Author: Dan

We believe that this new product addition will help further accelerate our Secure SD-WAN momentum and help our customers achieve digital transformation at all edges.

Learn more about the FortiGate 200F and all Fortinet Secure SD-WAN appliances.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.

Fortinet has announced that it has maintained its position as a Challenger in Gartner 2020 Magic Quadrant for Web Application Firewalls.

Organizations continue to rely on internet-facing web applications and APIs to achieve their digital innovation goals, and as a result, web application and API protection continues to grow in importance for businesses worldwide. Web applications support a wide range of critical line-of-business functions, including ecommerce, payroll, inventory management, learning management systems, and more. 

FortiWeb, Fortinet’s Web Application Firewall solution, was created to protect these business-critical web applications and APIs from cyber attacks targeting both known and unknown vulnerabilities, while also ensuring business continuity and productivity. FortiWeb leverages advanced machine learning (ML) techniques to customize protection of each application, saving organizations staff hours by cutting out the need for the time-consuming manual tuning required by other solutions. FortiWeb ML identifies anomalous behavior and determines whether it is malicious or benign, enabling security staff to rapidly address malicious activity. 

Customers can select the FortiWeb option that best fits their use case given its flexible deployment options. This includes hardware appliances, virtual machines, and containers that can be deployed in the data center, cloud environments, or the cloud native Security-as-a-Service (SaaS) solution FortiWeb Cloud, our WAF as a Service offering.

As customers increasingly deploy applications in multiple environments that include both private data centers and public clouds and continue to push application changes at an ever increasing pace, they face the challenge of implementing consistent application security across these diverse environments. To help those teams keep pace, our WAF-as-a-Service offering, FortiWeb Cloud, leverages public cloud infrastructure to deliver the same application and API protection as our physical and virtual appliances, but without the requirement to maintain and manage infrastructure. In fact, Fortinet uses this very service to protect our own website as well as for protecting critical departmental line-of-business web applications. 

Fortinet continues to invest in the innovative WAF capabilities that our customers require as they continue their digital transformation journeys, including these key enhancements from 2020: 

• Deep learning capabilities that continuously model users’ behaviors to detect anomalies and block threats without creating the false positives that drive administrative overhead
• Expanded options for deploying FortiWeb Cloud on AWS, Azure and Google Cloud

As a result of this continued innovation, Fortinet delivers FortiWeb customers with advanced threat protection for web applications while ensuring business continuity and productivity. Read the full Gartner 2020 Magic Quadrant for Web Application Firewalls report to learn more about our placement in the Challengers quadrant.

Learn how Fortinet’s Dynamic Cloud Security solutions provide increased visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud. 

_{Gartner, Magic Quadrant for Web Application Firewalls, 19 October 2020, Jeremy D’Hoinne, Adam Hils, Rajpreet Kaur, John Watts}

_{Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.}

_{This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet.}

Unlike previous mobile generations, 5G is touted as a game changer for both mobile network operators (MNOs) and enterprises in many verticals. 

For MNOs, 5G has the potential to deliver a whole new scope of enterprise-facing, value added services, generating new revenue streams and driving growth.

For medium to large enterprises in different industries and verticals, harnessing 5G technology and capabilities will further help to increase efficiency, automation, safety, sustainability and overall innovation.

This is the promise of 5G and it raises some important question: if 5G is to play such a central and critical role, what is the role of security in 5G’s adoption and penetration in the business market? Does 5G have an acceptable set of built in security capabilities in order to safeguard itself, and the business customers it serves from harm’s way? Or is an additional layer of security is required in order to capture the 5G business market?

At Fortinet, we strongly believe that although 5G delivers inherent security capabilities, these by themselves should not and cannot be considered as the only line of defense against 5G infrastructure and services misuse, cyber threats and risks. An additional layer of security visibility and control is required.

In order to get a larger view from MNOs and the overall 5G ecosystem partners, Fortinet commissioned TelecomTV, in association with ETSI and HardenStance, to perform a survey to better understand their view on the target business market for 5G and the role of 5G security in the industry’s ability to capture the 5G business market. The survey, concluded in May 2020, highlights the following:

• Use cases tailored to unique vertical industries are key to the success of 5G in the business market.
• Security plays a central role in 5G’s success with almost 90% of respondents stated that an operator’s security capabilities are either critical or very important. 
• Implementing 3GPP 5G security features is a key baseline requirement but additional security is required as enterprise 5G use cases will require more security capabilities. 
• Mobile operators should offer a comprehensive, full-stack, end-to-end security with 5G enterprise use cases.

The survey demonstrates the central role security has to play in an MNO’s ability to successfully deliver 5G to the business market. To be able to deliver, MNOs and the overall 5G ecosystem must ensure that security capabilities that complement 3GPP’s 5G security recommendations are put in place to provide threat visibility, control and mitigation against a growing set of sophisticated cybersecurity risks, such as:

• Control and user plane security
• IoT/OT misuse, signaling storm and bots
• API exposure attacks in the SBA core and the multi-access edge compute (MEC) sites
• Application-level security for the overall ecosystem and industry use cases’ applications
• Security and NAT services for packet data networks connectivity    
• Security for non-public mobile networks, also known as 5G private mobile networks

Fortinet is ideally positioned to provide an end to end security for the 5G ecosystem and use cases in the business market segment. Fortinet’s leading position in providing security for both small to very large enterprises and MNOs provides us with a unique understanding as to the security needs in industry use cases and the ability to deliver the solutions and know how to fulfill them.

FortiGate and FortiWeb provide a common security platform for both MNOs and businesses considering/using 5G in multiple industries and use cases. It enables the MNO to secure its 5G infrastructure and ensure service availability and continuity to its enterprise customers. It also provides the opportunity to deliver revenue-generating managed security services on top of 5G for enterprise use case consumption. And the same platforms can be implemented or co-managed by the enterprise customers when required – in securing 5G private mobile networks for example.

Read more about the Fortinet-commissioned study by TelecomTV about Leveraging Security to Capture the 5G Business Market.

Download the whitepaper to explore considerations and requirements for Securing 5G Private Mobile Networks.

Learn more from this survey in the infographic.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.

Digital innovation and increasing cloud application bandwidth demands have led network infrastructure and operations leaders to turn to SD-WAN as a de-facto solution for their WAN transformation and roadmap efforts. In a crowded SD-WAN market of over 80 vendors, it’s more critical than ever for organizations to be able to identify the right solution that best fits their specific use cases. The Gartner September 2020 Critical Capabilities for WAN Edge Infrastructure report offers essential research that we believe helps organizations to differentiate between vendors based on their deployment, operational flexibility, and application performance requirements. 

The Gartner Magic Quadrant and Critical Capabilities Reports

Gartner’s well-known annual Magic Quadrant reports recognizes vendors in a variety of key technical markets based on key factors, like their ability to execute and the completeness of their vision. However, there are additional Gartner reports that may provide further insight for those organizations looking to select and deploy a solution that best suits their specific use case. Gartner’s “Critical Capabilities” reports use proprietary methodologies to score organizations in critical subcategories within each Magic Quadrant area based on more granular criteria. These reports extend the value of the more general Magic Quadrant recognitions by providing deeper insight into providers’ product and service offerings for key market segments.

Fortinet Scores Highest in “Security-Sensitive WAN” (4.26/5) and” Small Footprint Retail WAN” (4.14/5) Use Cases and Scored Third Highest in the “Large Global WAN” (4.09/5) Use Case in Gartner 2020 Critical Capabilities for WAN Edge Infrastructure Report

This September, Fortinet was identified as a Leader in the Gartner 2020 Magic Quadrant for WAN Edge Infrastructure. But just as importantly, Fortinet also received the highest scores in two use cases in the Gartner September 2020 “Critical Capabilities for WAN Edge Infrastructure” report. In that analysis, Fortinet’s SD-WAN solution scored highest in the “Security-Sensitive WAN” (4.26/5) and “Small Footprint Retail WAN” (4.14/5) use cases and scored the third highest for the “Large Global WAN” (4.09/5) use case.

These three use cases are characterized by key requirements, as outlined below:

Security-Sensitive WAN: A security-sensitive WAN typical in some mid- to large-scale organizations from 25 sites and higher that are focused on securing branch offices as the main priority where network and security procurements are increasingly converging.

Small Footprint Retail WAN: This category is a representative of small site/mass deployment needs that are common in such retail markets as convenience stores, quick service restaurants, gas stations, specialty retail, bank ATMs and independent insurance agents.

Large Global WAN: This category looks at the needs of larger multinational organizations with a global WAN requirement for more than 200 sites, and that spans at least two continents.

We believe that, with our Security-Driven Networking approach and custom-built ASICs, Fortinet delivers a scalable, flexible Secure SD-WAN solution that customers can deploy across the home, branch, campus and multi-cloud.

According to Gartner, “SD-WAN product differentiation is primarily based on feature breadth and/or depth, specifically on security, application performance optimization, and cloud features.” In addition, they cite that “simplified and unified security is a main driver for customers as they determine the best architectural approach for the integration of networking and security.” As an industry leader in both security and SD-WAN, we believe Fortinet offers the most comprehensive SD-WAN solution available, enabling customers to achieve best user experience at reduced cost and complexity, while delivering on our strong vision of providing a flexible and secure solution anywhere. 

Recent Recognitions for Fortinet Secure SD-WAN 

We are absolutely thrilled to be positioned as a Leader in the 2020 Gartner WAN Edge Magic Quadrant, to be named as a 2020 Gartner Peer Insights Customers Choice for WAN Edge Infrastructure, and to be recognized in the 2020 Gartner Critical Capabilities for WAN Edge Infrastructure report!

Read the full 2020 Gartner Critical Capabilities for WAN Edge Infrastructure report.

Learn more about Fortinet Secure SD-WAN.

Gartner Critical Capabilities for WAN Edge Infrastructure, Jonathan Forest, Andrew Lerner, Naresh Singh, 30, September 2020.

Gartner, Gartner Peer Insights ‘Voice of the Customer’: WAN Edge Infrastructure, PEERS, Published 13 April 2020

Gartner, Magic Quadrant for WAN Edge InfrastructurePublished 23, September 2020, Jonathan Forest, Andrew Lerner, Naresh Singh

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advice technology users to select only those vendors with the highest ratings or other designations. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to its research including any warranties of merchantability or fitness for a particular purpose.

Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates.

Fortinet is proud to announce that, for the second year running, the Network Security Expert (NSE) Training Institute’s Certification Program has been named the winner of the “Professional Certification Program of the Year” award in the fourth annual CyberSecurity Breakthrough Awards program. This award comes from CyberSecurity Breakthrough, a leading independent market intelligence organization that honors excellence and recognizes innovation, hard work, and success in a range of information security categories, including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, and Email Security, among others. 

“For the second year in a row, we are thrilled to recognize Fortinet for winning our ‘Professional Certification Program of the Year’ award,” said James Johnson, managing director, CyberSecurity Breakthrough. “Fortinet’s training and certification program stands out as it continues to innovate and expand, including the introduction of free cybersecurity training courses earlier this year. Creating and maintaining a vigilant cybersecurity mindset is key for all organizations and their employees – and cybersecurity awareness is a vital component for everyone.”

Fortinet NSE Certification Program’s Growing Momentum

The Fortinet Network Security Expert (NSE) Certification Program is an eight-level certification program that has issued more than half a million certifications to date. The first set of levels (1-3) assess a user’s knowledge of the threat landscape and can be helpful for anyone who wants to become more cyber aware. Moving up, NSE levels 4-6 are courses designed for a technical audience. These focus on one’s ability to install, configure, and troubleshoot comprehensive, integrated network security controls in live environments. Lastly, levels 7-8 hone in on the expertise needed to fully leverage Fortinet solutions. To become NSE 8 certified, an elite distinction, candidates must have related industry experience and should have completed the appropriate Professional, Analyst, Specialist, and Architect designation training. To date, there are 381 individuals worldwide who have earned their NSE 8 certification. 

Additionally, earlier this year, Fortinet opened its entire catalog of self-paced NSE training courses to the public for free for anyone looking to learn new cybersecurity skills or upskill helping to close the skills gap. The free training includes access to pre-recorded labs and advanced training. More recently, Fortinet extended its free training offerings and introduced the Information Security Awareness and Training service available for organizations to implement as part of their employee cybersecurity training program. The new service includes training to ensure all employees can identify and avoid threats, awareness components to keep security top-of-mind and an administrative dashboard to track training completion. 

Closing the Skills Gap through the NSE Training Institute 

For the second year in a row, the Fortinet NSE Training Institute’s Certification Program has been recognized by CyberSecurity Breakthrough for its role in helping technical professionals not only validate their existing knowledge but also expand on their understanding of various concepts related to network security. Fortinet is committed to closing the skills gap through initiatives like the NSE Training Institute as we recognize the need for security professionals and non-technical employees alike to be cyber aware of the latest threats and solutions to keep their organizations safe.  

Find out more about Fortinet’s NSE Training Institute programs, including the Certification Program, Security Academy Program and Veterans Program, which provide critical cybersecurity training and education to help solve the cyber skills gap and prepare the cybersecurity workforce of tomorrow.

As more application teams adopt Continuous Integration/Continuous Delivery (CI/CD) workflows to enable application development, it’s increasingly important that organizations have integrated and automated security in place to protect these workflows. Since most modern applications are based on a micro-service architecture, DevOps teams have leveraged containers and container orchestration platforms, such as Kubernetes, to build and deploy their applications. As a result, container security must be a critical component of any solution that tries to protect CI/CD workflows. Below are considerations for DevOps teams to ensure their container strategy isn’t compromising security. 

How DevSecOps Teams can Achieve Security for the Entire Applications Lifecycle 

Security should not be limited to only one part of a DevOps workflow. Instead, it needs to be injected into every stage of a CI/CD workflow pipeline—from the time that a developer checks in code to a code repository, until the time that the application is deployed to a runtime environment. At a high-level, a CI/CD pipeline is comprised of three stages: build, deploy, and run. It is paramount to secure each stage of the pipeline to prevent breaches in the overall lifecycle of an application. Here are things to keep top of mind during each stage of the CI/CD workflow pipeline:  

Build images securely – images often consist of source codes and third-party libraries. Before building an image, it is critical to parse packages and libraries to generate a detailed report of all vulnerabilities (CVEs) as well as the libraries/packages in which vulnerabilities are discovered. Additionally, certain libraries should be excluded if they can cause security risks. And a vulnerability report may be able to help detect the presence of credentials and/or secrets in an image.

Plug seamlessly into the CI/CD workflow – most application teams leverage build tools such as Jenkins to automate their build process. In order to add security to a build pipeline, security solutions need to be integrated into common build frameworks. Such integration allows application teams to learn fast and fail/pass builds based on their organization’s requirements. For example, if an organization has a security requirement that does not allow deployment of an application with critical vulnerabilities, a policy needs to be set to fail builds when a critical vulnerability is found in an image.

Run compliance checks against CIS benchmarks – as container orchestration platforms such as Kubernetes gain popularity, running static checks to detect potential vulnerabilities in those environments has become extremely important. The Center for Internet Security (CIS) has released recommendations for Kubernetes best security practices. It is a set of recommendations for configuring Kubernetes to support a strong security posture, such as disabling anonymous requests to the API server and running containers only as a non-root user.

Continuous runtime security – while preventing breaches in an application by shifting security to the earlier stages of a CI/CD pipeline is a key aspect of any comprehensive CI/CD security solution, securing running microservices is equally important. The Fortinet-Calico Enterprise integration, discussed later in this blog, addresses Kubernetes network security challenges for both North-South and East-West traffic.