There is an endless array of hardware and software products designed to keep networks secure, but what do companies actually need to secure their networks and their data? Below, Paul Williams from Fortinet answer that question, focusing specifically on the networking side of information security.
1. What are the primary threats facing networks today? Why is it important to secure your network if you already have data protection solutions in place?
The threat environment is constantly evolving. Attackers are increasingly sophisticated and they are collaborating more, often from various bases around the world. We’re seeing an increased incidence of multi-modal attacks, where the victim is distracted by one form of attack while the attackers simultaneously attack from another point.
The frequency and speed of attacks has increased too. Now, you may find sub-hour or even sub-second attacks. Time to response has become crucial, and traditional network security approaches are simply not fast enough. Organisations today need to integrate and orchestrate their security network off a single pane of glass. They need full visibility and manageability across the network to allow them to analyse the attack, clamp down and mitigate the attack as quickly as possible, and afterwards run comprehensive reporting and mitigation exercises.
2. Given that everyone is connected to the internet, is it actually feasible to have a secure network? What, in brief, are some of the solutions aimed at protecting networks?
It’s safe to assume that any automated or digital system is vulnerable to attack. We have even seen attacks on self-contained analogue automated manufacturing systems and CCTV camera recording systems recently; while at the same time the rapid uptake of connected wearables and Internet of Things (IoT) is broadening the risk profile of every organisation. The digital economy is expanding networks to encompass users, devices, data, goods and services. Data and applications are now flowing faster across an increasingly diverse landscape of users, domains, and devices.
In this complex new environment, the best practice security approaches of the past few years are no longer fast enough or comprehensive enough in isolation.
Last year, Fortinet pioneered a new comprehensive and intelligent approachfor securing the network. We expect this approach, which we have branded Fortinet Security Fabric, will become the benchmark for effective network security for the foreseeable future. It is no longer good enough to run a firewall from Vendor A and a security solution from Vendor B in siloes: all the security systems must integrate and communicate with each-other within an intelligent ecosystem, and they must be able to communicate and work together to combat attacks within sub-seconds. Traditional network security approaches don’t support this.
3. Is it better to have hardware or software network protection solutions, or a hybrid approach? Why?
There is a case to be made for both hardware and software, but typically the most comprehensive approach is a hybrid one, with all solutions connected within an intelligent security fabric. The right architecture for each organisation depends on its size, budget, number of users, throughput, the sector it operates in and its long-term business goals. For most organisations, it is important to partner with expert security systems integrators to assess the current network, risk profile and security needs, to architect an appropriate solution. This is particularly true in South Africa, where high-end network security skills are scarce and often limited to specialist network security firms.
4. What solutions do you provide to assist organisations in protecting their networks?
Fortinet offers security solutions across the board, covering every inch of the infrastructure, including wired and wireless networks, end user and IoT devices, access layers, public to hybrid cloud models, software-defined networks, and virtualisation. We employ advanced technologies like hardware-accelerating FortiASIC processors and security embedded network appliances, including virtual and cloud instances, ensure that a network’s function, performance, and scalability are not compromised by the solutions securing it.
Our Fortinet Security Fabric brings traditionally autonomous systems together into a single, aware architecture, designed with three critical and interdependent attributes – broad, powerful and automated. Operating as a single entity, the Fabric delivers complete awareness across devices, users, content, and data flowing into and out of the network, as well as insight into traffic patterns. Acting as a single pane of glass for Fortinet’s Security Fabric is the world’s most deployed security operating system, FortiOS. Technologies like Fortinet’s Advanced Threat Protection Framework conduct deep inspection of traffic, dynamically generating local threat intelligence and transmitting data to FortiGuard Labs to automatically propagate real-time updates to the entire system. This breadth of intelligence coupled with sophisticated, scalable, and rapid analytics, provides an actionable security architecture with the capability to rapidly detect and mitigate threats wherever they occur, says Paul Williams.