Security and networking have become complex issues in recent years. An enterprise organization often relies on hundreds of components to properly arrange both things. The only question is whether it all works well with so many solutions. If it is up to Fortinet, companies use systems that work together as much as possible, and which you can manage and maintain via one interface. The supplier has therefore been fully committed to consolidating and converging security and networking for many years. We spoke about it with Erwin Schürmann, Manager Systems Engineering at Fortinet.
According to Schürmann, the usual model for organizing the company network and the security strategy separately no longer meets market standards. In his view, networking must be integrated with security. With this you bring security components to network traffic and the data that runs over those connections. This is to constantly monitor and scan the traffic and also apply encryption.
A modern infrastructure also takes into account the fragmented nature of an organization today. Businesses are highly distributed, meaning data, apps, and users are everywhere. In a large organization this can be multiple branch locations, but also many home work locations. As a result, you have to move away from the traditional perimeter approach, so that everything remains reliable and secure.
Consolidation and Convergence
In principle, Fortinet sees two principles as the basis for the modernization process. First, Schürmann points out the consolidation of functions. The company is responding to this with the Fortinet Security Fabric. This is to offer everything automated and integrated. In addition, there is therefore the convergence of networking and security. By combining the forces of these two IT components, the corporate network becomes much more secure. And that’s a big hit, because cyber criminals currently find many entrances through the network.
More secure with SD-WAN
When we then ask Schürmann which technologies should be part of the modernization process, he mentions SD-WAN as one of the most important things. Software-defined wide area networking ensures that it is easy to connect remotely to networks, data centers and cloud platforms. Applications therefore work better and faster, partly due to lower latency and reliable connectivity. SD-WAN also makes the network scalable. Automation allows SD-WAN to determine which route to take to ensure optimal traffic performance.
With these advantages, SD-WAN seems to be primarily a networking affair. However, security should not be forgotten as one of the components of SD-WAN. That is why Fortinet’s solution is known as Fortinet Secure SD-WAN. This means that security is an integral part of the solution. You cannot separate these two parts from each other. Fortinet provides the Fortigate firewall with intrusion prevention, anti-malware and SSL inspection functionality. This is then an integral part of SD-WAN, not a separate component of the network and security strategy.
This approach also allows management to be done through a single interface. In this way, all activities on the network are visible and can be investigated. A company sees suspicious activities better, so that investigations run more smoothly. The information can also be better shared between the SD-WAN components. SD-WAN thus provides an integrated system where networking and security really come together.
Scoop on top
Schürmann has experienced a lot of enthusiasm about SD-WAN among companies in recent years. Many organizations have already implemented SD-WAN. As far as Fortinet is concerned, this is a wise choice, although sometimes not every business location is equipped with SD-WAN. In some situations, SD-WAN is simply not suitable, for example because SD-WAN focuses on connecting location X to location Y. This can be a branch office with a data center or the cloud. As a result, SD-WAN covers remote workers or very remote areas less than you would actually like.
With a SASE approach you can protect the above new work environments well. SASE stands for Secure Access Service Edge and enables secure access to business environments, regardless of where from. It doesn’t matter where the user, workloads, devices and applications are located. SD-WAN is an important part of this new concept, which Gartner conceived in 2019. “You give the user the best user experience. He goes to such an application in the fastest way, and the SASE network solves that. It monitors all traffic and learns how apps behave. Based on this, it determines the fastest route to guarantee safety,” says Schürmann.
SASE thus brings together all kinds of network and security functionality for a secure connection. Fortinet provides, among other things, a firewall as a service (FWaaS), secure web gateway (SWG), zero-trust network access (ZTNA, more about that later) and threat detection to securely connect to applications, regardless of location.
Evolution is inevitable
Schürmann also sees SASE as a logical step when you look at how organizations used to work. “In the past you bought the network infrastructure from a telecom provider and a security supplier added security on top of that. You had two devices at many industry locations. However, due to the rise of the cloud, you see that the model is no longer adequate. There was often central internet access, but with cloud applications that makes no sense. Why send something to a data center when it can also be done at the edge location? SASE is good at that: bringing networking and security to the edge.”
The Manager Systems Engineering of Fortinet Netherlands sees in addition to that comment that the investments of companies in SD-WAN can continue. “If a company already has an SD-WAN solution, it can be integrated with SASE. This is done via VPN tunnels that send traffic over it. Solutions that can work together with what a company already has is essential, because a divestment is undesirable. In addition, SASE makes more use of the cloud, for which existing equipment is also suitable,” explains Schürmann. So sometimes SD-WAN can be desirable, in other cases SASE is preferable. Schürmann adds that provisioning is very easy with SASE anyway. “You basically put a box on location and the cloud does the rest.”
Zero Trust for secure network access
The role of Zero Trust Network Access is becoming increasingly important within the convergence of networking and security. This basically means that a company sets up its network in such a way that virtually no network actions are trusted until they have been verified. In this way, infrastructure managers and security staff work on a more secure business environment, which makes users, data, apps and company assets more secure.
We recently spoke about ZTNA with Fortinet. Then it turned out that, as far as Fortinet is concerned, three things really make Zero Trust complete. One of these is constantly authenticating users and devices. In addition, users, endpoints and processes should only be able to access the resources they need. Furthermore, according to Fortinet, it is wise to assume that your company has been hacked. In our separate article about this, we take a closer look at the Zero Trust components.
As far as Schürmann is concerned, 2022 will ultimately be a year in which ZTNA becomes a more prominent strategic choice of companies. Like SD-WAN, ZTNA is a component of SASE. However, the terms SASE and SD-WAN are currently more on the radar of companies than Zero Trust. This while the “never trust, always verify” approach also proves its worth. There is therefore still a task for parties such as Fortinet to draw more attention to this.
Cybersecurity Mesh Architecture
Now that we have entered a preview of 2022, there is another development that Fortinet sees happening. Analyst firm Gartner recently mentioned Cybersecurity Mesh Architecture (CSMA) as a trend, which is something we cannot ignore, according to Schürmann. The term doesn’t mean much by itself, but is seen as a security approach with integrated tools that uses industry-standard APIs and interfaces. In addition, it provides centralized management, analytics functionality, and intelligence about what is happening within an organization.
According to Schürmann, Fortinet’s Security Fabric is an excellent interpretation of CSMA as Gartner intended. All solutions come together within the Security Fabric. “Actually, there are various reasons for choosing the Security Fabric. First, if you have ten different products, you will never gain insight into what is actually happening on the network. If you bring all information together on one management platform, you can see what is happening on the network. You see the users and where they are. When you have the insight, you can share traffic information. So if a component discovers something, say malicious code, it can share the information with the entire Security Fabric. So also with solutions from third parties that are linked to the Security Fabric. Suppose a third party finds something, then that party’s solution can notify our Security Fabric and vice versa.”
In addition, Schürmann sees automation as a great value. Suppose a client is spreading malware, the Security Fabric will automatically quarantine the client. It then sends a notification to the Security Operations Center (SOC), so that security professionals can investigate further if necessary.
A view on the future
2022 will therefore be a year for Fortinet in which it wants to draw even more attention to certain security concepts. In addition, it hopes that security will be placed higher on the agenda on the OT side. In many OT environments, cyber security is not always approached as a core component, making cyber attacks relatively easy to carry out. That has to change, because burying one’s head in the sand is simply not possible anymore.
