Fortinet has announced a proof of concept designed to secure traffic traversing virtual networks at the hypervisor level. With this approach, the security enforcement point is no longer required to be directly in the flow of traffic on the physical network and allows for injecting security controls before the traffic traverses the virtual network layer.
Specifically, the proof of concept will show secured traffic flow in a VMware virtualized network environment that highlights security policy enforcement of communication across and between physical and logical workloads..
“Historically, security controls were required to be directly in the path of affected communication flow. Our VMware integration allows for a much less intrusive design and enables dynamic policy control,” said Elie Bitton, senior director, product management – virtualization and management for Fortinet. “Today’s demonstration enhances our already mature unified threat management VM product line and gives our customers yet another choice regarding how they want to deploy security for cloud and software defined data center architectures. As customers begin to virtualize the cloud network with the new VMware NSX network virtualization platform, we will provide holistic security across virtual and physical infrastructures.”
As leading IT organizations move toward software defined data centers, they are looking for solutions that can be inserted and deleted on demand to after maximum agility and service quality. VMware NSX will virtualize the network and provide a platform for logical security and network services. VMware NSX will leverage a distributed service framework to facilitate partner service insertion.
“VMware is working with a best-in-class security ecosystem of partners to automate and simplify security for customers embracing network virtualization as they transition to the software-defined data center,” said Milin Desai, director, product management, VMware. “Together, VMware and Fortinet are collaborating to ensure smooth operations, IT efficiency and business continuity as customers virtualize their networks.”
FortiGate virtual appliances and virtual domains enable the deployment of consolidated network security to protect virtual infrastructure and increase visibility and control over communications within virtualized environments.
Fortinet virtual appliances can be scaled quickly to meet demand and protect intra-virtual machine communications by implementing critical security controls within a virtual infrastructure, running on VMware, Citrix and open source Xen. FortiGate virtual appliances feature all of the security and networking services common to traditional hardware-based FortiGate appliances. With the addition of virtual appliances from Fortinet, users can deploy a mix of hardware and virtual appliances, operating together and can be managed from a common centralized management platform. Additional virtual appliances that have hardware appliance counterparts include FortiManager, FortiMail, FortiAnalyzer, FortiWeb, FortiAuthenticator, FortiADC, FortiCache and FortiScan.
Fortinet virtual and physical appliances also enable network segmentation into multi-tenant environments. This enables the creation of virtual domains and virtual administrative domains in order to segregate a network into separate domains for subscribers or business units. FortiGate, FortiManager, FortiMail, and FortiWeb appliances and virtual appliances support virtual domains and virtual administrative domains.
FortiManager and FortiAnalyzer deliver centralized management, visibility and analysis of networks and current threat profiles. Together, they provide the integrated visibility and control needed to secure physical and virtualized infrastructures. In addition, real-time automatic updates from FortiGuard services keep organizations protected from the latest threats.