  • CWP - providing visibility, compliance, data security and threat protection for your cloud-based services.
  • Industrial Security Service protection – SCADA (supervisory control and data acquisition) and ICS (industrial control systems). These signatures address attacks against critical infrastructure and manufacturing industries, where we are seeing frequent and sophisticated cyberattacks.
  • Security Rating Service - this service performs checks against your fabric-enabled network and provides scoring and recommendations to your operation teams. The subsequent scorecard can be used to gauge adherence to various internal and external organizational polices, standards, and regulations requirements, including providing a ranking of your firm against industry peers. 

The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • CWP
  • Security Rating 
  • Industrial Security Service
  • FortiCare
FortiGate UTM Bundle

The FortiGuard Unified Protection Bundle (UTM) is our traditional Unified Threat Management security bundle. The Unified Protection Bundle extends threat protection across the entire digital attack surface, providing industry-leading defense against sophisticated attacks. The UTM bundle has you covered for web and email-based attacks. The UTM bundle delivers the best package available for a unified threat protection offering. The UTM Bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • Web Filtering
  • Antispam
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare

The FortiGuard Advantage: 

  • FortiGuard processes over 69 million websites every hour, providing up-to-the-minute reputation and categorization. 
  • Prevent malicious downloads and browser hijacking attacks with top-rated web filtering (VBWeb Verified)
  • Improved email productivity through superior spam prevention validated with 3rd party independent testing (VBSpam + Verified)
FortiGate Advanced Threat Protection Bundle

The FortiGuard Advanced Threat Protection (ATP) bundle provides the foundational security needed to protect and defend against known and unknown cyber threats. The Advanced Threat Protection bundle includes: 

  • NGFW Application Control
  • IPS
  • Antivirus
  • Botnet
  • IP/Domain Reputation
  • Mobile Security
  • FortiSandbox Cloud
  • Virus Outbreak Protection
  • Content Disarm & Reconstruction 
  • FortiCare 24*7
Services Table
Service Advanced Threat Protection
(ATP)
 
Unified Protection
(UTM)
 
Enterprise Protection
(ENT)
 
360 Protection


FortiManager Cloud
     
FortiAnalyzer Cloud
     
SD-WAN Cloud Assist Monitoring
     
SD-WAN One Click VPN Overlay
     
FortiConverter Service
     
Industrial Security Service
   

Security Rating
   

CWP
   

Anti-Spam
 


Web Filtering
 

Advanced Malware Protection




IPS




FortiCare + Application Control