Extending Security into the Next-Gen Branch Network

As organizations turn to enable their remote branches and locations with all the power and potential of digital transformation, they're finding that they must re-think all of their WAN strategy. For a lot of, the initial step is to replace aging WAN connections with SD-WAN to be able to provide robust applications, for example unified communications, better enable interconnectivity between different branch offices, and extend security towards the fringe of the branch.

However, this still leaves the branch office itself-usually without onsite IT staff-requiring to reach speed with all of those other network. However, today’s next-gen branch offices not just require same functionality, additionally they are afflicted by exactly the same risks as all of those other distributed network. Direct internet access and SaaS applications, for instance, considerably expand the possibility attack top of the branch, along with the growing proliferation of IoT and BYOD devices, creating multiple network edges past the WAN edge.

This explosion of edges, which all should be guaranteed, causes many organizations to find it difficult to implement sufficient security in their distributed enterprises, including in the new branch. The complexness of managing these edges - including frequently complicated and overlapping point products and appliances - adds yet another challenge. Consequently, organizations adopting SD-WAN have found that they must look for a vendor that may more tightly integrate their SD-WAN security and management functionality to their branch systems.

The Brand New Fortinet Secure SD-Branch

To combat this concern, Fortinet is delivering the industry’s first complete Secure SD-Branch solution, enabling customer to converge security and network access and extend the Fortinet Security Fabric towards the branch. This latest SD-Branch solution is composed of the next elements:

• FortiGate Next-Generation Firewall for robust security, connectivity, and management over the branch atmosphere. The FortiGate NGFW includes the industry’s first purpose-built SD-WAN processor, coupled with advanced network traffic management functionality for example application steering to make sure high application performance on any WAN link. The FortiGate solution now includes advanced sensor functionality for elevated device visibility and traffic anomaly recognition with the requirement for additional hardware.
• FortiSwitch and FortiAP provide consolidation of branch services with the convergence of security and network access with FortiLink. FortiSwitch and FortiAP integrate with FortiGate to increase SD-WAN’s benefits in to the network access layer. This permits network managers to produce and enforce exactly the same network security policies over the enterprise, including to the network branch.
• FortiNAC Network Access Control provides visibility in to the branch infrastructure by rapidly identifying, profiling, and classifying all devices seeking accessibility branch LAN, including IoT and BYOD. After that it provides device security through dynamic micro-segmentation, and automatic response by constantly monitoring the network.

Securing the WAN Edge

This integrated solution set safeguards the WAN edge in 2 key areas:

• Network Edge protection: FortiGate’s next-generation firewall security is extended with the access layer using FortiSwitch and FortiAP. Additionally to enterprise-class security, additionally, it provides an essential consolidation of services with the convergence of security and network access, making a perfect architecture solution for Secure SD-Branch deployments. Additionally, new Wireless 6 FortiAP Access Points offer greater capacity and throughput to maintain expanding bandwidth needs, with new multi-gigabit FortiSwitch switches support individuals greater Wireless 6 speeds whilst offering greater power (PoE) to operate the most power-hungry IoT devices.
• Device Edge protection: The FortiNAC network access controller provides automatic discovery, classification, and to safeguard IoT devices because they go into the network. The brand new FortiNAC release 8.6 also increases anomaly recognition via traffic checking by leveraging FortiGate like a traffic sensor, without any additional hardware needed in the branch.