Fortinet Fortifies Network Fabric
Fortinet this week advanced an effort to converge networking and cybersecurity functions with the introduction of a series of high-performance next-gen firewalls based on proprietary ASICs that are managed as an extension of the company’s network fabric.
Fortinet is betting that the need to process and inspect data packets that are increasing in volume at higher rates of speed will reliance on proprietary ASICs capable of implementing a broad range of cybersecurity controls in near real-time.
The goal is to make it much simpler to segment networks without having to introduce additional layers of complexity using, for example, a network virtualization overlay, says Jonathan Nguyen-Duy, vice president of strategic programs at Fortinet.
Related Articles
HPE and Pensando Rack Up New Distributed Switch
Partners HPE and Pensando launch a "distributed services switch" comprising an Aruba top-of-rack switch with Pensando's DPU to secure traffic in hybrid cloud environments
SASE Ecosystem Growth: What to Expect in 2024Futuriom believes the secure access service edge (SASE) market is in the early innings of a long-term shift helping cybersecurity pros consolidate distributed cloud security
How 10 Telcos Are Getting AheadWhile other telcos struggle with legacy infrastructure and 5G disappointment, these 10 are pivoting to transformation
In fact, the single biggest reason network segmentation and other cybersecurity controls are not implemented is they are simply too complex to deploy and manage, says Nguyen-Duy.
“We all know what should be done,” says Nguyen-Duy. “It’s just too complicated.”
The Fortinet strategy seeks to address that issue by extending the intent-based networking capabilities enabled by its network fabric into the realm of cybersecurity. The companies contends that this approach will end up being less expensive by eliminating the need for many dedicated cybersecurity appliances over time. The strategy is also designed to make it much easier to tie cybersecurity closer to business outcomes based on the actual risk faced by an organization.
Given the chronic shortage of cybersecurity professionals it’s all but inevitable that networking professionals and other members of the IT organization will be taking more responsibility for implementing cybersecurity controls. Cybersecurity teams will still define cybersecurity policies, but the implementation of the controls will increasingly be left to IT operations teams. To make it easier to meld the management of networking and cybersecurity networking vendors such as Fortinet have been rushing to extend their network fabrics in a way that creates a single interface through which switches and firewalls can be managed.
It’s still relatively early days in terms of achieving that convergence. Not only are the platforms capable to achieving that goal just starting to be deployed, many organizations still need to navigate complex cultural differences between networking and cybersecurity professionals that have been allowed to fester in some cases for decades.
As cybersecurity becomes more of a business imperative, it’s all but inevitable many cybersecurity functions will soon be subsumed into a larger network fabric, says Nguyen-Duy. Less clear is to what degree that shift will drive a wave of consolidation across a cybersecurity sector that already consists of over 5,000 vendors.
One of the fundamental flaws of cybersecurity todays is it takes too long to first discover a potential threat and then escalate it up the cybersecurity process to determine whether it should be blocked. By then chances are massive amounts of damage has already been inflicted. The challenge and opportunity facing organizations today is how to implement cybersecurity controls that can be implemented within seconds of an attack being detected.
The degree to which cybersecurity is fundamentally broken is, of course, a matter of intense debate. The one thing, however, that just about everyone can agree on is what passes for cybersecurity today is not working nearly as well as it should.
Related Articles
HPE and Pensando Rack Up New Distributed Switch
Partners HPE and Pensando launch a "distributed services switch" comprising an Aruba top-of-rack switch with Pensando's DPU to secure traffic in hybrid cloud environments
Why Aryaka's Unified SASE Is ImportantAryaka rolls out Unified SASE, looking to provide a complete network and security platform
ROI Through Converged Cloud Networking and SecurityThis leadership briefs explores ways to reduce cloud costs with distributed Networking and network security convergence