Fortinet Introduces New Network Access Control Solution for IoT Security
John Maddison, SVP of products and solutions at Fortinet
“Digital transformation brings a proliferation of unsecure IoT devices accessing the network, and with it, the increased risk of a security breach. FortiNAC allows organizations to identify every single device on the network and enables segmentation, giving each device access only to approved items. This functionality is delivered all within a solution that works with multi-vendor environments and an unlimited number of devices. FortiNAC strengthens the Fortinet Security Fabric for IoT deployments, delivering broad, integrated and automated cybersecurity solutions across the entire attack surface. In the world of IoT, FortiNAC answers the question ‘what’s on your network’ and then enables you to protect it.”
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced FortiNAC, a new network access control product line that delivers network segmentation and automated responses for IoT security.
- The massive rise of unsecure, headless IoT devices, including industrial and medical IoT, requires new tools for securing networks.
- Fortinet’s new FortiNAC product line delivers network access control to secure IoT environments and provides enhanced visibility, control and automated response capabilities.
- FortiNAC provides detailed profiling of each device on the network and enables granular network segmentation and automated responses for changes in device status or behavior. This ensures each device only has access to approved items on the network.
Unsecure IoT Devices are Leaving Organizations Vulnerable
The use of IoT devices is growing at a tremendous rate as organizations embrace digital transformation to enable better operational efficiency. According to Gartner, “Internet of Things endpoints will grow at a 32% CAGR from 2016 through 2021, reaching an installed base of 25.1 billion units.”1 The sheer volume of devices—including IoT, corporate, and BYOD—seeking wired and wireless network access are exponentially enlarging the attack surface and raising internal provisioning, management and compliance costs. The responsibility of connecting and securing access has shifted from a network-led issue to a security-led issue and poses a challenge for organizations: security managers need to secure every single device every single time, while cybercriminals only need one open port, one compromised or unknown device or one uncontained threat to circumvent all of the effort going into securing the network.
FortiNAC Secures Networks Accessed by Unsecure Devices
Fortinet’s new network access controller, FortiNAC, diminishes the security risks associated with unsecured devices accessing the network by giving organizations total visibility of endpoints, users, trusted and untrusted devices and applications. Once visibility has been achieved, FortiNAC establishes dynamic controls that ensure that all devices, whether wired or wirelessly connected, are authenticated or authorized, and are subject to a context-driven policy that defines who, what, when and where connectivity is permitted. This ensures that only the appropriate people and devices can connect to and access appropriate applications, infrastructure and assets. Additionally, FortiNAC can enforce company policies on device patching and firmware version. FortiNAC also contains powerful network orchestration capabilities for delivering automated responses to identified threats and can perform threat containment in seconds, where a manual process could take days or weeks.
Networks are in constant flux, with new devices connecting and disconnecting; controlling the network by controlling access to any device seeking access is a key part for ensuring the integrity of a network. Such an approach—where no unknown devices ever gain access to the corporate infrastructure, permitted devices are automatically segmented based on policies and roles and connected devices that begin to violate profiles are immediately quarantined from the network—becomes the foundation for a comprehensive security posture. Furthermore, the FortiNAC network access control solution is cost-effective and highly scalable, extending visibility and protection to an unlimited number of devices and eliminating the need for deployment at every location of a multi-site installation.
NAC and IoT Security Solutions Bolster the Fortinet Security Fabric
With today’s news, Fortinet strengthens its Security Fabric by extending its ability to engage network devices beyond the Fabric-Ready Partner Program to a wider multi-vendor environment, including third-party firewalls, switches, wireless access points and endpoints. FortiNAC is also integrated with the FortiGate Next-Generation Firewall, FortiSwitch, FortiWLC Wireless Controllers, FortiSIEM and FortiAP to minimize the risk and impact of cyber threats and provide broader visibility and security for complex networks.
“If you do not know about a device, there is no way to monitor and protect it. FortiNAC gives us a clear picture of the network and enables us to quickly find assets and shut down individual network ports. Adding this layer of visibility has helped us protect against data loss and ensure HIPAA compliance. I equate FortiNAC to having a lock on the doors and windows of your house. Without it, you are leaving your house wide open. We also no longer have to worry about lateral malware infections as we can just kill the port. Now, only authorized devices can connect to the network, and every port can be located and controlled.”
—Rob Fountaine, manager of information security at Atrius Health
“The network access control (NAC) market is seeing double digit growth in revenue, which is being driven by the need for device visibility in the network and concerns over IoT security. FortiNAC is a great enhancement to the Fortinet Security Fabric because it delivers an effective solution to IoT security risks and provides a compelling combination of multi-vendor support for enhanced detection and enforcement, as well as efficient and effective scalability for cost-effective deployment.”
—Zeus Kerravala, ZK Research
“Customers recognize the security risks inherent in complex enterprise networks that incorporate IoT and BYOD devices and the need for an effective security solution. The addition of FortiNAC presents a great opportunity for us to offer customers IoT security that is comparatively cost-effective, highly scalable and extends Fortinet’s industry-leading Security Fabric for broader visibility and security. The addition of an IoT security solution to Fortinet’s already robust product portfolio gives us confidence that Fortinet will continue to create opportunities for us to provide customers with powerful, integrated end-to-end security solutions.”
—Paul Eschbach, VP of Service Operations at IntegraONE
- Read our blog to learn more about this announcement.
- Learn more about the FortiNAC product line.
- Sign up for the weekly FortiGuard Threat Intelligence Briefs.
- Read more about our Network Security Expert program, Network Security Academy program or our FortiVets program.
- Read more about the Fortinet Security Fabric or the Third Generation of Network Security.
- Follow Fortinet on Twitter, LinkedIn, Facebook, YouTube, and Instagram.
1 Gartner,“ Forecast: Internet of Things — Endpoints and Associated Services, Worldwide, 2017,” Peter Middleton, Tracy Tsai, Masatsune Yamaji, Anurag Gupta, Denise Rueb, 21 December 2017.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security features without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 360,000 customers trust Fortinet to protect their businesses. Learn more at https://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.
Copyright © 2018 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiCare, FortiManager, FortiAnalyzer, FortiOS, FortiASIC, FortiMail, FortiClient, FortiSIEM, FortiSandbox, FortiWiFi, FortiAP, FortiSwitch, FortiWeb, FortiADC, FortiWAN, and FortiCloud. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments. This news release may contain forward-looking statements that involve uncertainties and assumptions, such as statements regarding technology releases among others. Changes of circumstances, product release delays, or other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this press release. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and expressly disclaims any obligation to update these forward-looking statements.