INTELLIGENT BRANDS // ENTERPRISE SECURITY
INTELLIGENT BRANDS // ENTERPRISE SECURITY
Great expectations for new era of
enterprise firewalls
Fortinet Enterprise Firewall Solution is an exceptional addition to
any organisation serious about their security, explains Networks
Unlimited’s Managing Director, Anton Jacobz.
T
he recent surge in network
security preparedness has been
driven by threats related to
remote access employees – threats
that penetrate and persist unnoticed –
as well as rapid updates and integrated
threat intelligence. This is according to
Frost and Sullivan research, published
in March 2016.
The same research showed that over
two thirds of the respondents expect
much more than only threat protection
from their firewalls. These expectations
include integrated security application
control, user ID and IPS; stateful
packet filtering; web filtering, network
availability and device ID; threat
intelligence updates and advanced
threat detection.
Top features needed to protect the
entire enterprise thus include the
elements of application control,
SSL inspection, user identity and
device aware controls and network
segmentation. The question businesses
54
INTELLIGENTCIO
have to ask themselves is whether their
security strategy is enterprise ready?
A Fortinet White Paper, titled
‘Transforming your security: A new
era in enterprise firewalls’, highlights
that security professionals at
enterprises of all sizes worry about
the expanding network attack surface,
applications, data and users in a
borderless environment. “From the
mobile workforce and the data centre,
to public, private and hybrid clouds,
SaaS apps and the Internet of things
(IoT) – all have dramatically increased
the attack surface while making it
much harder to define and secure. As
organisations grow larger over time,
perhaps acquiring other companies in
the process, they find they have many
disparate security vendors’ products
deployed at different points across
the enterprise.”
The paper stresses that security
products don’t communicate
with each other in the accidental
architectures of today. That is, they
must all be managed separately,
increasing complexity and leaving
gaps in security across the dynamic
attack surface. “The enterprise
perimeter has stretched so far, it’s no
longer recognisable. It’s clear that
firewall technology must evolve with
the borderless enterprise.”
It is vital for organisations operating
as a borderless enterprise to know
where its critical assets are and to
bolster defences in order to respond
quickly to security threats. Continuous
security and monitoring across
the entire network infrastructure is
key. As the White Paper highlights,
“Enabling a broad and dynamic
defence strategy for the long term
by taking a more collaborative
approach across the entire network
security infrastructure, thus becomes
imperative for an organisation.”
The paper further gives impetus to
make a strategic move to achieve
www.intelligentcio.com
security without compromise. It
states: “Although the next-generation
firewall is still the primary means of
defence at the enterprise perimeter,
security experts know that a borderless
enterprise must consider users and
deployment needs as well as network
size. While the environment is changing,
threat actors are targeting weak points,
often where IT security has not been
invested in. Security experts see that
many vendors are not able to provide
flexibility in deploying firewalls to the
extended enterprise locations, which
can result in multiple operating systems
with different management consoles.
Adding complexity kills security. This
explains why organisations are still
being breached today. As cyberthreats
continue to grow in sophistication,
firewall technology must evolve beyond
applications and network traffic to
address the entire threat surface,”
it continues.
“The need to secure borderless
environments is what’s driving this
evolution. This is why IT organisations
are looking for greater security
effectiveness including compatibility
across form factors, consolidation of
security areas, a high level of reliable
network performance and simplified
security management within a single
pane of glass.”
The Fortinet Enterprise Firewall
Solution, is distributed throughout
Africa by value-added distributor
Networks Unlimited and represents
a new era of firewall technology
by deploying enterprise firewalls
strategically in a collective security
fabric that stretches across the
expanding network attack surface.
“That is, it offers – from a single
vendor – a solution to protect every
‘in-point’ of the network,” adds Anton
Jacobsz, Managing Director
at Networks Unlimited.
He refers to research from Gartner,
which shows that “using firewalls from
multiple vendors increases complexity,
not security. Most network security
leaders should standardise on a
www.intelligentcio.com
Anton Jacobsz, Managing Director at Networks Unlimited
single-firewall platform to minimise
configuration errors and to save money
and apply resources to other network
security technologies to combat
modern attacks. Once network security
leaders have determined which firewall
platform would be ideal to standardise
on, they should build a strategy to
move to a single brand, using the
migration plan as a way to fill in gaps
where they exist.” •
The three domains of the Fortinet
Enterprise Firewall Solution operate as
one to remove complexity and
increase security.
• Management domain: This
single pane of glass gives security
managers a ‘true north’ reference
point for security-based logging,
configuration and reporting.
Sharing threat intelligence and
data across the enterprise via
APIs speeds up incident response
times and mitigates risk by giving
security managers the ability to
unify security policy configuration
across their infrastructure.
• Security domain: A consolidated
security environment helps
reduce or prevent security
incidents with layered security
modules and maintains
performance expectations while
being able to apply deeper levels “The Fortinet Security Fabric is
assisting the continent’s enterprise
security managers in building
an accurate and comprehensive
collaborative defence infrastructure.
Of exceptional value is that a policy
that has been created in one section
of the Security Fabric is contextually
applied across the entire domain, which
is extremely advantageous to any
organisation serious about security,”
concludes Jacobsz. ¡
of inspection. Considerations
involve: Is this a data centre
firewall deployment or an
internal segmentation firewall
deployment? And, what security
inspection technologies will
need to be enabled? Is malware
inspection needed? What about
application control?
Fabric domain: The Fortinet
Security Fabric is the
communication and collaboration
interface of the Fortinet Enterprise
Firewall Solution. It determines
where network and threat
intelligence should be shared
across the enterprise. The Security
Fabric can extend security controls
beyond the network layer to the
access layer where the endpoint
resides, to the application layer
where data and information
services are presented.
INTELLIGENTCIO
55