Author: Dan

Fortinet is excited to offer customers and partners the opportunity to participate in a Digital Edition of Accelerate 2020. For convenience purposes, Fortinet will hold three online events to cater to participants from across the globe. This virtual conference will take place on the following dates: 

• May 12: Americas @ 9:00 AM Pacific Standard Time
• May 13: APAC @ 11:00 AM Australian EST / 9:00 AM Singapore SGT
• May 14: EMEA @ 10:00 AM Central European Time

By participating in this free online experience, attendees can enjoy the main components of the annual Accelerate conference from the comfort and safety of their own space. Through engaging keynotes, enlightening training sessions, and virtual interaction opportunities, customers and partners will gain the knowledge required to secure their networks and ensure business continuity.   

Insight from Industry Experts   

During each event, attendees can hear from Fortinet and industry leaders who will provide insights on modern cybersecurity challenges and the solutions required to protect networks. The following keynote sessions will help attendees broaden their perspectives and enhance their knowledge of network security and technology. 

On the Edge of Something Big: Security’s Next Frontier

Amid the convergence of IT and Operational Technology (OT) networks, advances in artificial intelligence (AI), and the arrival of 5G, organizations are experiencing a new era of hyper-connectivity between devices, applications, and systems. As a result, neither first nor second-generation security are able to protect today’s new distributed networks. During his keynote, Ken Xie, Fortinet Founder, Chairman of the Board, and CEO, will explain why organizations should move to a third-generation of security if they are to protect multiple edges across users, devices, networks, data, and applications.

A Platform Approach to Cybersecurity is Essential

When too many security point products are involved, organizations can find it difficult – or even impossible – to defend against today’s sophisticated cyber threats. During this session, Patrice Perche, Fortinet’s Senior Executive Vice President of Worldwide Sales and Support, will share his expertise on the Fortinet Security Fabric and how it helps customers realize their digital transformation goals. Perche will also discuss Fortinet’s investment in its global partner ecosystem and what this means for business growth and continuity.

Fortinet Security Fabric Enables Digital Innovation

The benefits realized by embracing digital transformation are immense. Nevertheless, organizations must take appropriate steps to secure their digital innovation efforts before the risks become too great to manage. This session will be hosted by John Maddison, Fortinet’s Chief Marketing Officer (CMO) and Executive Vice President of Products, who will highlight key industry trends and run through the latest features of Fortinet’s Security Fabric platform. He will also talk about how a cybersecurity platform is the only way to manage cyber risk.

Formula E – A Revolution in Motorsport

Led by Roger Griffiths, Principal and Chief Technology Officer (CTO) of BMW i Andretti Motorsport, this session will dive into the world of Formula E racing. Since its inaugural race in 2014, Formula E has thrived on the combination of electric street racing, technology, entertainment, and sustainability. During this keynote, attendees will hear firsthand accounts of how this championship has found success through the collaboration of teamwork, engineering, and digital innovation. 

Areas of Focus  

In addition to hearing from these keynote speakers, attendees will also gain in-depth knowledge of Fortinet technologies, partner opportunities, and vertical-focused security strategies through the following sessions.

How Fortinet Secures Digital Innovation

These sessions will explain how Fortinet helps protect organizations and their digital transformation initiatives while also providing guidance on when and how to use a variety of industry-leading products. Sessions will be broken out into five categories: 

Opportunities for Partners

These partner-only sessions will cover a range of topics focused on enabling business growth and continuity, including the new Fortinet Engage Partner Program. To ensure attendees receive the most relevant information, there will be four sets of sessions that will be specific to LATAM partners, EMEA partners, APAC partners, North American partners, and Service Providers. 

Addressing Vertical-Specific Challenges 

These sessions will center on the challenges being faced across industries as organizations shift their business models as a result of current events. Attendees will hear from experts across a range of sectors, including education, energy, financial services, government, healthcare, manufacturing, and retail.

Final Thoughts

Although this year’s conference will be different from those in the past, the digital edition of Accelerate 2020 is designed to deliver the same level of expertise and essential information our customers and partners have grown to expect from past events. By participating in this virtual event, attendees will gain the knowledge required to grow and secure their businesses, even in times of uncertainty. 

What: Accelerate 2020
Where: Online Event – free of charge
When: May 12 (Americas), May 13 (APAC), May 14 (EMEA) 

Learn more about the Accelerate 2020 online events and register today. Follow us and engage on social media using #Accelerate20.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about Accelerate, or connect with peers.

Large, distributed organizations rely on business applications to deliver valuable resources and services to users, and as a result, must ensure uptime to keep those business-critical applications running and users productive. 

Recently, Fortinet worked with a global company contending with those challenges. Specifically, this customer was seeking to improve performance and management capabilities to ensure application availability and user productivity. 

And Then There Was One

With 1500 branch offices and three datacenters spread geographically around the world, deploying new branches was key to the business’ growth plans, but proved time-consuming and often difficult to integrate into existing infrastructures. Previously, this organization’s branch offices included multiple legacy point products for network and for security, which made centralized management difficult and provided no visibility. 

The incumbent solution was a combination of a traditional ISR router from a major networking vendor managing an MPLS connection and a separate firewall appliance from the same vendor. Adding SD-WAN would require the deployment of yet another device because neither the router nor the NGFW were able to provide SD-WAN services. Security would then need to be configured to run as an overlay solution on top of the SD-WAN appliance, significantly increasing capital and operating expenses, and the organization would still be forced to keep their MPLS links. 

Fortinet was the only vendor the organization considered that offered all of these functions in a single, high performance appliance, with centralized management for both network and security policies through an integrated console. As a result of selecting the Fortinet Secure SD-WAN solution, the company was able to eliminate their disconnected and isolated networking and security point products and replace them with one unified appliance, thereby reducing complexity. Fortinet surpassed the global company’s expectations, starting from proof of concept, with zero touch deployment, centralized management, and the ability to auto-provision configuration and business policies globally from their HQ.

Improving Performance for Business-Critical Applications & Users

Because of Fortinet’s integrated approach and proven networking and security performance, both the CIO and CISO selected Fortinet Secure SD-WAN to enable faster cloud adoption and significantly improve user experience for its nearly 15,000 employees. Moreover, the company is now able to offer its users a significantly improved experience with more consistent connectivity and high-performance reliability by tapping into the LTE capabilities built into FortiGate appliances. 

For example, sharing and collaboration is an important business priority and the organization heavily relies on cloud-based applications. As a result, this global organization needed its SD-WAN solution to offer single touch integration with specific cloud providers for faster application access and control. The Fortinet Secure SD-WAN solution natively supports major cloud providers to enhance application optimization by up to 5X, while reducing latency and producing a better user experience. 

Key Benefits

The company experienced the following benefits of the Fortinet Secure SD-WAN solution: 

• Improved user experience performance: The performance of business-critical applications instantly improved by a factor of five.
• Reduced Complexity: Replacing multiple point products with an integrated solution built around the benefits of Fortinet Secure SD-WAN reduced complexity while yielding a 60% cost savings.
• Reduced WAN Cost: Augmented MPLS with broadband and LTE is saving up to 30% on contract renewal. Also, the complete removal of MPLS is on the roadmap. 
• Centralized Management: The Fortinet Secure SD-WAN solution’s zero touch deployment capabilities and network visibility have reduced troubleshooting cycles by 50%.

Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution.

Read more about how FortiGate Secure SD-WAN helped Fortinet optimize network performance in this case study. 

Read these customer case studies to see how De Heus and Burger King Brazil implemented Fortinet’s Secure SD-WAN to alleviate network complexity, increase bandwidth, and reduce security costs.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.

The COVID-19 outbreak has disrupted “business as usual” for organizations across the world. For communications service providers, and other organizations designated as essential, the requirement to remain open and to continue offering essential services may conflict with the desire to be a good citizen and help to slow the spread of the outbreak.

One broadband and hosting provider and managed security services provider (MSSP) had no telework program prior to the COVID-19 pandemic. However, by leveraging an existing investment in Fortinet solutions, this organization managed to transition over 2,000 employees to remote work in a few days with no additional capital expenditure (CapEx).

Leveraging Existing Solutions to Secure a Remote Workforce

The telecommunications provider had FortiGate next-generation firewalls (NGFWs) already deployed on the corporate network; primarily leveraged for outbound connectivity. With no previous work-from-home policy, the organization was accustomed to handling less than 20 inbound virtual private network (VPN) connections per day. Suddenly, it needed to provide more than 2,000 employees with a secure connection to the corporate network.

Enabled by Fortinet’s Security-Driven framework, a FortiGate NGFW has an additional ability to act as a VPN aggregator powered by a custom network processor, enabling it to terminate inbound VPN connections at high volume and with an industry-best connections per second. In addition, it is also able to perform deep packet inspection, and identify malware and other threats with its integrated web filtering, application control, intrusion prevention, network-based antivirus, DNS filtering, and other unified threat management features – all powered by an additional, custom designed content processor that enables performance metrics many times greater than competitive solutions. This meant that this telecommunication organization not only already had the protection needed to encrypt and inspect data-in-transit, but also advanced layer 7 security designed to prevent cyberattacks by leveraging the hardware acceleration provided by Fortinet’s industry-first security processing units (SPUs).

The free FortiClient endpoint protection software provided the other half of the solution. Employees could install the client software on either business or personal devices and use it to create an encrypted connection to the enterprise network. This free client combined with the innate capabilities of their existing FortiGate solution enabled the organization to rapidly roll out VPN connectivity to its entire workforce without incurring any additional costs.

One unforeseen challenge was that many employees’ home ISPs blocked non-standard ports on their Internet connections, so an IPsec VPN was not a viable option for remote work. Fortunately, FortiClient also supports SSL VPN connectivity, enabling all traffic to be routed over port 443, which is not subject to the same restrictions.

The FortiClient software also enabled the organization to solve issues with telephone connectivity. With employees away from their desks, they had trouble contacting one another on the phone since they did not have each other’s personal phone numbers. By transitioning to softphones, with traffic routed over their VPN connections, these employees now have access to the full capabilities of their business phone system. At the same time, the organization was able to be confident of the security of this new virtual phone system, as all telephone traffic is now inspected and secured by FortiGate NGFWs.

Maintaining Compliance While Working Remotely

Transitioning to remote work due to COVID-19 or similar events does not excuse an organization from its obligations to data protection regulations or contracts. By leveraging the capabilities built into its existing Fortinet solutions, however, the telecommunications provider was able to continue to meet compliance and contractual requirements despite now supporting a mostly remote workforce.

Guidance from the Payment Card Industry Security Standards Council (PCI SSC) on remote work requirements focuses on controlling access to devices and communications channels carrying sensitive data. The main requirements are that an organization deploy multi-factor authentication (MFA), have a firewall in place, use a VPN, and restrict access to parts of the enterprise network processing sensitive data. Other data privacy regulations and contractual obligations have similar requirements.

The organization was able to meet all of these requirements with no additional investment in security hardware. As previously discussed, their existing FortiGate NGFWs, deployed at the network perimeter, provided VPN connectivity. With Fortinet’s full suite of unified threat management (UTM) solutions already deployed, the organization was able to ensure that malicious content was identified and remediated before it reached the enterprise network. This was essential, as a shortage of company laptops meant that some employees were working with untrusted personal machines.

The organization’s existing firewall deployment included two layers of FortiGate NGFWs, making it easy to implement internal segmentation for inbound VPN connections. All VPN connections were terminated and inspected at the outer layer of firewalls. The inner layer of firewalls provided defense-in-depth and limited external access to sensitive data and functionality, such as their hosting and service provider business.

Finally, the organization provided FortiToken time-based one-time password tokens to its entire remote workforce. Combined with the FortiAuthenticator user identity management server, this enabled the organization to implement MFA and single sign-on (SSO) for all teleworking employees. In addition to meeting compliance requirements, these MFA and SSO also limits damage from phishing attacks – which have grown more prevalent during the COVID-19 outbreak – since usernames and passwords potentially stolen from such attacks are still not enough to gain access to organizational assets. 

Meet New Business Needs with Existing Technology

Prior to the COVID-19 outbreak, this telecommunications provider had no remote work policy and limited VPN support. Within a matter of days, thanks to Fortinet solutions already in place, the organization’s entire workforce was able to transition to secure remote access to the organization’s network.

When developing business continuity plans, it is vital to understand the full capabilities of an existing security deployment. For this company, the VPN functionality integrated into their existing FortiGate NGFWs enabled a rapid, secure transition to a remote workforce.

Learn more about how to pivot to a secure, remote workforce with Fortinet Teleworker Solutions.

After coming across a New York Times article from earlier this year on ransomware attacks crippling cities and businesses, I thought it was time to revisit the cybersecurity threats facing customers and their intersection with what is still the number one business communication tool – email. 

In reviewing Fortinet’s FortiGuard Labs’ threat research resources, including our partnership with global customers conducting threat assessments using our Cyber Threat Assessment Program (CTAP) for email security, some obvious (and not so obvious) findings become clear. 

Among the most serious findings is the prediction that ransomware will be a hallmark challenge for the year ahead. Of course, no one can forget the scourge of notorious ransomware threats of the past several years that crippled networks, caused massive financial losses, and captured the headlines. For enterprises with tens of thousands of endpoints and thousands of applications and servers spread across hundreds of sites, these ransomware attacks had a devastating impact – ultimately costing organizations around the world billions of dollars. Ryuk is one of the latest ransomware threats to make headlines. What’s most interesting is how this exploit’s backdoor was delivered when a user first clicked on a link inside a phishing email.

But it’s not just ransomware that customers will face in the year ahead, but a myriad of other threats as well. This warning aligns with a significant increase in emails exploiting Coronavirus-related themes and social engineering tricks to achieve malicious objectives that have been recently observed by our FortiGuard Labs threat research teams. Whether it’s phishing scams, targeted malware, or a combination of both, one thing is consistent about all these attacks – the vast majority will be delivered straight to your inbox. 

Now, more than ever, it’s critical to remember that email remains the number one threat vector in the world, and as a result, it needs to be properly secured.

Uncovering Risks with Fortinet’s CTAP

Of course, not all email security solutions are the same. Remember, only one user needs to click on a malicious email attachment that has managed to slip past an aging or inadequate secure email gateway to compromise your entire network. It is essential, therefore, to ensure that the secure email gateway solution you have in place is capable of meeting today’s security challenges.

There are two ways to determine if your secure email gateway solution is able to adequately defend your organization against the latest wave of phishing, spear phishing, and similar attacks, and if your security infrastructure is capable of protecting you from the ransomware and other malware that malicious email can drag into your network: You can either wait for a breach to occur, or you can run proactive validation tests to ensure that the tools you have in place are prepared to defend you against the latest most sophisticated threats.

The Fortinet Cyber Threat Assessment Program (CTAP) is designed to help organizations better understand their Security Risk by determining which application vulnerabilities are being used to attack the network, which malware/botnets may be in your environment, what phishing attacks are able to make it through existing defenses, and which devices are most “at risk.” It can also determine what productivity tools are being used, and how much bandwidth is being consumed by all of this. All of this data is then used to establish a security breach probability baseline for organizations, and then anonymously correlated with data collected from other organizations centrally to establish insights into global threat activities.

CTAP participants rely on Microsoft Exchange Online or Office 365 for their email today, and many already have some features or third-party products enabled for email security. But as you will see from the data we’ve collected at Fortinet – many may still be at risk.

The Rise of Email Threats

For the month of January, an analysis of our email assessments showed that organizations are still being overwhelmed with email messages that are spam or marketing newsletters. The bandwidth and productivity hit from this unwanted traffic is clear, and organizations are advised to take measures to get this back under control. 

But where the statistics get most interesting are with the data collected about malicious or potentially risky emails and URLs that land in user mailboxes. And what’s most alarming about this data is that all of these customers already have some sort of email security in place.

Even after an organization’s existing email security solution did its best to filter out malicious or risky traffic, our email analytics found that 1 in 3,000 messages still contains malware, including ransomware. What’s more interesting is that 1 in 4,000 contain previously unknown malware. These are often advanced or zero-day threats, and maybe the latest ransomware variant – and why customers more than ever need to think beyond the rigid, signature-based approaches for protection used by most email security solutions, and incorporate sandbox technologies for email scanning. 

Digging deeper, Fortinet also found that 1 in 6,000 emails contained suspicious URLs. While not all of these links may be associated with the distribution of malicious content, many of them could easily become a launching pad for a future ransomware campaign, or a phishing attempt to steal valuable credentials to gain access to an organization’s network and critical assets. 

To put this into perspective, the average employee receives 121 emails per day. For an organization with 100 employees, this means that they will need to address 4 emails infected with malware, 3 infected with previously unknown malware, and 2 emails containing suspicious URL links every single day. 

And this can be more difficult to address than it may seem. For example, brute force blocking of all suspicious or unknown URLs may create an uprising from end-users, or an IT support headache. Instead, organizations need to have next-generation isolation solutions in place to eliminate these risks.

FortiMail Stops Advanced Threats and Prevents Data Loss 

Of course, to learn if your organization is vulnerable, you need to determine whether or not your existing email security solution is still effective as well as whether your existing vendor is able to adequately support your solution for maximum efficacy. That begins by simply signing up for a free threat assessment. This zero-impact analysis provides an executive-level summary report on your email security threat posture to help guide your security planning.

Whether your organization needs to upgrade their email security, or simply wants a more comprehensive and easier-to-manage solution, FortiMail provides the full range of advanced security protection, visibility, and interoperability that today’s organizations require. By combining FortiMail’s proven capabilities for anti-spam, virus protection, content disarm and reconstruction (CDR) with its Security Fabric-based integration with the FortiSandbox Advanced Threat Protection and FortiIsolator Browser Isolation solutions, Fortinet offers the right technical approach for addressing the full range of advanced and evolving email-based threats customers will face in 2020. 

Sign-up now to start a free email assessment so you are prepared for the year ahead. 

Find out how Fortinet’s Security Fabric delivers broad, integrated, and automated protection across an organization’s entire digital attack surface from IoT to the edge, network core and to multi-clouds.

Find out how Echoenergia and New Zealand Red Cross used Fortinet’s Security Fabric for protection from the network edge to core.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.