The coronavirus pandemic has made customers even more receptive to the Fortinet Security Fabric and the company’s platform security story as businesses look to reduce costs and further streamline operations through integration and automation opportunities, according to John Maddison, executive vice president of products and chief marketing officer for the security vendor.
Fortinet has converted its four regional Accelerate 2020 conferences scheduled to take place around the world into a single weeklong event called Accelerate 2020 Digital Edition, with sessions for the Americas, APAC and EMEA scheduled for Tuesday, Wednesday and Thursday, respectively. The virtual event is being made available to Fortinet partners, customers and employees free of charge.
In conjunction with the show, Fortinet has debuted a series of new products and features ranging from entry-level and high-end firewalls to better integration, correlation and orchestration capabilities for its SD-WAN, security management, and SOAR (Security Orchestration Automation and Response) tools. Here’s a look at how Maddison said partners will benefit from the new and enhanced capabilities.
5. New High-End Firewall With Massive Scalability
Fortinet’s FortiGate firewalls outside the entry-level series support everything from mid-range businesses to very large data centers and rely on SPU (Security Processing Unit) architecture rather than the less expensive system on a chip model used for entry-level firewalls, Maddison said. The company’s latest NP7 network processor provides tremendous scalability for Fortinet’s SPU-based systems, he said.
Fortinet just rolled out a new version of its high-end 4200 firewall, the 4200F, which Maddison consists of a CPU as well as four NP7s, delivering 800 gigabits per second of firewall throughput. The SPU-based system provides customers with tons of scale, Maddison said.
Companies have needed to switch on a lot more users as the coronavirus pandemic forced all staff to work remotely, which Maddison said could cause performance issues for competitors with CPU-based systems. But Fortinet is able to offload the impact of additional workers onto its content processor, allowing businesses to rapidly scale the number of firewall users without affecting CPU performance.
4. More SOAR Integrations And Playbooks
Fortinet has increased the number of playbooks and enhanced the correlation capabilities of its SOAR (Security Orchestration Automation and Response) tool to better link alerts and automate the response process, Maddison (pictured) said. Fortinet has expanded its correlation capabilities beyond endpoint to include network, web and email, which Maddison said gives the company a better chance of stopping an attack.
“The key is linking all the alerts that come in to a correlated mapping or playbook,” Maddison said. “Being able to tell what’s going on really quickly and having an automated playbook to implement a response is key.”
The company’s SOAR tool now offers integrations with the top five endpoint security and firewall vendors, including some of Fortinet’s biggest competitors, according to Maddison. This allows new FortiSOAR customers to continue using security technology from other vendors without being hit with a massive upfront cost to rip and replace their existing tools, Maddison said.
3. Tighter Bond Between FortiAnalyzer And FortiManager
Combining FortiAnalyzer and FortiManager inside Fortinet’s Fabric Management Center provides networking and security teams alike with better visibility while still allowing for rules-based access, Maddison said. Having FortiAnalyzer and FortiManager together will allow for better correlation of threat and performance data for the IPS Management Console, according to Maddison.
Linking together individual endpoint and firewall events should give organizations a better understanding of what’s happening on their network, Maddison said. Pulling all those pieces together in a single location with allow customers to make wiser, faster and better decisions, Maddison said
The Fabric Management Center is intended for mid-market companies that want to capitalize on correlating telemetry data but don’t have enough dedicated SOC (Security Operations Center) personnel to use the more sophisticated FortiSOAR system with 100 different product integrations and playbooks. FortiAnalyzer covers much of what a SOAR does in a simpler manner, Maddison said.
2. New Entry-Level Firewall Well-Suited For Home Offices
Fortinet has expanded its suite of updated entry-level firewalls beyond the best-selling FortiGate 60 to include the FortiGate 40, Maddison said. The new FortiGate 40F is a bit further down the spectrum from the 60F – which debuted several months ago – and is well-suited to protect single office or home office networks, according to Maddison.
The FortiGate F models provide three-to-four times the performance of Fortinet’s previous firewall models and ten times the performance of the competition, Maddison said. Fortinet’s massive market share in the entry-level firewall space has allowed the company to get the per unit price for its proprietary ASIC chip down to a very attractive point while delivering superior performance, he said.
“You’ve got to make sure that the performance is optimal now that you’re working from home to provide as much bandwidth as possible,” Maddison said. “The more things you do, the more performance becomes an issue.”
1. Better SD-WAN Orchestration Via The Cloud
Fortinet has added new functionality to its SD-WAN offering to provide enhanced orchestration and better connect users, devices, applications and workloads, Maddison said. Fortinet has taken a hybrid approach, providing a local controller for performance and scalability as well as a new orchestration component in the cloud to help with zero-touch provisioning, according to Maddison.
The enhanced orchestration should make use of Fortinet’s SD-WAN tool more simple, efficient and automated, according to Maddison. Up until now, Maddison said this functionality had been sitting in different parts of FortiManager, with the SD-WAN monitoring, orchestration, workflow and zero-touch provisioning all available in different locations.
“You no longer have to go all over the management console to find the SD-WAN component,” Maddison said. “You just click in one place called the SD-WAN orchestrator and all those pieces now appear.”