Fortinet offers next-gen firewall protection via AWS

Fortinet offers next-gen firewall protection via AWS

FortiGate CNF reduces security operations workload with a simplified interface and no security infrastructure to manage, claims Fortinet

Fortinet on Monday announced the release of its FortiGate Cloud-Native Firewall (CNF) on Amazon Web Services (AWS). The new cybersecurity solution, available as a software as a service (SaaS), is aimed at enterprises using AWS that are looking for enterprise-grade next-generation firewall (NGFW) functionality with cloud-native support.

“FortiGate CNF incorporates FortiGuard artificial intelligence (AI)-powered Security Services for real-time detection of and protection against malicious external and internal threats, and is underpinned by FortiOS for a consistent network security experience across AWS and on-prem environments,” said Fortinet.

NGFWs like FortiGate CNF build on traditional firewall capabilities like packet filtering, network address translation (NAT) and virtual private network (VPN) capabilities with deep packet inspection, intrusion prevention and other techniques to maintain more performant and secure connections. 

“FortiGate CNF is a SaaS offering that delivers seamless scalability, implicit resiliency, streamlined workflows, and flexible consumption through deep cloud-native integrations with native AWS services such as AWS Gateway Load Balancer, AWS Firewall Manager, and AWS Marketplace. Fortinet and AWS bring together the best of both worlds – deep security expertise and leading edge cloud technology – in a simple-to-manage and easy-to-consume service,” said Fortinet’s Vincent Hwang and Vinod Sundarraj in a blog post announcing the new service.

FortiGate CNF enables businesses to aggregate security across cloud networks and their availability zones, as well as virtual private clouds (VPCs), according to Fortinet. It also natively supports Graviton, the custom server hardware AWS uses. Graviton, now in its third generation, is a 64-bit CPU designed by AWS based on Arm’s technology.

“As a managed service, FortiGate CNF reduces the network security operations workload. Enterprises don’t have to configure, provision, or maintain any firewall software infrastructure,” said Hwang and Sundarraj.

Fortinet touts the simple user interface for managing FortiGate as making it easy to define and deploy security policies that include dynamic metadata-based policies on AWS, using a “single pane of glass” interface through the FortiManager app. AWS Firewall Manager is supported to help streamline security management and automated rollout.

“This AWS support helps security teams move at the speed and scale of applications teams, while support of AWS Gateway Load Balancer eliminates do-it-yourself automation and helps secure Amazon Virtual Private Cloud (Amazon VPC) environments while improving high availability and scaling,” said Fortinet.

Underpinning FortiGate CNF are Artificial Intelligence (AI)-powered security services that leverage Machine Learning (ML) models. This technology helps the firewall software identify threats, including unknown or novel ones, based on real-time intelligence, behavior-based detection, and automated prevention, Fortinet said.

While FortiGate CNF is squarely aimed at businesses looking to deploy an NGFW as a software instance, Fortinet still targets hyperscalers and network operators with physical gear like the FortiGate 4800F, announced in August. That device occupies four rack units while providing up to 2.4 terabits per second (2 Tbps) throughput. It includes 400 gigabit per second Ethernet (GbE), 200 GbE and 50 GbE ports for scalability. Specific to 5G, Fortinet said the 4800F enables massive machine-to-machine (M2M) connection that requires secure IP connectivity to untrusted environments like the Internet, edge sites, and cloud services. It can support 25 million connections per second. The 4800F also secures 5G RAN traffic and core connectivity with IPsec-based VPN performance that Fortinet clocks at 19x faster than previous models.

This content was originally published here.