The advent of virtualisation, the Cloud and data means that more network traffic is going to more places faster than ever before. And all of this data, traffic and applications needs to be protected. This is why software-defined networks present opportunities for resellers, according to Fortinet A/NZ director of engineering and services, Gary Gardiner.
Gardiner claimed these functions take place over the public Cloud (the internet), private Clouds (VPNs), internally (LAN) and on individual devices (PCs, laptops and smartphones).
“In short, they are platform-agnostic. And to protect these functions at every level, physical or virtual, Fortinet has consolidated their Next-Generation Firewall solutions into a unified SDN Security Framework. This is a huge opportunity for savvy resellers,” he said.
Gardiner mentioned that as clients move their application services into a mixed virtual or physical or Cloud-based model, the more they need to embed security protection into every layer of their network, regardless of physical location.
However, he said this has proven to be problematic as the technology has been moving faster than the security vendors. One of the key enablers that has allowed discrete operations to run across multiple platforms is known as software-defined networking (SDN).
Gardiner added that what Fortinet has done is build a set of security-centric open and proprietary application programming interfaces (APIs) between their Next Generation Firewall security services and SDN offerings from major networking vendors.
These vendors include Microsoft with their Azure solution, integration with Cisco’s application-centric infrastructure (ACI), VMware’s vSphere and Software-Defined datacentre (SDDC) and HP with its VAN (Virtual Application Networks) SDN Controllers.
“This means that datacentre and enterprise customers can now add Fortinet’s security at more levels of their network.”
Enabling cyber-security innovation throughout the network architecture, the new Fortinet SDN Security framework sits across all principal layers of the company’s network architecture by featuring a data plane that encases security engines from fixed hardware boxes into logical instances that can scalable and embedded deep into virtualised switching fabric and abstracted network flows.
In addition, it has a control plane for the orchestration and automation of security policy with provisioning of elastic workloads to eliminate security and compliance gaps in highly agile, dynamic environments; as well as a management plane – a ‘single pane-of-glass’ for security policy and events across physical and virtual appliances, private and public Clouds and throughout converged infrastructure to ensure a consistent and compliant security posture.