sb-au logo
Story image

Fortinet’s ‘zero trust’ approach redefining security

14 Sep 2020

Cornelius Mare, Fortinet A/NZ Director, Security Solutions, explains why taking a ‘zero trust network access’ approach to cybersecurity requires fully-integrated and comprehensive security services and policies.

Trust no-one. Sounds like a line from a spy thriller. But when it comes to cybersecurity, zero trust network access is becoming critical as network perimeters shatter, mobile devices and IoT transceivers proliferate and users blur the line between secure and unsecured network access. 

Zero-trust network access (ZTNA) assumes that any device with network access can, and may already have been, compromised. As a result, every device and user that connects to the network, whether through edge access points or physical connections, needs to be authenticated, documented and assessed. Only then may those now-trusted devices/users be given the read/write privileges necessary to carry out their responsibilities.  

ZTNA is closely related to SASE (secure access service edge) as both rely upon comprehensive security coverage, unified security policies and automated AI-enabled near real-time responses. Together, ZTNA and SASE provide the visibility and control you need to reduce your risk and ensure business continuity. 

To enable your ZTNA approach, you’ll need inter-connected and comprehensive security services across your entire network to monitor and enforce your policies. With these in place you can identify any anomalous behaviour, isolate the activity and then mitigate the effects – all in near real-time – to reduce the risk of threats, known and unknown.

Visibility and control

In practical terms, ZTNA delivers visibility and control in three key areas: who is on the network, what is on the network and what happens to managed devices once they leave the network. 

Specifically, ZTNA solutions provide granular-level visibility of devices and users connected to the network as well as the network services they are attempting to access. Further, ZTNA solutions must be able to enforce security policies regardless of the device type, location, or method of access. And they must be able to maintain enforcement and visibility when the devices go offline.

Microsegmentation

A key enabler for Fortinet is the capability to secure each and every network service - physical, virtual or in the cloud - with Next-Generation Firewall security services. Known as microsegmentation, you can deploy multiple firewall instances quickly and easily regardless of where and how the network service is located or who is using it. 

These multiple security services all communicate with each other and provide deep visibility of users and devices, both on- and off-network. Network managers can then leverage that visibility to make informed policy-driven decisions to minimise risk.

Dynamic security

As organisations leverage multiple physical, virtual and cloud environments, the attack surface has expanded and is under more threat from malicious behaviour targeting the misuse and misconfiguration of the network infrastructure. Dynamic security addresses these challenges.

Fortinet’s dynamic security enables organisations to confidently deploy any application on any cloud and then protect each instance with Fortinet’s security tools for consistent policy enforcement. 

Fortinet’s unified threat response offers streamlined management and automation capabilities across multiple environments so that enterprises can unleash digital innovation initiatives for any environment without compromising security.

Fully-supported ZTNA

Fortinet’s approach to ZTNA is fully embedded into a network-wide Security Fabric. With a mix of AI-driven security, the convergence of NOC (network operation centre) and SOC (security operation centre) responses and dynamic cloud security, Fortinet’s Security Fabric has all of the components necessary to fully support a ZTNA approach to network protection.

Fortinet’s Security Fabric is the only solution on the market that fully supports ZTNA. It is broad enough to protect your core, perimeter and edges. It can be managed from a user-friendly SOC/NOC console. And it can eliminate any weak links in your security profile.

Fortinet’s comprehensive unified Security Fabric Services are available from a network of Authorised Partners across A/NZ as appliances, virtual appliances and cloud-based or managed services. Fortinet’s Security Fabric is backed by the global constellation of FortiGuard Labs to ensure that your defences are always updated with the very latest threat intelligence. And Fortinet’s commitment to research and development mean that, regardless of which way your network evolves, Fortinet will be right there with the fully-integrated security services to protect it.

About the author

Cornelius Mare is Director, Security Solutions at Fortinet A/NZ. As such, it is his business to know what’s happening in the cybersecurity world and how to help enterprises secure their transitional networks without sacrificing speed, functionality or control. In particular, Corne is an expert with hybrid cloud environments and artificial intelligence. These tools, along with other Fortinet security services, help organisations manage their digital transformations with confidence.

About Fortinet

Fortinet (NASDAQ: FTNT) secures the largest enterprises, service providers and government organisations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 375,000 customers trust Fortinet to protect their businesses. Learn more at the Fortinet website, the Fortinet Blog, or FortiGuard Labs.