The Evolution of the Enterprise… And Enterprise Security
Introduction
Today's enterprise is evolving rapidly, with new
technologies such as consumer-grade mobile
devices, internet-based applications and cloud
services supplementing or replacing the traditional
corporate standard IT infrastructure and assets.
These have a fundamental impact on enterprise
security requirements specifically related to employees
and data. Especially, in light of a corresponding
evolution in the role of IT, as well as changes in the
threat landscape.
This paper discusses each of these technology, role
and threat trends, plus emerging enterprise security
requirements.
Fundamental Technology Shift
Mobility and BYOD
According to IDC, tablet shipments have overtaken
those of mobile PCs in 2013, and are predicted to
surpass those of mobile and desktop PCs together in
2015.
Adding in the 1 billion smartphones shipped, or simply
looking around our office or home, it is clear that the
way employees get work done is much different today
than in the past.
While this increased mobility undoubtedly has
increased productivity and convenience, it also raises
new challenges for IT and IT security. Attempting to
manage and support such a large number and wide
range of devices can be daunting. So too is the
provision and control of enterprise applications and
data.
In the past, a single company issued Windows-based
PC, with a corporate standard configuration and
device-based security and authentication, was the
single method for ensuring secure access to company
systems and information. Today, that is no longer
feasible with demands from employees and
executives to use their iOS and Android devices. In
response, organizations are embracing (in full or in
part) bring your own device (BYOD) policies. And as a
result, necessary security controls are increasingly
moving away from endpoints (which may no longer be
seen, let alone controlled, by IT) to network
checkpoints, and similarly based on users rather than
devices.
Takeaways – Mobility and BYOD
• Greater network visibility and control
• User-rather than device-authentication
Product Options
• FortiGate
• FortiAuthenticator
The Evolution of the Enterprise and Enterprise Security | FORTINET White Paper
www.fortinet.com
Internet-based applications
This greater mobility is driving (or is enabled by,
depending on your view of things) internet-based
applications and cloud services which are inherently
available anytime, anywhere as opposed to the
previous client-server based models of the enterprise.
There is a dramatic rise in the enterprise use of social
media (Facebook, LinkedIn) and cloud storage
(Dropbox, Google Drive), not to mention public cloud
services (SaaS, PaaS, IaaS). While this increased
accessibility is a productivity driver, it also raises new
security challenges. No longer are all applications
provided by IT, ensuring that the content delivered is
safe and the enterprise data within them secure.
Instead employees are at increased risk that content
delivered from 3rd party internet-based applications
may be malicious and/or that data may be
compromised within 3rd party, multi-tenant services
or infrastructure. If nothing else, such external
applications and services raise compliance and
reporting challenges.
In response, enterprises are looking to strike a
balance between the use of such applications with
security of the enterprise and its data. This starts with
simply gaining visibility into what applications and
services are used by employees, followed by
establishing and enforcing granular policies. This is
doubly challenging given such applications and
services increasingly use encrypted communications
as well as the fact that 1 in 3 respondents to a recent
Fortinet survey indicated that they would contravene
an employer policy preventing use of public loud
services.
Changing Threat Landscape
Advanced Persistent Threats
Even as enterprises are relinquishing control over
applications, services and devices and relying more
heavily on network-based control points, the risk of
cyber attack is higher than ever before. And the cyber
threats themselves are more sophisticated- targeted,
tailored, socially-engineered and even multi-staged. A
simple search on "data breach" this past year will
return countless headlines that make this abundantly
clear.
Cyber criminals are often:
• singling out individual organizations (or a small
group of similar organizations in an industry);
• targeting employees with attacks crafted to fool
even the wary;
• leveraging malware modified (and often tested) to
bypass traditional security controls;
• moving stealthily within the organization in search
of data
• exfiltrating that data over a period of time
While established security technologies that leverage
signatures, patterns, heuristics and reputations are a
necessary baseline (and should be deployed for
deeper Inspection at more segmentation points),
PriceWaterhouse Cooper reported that 20% of large
organizations had detected that they were
successfully penetrated.
Takeaways – Cloud applications and services
• Greater application and service visibility
• Granular policies and enforcement
• Content and data security
Product Options
• FortiGate
The Evolution of the Enterprise and Enterprise Security | FORTINET White Paper
www.fortinet.com
And a respected analyst firm recently recommended
that "all organizations should now assume that they
are in a state of continuous compromise."
As a result, organizations are examining new
technologies- network and endpoint behavior analysis
and forensics as well as "sandboxing"- specifically
designed to address these new attacks and establish
an "advanced threat defense."
The Changing Role of IT
A service provider and business enabler
Even as the role of IT, including IT Security, is
becoming more complex as a result of the technology
and threat landscape evolution, it too is transforming.
More and more, such groups (staring with the CIO),
are being asked to become strategic contributors to
the business rather than simple caretakers of the
infrastructure. While this is a natural change, it does
raise new demands and workload at a time that the
group is also burdened with the complexity of a more
diverse IT environment in a more dangerous threat
environment as described earlier.
In response, IT organizations are looking to reduce the
complexity of managing security by consolidating
mature security functions and, as much as possible,
obtaining new technologies from existing vendors as
features of in-place security products.
Enterprise Security Requirements
How security at the Enterprise Edge is changing
So, how do enterprises tackle these challenges and
succeed?
1. In response to the internet-based applications
and cloud services increasingly used in the
workplace, enterprises need fine-grained visibility
and control to establish and enforce balanced
policies that empower employees yet manage the
risk to the enterprise.
2. As threats increase in sophistication (with an
emphasis on beating established security
techniques), new inspection methods that focus
on activity rather than attributes are needed to
complement what's already available.
3. With more business-enabling technologies being
supported and advanced security technologies
added at a same time that IT needs to transform
into a strategic business contributor,
consolidation of security functions becomes
essential.
Takeaways – APTs
• Deeper (IPS, AV, DLP) inspection
• Advanced threat protection technologies (anomaly detection, forensics and/or sandboxing)
Product Options
• FortiGate
• FortiSandbox
Takeaways – Changing Role of IT
• Consolidated security
• Integrated security capabilities
Product Options
• FortiGate
• FortiSandbox
• FortiAuthenticator
The Evolution of the Enterprise and Enterprise Security | FORTINET White Paper
www.fortinet.com
Solution for the Enterprise Campus
Fortinet consistently offers the highest performance appliances in a price band, with flexible software platforms that enables them to be deployed in many different “personalities” (combinations of functions).
Next Generation Firewall The foundation of the enterprise campus offering is a high performance next generation firewall (NGFW) that adds intrusion prevention, application control and antimalware to the traditional firewall/VPN combination. In particular, Fortinet NGFWs:
• Provide fine-grained, user – or device-based visibility and control over more than 3000 discrete applications to establish/enforce appropriate policies
• Include powerful intrusion prevention, looking beyond port and protocol to actual content of your network traffic to identify and stop threats
• Leverage top rated antimalware to proactively detect malicious code seeking entry to the network
• Deliver actionable application and risk dashboards/reports for real-time views into network activity
• Run on purpose-built appliances with Custom ASICs for superior, multi-function performance, even over encrypted traffic
NGFW + Advanced Threat Protection
While upgrading to a next generation firewall will certainly improve enterprise security, there is a growing recognition that there is an evolving class of highly targeted, highly tailored attacks that are specifically designed (and often tested) to bypass established defenses. In addition to the core Fortinet NGFW features described above, the following Advanced Threat Protection capabilities can be added to a FortiGate deployment:
• Unique dual-level sandboxing to examine code activity in simulated and virtual environments detect previously unknown threats
• Rich reporting on system, process, file and network behavior, including a risk rating
• Web filtering, botnet and call back detection to prevent communication with malicious sites and IPs
• Option of sharing threat information with FortiGuard labs to receive updated in-line protections
• Option of integrating with FortiGate and FortiMail products for simpler deployment
FortiSandbox is a natural extension to your Fortinet next generation firewall.
NGFW + Authentication With many organizations relinquishing control over the end user device, either supporting smartphones and tablets or moving to full BYOD, authentication of the user, becomes essential. Further, in given the sophistication of threats and increase of data breach noted earlier, there is growing need for two-factor or “strong” authentication. And in light of the complexity and desire for consolidation, many organizations are looking to extend their network security visibility with the control over user access.
The Evolution of the Enterprise and Enterprise Security | FORTINET White Paper
www.fortinet.com
In addition to the core NGFW capabilities noted earlier, the following strong authentication functions can be easily enabled:
• Hardware, software, email and SMS tokens
• Integration with LDAP, Active Directory and radius systems
• End user self-service
• Certificate Authority
• Single sign on throughout the network
NGFW + Secure Web Gateway Given the transformation of IT – supporting more devices, applications and services- as well as evolution of the threat landscape requiring the addition of new security technologies, organizations with relatively constrained staff and budgets are looking to consolidate mature functions in order to free up resources for newer ones. The most common consolidation for enterprises is adding Web Filtering along with the IPS, Application Control and Antimalware of the NGFW in order to replace existing Secure Web Gateways, remove unnecessary appliances and avoid expensive renewals. In addition to the core Fortinet NGFW features mentioned earlier, organizations looking to consolidate Secure Web Gateway functions can take advantage of:
• Dynamic web filtering covering over 56 million rated sites across 79 categories
• Flexible policy engine including support for Usage Quotas, User Override and more
• Central management and reporting to simplify administration
The Fortinet Difference – Custom ASICs,
Unmatched Performance
At the heart of the FortiGate next generation firewalls are purpose-built FortiASIC processors that enable high performance required for the deeper level of “next generation” inspection as well as the consolidation of multiple security functions onto a single appliance. Further, our integrated architecture provides extremely high throughput and exceptionally low latency, minimizing packet processing while accurately scanning the data for threats. Traditional Security Appliances that use multi- purpose CPU based architectures becomes an infrastructure bottleneck. Even when using multiple multi-core general purpose processors, network security devices cannot deliver the high performance and low latency required. The only way for a Network Security Platform to scale is via purpose-built ASICs to accelerate specific parts of the packet processing and content scanning functions. FortiGate technology utilizes optimum path processing (OPP) to optimize the different resources available in packet flow.
The FortiASIC utilized by the latest FortiGate Next Generation Firewall models are:
• Content Processor (FortiASIC CP8) – Accelerated content security such as Antimalware, VPN encryption/ decryption and Authentication processing
• Network Processor (FortiASIC NP6) – Accelerated network security tasks such as Firewall, VPN and IPv6 translation
As a result, organizations can deliver low latency end while still improving security and consolidating functions. A win for everyone.
The Evolution of the Enterprise and Enterprise Security | FORTINET White Paper
www.fortinet.com
Summary
Today’s enterprise is undergoing a significant transformation, with increasingly tech-savvy employees taking advantage of the latest “consumer-grade” technologies to become more agile, efficient and more productive. However, these technologies represent a business risk as well as opportunity, especially given an evolving threat landscape and the rise of highly targeted and tailored attacks. In response, enterprises are upgrading from traditional to next generation firewalls for the visibility and control required to allow the use of these new technologies in a secure manner. Furthermore, many organizations are looking to add Advanced Threat Protection and Authentication technologies as an extension of their NGFW and/or consolidate other network security appliances like Secure Web Gateways for more manageable and cost- effective IT security that facilitates the transformation of IT in a true strategic contributor to the business. For more information on the FortiGate Network Security Platforms, please go to http://www.fortinet.com/solutions/enterprise.html.