Author: Dan

Fast & Secure Americas 

Join Fortinet for Fast & Secure Americas, a digital symposium where we explore cybersecurity issues and topics relevant to the Service Provider and Telco industry. Our theme for this year’s event is change – what it means, what it offers and how we can provide an effective cybersecurity response to it. 

The symposium will consist of a 90 minute General Session followed by a set of Breakout Sessions.

Our general sessions will provide a thought provoking look at key cybersecurity concerns and priorities facing the Service Provider industry. Our speakers will share their expertise and insights on today’s security challenges, potential solutions and practices to maintain the networks that are an essential element of our social and economic infrastructure.

John Maddison, our CMO and EVP of Products will provide the opening remarks and discuss how we can create value together.  We also have a special guest, Dr. Ed Amoroso, currently Chief Executive Officer of TAG Cyber LLC. Dr. Amoroso will be talking about Securing Change, Enabling Innovation. Specifically, about change to infrastructure, threats and the role of the Service Providers in how they are responding to the change during the time of the Covid-19 pandemic. 

Breakout sessions will delve into the application of security technologies to a range of use-cases directly applicable to Service Providers and Telcos. The Breakout sessions will consist of two tracks, an MSP/MSSP track focused on issues related to the delivery of value-added services and capabilities and a Mobile Network Operator focused on the application of security to today’s fast-evolving mobile infrastructure. A wide range of topics will be addressed including SD-WAN, 5G security, cloud security, remote work, new security services and industry-aligned solutions.  

Join Fortinet for Fast & Secure Americas, a digital symposium where we explore cybersecurity issues and topics relevant to the Service Provider and Telco industry.

Sessions for our recently completed Fast and Secure EMEA are now available on demand.

 

FortiGuard Labs Perspectives

This year marks the 10^th anniversary of the discovery of Stuxnet. The malicious computer worm made headlines by targeting supervisory control and data acquisition (SCADA) systems. 

Stuxnet code, notably large and sophisticated at over 500 kilobytes, managed to work its way into Windows machines and networks, replicating itself several times over before seeking out additional software. It targets programmable logic controllers (PLCs), which enable the automation of electromechanical processes such as machinery or industrial processes. 

Since the Stuxnet discovery, there have been many instances of equally sophisticated cyberattacks on operational technology (OT) systems worldwide. This may be due in part to the fact that OT networks are now increasingly connected to the Internet, making them more vulnerable to attacks by cybercriminals, nation-states, and hackers. In fact, in the “State of Operational Technology and Cybersecurity Report” by Fortinet, 74% of OT organizations had experienced a malware intrusion in the past 12 months, causing damages to productivity, revenue, brand trust, intellectual property, and physical safety.

Significant Cyberattacks on OT Environments and ICS 

By evaluating the most significant ICS cyberattacks over the past decade, we can witness just how far threat actors have come in their technical capabilities. Perhaps more unsettling, however, is their willingness to cause harm not only to digital infrastructures but physical infrastructures – even impacting workers and communities. Stuxnet is perhaps one of the first in a series of malicious attacks on ICS that have enlightened organizations around the globe regarding the extent and impact cyberattacks can have on the physical world. 

This rise in new threat and attack mechanisms have radically altered the way industrial control systems (ICS) and SCADA systems function. Here, we recap some of the most significant cyberattacks on ICS that have taken place over the past decade, as well as their influence on modern security strategies across critical infrastructure. 

2011: Duqu 

Hungarian cybersecurity researchers discovered malware, identified as Duqu, which closely resembled Stuxnet in terms of its structure and design. Duqu was designed to steal information by disguising data transmissions as normal HTTP traffic and transferring fake JPG files. The key takeaway from the Duqu discovery was understanding the importance of reconnaissance work in a threat actor’s cyber campaign, where information-stealing code is often the first cyber threat enacted in a planned series of additional attacks. 

2013: Havex 

Havex is a notable Remote Access Trojan (RAT) malware that was initially discovered in 2013. Tied to the threat actor group known as GRIZZLY STEPPE, Havex targets ICS systems and communicates with a C2 server that can deploy modular payloads. 

Its ICS-specific payload gathered open platform communications (OPC) server information, including CLSID, server name, Program ID, OPC version, vendor information, running state, group count, and server bandwidth – and was also capable of enumerating OPC tags. By communicating with a C2 infrastructure, Havex malware was significant in its ability to send instructions that provide enhanced and unknown capabilities to the malware. 

2015: BlackEnergy

In 2015, it was discovered that BlackEnergy malware had been used to exploit macros in Microsoft Excel documents; the malware entered networks via spear-phishing emails sent to employees. While the tactics employed by these attackers were relatively unsophisticated, the event proved that cybercriminals could indeed manipulate critical infrastructure on a large scale.  

2017: TRITON 

TRITON malware, discovered in 2017, targeted industrial safety systems. Specifically, it went after a safety instrumentedsystem (SIS), modifying in-memory firmware to add malicious functionality. This allowed the attacker to read or modify memory contents and implement custom code – along with additional programming to disable, inhibit, or modify the ability of an industrial process to fail safely. TRITON is the first known malware specifically designed to attack the industrial safety systems that protect human lives. 

Addressing ICS/SCADA Security Challenges

ICS comprises a large segment of the OT layered architecture, encompassing many different types of devices, systems, controls, and networks that manage industrial processes. The most common of these are SCADA systems and distributed control systems (DCS). 

While most organizations have been implementing IT security measures for years, OT security is somewhat new territory. With the rise of the Industrial Internet of Things (IIoT) and subsequent IT/OT convergence, industries have lost the “air gap” that protected their OT systems from hackers and malware. As a result, adversaries have increasingly begun targeting OT systems to steal proprietary information, disrupt operations, or commit acts of cyber terrorism against critical infrastructure, in part because existing malware works effectively against legacy systems deployed in OT networks that have likely not been patched or updated given the absence  of additional development or programming.

Several challenges have played a role in the evolution of cyberattacks that have impacted OT systems over the years, including: 

• Lack of OT device inventory: It’s impossible for organizations to defend assets – whether by deploying patches or running security audits – if they do not have complete visibility and control of the environment. 
• Lack of remote network accessibility: Most technology underpinning ICS relies on restricted physical access and obscure components and communications protocols.
• Outdated hardware and software: Many ICS and SCADA systems rely on aging hardware or obsolete operating systems that are incompatible with or too delicate to support modern defense technologies. Many of that hardware is deployed in environments where systems cannot be taken offline for patching or updating.
• Poor network segmentation: OT environments tend to operate under the assumption of inherent trust – a model that does not translate well to new converged IT/OT environments. The standard security practice of partitioning networks into functional segments that limit the data and applications that can migrate from one segment to another is largely underutilized within ICS as a whole. 
• Limited access control and permission management: As previously isolated or closed systems become interconnected, the controls and processes that prescribed access often become convoluted.

Thankfully, the risks that lead to security threats targeting ICS/SCADA are becoming more widely recognized – and, as a result, more heavily prioritized – by many leading organizations. Government bodies, including the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in the US and the Centre for Protection of National Infrastructure (CPNI) in the UK, now publish advice and guidance on security best practices for ICS. 

Standards have also been developed by the International Society of Automation (ISA), with a “zones and conduits” framework that addresses the most pressing deficiencies of ICS network security and provides guidelines for improved management.  Likewise, the non-profit ICS-ISAC organization is focused on sharing knowledge about risks, threats, and best practices to help facilities develop situational awareness in support of local, national and international security.

The Need to Support Critical Infrastructure

Security considerations for ICS/SCADA should be made a top priority due to the potential repercussions of an attack on the physical safety of employees, customers, and communities. This also means that regulatory compliance must not be ignored. Fortunately, by taking a multi-layered approach to ICS/SCADA security, organizations can significantly improve their overall security posture and risk mitigation strategy.  

Learn how Fortinet can help you extend security and maintain compliance in any ICS/SCADA-connected environment.

Read these customer use cases to find out how Echoenergia and this major oil and gas company used Fortinet’s OT Security Solutions to protect their distributed networks and critical infrastructure. 

A major pediatric hospital in the Northeastern United States is accustomed to leading the way. The hospital’s research arm is world-class, and that spirit of innovation reaches into patient care, as well. The hospital was ahead of the curve in enabling physicians to work from home—an advancement that seems prescient in the wake of the COVID-19 pandemic.

In early 2019, the hospital decided to enable radiologists to view X-rays and MRIs from home offices throughout the Northeast. Administrators expect the hospital to continue to grow, and they saw a telework policy as a way to reduce space pressures in the physical facility. In addition, eliminating physicians’ commute by allowing them to work remotely could enhance their job satisfaction, especially in inclement winter weather.

The purpose of the telework strategy was clear, but the technology requirements were a bit complex. The images that radiologists need to review are large files. Adequate throughput is crucial in making remote connectivity work for these clinicians. So is security. After all, each file the hospital’s radiologists view contains a child’s health information. Effective security is necessary, both to meet Health Insurance Portability and Accountability Act (HIPAA) compliance requirements and to protect young patients. 

Evaluating the Options

The hospital began its search for a remote network access solution that would include a networking device deployed to each participating radiologist’s home office. The device would not only need to provide enterprise-grade security, but it would also need to integrate with a third-party authentication system that the hospital already had in place, to prevent network access by any personal devices in the household.

IT staff considered several solutions. Most either had usability problems or required deployment of a firewall in addition to the network connectivity device. To successfully enable widespread remote access, the hospital needed the virtual private network (VPN) solution to be as simple and easy-to-use as possible. 

What the hospital wanted was a single solution with an intuitive user interface that combined high-performance network connectivity and best-of-breed security. It found what it was looking for in FortiGate next-generation firewalls (NGFWs).

Relieving Radiologists of IT Concerns

Recognizing that radiologists’ medical skills are not always accompanied by networking expertise, the hospital decided to provide each doctor who needs remote access with a FortiWiFi device. The FortiWiFi is a FortiGate NGFW that is about the size of a paperback book. Its antennas provide Wi-Fi access to authorized devices. 

A physician can take her FortiWiFi device home, unbox it, plug one wire into the household’s internet connection, plug another wire into her laptop, and then step away. The FortiWiFi device will connect to the hospital’s FortiCloud solution, which will connect to FortiManager to give the FortiWiFi device access to the hospital network. Then, the hospital’s IT team can use FortiDeploy to remotely configure the NGFW. 

After 20 minutes or so, the FortiWiFi NGFW will be ready to connect to the hospital network via a secure IPsec VPN tunnel. Authorized devices will be able to connect to the VPN using either wired or wireless connections. To verify the user’s identity, the solution employs two-factor authentication. The two factors are 802.1x authentication, performed through the hospital’s existing third-party identity access management platform, and the FortiWifi device’s captive portal credentials.

This solution’s VPN connections meet the high performance expectations of radiologists viewing large image files. Where the physician’s internet access is a broadband cable connection, throughput for the FortiWiFi is typically around 250 megabits per second (Mbps). Hospital-issued Voice-over-IP (VoIP) phones can also connect to the FortiWiFi device, if the doctor requires phone connectivity at home.

Telework Accelerated by COVID-19

Some of the pediatric hospital’s radiologists were already using the FortiWiFi solution on occasion by late 2019. When COVID-19 made home offices the recommended workplace whenever possible, the hospital needed to scale up to support as many as 100 radiologists simultaneously. The IT team deployed a pair of new FortiGate NGFWs in the hospital data center, in an active/passive high-availability (HA) configuration. The high performance of the firewalls eliminates the potential for bottlenecks, even with 100 simultaneous VPN connections. Furthermore, the HA approach means that if one of the firewalls experiences an issue or a power failure, the other will continue to enable connectivity for the radiologists.

COVID-19 also motivated the hospital to migrate the solution’s management to the FortiCloud application. This enables IT staff to seamlessly monitor, troubleshoot, and manage the remote-connectivity infrastructure when they, too, are working remotely.

Although the hospital is currently grappling with many of the same issues as its peers across the country, the fact that its radiology department had already established telework capabilities gave it a leg up when COVID-19 hit. It did not have to scramble to develop high-performance remote connectivity, nor did it have to worry that security might be half-baked in a rapidly deployed solution.

Now, the hospital’s physicians have an easy-to-use means of working from the safety of their home, and IT staff have streamlined management of networking devices distributed throughout the Northeast. Even after the COVID-19 crisis subsides—whenever that may be—the productivity and business resiliency benefits enabled by the Fortinet solution will secure this hospital’s continued position as a leader in technology innovation.

Discover how Fortinet Teleworker Solutions enable secure remote access at scale to support employees with a wide array of access requirements.

Learn more about enabling the latest advances in patient care while protecting against cyberattacks with Fortinet healthcare cybersecurity solutions.

Find out how Echoenergia and New Zealand Red Cross used Fortinet’s Security Fabric for protection from the network edge to core.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.

Fortinet Industry Perspectives

For many healthcare organizations, the COVID-19 pandemic created a sudden need for temporary testing and treatment facilities. This, in turn, required an expansion of secure network connectivity. However, the expansion associated with COVID-19 that one national government healthcare entity experienced was larger than most healthcare organizations.

During normal operations, this healthcare entity was responsible for operating over 130 hospitals and treatment locations. During the COVID-19 pandemic, the organization needed to open over 20 additional sites as quickly as possible in order to cope with the crisis. By creating new locations, the government entity could work to curb the spread of the virus by providing a local treatment option to infected citizens.

The organization already had a trusted relationship with Fortinet and leveraged the Fortinet Security Fabric to manage network security for their hospitals scattered across the country. When the need arose to securely connect the testing sites to the existing network, the organization trusted Fortinet to provide a solution that would arrive in time to open the new facilities.

A Sudden Need for New Healthcare Locations

The government healthcare entity was already using the secure software-defined wide area network (SD-WAN) capabilities integrated into FortiGate next-generation firewalls (NGFW) to securely network over 130 sites and improve user experience for business critical applications.

The new treatment locations created during the COVID-19 pandemic needed to deploy the same SD-WAN connectivity as quickly as possible to send test data for processing. These new sites were often repurposed hotels and conference centers with limited networking or security infrastructure. Every site required a FortiGate NGFW to provide a secure connection to the existing healthcare network.

In many locations, the remote site was capable of connecting over the public internet. However, in some rural locations, broadband internet was not available. In both types of locations, FortiExtender 3G/4G WAN extenders enabled healthcare providers to use mobile networks, either as a backup option or the primary means of connecting over the WAN.

Rapid Deployment of Security Solutions

Because the virus was spreading rapidly, the government entity needed to work with a vendor that it trusted, rather than engaging in a lengthy request for proposal (RFP) and proof of concept (PoC) process. It also required expedited delivery of the Fortinet solutions.

Operating within the healthcare entity’s three-day delivery window, Fortinet coordinated with a number of trusted Fortinet distributors in the area. These organizations had provided distribution assistance during the healthcare entity’s initial Fortinet deployment and could ensure that the new FortiGate Secure SD-WAN and FortiExtender WAN extenders reached their destinations in time.

After the devices were delivered, the government healthcare entity also needed them to be quickly configured. Since many of the new sites were in remote locations, sending trained IT staff to configure them was not a workable solution. However, with FortiDeploy zero-touch deployment, the devices automatically connected to the FortiManager centralized management platform deployed on the government entity’s main network. This platform led the device through any additional configuration steps required. Finally, Fortinet Professional Services helped onboard the IT staff and developed standard operating-procedure documentation.

Flexible Security Solutions Support Rapid Evolution

The government healthcare entity had previously integrated their network security using Secure SD-WAN. This enabled it to rapidly expand its secure WAN by deploying FortiGate NGFWs to its 20 brand-new sites. During the COVID-19 pandemic, and during business as usual, Fortinet is committed to going the extra mile to ensure that its customers have the network security solutions that they need when they need them.

Discover how Fortinet Teleworker Solutions enable secure remote access at scale to support employees with a wide array of access requirements.

Learn more about enabling the latest advances in patient care while protecting against cyberattacks with Fortinet healthcare cybersecurity solutions.

Find out how Echoenergia and New Zealand Red Cross used Fortinet’s Security Fabric for protection from the network edge to core.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.

The latest advances in computing, such as edge device hyperconnectivity and the hyperscalability achievements of advanced data center architectures are the result of the ongoing and increasing desire to achieve better performance. Speed is the driving force behind the digital transformation of today’s business infrastructures. It enables access to critical data and resources, drives business efficiencies, scales application development, increases productivity, generates revenue, and accelerates ROI. 

Moreover the past few weeks, organizations have remarkably been able to completely invert their networks in just a few days. The majority of their employees can now access networked resources from the outside instead of connecting from the inside – an effective response to a global crisis that would have been impossible just five years ago.

To measure how the security industry is helping to drive innovation at the speed of business there have been significant advancements, and Fortinet is using the Security Compute Rating to benchmark these advancements. More on the advancements and benchmarking in this post to come, but first a bit of backstory. 

Key to these successes – especially critical now as we continue to push the envelope of digital innovation even further and faster – has been the move away from traditional, off-the-shelf computer processors to custom hardware designed to take on very specific tasks. This specialized hardware enables organizations to push performance in the cloud and devices to new levels.

The Security Performance Gap Threatens Digital Innovation and Business Continuity

When it comes to security – a critical component that keeps all of our data flying around cyberspace without being stolen, corrupted, or ransomed –performance limitations has become a serious challenge for organizations. Increasingly, many organizations can no longer rely on security devices to effectively perform their tasks without bottlenecking traffic, reducing user experience, or interfering with business strategies. Inspecting and securing data is an inherently complex and processor-intensive proposition, and vendors have traditionally responded to increased demands by simply soldering more traditional CPUs to their motherboards – and raising their prices. 

That strategy has now met its functional limits. Because of the unreasonable price/performance ratio of most security solutions on the market, organizations have been forced to purchase overpriced security and networking devices that only provide limited performance and scalability headroom. This not only has an impact on digital innovation, forcing many organizations to replace the security devices in their datacenters with things like VLANs and Layer 4 security – and which also meant that when the recent crisis hit those organizations also had to buy expensive VPN upgrades or even purchase new firewalls to support their remote worker initiatives.

The problem is that most of the security community has steadfastly refused to invest in the sorts of specialized development needed to meet today’s demands, let alone the challenges coming around the corner due to the imminent arrival of 5G, or the new demands of smart environments such as cars, buildings, and cities. This lack of specialized, performance-enhancing hardware has meant that organizations have been put in the very uncomfortable position of having to choose between security and performance.

Accelerating Security-Driven Networking with Fortinet Security Processors

Fortinet is one of the few security vendors actually committed to securing and driving forward today’s essential digital innovation efforts. With a deeply rooted passion for innovation since we first opened our doors in 2000, we have continually set industry records for performance and speed. A crown jewel of innovation has been Fortinet’s development of specialized security processors (SPUs). 

The Fortinet Family of SPUs are specially designed security processors that have been engineered to provide unmatched performance at a fraction of the cost of traditional CPUs. This uniquely allows Fortinet solutions to provide accelerated network security and accelerated AI in the cloud – and at a price/performance point no one in the industry can match. 

Fortinet’s Security-Driven Networking solution based NGFW, SD-WAN, SD-Branch, IPS and Segmentation are powered with the following security processors:

• Content Processor 9 (CP9): This ninth generation of our content processor protects applications while optimizing user experience with the least performance degradation. The CP9 works as a CPU co-processor, taking on resource-intensive security functions such as SSL/TLS decryption – including TLS1.3, IPS, and anti-malware.
• System-on-a-Chip 4 (SoC4): Fortinet’s SoC4 is a purpose-built security and industry’s only Secure SD-WAN processor that has achieved the highest Security Compute Ratings in the industry in supporting WAN Edge transformation. The SoC4 consolidates network and content processing functions onto a single chip to deliver blazingly fast application identification, steering, and overlay performance.
• Network Processor 7 (NP7): Fortinet’s NP7 SPU works with FortiOS functions to delivering superior firewall performance for IPV4, IPV6, and multicast traffic – with ultra-low latency as little as three microseconds to support latency sensitive applications and services operating in the most demanding professional environments.

Benchmarked by the Security Compute Rating

To highlight the difference that purpose-built processors can provide, Fortinet developed the Security Compute Rating benchmark that compares the performance of Fortinet’s ASIC-based Next-Generation Firewall appliance to other NGFW and SD-WAN vendors that utilize generic CPUs for networking and security capabilities.

The industry average is computed by calculating the average performance of leading solutions, including listed vendors. Security Compute Rating performance numbers are based on each vendor’s datasheets. A “N/A” input reflects that the vendor chooses not to publish certain critical performance specifications, such as SSL inspection. As a result, the calculated industry average may actually be much lower, and the performance gap between Fortinet and that vendor is significantly wide.

Fortinet SPUs outpace other solution in the market with the highest Security Compute Ratings for benchmarks such as:

• Stateful Firewall throughput
• IPsec VPN performance
• Concurrent sessions
• Sessions per second 
• Inspection of encrypted data

Speed, Scalability, and Cost – a Critical Combination

Security-Driven Networking solutions are not only faster and scale further than the competition, they are also much more cost-effective due to the greater affordability of custom chips. As a result, organizations can enjoy far greater headroom for digital innovation with Fortinet TCO savings, or to have the resources to respond to unexpected events. 

In a world where reliable, high-performance security is not only essential but also increasingly difficult to come by, Fortinet is the only vendor able to apply 20 years of unique security hardware innovation to offer its customers a tangible and proven solution to the problem. This ensures that businesses, industries, governments, and other organizations around the world are able to innovate freely and respond immediately to critical events without compromise. 

Learn how to enable digital innovation with massive speed, scale and performance.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.

The road to a cybersecurity career is not always a straight line. Sometimes, people stumble across it on the way to a different destination and find that cybersecurity is a good fit or an interesting career. Professionals discovering that cybersecurity sparks their interest is good for the industry as the cyber skills gap continues to be a significant problem around the world. At Fortinet, we provide training for IT professionals, students, veterans, veteran spouses and more through our Network Security Expert (NSE) Institute programs to help more people enter the field or upskill for career growth in an effort to close the skills gap. 

We recently spoke with Caitlyn Carroll, a graduate of NSE Institute’s FortiVet program, who started a career in cybersecurity at Interface Systems. Here’s what she had to say about cyber security awareness training and her transition into a career in cybersecurity. 

What Led You to a Career in Cybersecurity? 

I was studying for my master’s degree in public health and community programming while also working at a YMCA. I’m a military spouse, and my husband was deployed at the time. I was working 80 hours a week for barely above minimum wage. A friend told me about the FortiVet program, which provides mentoring and training for not just veterans but also their spouses like me. Through the FortiVet program I was connected with a job at Interface Systems, a Fortinet partner that is part of the program’s hiring ecosystem. The program helped me with my resume, interviewing skills and matched me with an employer, in addition to giving me access to their Network Security Expert (NSE) Institute training curriculum. FortiVet really made an impact in my life – in fact, I even ended up writing a paper about it for my grad program. 

What Do You Like About the Cybersecurity Industry?

It affects and touches everyone, from individuals to companies and government agencies. It’s the present and future. It’s not a “here today and gone tomorrow” sort of industry. It’s going to be a needed sector for the foreseeable future. For that reason, cybersecurity offers lots of opportunities and a challenging career – and I like a challenge.

What Recommendation Would You Give to Someone Looking to Start or Pivot Into a Career in Cybersecurity?

I would strongly recommend that they look into Fortinet’s Network Security Expert (NSE) Institute’s free training for all levels, whether you need broad security awareness like me, or you are looking to upskill or advance your technical security skills. I would also tell people to challenge themselves. After I’m done with Network Security Expert (NSE) 2 course, which is Fortinet’s second cyber awareness lesson, I want to take NSE 3 and challenge myself to take more technical training, even though my current marketing position doesn’t absolutely require it. 

How Have Network Security Expert Courses 1 and 2 Help You Increase Your Cybersecurity Awareness?

I’ve definitely expanded my knowledge about the threat landscape; it’s been interesting to learn about the many different threat actors. These courses are very consumable and engaging, too. I’m taking other trainings, and I tend to tune out because it’s really long, but the NSE Institute’s training format makes it easy to follow and stay engaged.

I also like the quizzes at the end, because I like to make sure I absorbed the information. I can be tested to see if I would fall for a threat in my email, for example, which puts my learning into practice.

What Are the Benefits for a Company Hiring Someone From the FortiVet Program?

Veterans share a set of desirable traits – a strong work ethic, dedication and loyalty – that they pick up during time in the service is brought to all aspects of life and work. I’ve seen firsthand how hard veterans who are now in civilian professions work. The most difficult part is transitioning into civilian life and that’s where FortiVet plays a crucial role in making that transition a million times easier.

Who Would You Recommend NSE 1 and NSE 2 Courses For?

Because cybersecurity touches everyone’s lives, these courses are great for anyone, whether you’re a middle school student or someone’s grandma with no tech experience. These two courses provide cybersecurity awareness that is critical for everyone to know.  I’m telling my husband and our friends to take it – basically, I tell everyone I know! It’s great, foundational information that you can use every day to prevent from falling for threats. My husband plans to start the courses this summer based on my glowing recommendations. 

As organizations continue to expand the number of remote offices connected to the corporate network, bandwidth requirements increase and more applications move to the cloud, traditional MPLS connections are not as effective. They are costly for distributed organizations that continue to grow and can inhibit visibility, security, and performance at these new locations.

With branch offices spread across city, state, and even country borders, financial services organizations are all too familiar with the challenge of providing robust, secure, and cost-effective connectivity to their remote locations.

SD-WAN to Support Evolving Business Requirements

One financial services organization in particular found that the single MPLS and Internet link in place at each branch location was severely hindering the voice and video experience of their business-critical applications. A connectivity issue like this is especially problematic in the financial services industry as it can negatively impact both employee collaboration and customer interactions.

With over 500 employees and distributed infrastructure across the Middle East and Africa, all of which require secure access to the corporate network, this organization began the search for an SD-WAN solution that would provide application steering with SLA and effortlessly support multiple WAN connections from a number of remote offices.

While this company knew that a solution supporting those business requirements was a worthwhile investment in itself, they also wanted a feature-rich SD-WAN solution that could support their changing business needs well into the future.

Luckily, Fortinet was able to provide just that.

Fortinet Secure SD-WAN Functionality

By leveraging a Security-Driven Networking approach to SD-WAN, which combines networking and security in a single appliance, Fortinet Secure SD-WAN provides organizations with high-speed application performance and built-in next-generation firewall functionality. This scalable, easy-to-manage solution is especially appealing to growing financial services organizations that need to enable network traffic to securely travel over multiple connections between branches and headquarters.

Choosing Fortinet Secure SD-WAN

After some preliminary conversations, this organization understood the unique values of Fortinet Secure SD-WAN as a robust solution that provides far more than just SD-WAN and were pleased to see that Fortinet was able to accomplish all 10 objectives they had set for the SD-WAN solution they would like to adopt.

With a solution that provided Secure SD-WAN, WAN optimization, traffic shaping, automation, Next-Generation Firewall, and more, this company felt confident that Fortinet would support multiple use cases, from their current business needs to any future requirements. The key benefits this company experienced are as follows:

• Centralized Management and Reporting: Single pane of glass management with zero-touch deployment allows organizations to easily deploy Fortinet Secure SD-WAN at remote branch locations, reducing the need for additional IT staff and improving visibility and control across the entire network infrastructure.
• Intelligent Application Steering: Our Secure SD-WAN solution intelligently identifies applications to determine the path it should take in order to to provide enhanced application experience – even during brown out or black out conditions.
• Integrated Next-Generation Firewall (NGFW) Functionality:  Fortinet Secure SD-WAN provides integrated NGFW functionality, including deep SSL inspection capabilities, without compromising on performance, which was a critical capability for this customer.
• Future Proofing with SD-Branch: During the deployment of Fortinet Secure SD-WAN, this customer began looking to extend the solution to converge LAN and WAN operations, consolidating complete branch operations with Fortinet Secure SD-Branch.

Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution.

Read more about how FortiGate Secure SD-WAN helped Fortinet optimize network performance in this case study. 

Read these customer case studies to see how De Heus and Burger King Brazil implemented Fortinet’s Secure SD-WAN to alleviate network complexity, increase bandwidth, and reduce security costs.