If you are a small business and thinking that hackers may not be interested in your data, you might want to re-assess that conclusion. If you are a big enterprise – or even a government organization – and thinking that your high investment on security solutions will keep you safe from cyber threats, you might likewise want to re-evaluate your opinion.
One thing is clear: Cyber-attacks have become an equal opportunity enterprise, and one need not look any further than Singapore for examples, where notable organizations have fallen prey to cyber criminals. Most recently, the Ministry of Defense (Mindef) reported loss of the personal information of 850 Mindef employees and national servicemen. Prior to that, StarHub experienced two waves of cyber-attacks, which shut down broadband internet access – the first time a telco infrastructure in Singapore was attacked. Websites owned by The Straits Times, the Singapore Mass Rapid Transport (SMRT), the Seletar Airport, the Ministry of Education (MOE), and even the Prime Minister’s Office (PMO) and the Istana were hacked. Then there was the SingPass incident where the IDs and passwords of more than 1,500 users were compromised. Likewise, karaoke chain K Box Singapore, had its database of more than 300,000 customers not only stolen, but also posted online. The defacing of Curtin Singapore’s website was one of the most recent attacks on a private educational institution in the country. It is most likely that there are more – but have gone unreported.
Bouncing off the firewall
To effectively deal with the increasing sophistication and frequency of cybersecurity attacks and viruses that a distributed enterprise is faced with today, current cybersecurity solutions need to evolve, starting with the firewall.
Firewalls, which safeguard the perimeters of the networks by screening incoming and outgoing network traffic, are among the oldest and most widely used form of defense. Though they have evolved over the years, they are no longer effective in tackling today’s cyber threats on their own. However, their role is by no means diminished or any less critical; they will continue to play a crucial part in the development of a modern security strategy – taking up their strategic place at the perimeters of the distributed enterprise.
Not surprisingly, the security firewall market remains huge, and is growing fast; it’s expected to be worth US$8.41 billion by 2019.
“Although the security landscape has evolved over the years, the humble firewall is still relied upon to provide the very first line of defense at the perimeters of the entire network; a modern security strategy is never complete without it,” said Matthew Kuan, director, Solutions Marketing Asia Pacific at Fortinet. “However, what we need today are not only firewalls with next generation and segmentation capabilities, but also the ability to collaborate with other ancillary and advanced security solutions across the entire attack surface of the enterprise.”
Today’s borderless environment – which spans across the distributed and extended networks, applications, data, and end points – has increased the attack surface dramatically, making it difficult for security professionals to clearly define and effectively secure.
According to Fortinet, a truly-evolved enterprise firewall provides not only increased security effectiveness but greater level of cohesion and collaboration with other security systems, resulting in highly reliable network performance and a simplified security management – through a single security operating system managed within a single pane of glass. By taking a more cohesive and collaborative approach, the enterprise firewall, along with other Fortinet security solutions across the entire network infrastructure, enable the enterprise to collectively deliver a much stronger perimeter and holistic security that not only looks solely at prevention, but also mitigation and resolution, allowing security professionals to focus on security strategies rather than tactics for the long term.
Fortinet’s FortiGate comes in a variety of sizes, from small to medium to large appliances, as well as virtual firewall deployment options that promise to deliver enterprises optimal performance without compromising on security – be it the branches, campus, data center, private, hybrid or public cloud. Fortinet equips organizations with the flexibility to scale their security requirements, from small branch offices to large campuses or the cloud, while delivering the same security posture.
Intelligent, responsive, well-coordinated, and effective
The Fortinet Enterprise Firewall solution – being an integral part of the Fortinet Security Fabric vision – works as part of a suite of security solutions from Fortinet and other Fortinet Security Fabric Ready Partners, to deliver a heightened and stronger security posture. This provides a higher level of visibility, facilitating immediate, intelligent, and effective defense against evolving malware and emerging threats.
This is how it works: When the enterprise firewall detects a threat event, it either blocks it (identifiable threats) or communicate the unknown or suspicious threats to another security solution within the fabric (Fortinet Advanced Threat Protection) for investigation and further analysis before the next course of action is taken. Threat resolution signatures are then developed by FortiGuard (Threat Intelligence Service) when the investigation and analysis of the unknown or suspicious threats are complete; then it automatically updates not only the affected firewall, but also all the other firewalls within the security fabric across the entire infrastructure. Likewise, the same automated course of action applies whenever a new security policy is created.
This approach underscores that all enterprise firewalls deployed not only provide effective perimeter protection but with the simplification of deployment and management, it also reduces the need for multiple touch points in the introduction and management of security policies and unknown threats across the enterprise.
The FortiGate firewalls come with the following features and benefits:
- Global intelligence. The FortiGuard is a Threat Intelligence Service – credited with over 250 zero-day and vulnerability discoveries – provides the combination of local and global threat intelligence necessary to allow instantaneous threat intelligence, analysis and resolution development, as well as security updates, which are crucial in providing current and up to date protection to the enterprise.
- Single pane of glass; one network security operating system. Regardless of where the Fortinet Enterprise Firewall devices are deployed, or on whichever platform (physical, virtualized or various cloud options), with a single network security operating system – FortiOS, enables 360º visibility into network traffic through a single pane of glass – be they applications, threats, devices, countries and more, with a few clicks. The single pane of glass also significantly reduce complexity on logging, reporting, and overall firewall management.
- One enterprise firewall solution across the extended enterprise. Powered by Fortinet’s patented Security Processors (SPUs) – the CP9 (Content Processor) and NP6 (Network Processor) chips – the FortiGate Enterprise Firewall delivers the highest throughput and low latency for optimal security without affecting network performance unlike generic processor based solutions. Highly scalable, it provides various platforms for perimeter defense at the edge of either the branch or campus as next generation firewall (NGFW), data center firewall (DCFW), and internal segments firewall (ISFW) to provide granular protection for the distributed enterprises.
- 360 degrees of threat intelligence. Managed by a single network security operating system (FortiOS), it provides visibility and the ability to share intelligence on threats and policies across the entire attack surface.
- Broad and dynamic defense strategy for the long term. The Fortinet Enterprise Firewall Solution with FortiGate being a crucial component of the Fortinet Security Fabric allows for the delivery of security coverage across the entire attack surface of the enterprise. This is made possible through the automatic distribution of contextual security policy and threat intelligence throughout the enterprise. Using a single-pane-of-glass dashboard, security managers can consolidate their management views and implement security policies in a concise, quick and efficient manner, without compromising on performance.
Overall, the most effective implementations of security firewalls today to address the extremely dynamic and complex threat landscape are the ones that have foregone the old school, stand-alone firewalls, updating them with the ones that have evolved to include capabilities that allow them to communicate, cooperate, and collaborate with not only other firewalls but other security solutions across the network, as a single unit. Besides having the ability to prevent or block threats that may wreak havoc to the network, it is crucial for security firewalls to work with other security systems as a team, in order to deliver the fastest and most effective response to a threat or security event, ensuring that the highest level of security is delivered without compromising network performance.
In the security sphere, while the old adage, “prevention is always better than cure” still applies, the ability to respond intelligently, automatically, and effectively when there is a security threat across the entire attack surface, is even more crucial today than ever before, for enterprises of any kind and size.