Fortinet Security Driven Networking
Security-driven Networking encompasses five critical network elements
Planning and Design
A Security-driven Networking strategy starts in the planning stages, where everyone agrees that new infrastructures and applications and devices need to meet and support a central security strategy built around a Security Fabric. Want a new cloud infrastructure? It not only needs to be secure, it needs to be built using an integrated Security Platform to ensure it is part of the central Security Fabric. New application? The Security Fabric not only needs to be able to see and inspect it, but it should also be built using the same security tools used to protect the rest of the network. And when virtual devices need to spin up or out, or when connections between a branch office and business applications in the cloud need to roll over, the Security Fabric needs to literally be part of that process so security is never forced to try and keep up.
Access Control and Segmentation
When new devices are added to the network, FortiNAC ensures they are automatically identified and rules related to accessing network resources are applied. Fortinet’s Intent-Based Segmentation ensures they are automatically assigned to secured network segments that have been enhanced with authentication for increased control and flexibility. These network segments are then monitored by the Security Fabric to prevent unauthorized behaviors, inspect applications, and secure workflows. And because security and networking are tied together, changes to the network infrastructure automatically include changes to security.
Consistent Protection for Workflows and Applications
Data never stays in one place. It gets shared, cross-referenced, mined, and processed. Security-driven Networking protects data, applications, and workflows along their entire data path through the implementation of a single, integrated Security Fabric. This fabric relies on integrated security platforms deployed across the network to consistently secure that traffic even as it passes across and between different network segments, dynamic multi-cloud environments, data centers, and devices.
The Expanding Perimeter
Todays new perimeter is not only expanding outward as organizations embrace new devices, new network platforms, and new compute and application models, but it is also expanding into the network through the adoption of connected IoT devices, the extension of the network across multiple network environments, and the interconnection of networks to support smart systems. Security-driven Networks, powered by a uniform fabric of connected platforms deployed in every possible environment, provide consistent visibility across the entire perimeter as it adapts and changes.
Branch Offices and Secure SD-WAN
The best example of the implementation of Security-driven Networking is currently realized in Fortinet’s Secure SD-WAN solution. Traditional MPLS connections limit application performance and dynamic communications. Fortinet’s Security-driven Networking approach combines the built-in protections of a FortiGuard NGFW appliance with advanced SD-WAN networking capabilities to eliminate MPLS-required traffic backhauling, prioritize business-critical applications, and improve overall user experience without ever compromising on security.
By integrating security and networking in this way, hundreds of SD-WAN deployments can be controlled through a single management interface to ensure that networking and security services are always in sync. And by integrating Secure SD-WAN into the wired and wireless access points of the branch office, network security and network controls can be easily extended into the branch LAN to enable deeper integration, stronger authentication, dynamic access control and network segmentation, and consistent security enforcement.