Fortinet’s 10 new appliances are designed to help businesses stay secure while simplifying their network infrastructure. The security vendor announced its new line of unified threat management boxes on July 19.
Whereas IT administrators normally design their networks to relay traffic from a UTM box to a switch or router, the new FortiGuard series of routers integrates the Ethernet connections right into the box. The appliances offer both copper and fibre-based ports to plug into for wired network infrastructures, and a couple of boxes also offer Wi-Fi connectivity. It’s layer two switching capability, meaning the appliance identifies end user machines by MAC address, not by IP address.
Fortinet wants to do more for its customers than unified threat management has done in the past, says John Maddison, vice-president of marketing at Fortinet. He considers the classic definition of UTM to include firewall, Web filtering, anti-virus, and WiFi monitoring and controls – all wrapped up with simplified policy management.
“We’re pushing forward the definition of UTM,” he says in a phone interview with ITBusiness.ca. “Let’s say one of our customers, has 2,000 or 3,000 stores out there. You have to replicate that network infrastructure that many times. So taking a box out of there is very effective. For SMBs that don’t have a big budget, not having to go out and buy a box is great as well.”
The box Maddison is referring to is an additional switch or router. But the new FortiGuard boxes could also eliminate an additional piece of hardware from some network diagrams. Because a couple of the appliances (namely two models of the FortiGate 140D) include Power over Ethernet, access points won’t need additional signal boosting hardware.
The new line of FortiGuard appliances also offer new security features too. A big change is the addition of a direct connection to new FortiGuard Labs cloud services, based in Vancouver. In addition to running incoming traffic through on-board antivirus software, the cloud service will also be called upon for its Advanced Persistent Threat analysis.
If a file is suspected as malware, FortiGuard gives it the “cloud sandboxing” treatment. It sets up a virtual environment on its own servers, executes the file and watches its behaviour. FortiGuard is also keeping tabs on IP addresses and assigning reputation scores, with the aim being to quickly protect networks from surprise wide-scale attacks. Similarly, system administrators can assign reputation to end-points in their own environment.
“Has that laptop got vulnerabilities on it?” Maddison says, posing an example. “Has it been infected before? Is it using applications on the edge of being malware oriented?”
Fortinet’s new appliances are available now in Canada and it works with resellers to move the hardware.