Fortinet Security Fabric for Alibaba Cloud
Fortinet solutions for Alibaba Cloud are designed to provide enterprise class security to your cloud-based applications. The solutions feature native integration into Alibaba cloud for seamless security and ease of automation, broad protection against both common and advanced threats, and central management and automation across clouds and data centers.
Fortinet Security Fabric for Alibaba Cloud
The Fortinet Security Fabric for Alibaba extends consistent, best-in-class security to the Alibaba Cloud. The Security Fabric protects business workloads across on-premises data center and cloud environments, including multi-layered security for born-in-the-cloud applications. Fortinet’s broad, integrated solution protects applications, data and the infrastructure supporting them.
Features and Benefits:
Complete visibility and automated, AI-driven threat protection across the entire attack surface
Flexible bring your own license (BYOL) options for scalable cloud workload deployment
Integrated cloud security competency with top-rated protection, tested by NSS Labs, Virus Bulletin, and AV-Comparatives
Cloud-ready, multilayered, and virtual domain (vDOM) support for granular security and intent-based segmentation
Single-pane-of-glass visibility and management of security and policies both inside and outside the Alibaba Cloud
Fortinet Use Cases for Alibaba Cloud
Cloud Workload Protection
Applications being built in or migrated to the cloud need to be protected against traditional internet-originated threats, as well as from new threats that propagate across workloads and are introduced via application programming interfaces.
The combination of inline protection for north-south traffic, host-based protection for east-west traffic, and protection for cloud API and configuration risks offers the tightest security solution for the cloud. Leverage FortiGate VM to protect virtual cloud networks from internet-originated threats as well as providing inter-cloud secure connectivity. Utilize FortiWeb VM to secure applications. Extend security within the cloud by using FortiClient on VMs, assuring compliance and connectivity. FortiCWP protects from unwanted or unsupervised configurations at the cloud-account level.
Secure Hybrid Cloud
Security posture is often inconsistent between data centers and clouds, leading to poor network visibility and complex security management. Connectivity needs to be protected between cloud environments and data centers.
FortiGate next-generation firewall (NGFW) and Fortinet cloud security solutions offer best-of-breed secure connectivity, network segmentation, and application security for hybrid cloud-based deployments. They provide centralized, consistent security policy enforcement and connect through a high-speed VPN tunnel. FortiGate VMs deployed in the public cloud can securely communicate and share consistent policies with FortiGate NGFWs of any form factor provisioned across clouds or in a private data center.
Segmenting cloud environments is challenging because dynamic provisioning results in constantly changing IP addresses. Network segmentation based on static IP addresses is ineffective. FortiGate VMs provide intent-based segmentation, which builds access rules and segments based on user identity or business logic and adjusts rules dynamically in response to a continuous trust assessment. FortiGate VMs leverage metadata or tags associated with cloud-based resources across multiple clouds as an element in enforcing security policies.
Cloud-based Security Management and Analytics
Leverage the multi-regional and global presence of top cloud infrastructure providers to deploy centralized and global security management and analytics systems in the cloud. FortiManager VM, FortiAnalyzer VM, and FortiSIEM VM can all be deployed in the cloud to scale and globalize.
Click here to learn more about these use cases.
Featured Fortinet Products on the Alibaba Cloud
The FortiWeb Web Application Firewall (WAF) provides advanced security and AI-based machine learning that defends web applications from vulnerability exploits, bots, malware uploads, DDoS attacks, advanced persistent threats (APTs), and zero-day attacks.
FortiManager provides single-pane-of-glass management for unified, end-to-end protection across the extended enterprise. It delivers insight into network traffic and offers enterprise-class features for threat containment.
FortiAnalyzer delivers critical insight into threats across the entire attack surface and provides instant visibility, situational awareness, real-time threat intelligence, and actionable analytics.
FortiGuard Threat Intelligence Service arms security professionals with actionable and prioritized threat intelligence that integrates into Fortinet security solutions, enabling a fast and proactive response to targeted attacks.
Visit Alibaba Marketplace for a complete list of Fortinet products available on Alibaba Cloud.
FortiGuard Security Services for Alibaba Cloud
可對您的客戶正在執行的應用程式獲得無可比擬的即時可視性，並輕鬆實施您可接受的使用原則，進而提高安全性並滿足合規要求。透過 FortiGuard 應用程式控制，您可以快速建立原則來允許、拒絕或限制對應用程式或整個類別的應用程式的存取。
Content Disarm & Reconstruction
Content Disarm & Reconstruction (CDR) strips all active content from files in real-time, creating a flat sanitized file. All active content is treated as suspect and removed. CDR processes all incoming files, deconstructs them, and removes all elements that do not match firewall policies.
FortiGuard IPS 透過偵測威脅並在威脅侵入到網路裝置前進行封鎖，以此抵禦最新的網路入侵。
IP 聲譽評等 & 預防殭屍網路安全服務
FortiGuard IP 聲譽評等服務從 Fortinet 分佈式威脅感測器網路、CERT、MITRE、進行合作的競爭對手以及其他全球資源彙集惡意來源 IP 資料，這些資源共同協作，合力提供關於敵對來源的最新威脅情報。憑藉來自分佈式網路閘道近乎即時的情報，再結合 FortiGuard Labs 的世界級研究，組織可得到更安全的保護並對攻擊實施主動攔截。
Virus Outbreak Protection Service
FortiGuard Virus Outbreak Protection Service (VOS) closes the gap between antivirus updates with FortiCloud Sandbox analysis to detect and stop malware threats discovered between signature updates before they can spread throughout an organization. OS initiates a real-time look-up to our Global Threat Intelligence database.