California-based Fortinet is a worldwide provider of network security appliances and a leader in unified threat management (UTM). The company’s products and subscription services provide integrated protection against dynamic security threats while simplifying the IT security infrastructure. Fortinet’s broad product line goes beyond UTM to help secure the extended enterprise―from endpoints, to the perimeter and the core, including databases and applications. We spoke to Paul Judd, Regional Director UK, Ireland & South Africa, to find out a little more about the company’s approach to network security.
Can you give some background on what Fortinet does?
Our products protect the network from the endpoint to the perimeter and the core, which also includes securing databases and applications. The company was founded in 2000 and today is a major global security player, with over 600,000 devices deployed to date around the world. We count more than 100,000 customers ranging from SMEs through to large enterprises and telephone carriers. In November 2009, we made an initial public offering and went public on Nasdaq.
Today, we are valued around $2.3bn. With the creation of Fortinet and our first FortiGate multi-threat security appliance, we pioneered the concept of Unified Threat Management, which enables integrated protection at the network level and allows the detection of hidden threats within legitimate content, even from trusted sources and authorized applications. Since then, many other security vendors joined the UTM bandwagon, which is the fastest growing segment within the network security market. On our side, we’ve been leading this segment since 2004 and we have been innovating ever since―to the extent that we have received more than 100 awards across our security solutions as well as 60 patents awarded and more than 120 pending.
Fortinet just announced a new high performance security blade that allows enterprises to break the 500Gbps barrier. What’s the significance of this?
Yes, our latest product edition is the FortiGate-5001B security blade, designed for our FortiGate-5000 chassis-based platforms, which offers unmatched levels of security, price-to-performance ratios and scalability for service providers, enterprises and telecoms providers. The product is emblematic of Fortinet’s 100 per cent commitment to relentlessly pushing the boundaries of network performance without the enterprise or service provider having to sacrifice either traffic speed or security. We are conscious that our enterprise and telco customers do not want to compromise on network latency and we want to continuously improve our products performance capabilities in order to meet those ever increasing needs. This announcement further proves that UTM solutions can compare against or even beat the performance levels of point security solutions.
What types of organisations require such high levels of network security performance?
A lot of organisations need high levels of network security performance but financial trading companies, service providers and telecommunications organisations tend to have the biggest requirement. Just 10 milliseconds of latency could lose a financial company millions of pounds (source: TABB Group). For any organisation, the smallest hint of latency can disrupt communications between business and client, impede business decision-making and frustrate users. Currently, organisations across the board are demanding more network performance. The more bandwidth an organisation demands means more potential threats to the company’s network, and, as a high percentage of today’s traffic contains various types of malware, including viruses, spam, inappropriate content and other policy violations, it’s crucial for organisations to increase their security to deal with this traffic increase but to do this without adding this latency is the challenge to address. Speed and performance don’t have to be a trade off.
How does the FortiGate-5001B help large enterprises?
Large enterprises specifically require excellent network performance as well as a range of security features; in general, a security solution must work at a granular level preventing a multitude of threats, yet operate at wire speed. The FortiGate-5001B delivers up to 40Gbps of firewall throughput; up to 17Gbps of virtual private network (VPN) throughput, and integrates essential security functions in a compact Advanced Telecom Computing Architecture (ATCA)-compliant blade form factor. These include enterprise firewall, virtual private network, application control, intrusion prevention, anti-virus/anti-malware, anti-spam and Web filtering. The device enables enterprises to consolidate security services and simplify network infrastructures to deliver substantially increased performance, dramatically improved multi-threat protection and significantly lower operating costs.
What advantage does the 500Gbps barrier have to the enterprise?
Growing businesses want to be able to use more applications and features such as social media, video conferencing, file sharing from remote locations etc, which require an enormous amount of bandwidth and protection. Security is the single biggest culprit of latency inside corporate networks. All that traffic needs to be ‘stopped and verified’ as thoroughly as possible.
Enterprises want to be confident that their security solution will be able to cope with today’s business demands and increased traffic levels. Breaking the ‘500Gbps barrier’ enables organisations to do this with a higher level of peace of mind that the enormous number of packets required to execute work using those mediums will be accurately checked without compromising speed. By breaking the 500Gbps barrier we are essentially creating a seismic shift in security performance and effectively we are saying to the rest of the industry that our technology is robust enough to deliver the highest levels of performance on the market.
How does Fortinet differ from other security vendors?
Fortinet’s business and expertise is dedicated to security, and security only. Fortinet’s technology has been developed fully in-house from Day 1 and the company has total control over the design of its products, making no compromises on quality, performance and reliability. Technological innovation is at the heart of Fortinet’s strategy to address the stringent security requirements of its customers. Our solutions are based on the same core technology, enabling tight integration for better communication between our products and as a result, stronger security and higher performance. Our continual high-level of investment in R&D, has enabled the company to take the notion of multi-threat security from an all-in-one box for SMEs to a high-end IT security strategy used by some of the biggest enterprises across the globe.
What advice would you give to large enterprise ICT managers looking to upgrade their network security next year?
In 2011, organisations will be still be looking for products which have a lower total cost of ownership as they continue to control reduced budgets and work within tougher economic environments. In parallel, many of them will have to do more with less, and be forced to address the limitations of their legacy firewalls to face increasingly complex threats and network connectivity requirements.
Integration, consolidation and virtualisation are three key areas where businesses will find that ROI. Virtualisation and consolidation of security functions can help look at what is already there and how it can be used more effectively. Ultimately, they will help ICT managers make their organisations’ security operations much more efficient, more cost-effective to operate, and easier to manage. Regardless of where you are on the network security journey, there are plenty of opportunities to take advantage of, to ensure your organisation doesn’t get caught out either in terms of performance or effectiveness.
You recently celebrated your 10th anniversary as a company. How has the security market changed from an enterprise perspective in the last 10 years?
Over the last 10 years, the volume and severity of threats have become much more serious and complicated. Nowadays the network perimeter has been blurred, with the adoption of social media, Cloud computing and virtualisation, to the extent it does not really exist anymore. For example, with social media applications like Facebook, enterprises face the difficulty in drawing the line between using the application for business use and for leisure. At the same time, enterprises are demanding faster and faster network speeds and are increasingly concerned with latency. Organisations need high performance security systems in order to keep up with today’s business demands. In doing so companies are much more inclined to consolidate or virtualise their security solutions, in order to become more efficient and effective.
Are there certain issues enterprises are focusing more on from a security stance in 2011? Why do you think that is?
Organisations really have to consider what they are doing with their social media strategy from a security perspective. Yes, they’re great applications and functions to enhance business communication both internally and externally, but organisations need to think how they will secure them. Mobile security is one area everybody talks about, puts it on the ‘to do’ list and promptly forgets about.
However this cannot be the case for 2011. We have seen that, as social media mediums such as Instant Messenger and the use of iPhones for business use become more widely used, organisations are failing to keep up with security developments. It is important that businesses do not get caught out in the hype of Web 2.0 applications for business use without securing the vital information that flows through such devices. As it gets harder to gain access to the network via traditional means, cyber criminals and hackers are looking for the kinds of weak points that unsecured social media and mobile devices potentially provide.
With recent media news stories focusing on cybercrime, what are Fortinet’s predictions for the development of cybercrime in 2011?
Cybercrime continues to increase in professionalism and automation. Specifically, the development and distribution of affiliate programs will be a prominent recruitment vehicle for attackers. Operations will be delegated from members higher up in the cybercrime food chain— essentially meaning the structural layers of criminal organisations will be less transparent; making it harder for authorities to catch the ringleaders.
We’ll also be seeing increased competition between cyber-gangs, with each gang becoming more territorial about their malware empires; creating and implementing ‘bot killers’ to eradicate other criminals’ malware threats that lie on a given individual’s computer, resulting in a price increase for criminal services.
Furthermore, attackers will take professional steps to ensure that malware infections are robust; using the equivalent of service level agreements and quality of service assurances at the malware production stage. This will be in order to produce tailored malicious code that will ensure their threats remain undetected by legitimate anti-virus and security software programs. Finally, for 2011, European and international countries will continue to collaborate and partner in an effort to generate a global, authoritative movement to combat the cybercriminal operations that are growing in number.