Fortinet has made available a new version of its core FortiOS software that includes features the vendor says will help businesses more tightly combine networking and security controls.
FortiOS 7.2 has 300 new features, including AI support to help stop network threats faster, sandboxing to help combat ransomware threats, and improved SD-WAN, branch, and edge orchestration.
FortiOS is the vendor operating system for the FortiGate family of hardware and virtual components. FortiOS implements the Fortinet Security Fabric and includes network security such as firewalls, access control, and authentication, as well as SD-WAN, switching, and wireless services.
“What we’re addressing with FortiOS 7.2 is the convergence of networking and security as customers are working very quickly to get their digital networks up and running,” said John Maddison, executive vice president of product and CMO at Fortinet. “This digital convergence creates a host of new network edges: the LAN edge, the cloud edge, and now a 5G edge. Networking and security can no longer be treated as separate strategies and that is the main issue we are addressing for customers.”
On the security front, Fortinet is introducing AI and ML-based FortiGuard security services that are based on telemetry information obtained from your network application. and security systems around the world.
A new service, Inline Sandbox, goes beyond the traditional sandbox detection capability in which administrators had to painstakingly search for malicious traffic to sandbox. It uses the intelligence collected to enable customers, in real time, to stop both known and unknown malware, with minimal impact to operations, Maddison said. “The idea is that organizations can detect, stop and prevent problems as quickly as possible.”
Another new service, Advanced Device Protection, enables the Fortinet operating system to automatically discover and segment OT and IoT devices based on their unique network characteristics. The service also maintains an inventory of assets and uses pattern matching to enforce appropriate policies and automate remediation if necessary, Maddison said.
“We’re seeing a lot of activity around attacks on operational technology companies, so this new service allows OT organizations to get information about outbreaks and stop it from causing problems more quickly,” he said.
This service is offered on Fortinet NGFW and through integration with FortiNAC network access control software that can orchestrate automatic responses to network problems. Fortinet NGFW also gets a Cloud Access Security Broker (CASB) to bring online zero-trust network access traffic inspection to the service.
A new SOC-as-a-Service can offload level-one security analytics, such as monitoring event logs or suspicious traffic, to Fortinet analysts to lessen the burden on security administrators, Maddison said.
As for networking upgrades, Fortinet added enhanced analytics support to its SD-WAN service that can measure the performance of connected voice and video applications. FortiOS 7.2 also adds automated deployment and orchestration features to simplify the configuration, protection, and management of branch networks.
New onboarding features support device discovery to enable implementation of least-privileged access at the edge of the LAN, Maddison said.
In his NovemberMarketScape: Global SD-WAN Infrastructure Vendor Assessment 2021”, IDC wrote that Fortinet is known for having a tightly integrated network and security portfolio. Fortinet Secure SD-WAN consolidates SD-WAN, NGFW, advanced routing, and [Zero Trust network access] proxy functions on your FortiGate device. Fortinet also offers LAN and WLAN products and has built a channel partner strategy that includes strong relationships with communications service providers as well as managed SPs and VARs.
On the challenges side, Fortinet is primarily a security vendor and may need to work harder with customers looking to work with a vendor with a stronger routing and networking heritage, IDC said.
While Fortinet offers integration with third-party security tools, Fortinet offers its core security solutions; this can be a limitation for customers who want to use Fortinet for SD-WAN but integrate with third-party security tools.
Copyright © 2022 IDG Communications, Inc.