Ken Xie: What’s ahead for Unified Threat Management and Next-Generation Firewalls
Fortinet (NASDAQ: FTNT) helps protect networks, users and data from continually evolving threats. As a global leader in high-performance network security, we enable businesses and governments to consolidate and integrate stand-alone technologies without suffering performance penalties. Unlike costly, inflexible and low-performance alternatives, Fortinet solutions empower customers to embrace new technologies and business opportunities while protecting essential systems and content.
Info Security PG: The term next-generation firewall (NGFW) has been around for more than two years now. What’s beyond NGFW?
Ken Xie: If we think back to the original driver for NGFW, it was really the rise of Internet-based applications and content that drove the need for greater visibility and control of IPS and Application Control, beyond the traditional port and protocol controls of the traditional firewall/VPN.
Since then, Internet-based applications have been joined by public and personal cloud services as well as mobile devices of all types to dramatically change the nature of the “enterprise.” As a result, we are seeing emerging requirements—still in line with the original goal of establishing visibility and control—to enable and secure the new enterprise. For example, to address this rise in mobile devices and BYOD, many of our customers have started leveraging strong authentication (tied to users rather than devices) at their NGFW control point. Due to newer password cracking tools, faster processors and always-on Internet connections, the single plain text password has come under fire. Enterprises today must migrate to a two factor authentication model.
And this dynamic enterprise is evolving at a time when cyberthreats continue to become more targeted and sophisticated. The rise of Advance Persistent Threats (APTs), which can circumvent traditional security technologies, is spurring customers to integrate Advanced Threat Protection (ATP) or “sandboxing” with their NGFW. Such attacks target specific people or functions within organizations, infiltrate from multiple vectors such as phishing attacks and Web drive-bys and use extensive evasion techniques to remain stealthy for long time periods before exfiltrating data. New NGFW solutions must include a robust combination of proactive detection, mitigation and actionable threat insight.
About Ken Xie
In 1996, Ken realized the performance limitations of software firewalls running on PCs/servers, and then started NetScreen. As founder, president and CEO, he lead the company to develop the industry's first ASIC and dedicated hardware systems for high performance firewalls and VPNs. In 2000, after recognizing that firewalls and VPNs alone could not stop content and application network attacks such as viruses, intrusions, spam and malicious Web content, Ken founded Fortinet. Fortinet pioneered Unified Threat Management (UTM) - a market which Fortinet leads and has quickly grown to be among the largest segments in the network security space.
Info Security PG: The Unified Threat Management feature set hasn’t seen broad evolution in recent years? Where do you see the market heading?
Ken Xie: There are several emerging trends that are driving the UTM market today that are logical extensions of some trends that have been around for several years. These trends are focused around advanced visibility and control, expanded access to the network and integrated security.
With regards to advanced visibility and control, UTMs today need to offer the advanced threat protection that customers have come to expect from enterprise firewalls. Customers today expect products to have features like granular policy enforcement of applications, users and devices, as well as On-Device and Cloud-based Sandboxing for advanced threat protection.
In terms of expanded access to the network, we’re finding UTM customers are connecting more devices their networks, and they want the UTM to manage that access. Customers want their UTMs to manage switches, wireless access points and 3G/4G extenders. And they’re asking for Power over Ethernet (PoE) support to their UTM devices as well to enable easy deployment of Point of Sale (PoS) terminals, IP video cameras, VoIP phones, and so forth. Enabling these devices to be extensions of the UTM, instead of stand-alone devices or systems, is a critical aspect to simplifying customers’ networks.
Customers are also asking for integrated security, meaning they want to have a single point of control for all network traffic, including wireless. Since so much data is accessed via mobile devices today, it is essential that customers have an integrated wireless controller and single-pane-of-glass console to ensure consistent enforcement of all traffic.
Info Security PG: What’s the future for cloud security? What is Fortinet doing to secure the cloud?
Ken Xie: Security is consistently the number one concern when extending applications and data to the cloud. Enterprises are already eagerly adopting virtualization and private cloud internally, and empowered business teams are rolling out marketing and user-centric initiatives more quickly and assuming unlimited elasticity. This is pushing faster and unpredictable network bandwidth, so Fortinet is not only increasing performance but rolling out high-speed 40GbE and 100GbE interfaces across the product line.
Enterprises are faced with additional concerns when hosting workloads at cloud providers like AWS or leveraging SaaS applications, including shared multi-tenant environments and ensuring consistent security policies. For example, how to maintain visibility in the public cloud without installing hardware on the provider’s network?
Fortinet has tried-and-tested appliances for enterprises, but has also have released a broad line of virtual and cloud-hosted security offerings that can be deployed everywhere without the need for dedicated hardware.
Going forward, cloud security will also have to become more efficient, scalable and easy-to-use. With simplicity in mind, Fortinet’s cloud solution entails a central, Web-based console to manage individual or aggregated FortiGate devices.
Network availability is critical to a good end user experience. Fortinet’s cloud solutions enable users to monitor the FortiGate network in real time with various alerting mechanisms to detect and pinpoint potential issues.
Meanwhile, cloud solutions will have to keep pace with increasingly stringent compliance regulations. To that end, Fortinet’s cloud solutions offer a slew of pre-configured and customizable reports that can be tailored to meet an organization’s exact specifications.
Info Security PG: So focusing on cloud security, when is it possible to use classic solutions and where is it necessary to implement new solutions?
Ken Xie: In general, data entering and leaving the cloud should be subjected to the same level of scrutiny as any other data entering or leaving the network. In that sense, traditional network security technologies, such as firewall, intrusion prevention, application control and content filtering should be applied to provide that basic level of scrutiny.
Also, cloud environments, like physical environments, require regular updates to the security architecture to repair vulnerabilities and ensure sustained defenses against malware and other threats. As with physical infrastructure, the cloud should be equipped with a comprehensive global intelligence network and frequent updates that identify and protect against new vulnerabilities before they are exploited in the wild.
However, the additional challenge associated with securing data in the cloud is that the security architecture must also secure the multi-tenant nature of the traffic. As such, security architecture must have the ability to enforce separate policies on traffic, depending on origin or destination. In that regard, non-traditional security technologies must be established to keep traffic entirely separate and avoid any risk of unauthorized access.
We are also working with our service provider partners to enable new solutions. For example, to secure increasing mobile devices that access cloud services and bypass the internal network, we delivered more security and inspection for carrier LTE networks. We also enable MSSP’s and cloud providers to deploy and offer our security-as-a-service to secure instances in public clouds, rather than forcing all tenants to bring their own security virtual appliances.
1090 Kifer Rd Sunnyvale, CA 94086 USA
Founded in: 2000 CEO: Ken Xie Public or Private: Public (NASDAQ: FTNT) Head Office in Country: Sunnyvale, CA United States Products and Services: Network Security Company’s Goals: To be the global leader in network security. Key Words Related to your Company: Network security, consolidated security, unified threat management, UTM, next-generation firewall, NGFW, cloud security, email security, edge firewall, firewall,enterprise security, data center security, wireless security, virtual security, threats, threat landscape, malware, viruses, vulnerabilities, zero day, vulnerability management, web application security, intrusion prevention, IPS, DDoS, DoS, content filtering, application control, Web filtering, DLP, data loss prevention, endpoint control, antivirus, antivirus client, sandboxing, antimalware, integrated security
JOIN NOW THE CYBER SECURITY WORLDWIDE COMMUNITY ON LINKEDIN