“Cloud & IoT Are Critical Aspects In Network Security”

by Priyanka Pugaokar    May 17, 2016

Rajesh Maurya Adoption of Cloud services among enterprises and increasing number of Connected Devices have drastically increased external demands on IT networks and exponentially expanded the attack surface. Network security solution provider, Fortinet has unveiled its Security Fabric to arm enterprises with pervasive and adaptive Cyber security from IoT to Cloud Networks. With the new launch of the Security Fabric, Fortinet aims to grab a bigger mind share among the customers in India. In a candid interaction with CXO Today, Rajesh Maurya, Regional Director, SAARC, Fortinet explains the essence of Fortinet’s Security Fabric and also talks about the current trends in the Network Security space in the SAARC region. 

What are the factors that are driving the Network Security industry? Please highlight the current trends in this space? 

Networks are currently undergoing more dramatic change than at any time in the past thirty years. Organizations are simultaneously wrestling with issues such as BYOD, IoT, virtualization, SDN, cloud, the proliferation of applications, Big Data, and the expectations of the next generation of employees to blend their work and their personal lives on a single device of their choosing, with instant access to any data at any time from any location.This has exponentially increased the attack surface that organizations need to be concerned with.

The problem is compounded by the proliferation of point security products embedded across the distributed network. The tendency as networks become more complicated is to add new security devices to an already overburdened wiring closet. It’s not enough to detect bad traffic or block malware using discrete security devices. You need a common set of threat intelligence and centralized orchestration that allows your security to dynamically adapt as a threat is discovered anywhere, not just in your network, but anywhere in the world.  

How are Fortinet’s security solutions helping the enterprises to address the network security issue?

To address the challenges brought on by the digital economy and subsequent evolving enterprise IT infrastructure, Fortinet’s Security Fabric brings traditionally autonomous systems together into a single architecture, designed with five critical and interdependent attributes – scalability, awareness, security, actionable, and open. In order to detect, let alone stop threats in today’s borderless networks, a Security Fabric not only needs to be able to dynamically scale to meet volume and performance demands, it needs to scale laterally for seamless, ubiquitous protection. Fortinet’s industry-leading portfolio of security technologies offer solutions that cover every inch of the infrastructure, including wired and wireless networks, end user and IoT devices, access layers, public to hybrid cloud models, software-defined networks, and virtualization. Employing advanced technologies like hardware-accelerating FortiASIC processors and security embedded network appliances, including virtual and cloud instances, ensure that a network’s function, performance, and scalability are not compromised by the solutions securing it. 

Fortinet’s scalability across the infrastructure lays the groundwork for the second fundamental attribute of the Security Fabric: awareness. Operating as a single entity, the Fabric delivers complete awareness across devices, users, content, and data flowing into and out of the network, as well as insight into traffic patterns. This reduces complexity and costs while increasing management efficiencies, enabling easier implementation of new capabilities and innovative security strategies like end-to-end segmentation for protection against advanced threats.  

Universal visibility into the infrastructure is critical to the security required in today’s evolving threat landscape. Acting as a single-pane-of-glass for Fortinet’s Security Fabric is the world’s most deployed security operating system, FortiOS. Technologies like Fortinet’s Advanced Threat Protection Framework conduct deep inspection of traffic, dynamically generating local threat intelligence and transmitting data to FortiGuard Labs to automatically propagate real-time updates to the entire system. This breadth of intel coupled with sophisticated, scalable, and rapid analytics, provides an actionable security architecture with the capability to rapidly detect and mitigate threats wherever they occur.

Ensuring that enterprise customers can maximize their existing infrastructure and security investments, its Security Fabric is designed to integrate with a vast ecosystem of third-party solution providers. Fortinet works closely with its Global Alliance Partners, as well as the industry, to develop open APIs across the entire fabric, giving enterprises the flexibility to deploy Fortinet solutions alongside existing or new security technologies for integrated protection. Most recently, Fortinet has partnered with Carbon Black to provide enterprise customers with security automation, intelligence, and control through integration with the ATP Framework. 

What is the essence of Fortinet Security Fabric and why do Enterprises need a Security Fabric to protect their Networks?

Today’s digital economy connects more users, devices, applications, and data to drive business value. Billions of new IP-enabled, non-user IoT devices are transmitting vast amounts of data traversing wired and wireless access points, through both public and private networks, across traditional and cloud infrastructures. To successfully mitigate the cyber risks in this digital economy, organizations need to implement a tightly coordinated security strategy that can govern this data across an entire network without compromising agility or performance. Fortinet’s Security Fabric delivers security without compromise and addresses the challenges brought on by the digital economy. Whether it is enterprise or SMB it has become very critical for organizations to invest in a Security Fabric. 

How do you see the adoption of Next Generation Firewall (NGFW) in India?

We have seen a high level of adoption of NGFW in India in recent years. Intelligent Firewall or NGWF along with Advanced Threat Protection (ATP) has become a very important aspect of security deployment. NGFW helps to protect against evolving threats, and address business and workforce requirements like bring your own device (BYOD) and the extended enterprise of business partner connectivity to the enterprise, as more and more organizations adopt the Zero Trust model of information security. In this model, there is no longer a trusted and untrusted interface on security devices, a trusted and an untrusted network, or trusted and untrusted users. Within this context of Zero Trust, NGFWs are known as network segmentation gateways (SGs) and are the key to building a Zero Trust network.

Will SDN enabled Network security be a key thrust area for Fortinet?

Fortinet’s Software-Defined Network Security (SDNS) framework – the first of its kind across the industry is designed to provide advanced threat protection through the integration of security into the modern, agile data center environment. This new framework provides a clear vision and actionable steps in delivering a comprehensive approach to securing the data center, while providing the most extensible platform for infrastructure integration with technology partners including HP, Ixia, PLUMgrid, Pluribus Networks, Extreme Networks and NTT. SDN Security redefines advanced cybersecurity in a world where data centers are being transformed by the adoption of virtualization, cloud computing, and now software-defined networking.

There is likely no single SDN platform that all enterprise and service provider customers are going to standardize on. Hence the reason we are developing an eco-system to support different SDN platforms through proprietary and open Application Programming Interfaces (API’s). The key is providing scalable security modules that can be called on-demand, at the orchestration level.

Fortinet’s efforts in the software-defined arena began more than five years ago with the first FortiGate-VM virtual appliances designed to secure increasingly virtualized and consolidated data centers. These efforts have expanded, along with the ongoing transformation of the data center, including recent milestones such as: new Fortinet security appliances to support Microsoft Azure; membership in HP’s AllianceOne program to deliver pre-integrated; optimized security for HP’s SDN portfolio; integration with Cisco’s application-centric infrastructure (ACI), and network security efforts for VMware vSphere and SDDC customers.

How much is your emphasis on R&D in India? 

Being a security company one always needs to be ahead. Fortinet has got 256 patents till date and its growing. We have got 700 people in R&D which is probably the biggest in the security domain. In India, we have close to 150 member R&D team in Bangalore. This centre is the largest R&D centre of Fortinet outside of North America. Called Fortinet Innovation Centre, this R&D centre focuses on Enterprise/Infrastructure WiFi solutions. 

FortiGuard labs has a R&D Center at Hyderabad which works very closely with the Fortinet’s R&D center at its head office in Sunnyvale, CA, USA. The primary focus of engineers at the Hyderabad research center is on building the hardware logic for FortiDDoS appliances used for Distributed Denial of Service (DDoS) attack mitigation. Apart from that we have an India Technical Assistance Centre (TAC). Besides providing Level 1, Level 2 and Level 3 phone support to Indian and SAARC customers, Fortinet’s team at the TAC will oversee Professional Services and Technical Account Management, ensuring expert and timely deployment of local projects. Having own research centers along with high end development team has helped us to keep our solutions updated. We are proud to say that we offer more services than our competitors. 

The Gartner CIO Survey 2016 reveals that Security budgets are shrinking among Indian enterprises. What advice will you give to Indian CIOs?

With so many devices getting connected and growing attacks surfaces, it is critical that organizations give more preference to increasing their security budgets. Enterprises need to create a security infrastructure that will enable protection right from the clients to the Data Center and everything in-between. CIOs should look at solutions which ensure that their investment stays protected in the future. 

What is the roadmap of Fortinet for India and the SAARC region in 2016?

We are very bullish over the India and SAARC market. Our focus is more on human resource and will invest in  hiring domain specialist who will be able to advice and share expertise with BFSI, IT/ITeS and Government customers. We are putting a lot of emphasis on training for both customers and partners will be developing fully equipped training labs in the metros.