Episode 55: Trust No One – Exploring Zero-Trust Networks
Did you know, zero-trust is among the most searched cybersecurity terms in the last couple of years. That means people are interested in adopting this security setup. But just what is it, and how do you make it happen? We welcome Fortinet Senior Director of Product Marketing Peter Newton to answer those questions and more. Peter tells us why most networks are already on the zero-trust spectrum. He also goes over some key steps to firming up a zero-trust environment. And he explains why it’s a perfect solution in the age of remote work and hybrid setups.
In headlines, hear about drama with REvil ransomware and a special kind of court. And then, learn why the EU is pointing the finger at Russia for cyber activities. Finally, we explain why state governments especially are struggling to fill cybersecurity jobs.
How to listen
Listen to Ping – A Firewalls.com Podcast using the player above…
Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.
Learn even more about network security through our blog, which features new content every week, and our knowledge hub.
New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!
Wifi 6 refers to the latest generation of wireless technology, also known as 802.11ax. Another name for this new standard is High Efficiency Wifi. It replaces 802.11ac, which now goes by Wifi 5. Wireless access points and routers incorporating the technology are increasingly ubiquitous. And many new smartphones, tablets, laptops, and other connected devices are Wifi 6-certified to take full advantage of its performance capabilities.
How Is Wifi 6 Different Than Wifi 5
Wifi 6 offers several advantages over Wifi 5 when it comes to speed, performance, and even security. First, speed – often referred to as throughput – can max out around 10 Gbps for a Wifi 6 device, compared to 7 Gbps for Wifi 5. While that’s an obvious upgrade, performance accounts for a significantly greater boost – some 400% in what’s called throughput per area.
What does that mean? It means more devices can connect in high-density areas with low to no latency. In other words, it’s real-world speed. Finally, security is better, too, as Wifi 6 supports WPA3 encryption standards, the most secure version of Wifi Protected Access protocol.
Why Upgrade to Wifi 6
While manufacturers seem to release new access points and routers constantly, an upgrade from a prior generation model to Wifi 6 is worth strong consideration. Wifi 6 supports more connected devices at greater speeds with better security than its predecessors. And the differences are significant. To recap:
Top speed more than a third better than the previous best
Throughput per area is 4 times better
And latency is 75% lower
These all represent major leaps in performance, and along with security improvements, make a strong argument for upgrading.
Which Brands Already Carry Wifi 6 Access Points
Several brands now offer Wifi 6 access points, with more on the way. Firewalls.com carries Wifi 6 access points from Fortinet, Aruba, Ruckus, and Cisco Meraki. Models range from small business/small office options to large enterprise and even stadiums and arenas. This generation of access points comes with indoor and outdoor options as well.
What Are The Recommended Wifi 6 Access Point Models
With the growing number of Wifi 6 access points now on the market, finding the right fit for a given scenario can be a challenge. So to meet that challenge and sift through the clutter, here are a few recommended Wifi 6 access points to suit varying business needs.
For Easy Deployment
Aruba Instant On AP22
It doesn’t get much easier than instant, does it? The Aruba Instant On AP22 offers a quick way into the Wifi 6 world. As its name suggests, you can basically turn it on and have wireless ready to go. This is ideal for a small business with limited staff or small branch office scenario.
And while the ease of deployment is nice, the AP22 also comes packed full of features at an affordable price. It includes mounting hardware, simple management tools, and even built-in security features like firewalling and application control, with no need for external controllers.
Tech Specs
Deployment:Indoor
Performance:2×2:2 MU-MIMO
Mesh Support:Smart Mesh Wi-Fi
Throughput:1.774 Gbps
PoE: PoE 802.3af
For Network Integration
Fortinet FortiAP 231F
Chances are if you’re a small to mid-size business, you already have a firewall. Maybe you even have a switch and endpoint, too. And if those solutions happen to be from one of the top security vendors out there, Fortinet, then this FortiAP 231F is a good pick for your entrée into Wifi 6.
The FortiAP 231F places you firmly into the Fortinet Security Fabric, which allows all your Fortinet solutions to communicate seamlessly with one another with single-pane-of-glass management. As far as what this access point offers specifically, it includes built-in security and a third radio for beacon and location-scanning. It can also optionally be managed through the cloud and is more than capable outside the Fortinet ecosystem as well.
Tech Specs
Deployment:Indoor
Performance:2×2:2 MU-MIMO
Mesh Support:Yes
Throughput:1.2 Gbps
PoE: PoE+ 802.3at
Look to the Cloud
Cisco Meraki MR44
Cisco Meraki is pretty well-known as a pioneer in the cloud space, and you can be a pioneer both there and in Wifi 6 by choosing the MR44 access point. The MR44 comes with Meraki’s noted cloud management architecture, which eliminates the need for traditional wireless controllers. It also offers zero-touch deployment, easy visibility and control throughout the network, and seamless firmware updates.
The MR44 itself is an enterprise grade access point, so if your performance demands are a little higher, it’s a great fit. As with other APs noted in this piece, Meraki’s MR Series features built-in security, plus a dedicated extra radio. And if you’re already a Meraki customer for other solutions, it integrates especially nicely.
Tech Specs
Deployment:Indoor
Performance:4×4:4 MU-MIMO
Mesh Support:Self-healing, Zero-configuration
Throughput:3 Gbps
PoE: PoE+ 802.3af/at
Let’s Take It Outside
Ruckus T750
Our previous three access points were designed for indoor deployments, but this AP from Ruckus doesn’t care where you set it up. The T750 offers the performance of Wifi 6 with IP-67 durability to withstand rough conditions, indoors or outdoors. When it comes to deployment options, think stadiums, airports, convention centers, and the like. Each individual T750 can handle over 1,000 users at once.
Ruckus offers the T750 in the controller-less Unleashed model as well as the traditional ZoneFlex option. Both are easy to deploy and manage. And they boast other special features, like built-in IoT radios, BeamFlex antennas to optimize connectivity, and the security of the aforementioned WPA3.
Tech Specs
Deployment:Outdoor
Performance:4×4:4 MU-MIMO
Mesh Support:SmartMesh
Throughput:2.4 Gbps
PoE: PoE++ 802.3bt
So these are just a few examples to help you navigate the wonderful world of Wifi 6. But wait, there’s more! Browse all the Wifi 6 options Firewalls.com has to offer. And if you need to talk it through a bit more, chat with an expert on our site or call 866-645-2140.
Episode 36: What to Expect When You’re Expecting Cyber Threats in 2021
Start 2021 off with a bang – or a Ping in our case – as we podcast our way through some cyber threats to look out for in the new year. Andrew & Kevin go through predictions from top security experts at Fortinet’s FortiGuard Labs, Sophos, Barracuda, and WatchGuard. What did they find? Plenty of network security hazards face us in 2021, from evolving ransomware and phishing campaigns, to continued remote work vulnerabilities.
When you’re done listening, take a read through some of these predictions for yourself, from Fortinet, WatchGuard, Sophos, andBarracuda.
And for a more in depth look at WatchGuard’s predictions, check out Episode 34.
In headlines, the news about the FireEye/SolarWinds/federal government/Russia cyber breach keeps coming. And then, learn why fear may not be the right factor in cybersecurity training. Finally, hear about a new type of swatting that uses smart doorbells and home security cameras.
Oh, and Happy New Year!!
How to listen
Listen to Ping – A Firewalls.com Podcast using the player above…
Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.
Learn even more about network security through our blog, which features new content every week.
New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!
The best network switches make life easier for an IT team. Though network security can be maddeningly complicated, network switches ease the complexity. By connecting multiple devices across your network, switches allow secure data sharing over multiple appliances and endpoints.
Powerful centralized management lets administrators deep dive into network issues, deploy unified policies, and manage hundreds of sites through a single dashboard. Network switches are a bridge between devices, using MAC addresses to forward data through layer 2. In sum, they play a vital role in modern Local Area Network (LAN) deployments.
What is a Network Switch?
A secure network switch integrates all the devices on your network, allowing for seamless sharing and data transfer between them. This can include everything from firewalls and wireless access points to VoIP phones, printers, servers, and more. Further, these devices can be monitored and controlled through a centralized management platform, allowing admins to quickly and easily shift resources across the network to safeguard productivity for business-critical applications and services.
Network switches are integral parts of a complex network, providing a wired or virtual connection to desktop computers, IoT devices, and more. For starters, every switch includes a set number of Ethernet ports which support a varying number of connected devices. On top of that, you can “stack” switches in a series, allowing your business to scale up and connect larger numbers of devices and users to the LAN.
What to Look for in a Network Switch
Network switches can be complicated, but they are necessary for seamless end-to-end network security and performance. Before deciding which network switch is best for any business, consider a few questions:
How many users are operating on the network? This user count includes all Internet-connected devices
How will the switch receive power? Power-over-Ethernet options make certain switches more appealing for complex deployments
What is the business’ Internet speed and how much is used? Multi-gigabit switches will help in utilizing the full ISP speeds
Superior network transparency with granular visibility at the app & hostname level
Zero-touch provisioning allows for rapid deployment across the network
Packet capture & other remote diagnostic tools help troubleshoot network errors
What Makes Cisco Meraki MS Series Switches One of the Best Network Switches in 2020?
Cisco Meraki MS Switches are purpose-built for intuitive management and ease-of-use. Cisco Meraki network switches do not require a Command-Line Interface to manage ports or change configurations. As a result, network administrators get access to a centralized management platform with granular visibility and control by just plugging it in. On top of that, a simple dashboard helps admins sort through information and track events with a detailed change and event log.
Cisco Meraki switches allow “virtual stacking.” In other words, switch port configuration changes can be made on the dashboard without the need to install and deploy additional on-premise switches. Therefore, you can start on-prem, then build up into the cloud!
Fortinet network switches support wire-speed switching protocols in addition to Store & Forward mode. On top of that, the FortiSwitch appliance is ideal for a SD-Branch deployment, further enabling businesses of any size to enjoy the benefits of digital transformation.
Ability to roll out devices across the network quickly & securely
Prioritize network traffic for superb Quality of Service for business-critical apps
What Makes SonicWall Switch One of the Best Network Switches in 2020?
When paired with a firewall, SonicWall Switches deliver end-to-end security that simplifies management and network troubleshooting. This tightly-knit security posture eliminates blind spots and gaps. In turn, it helps network administrators locate and eliminate weak points in their security infrastructure.
SonicWall Switches are flexible, high-performance networking appliances that provide high port density and Power-over-Ethernet capabilities. Additionally, they offer multi-gigabit performance at prices affordable even for small businesses.
But wait, there’s more…
Looking for the best protection for your small business?
Give us a call at 866-957-2975 to find the perfect fit!
Shopping for email security, endpoint, wireless access, or ransomware protection? Then you should check these out, too:
3 Best Ransomware Protection Solutions for Business 2020
Once your network is infected, ransomware encrypts files on afflicted endpoints, making it impossible to read or open them. The best ransomware protection for small businesses proactively hunts down and eliminates even never-seen-before ransomware long before an employee ever gets a chance to fall for it. Here are a few key features you should seek when comparing the best ransomware protection services available in 2020:
Advanced email security
Cloud-based sandboxing
Behavior-based scanning
Regular threat intelligence updates
Want to avoid shelling out big bitcoin to get your small business’s data back under control? Get a ransomware security solution that does more than just look out for known ransomware signatures.
What is Ransomware Protection?
The best ransomware protection for businesses scans inbound and outbound traffic across your entire network,using artificial intelligence to monitor the behavior of files as they traverse and interact with other network resources. Ransomware protection solutions spot behavior that looks similar to malicious activity and further investigate it in nanoseconds. Faster than you can say mind palace, these solutions either allow or block file access based on that verdict.
What to Look for in a Ransomware Protection Service
The best ransomware protection systems include a cloud-based sandbox where suspicious files can be sent for disarmament or detonation. In other words, if your ransomware tool is even the least bit suspicious of a file, the system safely opens and inspects it without threatening your network health.
Additionally, the best ransomware services rely on artificial intelligence and machine learning to reach threat verdicts via behavior monitoring. This means that even if a strain of ransomware has never been seen by any other endpoint in the entire world, if it walks like ransomware, talks like ransomware, or displays any other tell-tale ransomware behavior, your ransomware protection should yank it aside for closer inspection. Traditional ransomware protection services fall back on known signatures that need to be constantly refreshed and can do nothing to stop zero-day threats.
What Qualifies Capture ATP as one of the Best Ransomware Protection Services in 2020?
SonicWallCapture Advanced Threat Protection (available as an add-on for all SonicWall TZ or NSa firewalls) is a powerful cloud-based sandbox with malware-analysis that can detect evasive threats. Capture ATP blocks suspicious files at the gateway until a verdict is rendered.
SonicWall combines multi-layer sandboxing, Real-Time Deep Memory Inspection, full system emulation, virtualization techniques, and more to detect more threats than any single-engine sandbox available in 2020. On top of that, the low false-positive rate means it won’t block the legitimate files you need to do business.
Sophos Intercept X Advanced with EDR
Key Features:
Highly-acclaimed malware detection engine driven by deep learning
Exploit prevention stops attackers from taking advantage of vulnerable software & apps
Root cause analysis visualizes where threats originate & how they move on the network
What Qualifies Sophos Intercept X Advanced with EDR as one of the Best Ransomware Protection Services in 2020?
Sophos Intercept X Advanced with Endpoint Detection & Response is a mouthful. But it’s also a comprehensive, defense-in-depth tool that combines advanced techniques to squash malware, ransomware, and zero days. Intercept X also uses behavioral analysis to stop boot-record attacks.
Plus, even if a system is already infected, CryptoGuard stops the encryption process and reverts (or rolls back) files back to their pre-infection state.
Provides actionable intelligence via automation to detect & respond to advanced threats
HUGE accolades from third-party testers such as NSS Labs, BPS, & ICSA Labs
What Qualifies FortiEDR with FortiSandbox as one of the Best Ransomware Protection Services in 2020?
Fortinet’s EDR & FortiSandbox establish a two-step sandboxing approach centered around artificial intelligence. These services first compare at-risk files against known and emerging malware with static analysis. Then, second stage analysis uncovers the full attack lifecycle by detonating the cyber payload in a virtual, quarantined environment.
Detail analysis maps any uncovered malware to Mitre ATT&CK framework with powerful investigation tools to help admins better visualize security events.
Look for the best ransomware protection for your small business?
Give us a call at 866-957-2975 to find the perfect fit!
Best Endpoint Security of 2020 for Your Small Business
Finding the best endpoint security for your network needs can be a challenge. There are dozens of options, all supporting a myriad of advanced security features and integrations that may be impossible to navigate unless you’re an expert. Each vendor offers a unique set of services with strengths and weaknesses that will ultimately determine whether your users stay safe or not. The best endpoint security may vary from organization to organization, but here are our top picks for the best endpoint security options available in 2020.
What is Endpoint Security?
Endpoint security, end user security, endpoint protection—while the name can be flexible, its necessity for a secure network is not. Endpoint security software protects small businesses & enterprises by guarding connected devices against malware and other advanced cyberattacks. Modern endpoint security integrates with appliances and applications you already use to provide edge protection as employees and guests access your network.
Encrypted malware, ransomware, and business email compromise can spell disaster for small businesses. That’s why the ability to monitor end user activity in real time – as well as make decisions to quarantine and isolate individual machines – can mean the difference between a small, contained incident and a catastrophic breach.
In 2020, endpoint security platforms now incorporate Endpoint Detection & Response capabilities powered by AI. Guided response, rich reporting, and root cause analysis are all top-shelf features that organizations should seek in a quality endpoint security service.
What does Endpoint Security include?
The best endpoint security goes beyond the basics. Traditionally, end user protection included passive endpoint scans combined with basic antivirus capabilities. However, in 2020, the best endpoint security blow the basics out of the water with multiple advanced security features:
Continuous monitoring of files, applications, & connected devices
Automated incident detection and isolation of infected machines
Web content filtering to safeguard productivity and network usage
Auto-provisioning based on user group, OS, location, or time of day
Real-time threat intelligence updates from a pedigreed threat research team
The threat landscape is always evolving. That means your end user protection must stand up to threats never-before-seen by the network security ecosystem. The ability to recognize zero day exploits based on machine learning and behavioral analysis is essential for organizations to stay secure in 2020.
What is the Best Endpoint Protection of 2020?
Here are our top picks for the best Endpoint Protection for small businesses in 2020:
SonicWall teams up with SentinelOne to deliver a heuristic endpoint protection suite with the unique capability to mirror Microsoft shadow copies for post-infection rollbacks. This eliminates the need for manual restoration after a ransomware attack and lets admins rest easy knowing they can always restore endpoints to their pre-infection state. In addition, round-the-clock behavioral monitoring eliminates the need for scheduled system scans. In short, this minimizes network resource hogging and safeguards user productivity.
Detects elusive memory techniques used in exploits like buffer overflows
What makes Fortinet FortiClient unique?
Fortinet FortiClient end user protection services simplify remote user experience with built-in user provisioning, auto-connect, and an “always-up” VPN. FortiClient works perfectly in tandem with all Fortinet devices and services on your network through the Fortinet Security Fabric. According to NSS Labs 2019 Advanced Endpoint test, FortiClient blocked 100% of malware including extremely elusive threats.
Automatically detects, prioritizes, & investigates potential threats using AI
Leverages deep learning analysis to analyze malware in extreme detail
Out-of-the-box SQL queries categorized by use case
Live Response provides users command line access to endpoints & servers
Quickly search up to 90 days of current & historical on-disk data
What makes Sophos Intercept X Advanced with EDR unique?
Sophos made a huge splash with the upgrade to its original Intercept X service. It sports big changes that included Endpoint Detection & Response (EDR) capabilities in addition to its already robust real-time, integrated endpoint platform. Intercept X Advanced combines powerful endpoint protection with endpoint detection driven by machine learning. This means most threats are squashed long before they can damage your network. Artificial intelligence assists with guided response. To save your small business even more, an important note: the objective of Sophos endpoint protection is to reduce the need for added IT employees by consolidating their roles into a single automated system.
Auto-provisioning of VPN settings based on Client VPN
Zero-touch deployment through a self-service web portal
Deploy policies & changes from the cloud across the entire network
What makes Cisco Meraki Systems Manager unique?
Cisco Meraki’s endpoint management solution supports a variety of platforms and operating systems, making Systems Manager a flexible option for most any deployment. Systems Manager offers cloud-based endpoint management tools that easily scale up to meet growth needs. By providing admins the ability to manage distributed deployments from anywhere in the world, Systems Manager is an endpoint security solution built for a highly mobile, highly distributed world.
Look for the best endpoint protection for your small business?
Give us a call at 866-957-2975 to find the perfect fit!
State & local government agencies are responsible for a variety of vital services, like public utilities, infrastructure, education, & election administration to name a few. That, plus financial and staffing challenges, makes cybersecurity especially tough. To learn about what governments are facing – and solutions to consider – we welcome Fortinet Field CISO Jim Richberg. Jim discusses why budgets are so tight and how evolving cybersecurity technology means better options.
In cybersecurity headlines, we discuss a death due to a hospital ransomware attack. Then, Dunkin’ gets called out in New York for mishandling a major breach. And finally, we talk TikTok as the popular video app has faced turbulence in its bid to avoid a U.S. ban.
How to listen
Listen to Ping – A Firewalls.com Podcast using the player above…
Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.
Learn even more about network security through our blog, which features new content every week.
New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!
The FortiGate 80F brands itself as a secure SD-WAN and security appliance. This focus on the WAN edge is growing more and more popular in the network security space as small businesses and enterprises alike step up to the challenges of digital transformation and remote work. SD-WAN provides secure, direct Internet access for the kinds of cloud-connected applications businesses now depend on like Dropbox, GitHub, Salesforce, Office 365, and more.
The FortiGate 80F joins its F-Series brethren as leaders of the SD-WAN race. For any organization looking to deploy applications, devices, or cloud environments across multiple branch locations, the WAN edge efficiency of these models should put them at the top of any shortlist.
The FortiGate 80E is well-recognized in the industry as a powerhouse of network security, fit for most mid-sized businesses and larger branch offices. The FG-80E includes a SoC3 system-on-a-chip build that optimizes processing power and performance without sacrificing security. As part of the Fortinet Security Fabric, the FortiGate 80E integrates multiple layers of security across small business networks, letting systems communicate in real time to detect and stop advanced threats.
The FortiGate 80E is a Unified Threat Management (UTM) platform that delivers wired and wireless networking for networks up to roughly 50 users. This model also comes with variants that boast improved internal storage as well as Power-over-Ethernet capabilities. A USB port located on the rear of the appliance allows for 3G/4G compatibility that allows for additional WAN connectivity and redundancy.
How much does the FortiGate 80F cost?
Pricing for FortiGate 80F starts with an MSRP of $1200 for the Appliance Only model (though Firewalls.com highly discourages buying “appliance only” products as a primary firewall). However, Requesting a Quote or connecting with a Firewalls.com account representative via Live Chat will immediately shave hundreds of dollars off your final price tag.
Compared to the FG-80E, the FortiGate 80F nets you four times the UTM throughput, extra space for site-to-site tunnels, and connection per second gains an order of magnitude greater than E Series counterparts. And don’t forget that whole purpose-build secure SD-WAN, too.
Whether you own a Fortinet product or you’re just shopping around, the Fortinet Security Fabric is a term you’re probably seeing a lot of these days. But what is it? Just like actual fabric – many individual fibers weaved together – the Security Fabric is Fortinet’s vast security portfolio intertwined. In short, it’s an integrated solution allowing you to see, manage, and secure your network products in one place. In long? Let’s get into it.
It Starts With the Firewall
Here at Firewalls.com, we often refer to a firewall as the cornerstone of any network setup. The Fortinet Security Fabric treats it that way as well. It’s the hub around which all the spokes of the wheel connect – forgive the mixed metaphors. In this case, with your FortiGate next generation firewall – aka NGFW – you can coordinate the behavior of other Fortinet (and partner) products. That means your FortiGate can run your security show with visibility into all corners of your network. And by the way, it can also function as a Secure SD-WAN powerhouse in case you’ve missed that news. It supports a variety of other security technologies all under the same FortiOS operating system, including:
Secure Wi-Fi and Switching Access
Network Access
The single-console Fabric Management Center
Open Fabric Ecosystems for partner integrations
Cloud Infrastructure
Business-Critical Applications
Security Operations for automated threat detection, prevention, & response
Endpoint Protection
What is the goal of the Fortinet secure access solution?
The Fortinet secure access solution as it’s sometimes termed, encompasses secure switching and wireless. The goal is network access that’s easy to manage for admins while at the same time high performing for users.
Access is a word that pops up a few times in this conversation – as both creating and controlling it is key for an optimized, secure network. The Security Fabric integrates with FortiAPs to provide and manage secure wireless access and FortiSwitches to do what switches do – essentially create a network. And speaking of access, with the Fortinet Security Fabric, you can implement a zero-trust network access policy throughout your network.
It starts with network access detection, continuous monitoring, and control. Next, you can implement multi-factor authentication with a solution like FortiToken. Finally, ongoing visibility and access control of all your endpoints is a must – something you can accomplish with FortiClient. When implemented together, you’ll make it extremely difficult for hackers to gain access to your network – keeping your important data secure.
How does the Security Fabric secure my network?
The Security Fabric is designed with network security as a priority. Fortinet refers to this as security driven networking. This begins with the FortiGate firewall as the front-line network protector. But it also includes the secure access solutions of the switch and wireless appliances, and dynamic cloud security to secure your cloud presence.
We’ve already discussed some of the role the FortiGate plays in the Security Fabric, but let’s expand a bit more. We already know the FortiGate is a firewall. But it also includes other critical security measures. These include a secure web gateway to help stop phishing attacks, SSL/TLS decryption to catch encrypted threats without slowing performance, and intent-based segmentation. And we can’t forget about the Secure SD-WAN component which extends this security outside the physical boundaries of the office to branch locations.
As for the cloud, the Security Fabric integrates a wide array of cloud-based security solutions. We know everyone has some type of cloud presence, so staying protected in that space is paramount. In addition to the FortiGate firewall, Fortinet offers FortiWeb web application firewalls. Email is also a major player in the cloud, and we know that email is a main entry point for malware. The good news is FortiMail is built to stop both traditional and advanced email threats.
Another note on all this security talk. The Fortinet Fabric Manager is your single console to manage all of the solutions mentioned above – and more. But the beauty is you won’t have to micromanage your security. Fortinet’s solutions heavily leverage artificial intelligence and automated security. FortiGuard AI incorporates real-time threat data gathered by FortiGuard Labs to ID and stop just about any online hazard you can think of. In essence, Fortinet Security Fabric solutions are constantly working behind the scenes to stop threats.
Who are Fortinet Security Fabric partners?
The list of Fortinet Security Fabric open fabric ecosystem partners is too numerous to include here. But these partners include heavyweights like Amazon Web Services, Google Cloud, Intel, Oracle, and Siemens to name just a few. The partners leverage the Security Fabric to offer end-to-end security solutions in partnership with Fortinet. It’s just one more way your network gets comprehensive coverage.
How do I get started with the Security Fabric?
We’ve touched on a number of aspects of the Security Fabric in this piece. But in the end, as in the beginning, it all comes back to the firewall. To get started on your Security Fabric journey, find the FortiGate firewall that’s right for your network.
Advanced endpoint protection is a must for any organization, and one of the most comprehensive solutions out there was built from the ground up for end to end security: FortiEDR. In case you missed it, EDR stands for Endpoint Detection and Response. But that only begins to describe the total protection you get with FortiEDR.
FortiEDR offers something far beyond first generation endpoint offerings: Real-Time Protection, pre- and post-incident. That means it’s proactively working 24/7/365 to stop infections before they start. And if you somehow get infected, it jumps all over the infection with heavy artillery to make your network whole again.
Pre-Infection
What does FortiEDR do to stop malware before it gets to your network? It proactively discovers any rogue endpoints and unsecure IoT (internet of things) devices – let’s face it there can be a lot. Meanwhile, it continuously scans for vulnerabilities and comes with risk-based policies that make it harder for attackers to get in. And if it finds vulnerabilities? You get virtual patches. It’l likely to catch even the wildest of wild malware with its machine learning antivirus engine and signature-less detection that can block threats before execution.
Post-Infection
If any threats do find their way through, FortiEDR is ready to stop them in – did I mention? – real-time. It automatically defuses potential threats with automated response and remediation. Defusing these threats post-infection means blocking outbound communication, and stopping data tampering, exfiltration, and even the dreaded ransomware encryption.
Any malware that’s made even the slightest dent in your network won’t have that satisfaction for long, as FortiEDR can rollback any changes its made. It’ll also remove any of those pesky bad files that try to stick around. And this remediation and rollback all occurs without interrupting your business.
With all that action taking place, you’ll want to have a play-by-play, so FortiEDR offers full visibility into attacks. That means forensic data, malware classification, a memory snapshot in case of fileless attacks, and more. Plus, admins can even customize incident response playbooks with optional MDR – or managed detection and response – service.
Integration
Another big plus for FortiEDR is its integration into the Fortinet Security Fabric. It works seamlessly with every other Fortinet protection platform, from FortiClient licenses to FortiGate firewalls to FortiSandbox sandboxing. They all speak the same language – allowing you to manage your network from a single-pane-of-glass.
How do I get FortiEDR?
FortiEDR licenses come in a variety of shapes and sizes. That means you have options. Choose your solution based on your number of users – aka assets – starting at 500, and the level of protection you desire. Offerings include Predict & Protect, Protect & Response, and Predict, Protect, & Response – which covers all we discussed here. FortiEDR’s cost depends on the combination you select. The cost to your business not to have this advanced endpoint detection and response in place when an attack comes around is immeasurable. Shop now to find the right option for you!
To continue our recent theme of decoding abbreviations, EDR means Endpoint Detection & Response, and that means that the age of AI is upgrading networks. This automated, real-time endpoint solution ensures that end users can work securely no matter where in the world they’re located in relation to a firewall.
With EDR, your network defenses constantly scan for the kinds of elusive malware, ransomware, and zero day threats that signature-based detection platforms miss. And in the event a security incident occurs, advanced Endpoint Detection & Response platforms such as Sophos Intercept X Advanced with EDR or FortiEDR stop attacks even if the endpoint is compromised. Guided response lets administrators easily walk through the steps of an attack to see its root cause and isolate infected machines.
EDR’s machine learning systems deter, detect, disarm, dissect, deescalate, and do away with any cyber threats you can throw its way.
Why EDR works for small businesses
Survey after survey several years running have revealed two facts: a majority of small businesses find it difficult to hire qualified IT talent–especially talent focused on network security–and their budgets often struggle to accommodate the talent they do find. Automated endpoint detection and response monitored by 24-hour machine learning intelligence adds just the kind of cybersecurity expertise that SMBs need without a higher employee headcount.
Just like modern grocery stores have self-checkout lines and autoworkers now benefit from the assistance of robotics, automation enables small businesses to do more with less to get the job done. Farm out malware expertise and incident response to the bots!
Sophos Intercept X Advanced with EDR
Intercept X Advanced has been a longstanding go-to for network admins looking to add advanced protection to their networks in a comprehensive, integrated system. Sophos Intercept X Advanced now also consolidates that industry-leading protection and EDR into a single solution. Intercept X’s advanced malware prevention significantly eases the workload on the EDR component, allowing you to utilize more of the speed and performance you pay your Internet Service Provider for.
Minimize staffing by automating IT tasks usually done by skilled experts
Provide visibility into attack scope, root cause, impact, & network health
Hunt for indicators of compromise that may leave your network vulnerable
Fortinet FortiEDR
FortiEDR will be made available to order on May 4th and is already boasting some big benefits and features. An EDR solution purpose-built to detect potential threats, FortiEDR stops breaches in real time, and mitigate the damage of ransomware even on machines that have already been compromised. FortiEDR also extends security to IOT devices with the ability to protect everything from PCs to servers to point-of-sale systems and more.
Creates very small network footprint thanks to native cloud infrastructure
Enjoy automated EPP with orchestrated response across platforms
Stop file-based malware with Fortinet’s kernel-level Next Gen AV engine
Eliminate dwell time & reduce post-breach expenses
SonicWall Capture Client
Automated endpoint detection and response is integrated into SonicWall’s Capture Client, bringing together EDR, advanced threat protection, and integrated network security. With unique ransomware rollback capabilities and intuitive attack visualizations, Capture Client offers a comprehensive endpoint protection and EDR environment for any SonicWall network.
Multifactor authentication – aka MFA – means the bad guys are S.O.L. even if they get your name and password. By requiring multifactor authentication for users on your network, you ensure that connection attempts provide two or more pieces of evidence before allowing a user access to any resources or applications.
By adding multiple layers of authentication beyond the simple password (and let’s be honest, how many of your employees are really using long, complicated passwords?), you can safeguard against these vulnerabilities of human error. And with so many employees working from their home office out of the IT department’s direct line of sight, you’re going to want a few extra safeguards until we’re all back on premise.
FortiToken Mobile: One-Time Password Generator
Fortinet’s FortiToken Mobile is a one-time password generator application compatible with both Android and iOS devices. It supports both time-based and event-based password tokens, adding versatility to how users can be authenticated. The app instantly generates a single-use token right on the mobile device that users are carrying around in their pocket all day long. Even if attackers are able to steal your username and password, they’ll have to pay a visit in-person to steal your mobile phone too.
FortiToken Mobile is a great solution for small businesses that are looking to get started with multifactor authentication at a low price-point. SMBs can get started with licenses for as few as just five employees. Adding additional licensing is quick and easy, making the solution scalable with your needs. Plus, because FortiToken Mobile is sold as perpetual licenses, you only have to pay once. No annual renewals or subscriptions needed.
WatchGuard AuthPoint Mobile is designed to work the way your employees work. That means versatility, scalability, and ease-of-use are key. Network administrators can assign different kinds of authentication to specific users, groups, or applications.
Mobile Push Notification – AuthPoint’s mobile device option sends push notifications to a user’s phone after they attempt to log in with their username and password. By responding to this push notification, users let AuthPoint know whether to accept or deny the access attempt.
QR Code — AuthPoint supports a QR code version that works with mobile devices as well. After a user attempts to sign into a machine with name and password, a heavily-encrypted QR code is generated onscreen which can then be read by the AuthPoint app on their mobile device.
One-Time Password (OTP) — Like FortiToken, AuthPoint Mobile is able to generate unique one-time passwords that temporarily act as authentication credentials for the AuthPoint app.
Multifactor Authentication & VPNs
Many of us will be working from home for the foreseeable future and Firewalls.com has seen a mad dash of small businesses trying to stay connected through secure remote access, virtual private networks, and email security. Solutions like WatchGuard IPSec VPN Clients are a great way to keep remote users safely tethered to company resources and applications, but the human factor always leaves vulnerabilities. Most VPN services require only a username and password combination, making them ripe targets for credential theft and phishing attacks.
Compromised VPNs present a greater threat than any single application or endpoint being infected. Once an attacker is able to win a foothold in a remote access tunnel, they’ve got a direct pipeline right back into the heart of your network. When most of your network’s users are reaching out through dozens of VPN tunnels, multifactor authentication becomes a must-have security feature, not a convenient add-on.
Fortinet FortiClient is purpose-built to simplify advanced security capabilities, so even small business owners with limited IT staff or resources can roll out enterprise-grade networking. Looking to keep remote worker endpoints sanitary? FortiClient unifies all the endpoint features you expect out of a premium end user platform including secure remote access, sandboxing, and behavior-based scanning for ransomware and encrypted malware.
Fortinet brings it together with seamless Security Fabric Integration, ensuring that all of the Fortinet security fabric components such as FortiGate Firewalls, FortiAnalyzer, wireless APs, and managed switches share a unified view of every endpoint. Automated advanced threat prevention through the use of FortiSandbox catches both known and never-seen-before threats. This integrated framework is centrally managed on the single-pane-of-glass dashboard offered through a FortiGate next generation firewall. This is fast to set up, too! You’re one FortiClient download away from securing all of your endpoints, on-premise or remote. Activation codes are typically delivered next business day.
Remote access with auto-connecting FortiClient VPN
With companies rushing to get remote workers set up on secure remote connections, many small business owners are turning to FortiClient VPN which takes advantage of both SSL VPN and IPSec VPN to provide secure remote access over the fastest and most stable protocol available. This means almost any Internet-connected location can offer secure access to company applications and resources, regardless of the details of its environment. FortiClient automatically connects endpoints to VPNs and maintains an always-up connection, so remote workers require little to no training on how to connect to a VPN from home – or anywhere else.
FortiClient increases visibility & control over endpoints
FortiClient provides end-to-end visibility into all of the endpoints on a network, allowing administrators to view endpoint health at a glance. By integrating endpoints into the Fortinet Security Fabric, the endpoint protection systems, firewall, and security services on the network communicate in real-time to ensure system compromises never go unnoticed. This translates into early detection for network administrators in case of an attack, allowing IT teams to respond quickly.
The FortiOS 6.0 operating system enables endpoint telemetry intelligence, which accurately identifies Indicators of Compromise. Fortinet determines what constitutes an Indicator of Compromise by checking real-time web filter logs on each endpoint against a threat database groomed by FortiGuard Labs. If a potential match is flagged, Fortinet assigns a threat score to that endpoint, measuring overall end user health and reporting this data back to a centrally-managed dashboard through the FortiGate firewall. Plus, network administrators love the automated response capabilities that FortiClient’s telemetry allows, letting them quarantine suspicious endpoints on the fly.
Stop advanced threats like ransomware
FortiGuard Labs provides up-to-the-second threat protection based on real-world data collected from security sensors around the globe. FortiSandbox harnesses this threat intelligence for behavioral scans of all files & applications present on FortiClient endpoints. That means even if threats are hidden in encrypted data packets, FortiClient will root them out and send them to quarantine before any payloads can detonate. Email-borne threats–especially dangerous to remote workers–are blunted thanks to these real-time scans and shared intelligence.
Don’t believe us that FortiClient is a next generation endpoint service? Industry validation titans such as NSS Labs and Gartner consistently stand behind this solution, providing top marks for FortiClient in annual benchmarking tests. In the NSS Labs 2019 Advanced Endpoint Test, Fortinet’s FortiClient blocked 100% of malware thrown at it. See how to get FortiClient for your business.
There are exactly two ways to test your network’s security against cyber threats: run validation testing to assess precisely how your network performs or wait for the real thing to happen and draw conclusions while you’re picking up the pieces in the aftermath. While trial-by-fire is certainly a conclusive way to assess your network security, Firewalls.com strongly recommends the former option. Fortinet’s Cyber Threat Assessment Program is a convenient and non-intrusive process that lets you see where your network stands without interrupting day-to-day operations.
The assessment is free of charge, requires little to no legwork on your part, and yields results in just over a week. Check out the infographic below to see how it works, or listen to our recent podcast episode where we discuss Cyber Threat Assessments with Fortinet’s Ben Bolen.
See How Fortinet’s Secure SD-WAN Can Save You Time & Money
Been curious about SD-WAN? The very same process described in the infographic above can be used for an SD-WAN assessment as well! Fortinet’s Secure SD-WAN allows for high-speed application performance at the WAN edge, intelligently determining the ideal routes for MPLS, 3G/4G, or broadband traffic. Since traditional WAN architectures are not equipped to accommodate the high-demand workloads modern organizations who may be using applications spanning multiple cloud environments. Now you’re one FREE assessment away from seeing exactly how Secure SD-WAN can transform your network.
What Information Is Included In CTAP Report?
The Fortinet Cyber Threat Assessment focuses on three key areas: Security, User Productivity, & Network Utilization.
Security: Details network vulnerabilities and helps to identify which devices and applications are at an elevated risk so that they can be properly secured. In this section of the report you’ll get to see which vulnerabilities and threats were observed bypassing your existing security solutions.
User Productivity: Provides extensive visibility into peer-to-peer, messaging, and other application usage to see how users are using your network in their daily work. In this section you’ll see how spam, newsletters, and other cyber nuisances impact how your users navigate the network.
Utilization: Provides real-world numbers about throughput and bandwidth usage during peak traffic. In this section, you’ll get to see when your network resources are needed most and where waste can be eliminated.
No Risk, No Extra Work, No Commitments
The infographic above outlines the basic process for receiving, setting up, and reviewing your results. At no point in the process are you required to make any purchases, change any settings, or meet any deadlines. Fortinet’s Cyber Threat Assessment is a risk-free program that requires no more extra work than plugging in a cord. If at any point you decide you want to end the test, pull the cord back out! That’s it. No money changes hands, no contracts are signed, and no network settings are changed. If you want to dump your final assessment in the trash, no problem. The report is yours to use as you see fit.
Ready For Your Free Assessment?
Getting your Cyber Threat Assessment is as easy as filling out a form on our Fortinet Cyber Threat Assessment Program page. Leave us your contact info and Firewalls.com will work behind the scenes to get a test set up for you. We work closely with Fortinet to make sure the test requires as little effort on your part is possible.
FortiGate 40F – Secure SD-WAN for the Small Business
Compact. Fanless. Affordable. Secure. The new FortiGate 40F from Fortinet hits all the marks when it comes to arming small businesses and branch offices with the fast, secure access necessary in 2020. Fortinet is an industry standout in the SD-WAN arena thanks to their innovative SoC4 SD-WAN ASIC processor. You may recognize this mighty, mini-sized processor from Fortinet’s other recent additions: the FortiGate 100F & FortiGate 60F. Fortinet’s best-of-breed SD-WAN allows for intelligent application steering, scalable VPN capabilities, and other advanced networking capabilities.
The best part? While boasting all of the SD-WAN capabilities of its larger cousins, the tiny FortiGate 40F also reaches maximum throughput speeds up to 5.0 Gbps. For an appliance built with small offices in mind, those speeds are insane!
Maximum Supported Wireless Access Points: 10/5 (Total/Tunnel Mode)
Hardware-Only MSRP: $495
“Do-It-Yourself” SD-WAN Deployments
Fortinet makes life for small business owners easy. All FortiGate Secure SD-WAN appliances are easily managed through Fortinet’s Security Fabric in the Fabric Management Center. Paired with zero touch deployment, the FG-40F is user friendly even for businesses with limited IT staff, letting you skip a burdensome manual configuration.
Looking for More Small Business Solutions from Fortinet?
Our website is now bursting with Fortinet network security options for you to shop!
How do you know if your network is vulnerable? Well, you could find out the hard way by getting breached. Or you could try out a free program from Fortinet, the Cyber Threat Assessment Program (CTAP) that is. On this episode of Ping: A Firewalls.com Podcast, Kevin and Andrew talk to Fortinet’s Ben Bolen about CTAP, with a special focus on the new CTAP for SD-WAN. You’ll hear how it works, what you can expect to learn, and why it can be a vital step to optimizing your network security, whether you’re already running an SD-WAN setup or not.
Learn more about the CTAP program and sign up now.
Our Network Engineer Alan Steady shares the secret to making SD-WAN management easy in our Engineer’s Minute. Check out all of the expert security services our certified engineers offer.
In our Headlines, we talk about how SD-WAN may be able to help IoT security, a survey that places cybersecurity atop a list of business concerns, and some TikTok vulnerabilities.
How to listen
Listen to Ping – A Firewalls.com Podcast using the player above…
Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.
New episodes are released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show!
The FortiGate 60F arrived just last month and the network security community is already abuzz with praise for this high-tech security appliance. With its SoC4 security processor, application-specific chip set, and WAN edge capabilities, there’s a lot to get excited for. However, because firewall manufacturers tend to design and launch firewalls in successive series, there can be a bit of confusion when it comes to understanding the key differences between the FortiGate 60F and it’s predecessor, the FortiGate 60E. While the FG-60E is still one of the fastest and most secure (and most popular) firewalls in the industry, let us take a closer look at what new potential the FG-60F has in store.
FortiGate 60E Tech Specs at a Glance
Firewall Throughput: 3 Gbps
IPS Throughput: 400 Mbps
NGFW Throughput: 250 Mbps
SSL VPN Throughput: 150 Mbps
Concurrent Sessions (TCP): 1,300,000
New Connections per Second: 30,000
Firewall Latency: 3 μs
FortiGate 60E Overview
The FortiGate 60E is one of the most secure Next Generation Firewalls ever designed, propelled by tons of industry awards and accolades. In fact, the FortiGate 60 series is the #1 selling firewall in the world with over 1.5 million units sold globally. Originally hitting the market in 2016, the FortiGate 60E includes a SoC3 (System-on-a-Chip) architecture that further accelerates networking performance well past the potential of previous generations. The FortiGate 60E was among the first Fortinet firewalls to be integrated into the then-emerging Fortinet Security Fabric infrastructure.
The FortiGate 60E is a Unified Threat Management (UTM) platform that delivers integrate wired and wireless networking for medium-sized organizations. This model includes built-in dual-band, dual-stream wireless with integrated internal antennas providing fast 802.11ac wireless. Further, a USB port located on the rear of the appliance allows for compatibility with 3G or 4G USB modems for additional WAN connectivity.
Though this Next Generation Firewall is a few years old, it continues to stand at the front of the pack when compared to its competitors. For any small business not particularly concerned with SD-WAN considerations, the FortiGate 60E still makes for an excellent option as a primary network firewall.
FortiGate 60F Tech Specs at a Glance
Firewall Throughput: 10 Gbps
IPS Throughput: 1.4 Gbps
NGFW Throughput: 1 Gbps
SSL VPN Throughput: 900 Mbps
Concurrent Sessions (TCP): 700,000
New Connections per Second: 35,000
Firewall Latency: 4 μs
FortiGate 60F Overview
The FortiGate 60F is a high-performance SD-WAN solution in a compact fanless form factor. Designed for branch offices, remote outposts, and mid-sized businesses, the FG-60F simplifies remote access issues and helps organizations reduce long-term expenses by phasing out expensive MPLS connections. SD-WAN provides secure, direct Internet access for the kinds of cloud-connected applications that businesses now depend on like Dropbox, GitHub, Salesforce, Office 365, and more.
This security-focused WAN edge networking is made possible by Fortinet’s SD-WAN Application-Specific Integrated Circuit (ASIC). The first-of-its-kind SOC4 – first introduced in the more port-heavy, rack-mountable FortiGate 100F – delivers blazing fast application identification and steering for over 5,000 known cloud applications. Fortinet’s advanced routing capabilities mean that modern connected businesses achieve superb user experience without worrying about performance loss.
The FortiGate 60F joins its F-Series big brother the 100F as kings of the growing SD-WAN arms race and the industry’s news face of digital transformation. For any organization looking to deploy applications, devices, or cloud environments across multiple branch locations, the WAN edge efficiency of these models are just too great put them at the top of the shortlist.
Curious what all the hubbub about SD-WAN is about? Fortinet’s Cyber Threat Assessment Program allows you to test these new technologies in a real-world setting: your network! Get your hands on a free SD-WAN test drive and see how much time, money, and productivity your network is leaving on the table. Sign up for a free Cyber Threat Assessment today.
