We recently had an opportunity to deliver a presentation on FortiOS 6.0 at the Camp Secure Sense customer and partner conference in southern Ontario, Canada. With some of the most well-known organizations under the Maple Leaf Flag in attendance, the conversations that ensued from the presentation were quite interesting and fruitful.
Our challenge in putting together the presentation for the conference was simple yet challenging. How do we describe a body of code that added more than 200 new features in its latest upgrade in a 60-minute conference session?
The first thing to understand about FortiOS 6.0 is that it is all about cybersecurity for an era of digital transformation that touches social, business, and governmental services. In this transformation, computing technologies have moved from supporting private and public sector business processes to the front lines of organizational value propositions. The transformation to digitally drive value-delivery radically expands the scope of information technology, and with it, the cybersecurity risk factors and attack surface available to adversaries. Additional factors such as escalating compliance pressure (GDPR, NIST, PCI DSS, et al.), coupled with increasing adversary sophistication, also add urgency to the cybersecurity mission.
As the world digitally transforms, so must cybersecurity. Here, cybersecurity needs to move from a model focused on tactical, break/fix issues that resides in multiple silos with a “policing” mentality to dynamic framework that weaves continuously, adjusting and improving security into the main flow digital business service delivery. At Fortinet, we believe that FortiOS, which enables the Fortinet Security Fabric, is a foundational building block for an organization seeking to keep pace with the security challenges posed by digital transformation.
FortiOS 6.0 significantly expands the role of automation in delivering cybersecurity functionalities and benefits. First, automated detection and remediation processes run much faster than those requiring significant human intervention. This, in turn, shrinks latencies, giving attacks much less time to do harm. Second, automating key processes enables bandwidth constrained security teams to focus on managing risk rather than managing manual processes. Finally, instantiating key features and functionalities in software also makes it much easier to customize, upgrade, and adapt cybersecurity programs to meet changing conditions.
The open software architecture of FortiOS extends cybersecurity visibility and management from the data center to the edges of the network. With the attack surface rapidly expanding due to the growth of Internet of Things (IoT), continued adoption of cloud services, and explosion in mobility, having a network security architecture like the Fortinet Security Fabric provides organizations with the ability to protect themselves against attacks across all exposed areas. FortiOS 6.0 also strengthens user abilities to monitor, analyze, report, and benchmark their organization’s security posture and key performance indicators (KPIs). These Security Rating features enable strategic risk management, providing valuable insight into operational maturity and readiness. They also can be deployed to monitor and report compliance with specific internal and external mandates.
Many organizations rely on multiple cloud providers and maintain cloud environments that include private, public, and hybrid clouds. While each cloud provider offers basic security, each of these clouds reside in silos and organizations lack transparent visibility and controls across each cloud environment. This creates additional strain on overburdened security teams while slowing security responses to threats, intrusions, and breaches. FortiOS 6.0 includes expanded cloud connectors for visibility across all of the major cloud providers. Virtual FortiGate NGFWs can be deployed across private, public, and hybrid clouds for east-west micro-segmentation. FortiCASB (Cloud Access Security Broker) offers controls that enable visibility, data security, threat prevention, and compliance for cloud services. It also provides insights into users, behaviors, and data stored in the cloud with extensive reporting tools.
Organizations are rapidly embracing software-defined wide area networks (SD-WAN) on the basis thy will reduce their costs while delivering better services to their branch and remote offices. But as they embrace SD-WAN and traffic is no longer routed through security systems within their data centers, security risk increases. At the same time, explosion in cloud-based, including software-as-a-service (SaaS) applications, is driving more and traffic across the network edge, incurring performance bottlenecks that impact end-user productivity. Fortinet Secure SD-WAN combines networking and security capabilities into the FortiGate NGFW. Organizations can easily and quickly activate FortiGate NGFWs for SD-WAN using zero-touch deployment. They can address network bandwidth constraints with features such as traffic shaping, WAN Path Controller, and bandwidth optimization, while also ensuring their SD-WAN is fully protected from malicious attacks.
FortiOS 6.0 offers several new and improved security functionalities. These include fast, automated Virus Outbreak Prevention for FortiGate Next Generation Firewalls (NGFW) and FortiMail as well as FortiGuard Content Disarming that strips and quarantines malicious content from Microsoft Office and PDF documents.
Readers interested in finding out more about FortiOS 6.0 can download a copy of our solutions brief, “Securing Digital Transformation—Fortinet Security Fabric and FortiOS 6.0.” You also can download a copy of our presentation at Secure Sense.
To learn more about Fortinet and how their products can benefit your organization feel free to reach out!
By Patrick Spencer
Director of Content and Marketing at Fortinet
Secure Sense is the security provider that cares. We are a team of experts with a passion for IT and protecting your organization is what motivates us daily. If you have questions or want to learn more about how we can improve your organization’s security, our services or just want to chat security please give us a shout. If you’re looking to guest blog, please send an email here.