Our research shows that an average enterprise uses 68 security tools from 32 vendors, so the platform concept has become the preferred deployment model in this world of multiple security and networking vendors since it helps simplify operations. Fortinet Inc., which has disrupted the once- undisruptable wide-area network market, today announced a number of updates to its FortiSASE solution.
FortiSASE, the company’s secure access service edge offering, is now integrated with its wireless local-area network portfolio with the goal of providing more options for remote workers and distributed edges to connect securely. The rationale for this announcement is to provide integrated WAN and LAN security.
Security Service Edge primarily addresses remote workers and small branch offices, while SD-WAN provides connectivity. Neither provides end-to-end threat protection and connectivity on the LAN, where wireless is used. Fortinet’s expanded use of SASE not only simplifies the environment for the network and security teams but by applying the principles of SASE to the internal network, it can protect the end-to-end attack surface.
Details of the announcement include:
Microbranch and IoT/OT device SASE
The company now includes expanded integrations within its WLAN product portfolio to provide additional support to organizations for securing microbranches and related devices. The company says its FortiAP wireless access points will “intelligently offload traffic from microbranches to a SASE point of presence for comprehensive security inspection at scale for all devices, including IoT and OT devices.”
With this integration, customers can manage Fortinet’s WLAN products using the same cloud-based management console already used for the company’s FortiSASE. It says these updates “complement Fortinet’s existing support for users at the location and present organizations with a new approach to cloud-based security by extending enterprise-grade protections — like sandboxing, intrusion prevention or IPS and URL filtering — to microbranches without the need for additional appliances or services.”
Enhanced DLP
FortiSASE, the company’s cloud-delivered security services, now includes a data loss prevention or DLP service run using FortiGuard. This is aimed at protecting sensitive data across today’s hybrid environments. The company says the service consists of “a wider range of data identifiers, file types, and software-as-a-service, or SaaS, applications, as well as advanced data matching techniques to prevent inadvertent data leaks.”
By continuously enhancing DLP, Fortinet is providing organizations with a way to counter new threats using insights into their cloud applications and tools.
Digital experience monitoring
As part of this announcement, Fortinet’s DEM product will integrate with FortiSASE to provide insights across a wide range of areas. The company says this coverage will include “users, Fortinet’s global SASE PoPs, and the performance of SaaS applications, including Webex, Office365, and DropBox, for comprehensive network and SaaS application monitoring.” It also says the integration’s endpoint monitoring should deliver visibility across the enterprise so that information technology teams will be armed with information they can use to resolve issues more quickly — all with the goal of providing a better user experience.
Overall impressions of FortiSASE
In a one-on-one briefing with me, Ramnath Shenai, senior manager for products and solutions for SASE at Fortinet, told me that the agent Fortinet is using for SASE is the same one it used for VPN — FortiClient.
“The customer doesn’t have rip and replace the existing agent if they already were using FortiClient for VPN,” he said. “It’s a very easy uplift to move into FortiSASE because a customer just has to upgrade.”
Although Fortinet has been in the WAN industry for over a decade, SD-WAN provided the market transition for it to gain share. Its most significant competitive advantage is its ability to leverage existing FortiGate firewalls and allow customers to deploy on SD-WAN and SASE without a hardware upgrade. If Fortinet can deliver as advertised, it’ll simplify the lives of thousands of IT and security operations professionals while it gains traction in Wi-Fi, which is an area where it’s still a minority player.