Professional Documents
Culture Documents
WP SDN Security Framework Updated
WP SDN Security Framework Updated
Fortinet Software-Defined
Security Framework
Network security is also being impacted. Firewalls, intrusion prevention, and other
security appliances have traditionally been deployed as hardware devices at discrete
points in the physical network, such as the ingress/egress point at the network
edge. Newer SDN and private cloud architectures are instantaneously aggregated
from pools of resources that must be elastic to scale with organizational demand.
As security needs to increasingly be deployed throughout the network to counter
against advanced threats inside the perimeter, there are challenges maintaining
visibility and control with dynamic and logical network flows in increasingly softwaredefined environments. With the profound and fundamental changes to data center
infrastructure, constricting traffic through a few fixed static inspection points would
negate many of the benefits of IaaS agility.
1
www.fortinet.com
nnPlatform
nnSingle-Pane-of-Glass
Single-Pane-of-Glass Management
As data center workloads become more dynamic, there can
be protection or compliance gaps if a different security posture
is applied depending on whether the workload is physical
or virtual, or running in a private cloud or public cloud, or
whether it is protected by a physical or virtual firewall. Security
management needs to be able to ensure a single-pane-of-glass
view of security policies and events across the hybrid cloud,
regardless of where a workload is running and how it is
being protected.
Security management itself can be delivered more as a service
as well, such as by running policy and logging engines in virtual
machines or even hosted as an SaaS application in the cloud.
www.fortinet.com
www.fortinet.com
On-Demand Self-Service
SaaS Multi-Tenancy
As cloud services and managed services are increasingly being
delivered from efficient and elastic multi-tenant infrastructure,
rather than from dedicated or customer premise equipment
(CPE), management tools and platforms need to become multitenant aware. Security policy and event management can be
delegated to each tenant to reduce cloud administrator costs,
ideally through online web interfaces, to fulfill a more SaaS-like
experience. Provider administrators must also be able to have
a global provider view, in addition to being able to troubleshoot
delegated administrative views for a single tenant.
www.fortinet.com
nnFortiGate
nnFortiGate-VM
nnScalableprovides
nnAwareintegrated
GLOBAL HEADQUARTERS
Fortinet Inc.
899 Kifer Road
Sunnyvale, CA 94086
United States
Tel: +1.408.235.7700
www.fortinet.com/sales
nnFortiGate
nnFortiManager
nnFortiCloud
nnFortinet
nnFortinets
nnSecureapplies
nnActionableintegrated
nnOpenbuilt
nnOther
Copyright 2016 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, FortiCare and FortiGuard, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law
trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other
resultsmay vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied,
except to the extent Fortinet enters a binding written contract, signed by Fortinets General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in
such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinets internal
lab tests. Fortinet disclaims in full any covenants, representations,and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most
July 7, 2016
current version of the publication shall be applicable.