Fortinet is one of the leading manufacturers of network security solutions. The Next Generation firewalls (NGFW) offer a comprehensive set of tools to protect the entire company network from malware and targeted attacks. At Fortinet, the core of the solution is formed by FortiGate, the Next Generation firewalls, and Security Fabric.
What does modern network security need to do?
Nowadays, the security of corporate networks must be protected at considerably more points than was necessary in the past. Not only protection towards the outside is critical, but within the network too, for example, to prevent threats which have already penetrated the system from spreading. The way communication within networks and with the outside world is performed has also changed. Whereas in the past different ports and protocols were used for applications and services, today a lot runs via the internet and http or https protocols.
This is why Next Generation firewalls no longer just have to deal with monitoring and analysing ports and protocols, but must take on many more tasks. Modern firewalls need to find a new and more comprehensive approach which considers the entire network, including cloud services and Software as a Service (SaaS) applications. Here, Fortinet relies on its comprehensive FortiGate series.
The FortiGate series not only offers firewall functionality but also SD-WAN, VPN and, with Security Fabric, a comprehensive security solution to cover all attack vectors. The entire solution is supported by the company’s own hardware developments – ensuring high-performance data processing – and by artificial intelligence, which is capable of learning and detecting and reporting deviations in usage. The combined devices therefore provide security and high-performance hardware which are also suitable for decentralised companies.
The Intrusion Prevention System
The Intrusion Prevention System (IPS) is an integral part of the FortiGate Next Generation firewalls. Its purpose is to detect and deflect attacks on a network. IPS is an active technology which analyses all data traffic and is capable of reacting to threats. To do this, all the packets are scanned in real-time and compared with the database. If suspicious packets are detected, these are disposed of. In addition, data traffic from a suspicious source can be interrupted and reset or blocked completely.
Here, two different analysis methods are used. Signature-based analysis studies the data packages for unique patterns which contain known harmful codes, and for patterns indicating that the system is susceptible to an attack. The dual pattern analysis also helps minimise false positive notifications. What’s more, the Fortinet IPS monitors patterns in the network traffic. If it detects deviations, it initiates defensive measures.
The quality of the IPS depends upon how extensive and well-maintained the underlying database is, and how fast the comparison can occur. As one of the global leaders for security solutions, Fortinet runs FortiGuard Labs, a research department proactively working to identify malware, bot nets and zero-day vulnerabilities.
But no matter how good the database, if the hardware is too slow for the analysis, then there is no benefit for companies. This is why Fortinet has developed its own SOCs and ASICs which are specialised in analysing network traffic, and which can therefore guarantee high data throughput at low latencies.
The security and efficiency of the SSL inspection is also hardware-dependent. SSL inspection examines encrypted data traffic. Encryption of data traffic gives security to third parties – but there is also an inherent risk that attacks and malware cannot be detected, because these data packages are also encrypted. So it is necessary to decrypt the data, analyse it and then re-encrypt it.
This process is not only time-consuming and takes a lot of computing power but, if performed poorly, also holds a huge security risk. Here too, Fortinet is also able to offer specialised hardware providing a secure and powerful solution which is integrated in the FortiGate Next Generation firewalls.
The Fortinet Security Fabric
One of the problems of modern security solutions is that, to handle the complexity of the networks appropriately, more complex and more detailed solutions are necessary. However, this also makes systems more susceptible to misconfiguration, which is not only detrimental to network performance but also compromises security. With its Security Fabric, Fortinet promises a remedy here.
Fortinet Security Fabric is an end-to-end solution offering comprehensive protection for all aspects of a corporate network. This includes, for example, safeguarding Wi-Fi, LAN and access management, as well as protecting cloud services and SaaS applications.
Fortinet also attempts to make administration of all the security functions as simple as possible. Not only do all Fortinet devices run on a uniform operating system – FortiOS – but they can also be managed via the Fortinet Fabric Management Center. This enables you to see all the relevant information at a glance, making it easier to keep an overview.
Providers like Fortinet enable networks to be secured from a single source. This not only simplifies administration, but also makes the system less susceptible to security vulnerabilities due to misconfiguration and incompatibilities. At the same time, Fortinet solutions can be tailored to fit companies of every size. The HCD Consulting team are happy to offer you advice on this topic.