The Evolution of the Enterprise… And Enterprise Security

Introduction

Today's enterprise is evolving rapidly, with new

technologies such as consumer-grade mobile

devices, internet-based applications and cloud

services supplementing or replacing the traditional

corporate standard IT infrastructure and assets.

These have a fundamental impact on enterprise

security requirements specifically related to employees

and data. Especially, in light of a corresponding

evolution in the role of IT, as well as changes in the

threat landscape.

This paper discusses each of these technology, role

and threat trends, plus emerging enterprise security

requirements.

Fundamental Technology Shift

Mobility and BYOD

According to IDC, tablet shipments have overtaken

those of mobile PCs in 2013, and are predicted to

surpass those of mobile and desktop PCs together in

2015.

Adding in the 1 billion smartphones shipped, or simply

looking around our office or home, it is clear that the

way employees get work done is much different today

than in the past.

While this increased mobility undoubtedly has

increased productivity and convenience, it also raises

new challenges for IT and IT security. Attempting to

manage and support such a large number and wide

range of devices can be daunting. So too is the

provision and control of enterprise applications and

data.

In the past, a single company issued Windows-based

PC, with a corporate standard configuration and

device-based security and authentication, was the

single method for ensuring secure access to company

systems and information. Today, that is no longer

feasible with demands from employees and

executives to use their iOS and Android devices. In

response, organizations are embracing (in full or in

part) bring your own device (BYOD) policies. And as a

result, necessary security controls are increasingly

moving away from endpoints (which may no longer be

seen, let alone controlled, by IT) to network

checkpoints, and similarly based on users rather than

devices.

Takeaways – Mobility and BYOD

• Greater network visibility and control

• User-rather than device-authentication

Product Options

• FortiGate

• FortiAuthenticator

The Evolution of the Enterprise and Enterprise Security | FORTINET White Paper

www.fortinet.com

Internet-based applications

This greater mobility is driving (or is enabled by,

depending on your view of things) internet-based

applications and cloud services which are inherently

available anytime, anywhere as opposed to the

previous client-server based models of the enterprise.

There is a dramatic rise in the enterprise use of social

media (Facebook, LinkedIn) and cloud storage

(Dropbox, Google Drive), not to mention public cloud

services (SaaS, PaaS, IaaS). While this increased

accessibility is a productivity driver, it also raises new

security challenges. No longer are all applications

provided by IT, ensuring that the content delivered is

safe and the enterprise data within them secure.

Instead employees are at increased risk that content

delivered from 3rd party internet-based applications

may be malicious and/or that data may be

compromised within 3rd party, multi-tenant services

or infrastructure. If nothing else, such external

applications and services raise compliance and

reporting challenges.

In response, enterprises are looking to strike a

balance between the use of such applications with

security of the enterprise and its data. This starts with

simply gaining visibility into what applications and

services are used by employees, followed by

establishing and enforcing granular policies. This is

doubly challenging given such applications and

services increasingly use encrypted communications

as well as the fact that 1 in 3 respondents to a recent

Fortinet survey indicated that they would contravene

an employer policy preventing use of public loud

services.

Changing Threat Landscape

Advanced Persistent Threats

Even as enterprises are relinquishing control over

applications, services and devices and relying more

heavily on network-based control points, the risk of

cyber attack is higher than ever before. And the cyber

threats themselves are more sophisticated- targeted,

tailored, socially-engineered and even multi-staged. A

simple search on "data breach" this past year will

return countless headlines that make this abundantly

clear.

Cyber criminals are often:

• singling out individual organizations (or a small

group of similar organizations in an industry);

• targeting employees with attacks crafted to fool

even the wary;

• leveraging malware modified (and often tested) to

bypass traditional security controls;

• moving stealthily within the organization in search

of data

• exfiltrating that data over a period of time

While established security technologies that leverage

signatures, patterns, heuristics and reputations are a

necessary baseline (and should be deployed for

deeper Inspection at more segmentation points),

PriceWaterhouse Cooper reported that 20% of large

organizations had detected that they were

successfully penetrated.

Takeaways – Cloud applications and services

• Greater application and service visibility

• Granular policies and enforcement

• Content and data security

Product Options

• FortiGate

The Evolution of the Enterprise and Enterprise Security | FORTINET White Paper

www.fortinet.com

And a respected analyst firm recently recommended

that "all organizations should now assume that they

are in a state of continuous compromise."

As a result, organizations are examining new

technologies- network and endpoint behavior analysis

and forensics as well as "sandboxing"- specifically

designed to address these new attacks and establish

an "advanced threat defense."

The Changing Role of IT

A service provider and business enabler

Even as the role of IT, including IT Security, is

becoming more complex as a result of the technology

and threat landscape evolution, it too is transforming.

More and more, such groups (staring with the CIO),

are being asked to become strategic contributors to

the business rather than simple caretakers of the

infrastructure. While this is a natural change, it does

raise new demands and workload at a time that the

group is also burdened with the complexity of a more

diverse IT environment in a more dangerous threat

environment as described earlier.

In response, IT organizations are looking to reduce the

complexity of managing security by consolidating

mature security functions and, as much as possible,

obtaining new technologies from existing vendors as

features of in-place security products.

Enterprise Security Requirements

How security at the Enterprise Edge is changing

So, how do enterprises tackle these challenges and

succeed?

1. In response to the internet-based applications

and cloud services increasingly used in the

workplace, enterprises need fine-grained visibility

and control to establish and enforce balanced

policies that empower employees yet manage the

risk to the enterprise.

2. As threats increase in sophistication (with an

emphasis on beating established security

techniques), new inspection methods that focus

on activity rather than attributes are needed to

complement what's already available.

3. With more business-enabling technologies being

supported and advanced security technologies

added at a same time that IT needs to transform

into a strategic business contributor,

consolidation of security functions becomes

essential.

Takeaways – APTs

• Deeper (IPS, AV, DLP) inspection

• Advanced threat protection technologies (anomaly detection, forensics and/or sandboxing)

Product Options

• FortiGate

• FortiSandbox

Takeaways – Changing Role of IT

• Consolidated security

• Integrated security capabilities

Product Options

• FortiGate

• FortiSandbox

• FortiAuthenticator

The Evolution of the Enterprise and Enterprise Security | FORTINET White Paper

www.fortinet.com

Solution for the Enterprise Campus

Fortinet consistently offers the highest performance appliances in a price band, with flexible software platforms that enables them to be deployed in many different “personalities” (combinations of functions).

Next Generation Firewall The foundation of the enterprise campus offering is a high performance next generation firewall (NGFW) that adds intrusion prevention, application control and antimalware to the traditional firewall/VPN combination. In particular, Fortinet NGFWs:

• Provide fine-grained, user – or device-based visibility and control over more than 3000 discrete applications to establish/enforce appropriate policies

• Include powerful intrusion prevention, looking beyond port and protocol to actual content of your network traffic to identify and stop threats

• Leverage top rated antimalware to proactively detect malicious code seeking entry to the network

• Deliver actionable application and risk dashboards/reports for real-time views into network activity

• Run on purpose-built appliances with Custom ASICs for superior, multi-function performance, even over encrypted traffic

NGFW + Advanced Threat Protection

While upgrading to a next generation firewall will certainly improve enterprise security, there is a growing recognition that there is an evolving class of highly targeted, highly tailored attacks that are specifically designed (and often tested) to bypass established defenses. In addition to the core Fortinet NGFW features described above, the following Advanced Threat Protection capabilities can be added to a FortiGate deployment:

• Unique dual-level sandboxing to examine code activity in simulated and virtual environments detect previously unknown threats

• Rich reporting on system, process, file and network behavior, including a risk rating

• Web filtering, botnet and call back detection to prevent communication with malicious sites and IPs

• Option of sharing threat information with FortiGuard labs to receive updated in-line protections

• Option of integrating with FortiGate and FortiMail products for simpler deployment

FortiSandbox is a natural extension to your Fortinet next generation firewall.

NGFW + Authentication With many organizations relinquishing control over the end user device, either supporting smartphones and tablets or moving to full BYOD, authentication of the user, becomes essential. Further, in given the sophistication of threats and increase of data breach noted earlier, there is growing need for two-factor or “strong” authentication. And in light of the complexity and desire for consolidation, many organizations are looking to extend their network security visibility with the control over user access.

The Evolution of the Enterprise and Enterprise Security | FORTINET White Paper

www.fortinet.com

In addition to the core NGFW capabilities noted earlier, the following strong authentication functions can be easily enabled:

• Hardware, software, email and SMS tokens

• Integration with LDAP, Active Directory and radius systems

• End user self-service

• Certificate Authority

• Single sign on throughout the network

NGFW + Secure Web Gateway Given the transformation of IT – supporting more devices, applications and services- as well as evolution of the threat landscape requiring the addition of new security technologies, organizations with relatively constrained staff and budgets are looking to consolidate mature functions in order to free up resources for newer ones. The most common consolidation for enterprises is adding Web Filtering along with the IPS, Application Control and Antimalware of the NGFW in order to replace existing Secure Web Gateways, remove unnecessary appliances and avoid expensive renewals. In addition to the core Fortinet NGFW features mentioned earlier, organizations looking to consolidate Secure Web Gateway functions can take advantage of:

• Dynamic web filtering covering over 56 million rated sites across 79 categories

• Flexible policy engine including support for Usage Quotas, User Override and more

• Central management and reporting to simplify administration

The Fortinet Difference – Custom ASICs,

Unmatched Performance

At the heart of the FortiGate next generation firewalls are purpose-built FortiASIC processors that enable high performance required for the deeper level of “next generation” inspection as well as the consolidation of multiple security functions onto a single appliance. Further, our integrated architecture provides extremely high throughput and exceptionally low latency, minimizing packet processing while accurately scanning the data for threats. Traditional Security Appliances that use multi- purpose CPU based architectures becomes an infrastructure bottleneck. Even when using multiple multi-core general purpose processors, network security devices cannot deliver the high performance and low latency required. The only way for a Network Security Platform to scale is via purpose-built ASICs to accelerate specific parts of the packet processing and content scanning functions. FortiGate technology utilizes optimum path processing (OPP) to optimize the different resources available in packet flow.

The FortiASIC utilized by the latest FortiGate Next Generation Firewall models are:

• Content Processor (FortiASIC CP8) – Accelerated content security such as Antimalware, VPN encryption/ decryption and Authentication processing

• Network Processor (FortiASIC NP6) – Accelerated network security tasks such as Firewall, VPN and IPv6 translation

As a result, organizations can deliver low latency end while still improving security and consolidating functions. A win for everyone.

The Evolution of the Enterprise and Enterprise Security | FORTINET White Paper

www.fortinet.com

Summary

Today’s enterprise is undergoing a significant transformation, with increasingly tech-savvy employees taking advantage of the latest “consumer-grade” technologies to become more agile, efficient and more productive. However, these technologies represent a business risk as well as opportunity, especially given an evolving threat landscape and the rise of highly targeted and tailored attacks. In response, enterprises are upgrading from traditional to next generation firewalls for the visibility and control required to allow the use of these new technologies in a secure manner. Furthermore, many organizations are looking to add Advanced Threat Protection and Authentication technologies as an extension of their NGFW and/or consolidate other network security appliances like Secure Web Gateways for more manageable and cost- effective IT security that facilitates the transformation of IT in a true strategic contributor to the business. For more information on the FortiGate Network Security Platforms, please go to http://www.fortinet.com/solutions/enterprise.html.