Fortinet Ranks Highest in Two Key Use Cases in 2020 Gartner Critical Capabilities for WAN Edge Infrastructure Report

Digital innovation and increasing cloud application bandwidth demands have led network infrastructure and operations leaders to turn to SD-WAN as a de-facto solution for their WAN transformation and roadmap efforts. In a crowded SD-WAN market of over 80 vendors, it’s more critical than ever for organizations to be able to identify the right solution that best fits their specific use cases. The Gartner September 2020 Critical Capabilities for WAN Edge Infrastructure report offers essential research that we believe helps organizations to differentiate between vendors based on their deployment, operational flexibility, and application performance requirements. 

The Gartner Magic Quadrant and Critical Capabilities Reports

Gartner’s well-known annual Magic Quadrant reports recognizes vendors in a variety of key technical markets based on key factors, like their ability to execute and the completeness of their vision. However, there are additional Gartner reports that may provide further insight for those organizations looking to select and deploy a solution that best suits their specific use case. Gartner’s “Critical Capabilities” reports use proprietary methodologies to score organizations in critical subcategories within each Magic Quadrant area based on more granular criteria. These reports extend the value of the more general Magic Quadrant recognitions by providing deeper insight into providers’ product and service offerings for key market segments.

Fortinet Scores Highest in “Security-Sensitive WAN” (4.26/5) and” Small Footprint Retail WAN” (4.14/5) Use Cases and Scored Third Highest in the “Large Global WAN” (4.09/5) Use Case in Gartner 2020 Critical Capabilities for WAN Edge Infrastructure Report

This September, Fortinet was identified as a Leader in the Gartner 2020 Magic Quadrant for WAN Edge Infrastructure. But just as importantly, Fortinet also received the highest scores in two use cases in the Gartner September 2020 “Critical Capabilities for WAN Edge Infrastructure” report. In that analysis, Fortinet’s SD-WAN solution scored highest in the “Security-Sensitive WAN” (4.26/5) and “Small Footprint Retail WAN” (4.14/5) use cases and scored the third highest for the “Large Global WAN” (4.09/5) use case.

These three use cases are characterized by key requirements, as outlined below:

Security-Sensitive WAN: A security-sensitive WAN typical in some mid- to large-scale organizations from 25 sites and higher that are focused on securing branch offices as the main priority where network and security procurements are increasingly converging.

Small Footprint Retail WAN: This category is a representative of small site/mass deployment needs that are common in such retail markets as convenience stores, quick service restaurants, gas stations, specialty retail, bank ATMs and independent insurance agents.

Large Global WAN: This category looks at the needs of larger multinational organizations with a global WAN requirement for more than 200 sites, and that spans at least two continents.

We believe that, with our Security-Driven Networking approach and custom-built ASICs, Fortinet delivers a scalable, flexible Secure SD-WAN solution that customers can deploy across the home, branch, campus and multi-cloud.

According to Gartner, “SD-WAN product differentiation is primarily based on feature breadth and/or depth, specifically on security, application performance optimization, and cloud features.” In addition, they cite that “simplified and unified security is a main driver for customers as they determine the best architectural approach for the integration of networking and security.” As an industry leader in both security and SD-WAN, we believe Fortinet offers the most comprehensive SD-WAN solution available, enabling customers to achieve best user experience at reduced cost and complexity, while delivering on our strong vision of providing a flexible and secure solution anywhere. 

Recent Recognitions for Fortinet Secure SD-WAN 

We are absolutely thrilled to be positioned as a Leader in the 2020 Gartner WAN Edge Magic Quadrant, to be named as a 2020 Gartner Peer Insights Customers Choice for WAN Edge Infrastructure, and to be recognized in the 2020 Gartner Critical Capabilities for WAN Edge Infrastructure report!

Read the full 2020 Gartner Critical Capabilities for WAN Edge Infrastructure report.

Learn more about Fortinet Secure SD-WAN.

Gartner Critical Capabilities for WAN Edge Infrastructure, Jonathan Forest, Andrew Lerner, Naresh Singh, 30, September 2020.

Gartner, Gartner Peer Insights ‘Voice of the Customer’: WAN Edge Infrastructure, PEERS, Published 13 April 2020

Gartner, Magic Quadrant for WAN Edge InfrastructurePublished 23, September 2020, Jonathan Forest, Andrew Lerner, Naresh Singh

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advice technology users to select only those vendors with the highest ratings or other designations. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to its research including any warranties of merchantability or fitness for a particular purpose.

Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates.

Sourced from Fortinet

Fortinet Scores Highest in Two Key Use Cases in 2020 Gartner Critical Capabilities for WAN Edge Infrastructure Report

Digital innovation and increasing cloud application bandwidth demands have led network infrastructure and operations leaders to turn to SD-WAN as a de-facto solution for their WAN transformation and roadmap efforts. In a crowded SD-WAN market of over 80 vendors, it’s more critical than ever for organizations to be able to identify the right solution that best fits their specific use cases. The Gartner September 2020 Critical Capabilities for WAN Edge Infrastructure report offers essential research that we believe helps organizations to differentiate between vendors based on their deployment, operational flexibility, and application performance requirements. 

The Gartner Magic Quadrant and Critical Capabilities Reports

Gartner’s well-known annual Magic Quadrant reports recognizes vendors in a variety of key technical markets based on key factors, like their ability to execute and the completeness of their vision. However, there are additional Gartner reports that may provide further insight for those organizations looking to select and deploy a solution that best suits their specific use case. Gartner’s “Critical Capabilities” reports use proprietary methodologies to score organizations in critical subcategories within each Magic Quadrant area based on more granular criteria. These reports extend the value of the more general Magic Quadrant recognitions by providing deeper insight into providers’ product and service offerings for key market segments.

Fortinet Scores Highest in “Security-Sensitive WAN” (4.26/5) and” Small Footprint Retail WAN” (4.14/5) Use Cases and Scored Third Highest in the “Large Global WAN” (4.09/5) Use Case in Gartner 2020 Critical Capabilities for WAN Edge Infrastructure Report

This September, Fortinet was identified as a Leader in the Gartner 2020 Magic Quadrant for WAN Edge Infrastructure. But just as importantly, Fortinet also received the highest scores in two use cases in the Gartner September 2020 “Critical Capabilities for WAN Edge Infrastructure” report. In that analysis, Fortinet’s SD-WAN solution scored highest in the “Security-Sensitive WAN” (4.26/5) and “Small Footprint Retail WAN” (4.14/5) use cases and scored the third highest for the “Large Global WAN” (4.09/5) use case.

These three use cases are characterized by key requirements, as outlined below:

Security-Sensitive WAN: A security-sensitive WAN typical in some mid- to large-scale organizations from 25 sites and higher that are focused on securing branch offices as the main priority where network and security procurements are increasingly converging.

Small Footprint Retail WAN: This category is a representative of small site/mass deployment needs that are common in such retail markets as convenience stores, quick service restaurants, gas stations, specialty retail, bank ATMs and independent insurance agents.

Large Global WAN: This category looks at the needs of larger multinational organizations with a global WAN requirement for more than 200 sites, and that spans at least two continents.

We believe that, with our Security-Driven Networking approach and custom-built ASICs, Fortinet delivers a scalable, flexible Secure SD-WAN solution that customers can deploy across the home, branch, campus and multi-cloud.

According to Gartner, “SD-WAN product differentiation is primarily based on feature breadth and/or depth, specifically on security, application performance optimization, and cloud features.” In addition, they cite that “simplified and unified security is a main driver for customers as they determine the best architectural approach for the integration of networking and security.” As an industry leader in both security and SD-WAN, we believe Fortinet offers the most comprehensive SD-WAN solution available, enabling customers to achieve best user experience at reduced cost and complexity, while delivering on our strong vision of providing a flexible and secure solution anywhere. 

Recent Recognitions for Fortinet Secure SD-WAN 

We are absolutely thrilled to be positioned as a Leader in the 2020 Gartner WAN Edge Magic Quadrant, to be named as a 2020 Gartner Peer Insights Customers Choice for WAN Edge Infrastructure, and to be recognized in the 2020 Gartner Critical Capabilities for WAN Edge Infrastructure report!

Read the full 2020 Gartner Critical Capabilities for WAN Edge Infrastructure report.

Learn more about Fortinet Secure SD-WAN.

Gartner Critical Capabilities for WAN Edge Infrastructure, Jonathan Forest, Andrew Lerner, Naresh Singh, 30, September 2020.

Gartner, Gartner Peer Insights ‘Voice of the Customer’: WAN Edge Infrastructure, PEERS, Published 13 April 2020

Gartner, Magic Quadrant for WAN Edge InfrastructurePublished 23, September 2020, Jonathan Forest, Andrew Lerner, Naresh Singh

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advice technology users to select only those vendors with the highest ratings or other designations. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to its research including any warranties of merchantability or fitness for a particular purpose.

Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates.

Sourced from Fortinet

Fortinet Awarded CyberSecurity Breakthrough 2020 “Professional Certification Program of the Year”

Fortinet is proud to announce that, for the second year running, the Network Security Expert (NSE) Training Institute’s Certification Program has been named the winner of the “Professional Certification Program of the Year” award in the fourth annual CyberSecurity Breakthrough Awards program. This award comes from CyberSecurity Breakthrough, a leading independent market intelligence organization that honors excellence and recognizes innovation, hard work, and success in a range of information security categories, including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, and Email Security, among others. 

“For the second year in a row, we are thrilled to recognize Fortinet for winning our ‘Professional Certification Program of the Year’ award,” said James Johnson, managing director, CyberSecurity Breakthrough. “Fortinet’s training and certification program stands out as it continues to innovate and expand, including the introduction of free cybersecurity training courses earlier this year. Creating and maintaining a vigilant cybersecurity mindset is key for all organizations and their employees – and cybersecurity awareness is a vital component for everyone.”

Fortinet NSE Certification Program’s Growing Momentum

The Fortinet Network Security Expert (NSE) Certification Program is an eight-level certification program that has issued more than half a million certifications to date. The first set of levels (1-3) assess a user’s knowledge of the threat landscape and can be helpful for anyone who wants to become more cyber aware. Moving up, NSE levels 4-6 are courses designed for a technical audience. These focus on one’s ability to install, configure, and troubleshoot comprehensive, integrated network security controls in live environments. Lastly, levels 7-8 hone in on the expertise needed to fully leverage Fortinet solutions. To become NSE 8 certified, an elite distinction, candidates must have related industry experience and should have completed the appropriate Professional, Analyst, Specialist, and Architect designation training. To date, there are 381 individuals worldwide who have earned their NSE 8 certification. 

Additionally, earlier this year, Fortinet opened its entire catalog of self-paced NSE training courses to the public for free for anyone looking to learn new cybersecurity skills or upskill helping to close the skills gap. The free training includes access to pre-recorded labs and advanced training. More recently, Fortinet extended its free training offerings and introduced the Information Security Awareness and Training service available for organizations to implement as part of their employee cybersecurity training program. The new service includes training to ensure all employees can identify and avoid threats, awareness components to keep security top-of-mind and an administrative dashboard to track training completion. 

Closing the Skills Gap through the NSE Training Institute 

For the second year in a row, the Fortinet NSE Training Institute’s Certification Program has been recognized by CyberSecurity Breakthrough for its role in helping technical professionals not only validate their existing knowledge but also expand on their understanding of various concepts related to network security. Fortinet is committed to closing the skills gap through initiatives like the NSE Training Institute as we recognize the need for security professionals and non-technical employees alike to be cyber aware of the latest threats and solutions to keep their organizations safe.  

Find out more about Fortinet’s NSE Training Institute programs, including the Certification ProgramSecurity Academy Program and Veterans Program, which provide critical cybersecurity training and education to help solve the cyber skills gap and prepare the cybersecurity workforce of tomorrow.

Sourced from Fortinet

Ensuring Continuous Security Integration for DevSecOps

As more application teams adopt Continuous Integration/Continuous Delivery (CI/CD) workflows to enable application development, it’s increasingly important that organizations have integrated and automated security in place to protect these workflows. Since most modern applications are based on a micro-service architecture, DevOps teams have leveraged containers and container orchestration platforms, such as Kubernetes, to build and deploy their applications. As a result, container security must be a critical component of any solution that tries to protect CI/CD workflows. Below are considerations for DevOps teams to ensure their container strategy isn’t compromising security. 

How DevSecOps Teams can Achieve Security for the Entire Applications Lifecycle 

Security should not be limited to only one part of a DevOps workflow. Instead, it needs to be injected into every stage of a CI/CD workflow pipeline—from the time that a developer checks in code to a code repository, until the time that the application is deployed to a runtime environment. At a high-level, a CI/CD pipeline is comprised of three stages: build, deploy, and run. It is paramount to secure each stage of the pipeline to prevent breaches in the overall lifecycle of an application. Here are things to keep top of mind during each stage of the CI/CD workflow pipeline:  

Build images securely – images often consist of source codes and third-party libraries. Before building an image, it is critical to parse packages and libraries to generate a detailed report of all vulnerabilities (CVEs) as well as the libraries/packages in which vulnerabilities are discovered. Additionally, certain libraries should be excluded if they can cause security risks. And a vulnerability report may be able to help detect the presence of credentials and/or secrets in an image.

Plug seamlessly into the CI/CD workflow – most application teams leverage build tools such as Jenkins to automate their build process. In order to add security to a build pipeline, security solutions need to be integrated into common build frameworks. Such integration allows application teams to learn fast and fail/pass builds based on their organization’s requirements. For example, if an organization has a security requirement that does not allow deployment of an application with critical vulnerabilities, a policy needs to be set to fail builds when a critical vulnerability is found in an image.

Run compliance checks against CIS benchmarks – as container orchestration platforms such as Kubernetes gain popularity, running static checks to detect potential vulnerabilities in those environments has become extremely important. The Center for Internet Security (CIS) has released recommendations for Kubernetes best security practices. It is a set of recommendations for configuring Kubernetes to support a strong security posture, such as disabling anonymous requests to the API server and running containers only as a non-root user.

Continuous runtime security – while preventing breaches in an application by shifting security to the earlier stages of a CI/CD pipeline is a key aspect of any comprehensive CI/CD security solution, securing running microservices is equally important. The Fortinet-Calico Enterprise integration, discussed later in this blog, addresses Kubernetes network security challenges for both North-South and East-West traffic.

Fortinet and Calico Extend Enterprise Security to Kubernetes 

Successful integration of container services within the enterprise depends heavily on access to external resources, such as databases, cloud services, third-party application programming interfaces (APIs), and other applications. It’s why Kubernetes is the most widely adopted container orchestration system.

All this egress activity must also be controlled for security and compliance reasons. Therefore, to enable successful application rollouts in production environments, companies must be able to extend their existing enterprise security architecture into the Kubernetes environment. Fortinet and Tigera have jointly developed a suite of Calico solutions leveraging the Fortinet Security Fabric. These solutions deliver both north-south and east-west visibility and protection, as well as compliance enablement for Kubernetes clusters.

The Calico Kubernetes Controller for FortiGate – enables FortiGate Next-Generation Firewalls (NGFWs) to control egress from Kubernetes pods to applications. As shown in Figure 2, the controller does this by automatically populating Kubernetes workload source IPs in FortiGate address group objects. FortiGate can then enforce the access rules. This means that developers who add new containers to a Kubernetes pod can use business-level tags (such as department name or role) to identify them, and then rely on the controller to handle the underlying access rule configurations.

The Calico Kubernetes Controller for FortiManager – enables Kubernetes cluster management from the FortiManager centralized management platform. This controller translates FortiManager policies into granular Kubernetes network policies and then pushes them out to individual clusters across all Kubernetes environments. Additionally, similar to the FortiGate integration, address groups in FortiManager can be updated with new pod/worker node IP address information, which can then be pushed to the FortiGate devices. 

Calico FortiSIEM plug-in event correlation and risk management solution – addresses compliance implications due to a lack of visibility. Like any on-premises or cloud-based networked services, Kubernetes production containers must fulfill both organizational and regulatory security requirements. If compliance teams can’t trace the history of incidents across the entire infrastructure, they can’t adequately satisfy cluster audits. The FortiSIEM plugin delivers the telemetry (metadata) that Calico Enterprise creates—including DNS logs, flow logs, and audit logs—into the Fortinet security information and event management (SIEM) environment. This helps security operations (SecOps) teams leverage FortiSIEM to better design and automate their workflows for incident response.

Leveraging Automated Security For CI/CD Pipelines 

While there are multiple ways to achieve a secure application lifecycle, automating and integrating a comprehensive security solution with DevOps workflows provides the most effective approach for discovering, reporting on, and remediating security vulnerabilities. Specifically, to secure microservices-based applications running in a Kubernetes environment, a defense in-depth architecture like the one outlined in this blog is recommended. 

By leveraging the Fortinet Security Fabric, the Fortinet-Tigera joint solution enables organizations to extend enterprise security to Kubernetes clusters so they can maintain their overall security posture. As a result, organizations are further able to achieve full visibility and control across their dynamic multi-cloud environments without compromising security. 

Learn more about how Fortinet’s multi-cloud solutions provide visibility and control across cloud infrastructures to secure applications and connectivity.

Read how Fortinet and Tigera are working together to protect organization’s Kubernetes in the enterprise.

Sourced from Fortinet

Building a Cyber-Aware Workforce Requires Training and Ongoing Awareness

One of the most critical strategies for addressing the risks associated with a large remote workforce is to ensure that remote workers have the skills needed to identify and thwart threats. In March of this year, Fortinet launched a free training campaign to help close the cybersecurity skills gap for those individuals looking to educate themselves on potential threats and security technology. As part of this campaign, Fortinet opened up its entire library of self-paced training. This content is designed to educate teleworkers, many of whom were working from home for the first time, as well as provide opportunities for IT and security professionals to upskill or reskill for career development or advancement.

Our world is a hacker’s playground with more people than ever working remotely, opening the door to insider threats wider than ever. A Ponemon Institute Report found that from 2018 to 2020 the number of insider threats increased 47%, making these threats a top concern for CISOs and executives. In addition to having a security architecture that protects organizations from insider threats, CISOs also recognize the importance of ensuring they have a cyber-aware workforce that can detect threats. To help organizations address this, Fortinet has unveiled a new Information Security Awareness and Training service as part of the NSE Training Institute’s latest offering. 

Information Security Awareness and Training Service

As the challenges of cybercriminals targeting remote workers continues to expand, Fortinet released another free offer for organizations designed to further enhance the ability of their workforce to be cyber aware. This new Information Security Awareness and Training service will help companies better educate their workforce on how to identify and protect themselves and their organizations against all types of cybersecurity threats and to help keep security top of mind.

This new service, researched and developed by Fortinet’s NSE Training Institute—a world-class team of cybersecurity experts, is in full alignment with two key sets of NIST guidelines: NIST 800-50 , which outlines requirements for Building an Information Technology Security Awareness and Training Program, and NIST 800-16, which discusses  Information Technology Security Training Requirements.

Training and Awareness

This powerful turnkey service from Fortinet is made up of three components, each of which include both training and awareness elements. These components, outlined below, work together to ensure employees are trained to always be on the lookout for possible attacks, to know how to deal with them when they arise, and to always keep security top of mind.

Awareness Assets:

The awareness component of this training program will help organizations get an effective training program up and running smoothly within a matter of days. To start, essential elements, such as email templates, are available for Information Security teams to customize. These templates are designed to help easily launch the information security initiative. 

Additional elements include security awareness posters, monthly best-practice videos, printable tip sheets, checklists, and screen savers. These and similar elements are all ready for download to help support a comprehensive security training initiative. Such components are essential as part of an ongoing awareness program to ensure your workforce does not lose focus and make the easy mistake of falling into a hacker’s trap.

Critical Training:

The service’s training component consists of five self-paced mandatory modules that are focused on key threats and attack vectors along with best practices. These videos provide valuable information on securing digital and physical information, and all participants are quizzed to test knowledge retention. Three optional videos targeted at various roles within an organization are also included in the package to expand knowledge of the importance of information security.

Administrator Dashboard:

The administrator dashboard provides the organization with a clear overview on how they are executing on their information security awareness and training initiative. It allows the program administrator to keep track of which employees have and have not completed the required courses, ensuring compliancy with company policies. Other details like enrollment dates, progress, quiz scores, and completed modules, as well as completed times and dates are also included.

Find out more information about the Fortinet Information Security Awareness and Training service.

Sourced from Fortinet

Fortinet Named a Leader in Gartner 2020 Magic Quadrant for WAN Edge Infrastructure

We’re a Magic Quadrant Leader! In Gartner’s recently published 2020 Magic Quadrant for WAN Edge Infrastructure, Fortinet has now been positioned in the Leader’s quadrant. We believe our commitment to continuous innovation helped Fortinet Secure SD-WAN place higher in ability to execute and further in completeness of vision. 

Our SD-WAN journey began years ago, led with a security-driven networking approach that enabled us to deliver the industry’s first Secure SD-WAN solution. We have continued to innovate since then, delivering the world’s first purpose-built processor designed to accelerate SD-WAN functionality and security, while achieving a fully self-healing SD-WAN solution combined with centralized orchestration to meet the diverse needs of customers worldwide. Going forward we are excited to address additional emerging customer use-cases in the SD-WAN market with cloud-delivered SASE innovations to provide the most flexible secure access solution in the market.

The rapid adoption of cloud services and the current shift to remote workforce has accelerated the need for digital transformation. This has led customers worldwide to recognize the value of SD-WAN as they work to build a more robust WAN Infrastructure. While cost reduction, both in terms of operational overhead and capital expenditures, continues to influence the decision-making process, customers are also highly focused on application performance. Delivering business-critical services and cloud resources in real-time ensures the best possible user experience. When combined with the assurance of secure access from anywhere ­– whether from home or branch offices, or across multi-cloud environments – Fortinet Secure SD-WAN delivers a complete solution worthy of being designated as an industry leader.

Evolving cloud applications poses a significant challenge to steering decisions made by SD-WAN solutions, which can have adverse effects on application performance. By combining the industry’s best performance with advanced remediation techniques, such as dynamic traffic steering, forward error correction, and packet duplication, Fortinet Secure SD-WAN can automatically repair complex WAN issues that can undermine network performance. Combined with Fortinet’s AI/ML-powered application learning, customers can establish advanced visibility and control at every edge to improve performance, expand business agility, and achieve higher levels of productivity to deliver and maintain a better application experience and drive growth and revenue further and faster.

Fortinet also provides one of the widest arrays of Secure SD-WAN solutions, allowing us to achieve an extensive presence across all market segments, from small retail to complex global WAN infrastructures. Part of our advantage is that by converging advanced networking and security into a unified Secure SD-WAN solution, customers are able to eliminate point products at the WAN edge to reduce cost and achieve consolidation, and for industry’s best TCO. Simplification through centralized SD-WAN orchestration also enables organizations to expedite deployment, thereby reducing complexity and associated staff hours spent on management and troubleshooting complex network issues. And its actionable analytics and reports empower IT staff to fine-tune business and security policy at scale, as well as ensure ease of change management because it enables networking and security staff to work as a unified team.

But SD-WAN is about much more than just secure connectivity for branch offices. With applications and workloads moving to cloud-delivered models, businesses need reliable and secure access at the cloud edge as well. Fortinet’s differentiated vision also enables customers to future-proof their digital transformation investments by extending SD-WAN to multi-cloud, providing flexible secure access for their remote workforce anytime and anywhere. In addition, close proximity to applications can also optimize SaaS connectivity and cloud compute. And innovations in Fortinet’s cloud orchestrator help organizations extend end-to-end visibility and control to all edges, whether devices are on or off-premises.

For 20 years, Fortinet – a recognized industry expert – has not only focused on security solutions. We also design and deliver a portfolio of advanced network and access devices that span the entire networking stack. These years of experience in building and delivering advanced routing functionalities are what led to our evolution as the industry’s first Secure SD-WAN vendor, providing robust connectivity and routing functionality combined with a full suite of advanced security. 

Innovations in both security and networking, focused vision on flexible secure access from and to anywhere, and continuous industry recognition from a range of third-party organizations, has fueled our expansion across all business verticals, and we believe this has led to our placement as a Leader in Gartner’s 2020 Magic Quadrant for WAN Edge Infrastructure. We believe our proven track record of providing business agility across all verticals and industries just got much stronger. And it doesn’t stop there. We have several upcoming announcements that will ensure that our Secure SD-WAN solution can address the broadest set of customer deployments – because being a leader never means standing in one place. 

Gartner Magic Quadrant for WAN Edge Infrastructure, Jonathan Forest, Andrew Lerner, Naresh Singh, 23 September 2020

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advice technology users to select only those vendors with the highest ratings or other designations. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to its research including any warranties of merchantability or fitness for a particular purpose.

Download the full Gartner Magic Quadrant for WAN Edge Infrastructure report here.

Learn how Fortinet’s Secure SD-WAN Solution uses a security-driven networking approach to improve user experience and simplify operations at the WAN Edge.

Sourced from Fortinet

School District Secures Distance Learning for 18,000+ Students With FortiEDR

Customer Perspectives

As school districts across the United States booted up for distance learning, endpoint security became a top priority. Many educational organizations found themselves a target of cybercriminals exploiting the recent pandemic through social engineering attacks—especially now that students and staff have access to the district’s network from their own devices, in their own homes. 

Even prior to the COVID-19 pandemic, the number of easily exploited endpoint devices connected to networks was growing rapidly. This increased even moreso with the shift to remote work and learning. This issue is exacerbated by the growing sophistication of cyber threats and the pandemic-related attacks launched by cybercriminals leveraging fear, uncertainty and doubt (FUD) in social engineering attacks.

One U.S. school district found itself procuring 20,000 more laptops to enable its 18,000 students and 2,200 staff members to learn and work from home. With growing concerns around ransomware and phishing—particularly spearphishing—and an incumbent solution that was not meeting their expectations, the school district began looking for a new vendor. An ideal solution would provide remote web filtering, endpoint protection, detection, response and remote remediation. 

As an existing Fortinet customer, this district already had a number of solutions across the Fortinet Security Fabric in place, including FortiGate Next-Generation Firewalls (NGFWs), FortiAnalyzer, FortiManager, FortiSandbox, FortiAuthenticator, and FortiClient. Because of this, the district had already seen how Fortinet’s broad, integrated, and automated product portfolio enabled increased visibility, centralized management, and seamless protection across the entire digital attack surface—including remote locations. Both their knowledge of the extensive Fortinet portfolio and the existing trusted partnership between the two led the school district to begin a proof of concept (PoC) of Fortinet’s Endpoint Detection and Response solution, FortiEDR.

FortiEDR delivers real-time, automated threat protection, detection, and response for endpoints—both pre- and post-infection. The key capabilities of FortiEDR include discovery and risk mitigation, next-generation antivirus (NGAV), behavior-based detection, real-time blocking, automated incident response, forensic investigation, threat hunting, and virtual patching capabilities. FortiEDR delivers all of this in a form factor with a lightweight footprint that is easy to deploy, even on devices with limited system resources. And as part of the Security Fabric, FortiEDR could seamlessly integrate with the existing solutions the school district had in place, ensuring centralized management and complete visibility and control across their digital attack surface.

After seeing a variety of ransomware samples being tested and automatically dealt with in real-time during the PoC, this school district determined that FortiEDR met, and even exceeded each of their expectations and was exactly what they were looking for to secure remote access and improve endpoint security among students and staff. 

By adopting FortiEDR, this school district saw the following benefits: 

  • Secure remote access and remote web filtering: FortiEDR enables students and staff alike to gain access to the school district’s resources without compromising the security of the network by ensuring consistent remote web filtering. 
  • Enhanced endpoint visibility and resilience: FortiEDR not only gives the school district complete visibility over all endpoint devices connected to the network and ensures that each of those devices are resilient against potential threats. 
  • Improved threat protection: With growing concern around ransomware and targeted spearphishing emails, this school district was relieved to adopt an endpoint security solution that would mitigate those risks and protect students and staff as they work remotely. 

With FortiEDR, this school district was well-equipped to secure endpoints during distance learning and well into the future.  

Learn more about how FortiEDR has the unique ability to defuse and disarm a threat in real-time, pre- and post-infection.

Sourced from Fortinet

Fortinet Enables Secure Telework With Security Fabric Solutions

Customer Perspectives

The COVID-19 pandemic forced many businesses to rapidly enable most, if not all, of their employees to work from home. But while the lights are off in corporate conference rooms and cubicles, on-premises data, applications, and servers are still serving critical business functions for organizations. Not only that, but all those remote workers still require secure access to the network resources.  Despite these challenges, Fortinet was able to rapidly expand remote access without compromising security or productivity.

Existing Secure Teleworker Solutions Ensure Optimal Work-From-Home Experience

Fortinet has offices around the globe. In the company’s Europe, Middle East, and Africa (EMEA) division, the usual pool of 600 remote workers suddenly grew to 1,600 as a result of work-from-home mandates. Typically, such a massive shift to remote work would require a months-long planning process and significant investments in new technology—a luxury the Fortinet IT team did not have. Because of this, IT teams that could leverage existing security solutions were best positioned to smoothly transition their workforce to telework without sacrificing performance or protection. Fortunately, the Fortinet IT team was able to do just that, scaling their existing Fortinet security architecture to meet the requirements of this new normal at no additional cost.

“Employees need access to file servers, application servers, and other back-office resources, as well as to our laboratory devices for use in testing and in proofs of concept,” explains IT Manager Cyrille Carrasco. “These resources are not available via the internet, and for many employees, this was their first experience of working remotely.” Furthermore, staff across Europe needed remote access to their Fortinet phones. “This is important for all employees, but particularly for workers in our call center,” Carrasco says. “They answer between 40,000 and 50,000 calls each month.”

The built-in capabilities of FortiGate firewalls, FortiClient, and other security technologies enabled the IT team to scale rapidly and provide all call center employees with remote access to the phone system and other necessary applications without straining resources. With minor configurations, including optimizing the FortiVoice phone systems to give remote employees extended telephony capabilities by using a softclient on their computers, the existing solutions ensured secure telework for employees without requiring additional hardware or CAPEX. As a result of these efforts, they expanded their virtual private network (VPN) capacity to serve three times as many concurrent users as they served previously, in a way that IT staff can secure from their own home offices.

Preparing for Widescale Remote Access to the Corporate Network

Fortinet EMEA was using FortiGate next-generation firewalls (NGFWs) to give remote users VPN access to the corporate network, using secure socket layer (SSL) VPNs. With these existing FortiGates—which include IPS, antivirus protection, and application control features—Fortinet had all the technology in place needed to enable widespread work-from-home. 

They also ensured employees could access VPN through any point of presence with redundant options for SSL VPN connectivity throughout the region. So if one VPN gateway were to become unreachable, the user’s FortiClient would give them options of other available gateways that they could connect instantly to avoid disruption.

Secure Connectivity: Any Time, Any Place

For end-users who already had company-issued laptops, the technology transition has been easy and transparent. The FortiClient solution provides options for SSL VPN connections to FortiGate firewalls, and the central IT team can seamlessly push out any necessary configuration changes from their own home offices.

The SSL VPN connection enables all traffic to be encrypted. Then, the FortiGate firewalls scan all traffic that comes in through the VPN. The FortiAuthenticator user identity management server utilizes the corporate Active Directory (AD) to confirm user credentials and permissions to access specific network resources, while the FortiToken solution verifies user identity. “The clients, the FortiGates, the servers, the switches—all the equipment that needs authentication is controlled by two-factor authentication within FortiAuthenticator,” Carrasco explains.

Further, in order to optimize communication efficiency, the IT group installed a voice softclient for every Fortinet EMEA employee. “Our staff needed all the same capabilities they have in the office, so we set up a softclient that connects employees’ computers to the FortiVoice PBX [private branch exchange],” Carrasco says. “As a result, all our employees are able to stay connected to one another without losing their productivity.”

And because all these solutions integrate into the Fortinet Security Fabric, the IT staff can manage the security architecture through a single pane of glass, even while working from home. With these existing solutions, Fortinet’s security team was well-positioned to facilitate new work-from-home policies without sacrificing the protection or performance of their users, applications, and data.

Discover how Fortinet Teleworker Solutions enable secure remote access at scale to support employees with a wide array of access requirements.

Find out how Fortinet’s Security Fabric delivers broad, integrated, and automated protection across an organization’s entire digital attack surface from IoT to the edge, network core and to multi-clouds. 

Find out how Echoenergia and New Zealand Red Cross used Fortinet’s Security Fabric for protection from the network edge to core. 

Sourced from Fortinet

Effectively Securing Microsoft 365 With FortiMail

Even before COVID-19, SaaS-based productivity tools such as Microsoft 365 had been gaining market-share at a remarkable pace. Today, with hundreds of millions of employees working from home, enterprises are turning to software as a service (SaaS), including Microsoft 365, like never before. In doing so, many companies are decommissioning their old email gateways and relying on the security that comes with the SaaS applications. However, as email is the most common transport mechanism for cyber-attacks, it is important that organizations ensure they have an advanced security posture.

Microsoft offers two security services for M365: Exchange Online Protection (EOP) and Advanced Threat Protection (ATP). These services have most of the features you need to secure your productivity infrastructure but poor detection marks both these security solutions. As a result, organizations are turning to Fortinet’s Dynamic Cloud Security solutions, including FortiMail, to enhance and complement native capabilities within Microsoft 365 and better protect their journey to the cloud. 

Fortinet’s FortiMail Email Security Ranks High in Industry Tests

The best known tests for email security solutions are the Virus Bulletin Spam (VBSpam) ReportISCA Advance Threat Defense (email) and SE Labs Email Security Gateway test report. 

The latest SE Labs report, which pitted leading email security services against live targeted attacks that are the same or similar to those seen in recent security events, reveals differences between Microsoft 365 security and security from third party vendors. The report consolidated the results in a single metric, “True Accuracy,” that took into account not just detection but also remediation, false positives, and false negatives. In particular, this metric included the solution’s handling of non-malicious messages and components of those messages, such as attachments and links to websites. SE Labs found Microsoft’s email security solutions had accuracy ratings of less than 30 percent, revealing the need for an advanced third party solution capable of augmenting Microsoft 365 security. SE Labs found that Fortinet’s FortiMail was among the leaders in total accuracy ratings with over 90% of threats detected.

Other third party tests reveal Fortinet’s ability to detect threats with few or no false positives: Virus Bulletin, in its quarterly comparative review of SPAM detection, declared Fortinet the most effective solution, detecting 99.84% of bad emails with zero false positives. ICSA’s tests confirmed the Virus Bulletin findings: after 5 weeks of extensive testing, ICSA found that Fortinet FortiMail detected 99.8% of threats with a false positive rate of under 1.6% – both among the best results of any product tested.

Advanced Microsoft 365 Security Through the Fortinet Security Fabric

Through its Security Fabric, Fortinet offers the broadest, most-effective set of cloud-ready solutions to complement M365. Fortinet works closely with Microsoft to integrate its solutions tightly with M365, providing flexible consumption models and deployment options for on-premises, hybrid and multi-cloud environments. Built from the ground up to co-exist and complement M365, Fortinet’s approach allows customers to use the applications they are most familiar with from Microsoft and the proven security they can rely on from Fortinet. 

Detection of malicious email is only part of M365 security – but is probably the most important part. Other elements of an effective M365 security solution, which Fortinet provides include:

  • Strong Authentication: FortiToken Cloud provides management of multifactor authentication of two-factor tokens, including both software and mobile tokens, in a FortiGate environment from provisioning to revocation.    
    • Robust platform to manage the lifecycle of your two-factor authentication system.
    • Intuitive dashboard is available anywhere there is an internet connection.
  • Email Security: FortiMail Cloud inspects incoming and outgoing emails to stop threats and prevent data loss.    
    • Independently top-rated effectiveness: Routinely earning top scores in Virus Bulletin, ICSA Labs, and other third-party testing.
    • Comprehensive coverage: Anti-spam, anti-phishing, anti-malware, sandboxing, content disarm, impersonation analysis, data loss prevention (DLP), encryption, and message archiving.
  • Sandboxing: FortiSandbox Cloud analyzes files and URLs for new and previously unknown cyberattacks. FortiSandbox utilizes real-time threat feeds along with heuristic analysis, machine learning, and artificial intelligence to identify zero-day threats.
  • SaaS Security: FortiCASB integrates tightly with Microsoft 365 to provide visibility and control into how Microsoft 365 is being secured and used. FortiCASB will:
    • Inspect content in transit or at rest for threats with the top-rated threat intelligence of FortiGuard Labs AV and sandbox services
    • Monitor and ensure appropriate user behavior and entitlements as well as control authorized use of a wide range of sensitive data types, as defined by industry regulations or corporate policy
    • Identify instances of un-approved “shadow IT” apps in the cloud
    • Monitor SaaS apps such as M365 for compliance issues such as encryption of data, proper authentication and appropriate security policies

Fortinet’s Dynamic Cloud Security Solutions 

SaaS-based applications such as Microsoft 365 are one example of the need for enterprise-class security solutions for cloud-based infrastructures. Fortinet’s Dynamic Cloud Security solutions include network security, application security and platform security for all major clouds, both public and private.

The Fortinet Cyber Threat Assessment Program is a free program that analyzes your email traffic for spam, phishing emails and malware. After the two-week assessment, Fortinet provides a detailed risk assessment report. Sign-up for your personal email security assessment and get started today.

For more information about how Fortinet can help you secure your Microsoft 365 deployment, visit the FortiMail and FortiCASB product pages or contact your local Fortinet representative.

* Figure 1: SE Labs Email Security Gateway test report

Sourced from Fortinet

Fortinet Secure SD-WAN Ensures User Experience Across 3,000 Branch Offices

Customer Perspectives

An organization’s continued growth depends on their vision and roadmap to expand business opportunities, and this is especially true in the financial services industry. And with expansion, comes the immediate need to implement solutions that meet the demands of business-critical applications rapidly shifting to the cloud, while preserving a strong security posture at all edges. Organizations have understood the cost effectiveness of moving away from MPLS to cheaper and more effective alternatives such as broadband and LTE for some time now, but this has not exactly solved the problem of achieving the best user experience with visibility and control into their network performance. 

Large distributed enterprises with thousands of branch offices need reliable and secure connectivity from home to branch to data center to cloud. There is an urgent need for digital innovation to address challenges such as a lack of centralized control, poor real-time application performance with traditional routing technologies, and security. They require quick deployment and change management enabled with automation to translate their business intent to effective business policies and deliver exceptional application performance while maintaining business continuity. 

With a single dedicated WAN link at every one of their 3,000 branch locations, one large financial services organization began experiencing poor application performance that had a severe impact on their workforce and customer experience with business-critical financial applications. Security measures for centralized inspection and cloud access were implemented in their data centers, which forced branch traffic to be backhauled. These factors put tremendous strain on bandwidth and performance across their dedicated MPLS circuits, and the clear solution was to move away from MPLS to multiple direct internet access with a secure, reliable, and consolidated WAN Edge. Consolidation also meant complete visibility into all their applications, improved network performance that extends to branch/LAN networks for easy management and troubleshooting while also simplifying the network infrastructure, reduced OPEX + CAPEX costs, and accelerated cloud access.

Financial Service Organization Expands Business Opportunities 

With several SD-WAN vendors vying for selection as part of their proof of concept trials, this organization was quick to discover that Fortinet’s robust Secure SD-WAN solution differentiated itself by providing a fully integrated solution that combined business agility, optimal connectivity, strong security, and best user experience into a single form factor that was easy to deploy and manage. Fortinet Secure SD-WAN is also able to provide WAN Edge consolidation with integrated self-healing SD-WAN and security on the industry’s best-performing appliance and centralized management extending to the branch network. Fortinet was the only solution that proved this organization could replace their legacy routers, poorly performing security solutions, and MPLS circuits with a single vendor to solve their infrastructure needs to ensure business continuity, improve application performance, and simplify branch management.

Key Benefits of Fortinet Secure SD-WAN

A few of the key benefits and immediate business outcomes provided by Fortinet’s Secure SD-WAN solution include:

  • Self-healing Capabilities to Achieve Exceptional User Experience: Fortinet Secure SD-WAN solved their need for traffic steering based on application policy and network SLA such as packet loss, jitter, and latency to achieve best user experience for their business applications designed to handle critical customer financial transactions. With a compact desktop form factor offered with the FortiGate 50E series, they were able to replace MPLS circuits with dual high bandwidth broadband circuits that can effectively forward traffic in an active-active fashion and transform their infrastructure to self-heal with SD-WAN remediation capabilities and deliver optimal application performance across all branch offices.
  • Reliable Connectivity for Business Continuity: This organization required reliable connectivity for their real-time application traffic, used extensively for companywide collaboration and customer service. Fortinet Secure SD-WAN’s ability to enable branch-to-branch VPN connectivity at scale and detect SLAs ensured the voice/video traffic were forwarded on the best available, highest performing, and lowest latency path to achieve best quality of experience. 
  • Cloud On-Ramp for Accelerated Cloud Access: They also required secure cloud access for compute and business applications hosted on AWS across their branch offices. Fortinet’s integrated NGFW and one touch connectivity to AWS virtual WANs enabled accelerated access to critical business applications on direct internet links, while ensuring a strong security posture. 
  • Ease of Management with Consolidation and Simplification from the WAN to LAN Edge: Prior to implementation, this organization experienced longer troubleshooting cycles due to limited visibility into their LAN and applications during their network outages. This also meant significant delays for their customer transactions, support and services. Fortinet’s centralized management and control offered with FortiManager enabled their IT staff to handle change management from WAN to LAN in a matter of days. Advanced analytics and telemetry offered both in real-time and historical via FortiAnalyzer allowed quick resolution cycles and IT staff to spend more cycles on digital innovations. 
  • Leveraging Fortinet Secure SD-Branch to Ensure Branch Office Security Without Impeding Productivity: By implementing Fortinet Secure SD-Branch at their remote locations, this organization gained complete visibility and control across their entire digital attack surface and was able to extend the benefits of the Fortinet Security Fabric to their distributed branch locations. Further, with branch-to-branch VPN connectivity at scale, this financial service organization enabled secure connectivity without impeding productivity for employees. 

Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution.

Read these customer case studies to see how De Heus and Burger King Brazil implemented Fortinet’s Secure SD-WAN to alleviate network complexity, increase bandwidth, and reduce security costs.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.

Sourced from Fortinet