Fortinet global leader in broad, integrated and automated cybersecurity solutions, announced FortiNAC, a new network access control product line that delivers network segmentation and automated responses for IoT security.
- The massive rise of unsecure, headless IoT devices, including industrial and medical IoT, requires new tools for securing networks.
- Fortinet’s new FortiNAC product line delivers network access control to secure IoT environments and provides enhanced visibility, control and automated response capabilities.
- FortiNAC provides detailed profiling of each device on the network and enables granular network segmentation and automated responses for changes in device status or behavior. This ensures each device only has access to approved items on the network.
Unsecure IoT Devices are Leaving Organizations Vulnerable
The use of IoT devices is growing at a tremendous rate as organizations embrace digital transformation to enable better operational efficiency. According to Gartner, “Internet of Things endpoints will grow at a 32% CAGR from 2016 through 2021, reaching an installed base of 25.1 billion units.”1 The sheer volume of devices—including IoT, corporate, and BYOD—seeking wired and wireless network access is exponentially enlarging the attack surface and raising internal provisioning, management and compliance costs. The responsibility of connecting and securing access has shifted from a network-led issue to a security-led issue and poses a challenge for organizations: security managers need to secure every single device every single time, while cybercriminals only need one open port, one compromised or unknown device or one uncontained threat to circumvent all of the effort going into securing the network.
FortiNAC Secures Networks Accessed by Unsecure Devices
Fortinet’s new network access controller, FortiNAC, diminishes the security risks associated with unsecured devices accessing the network by giving organizations total visibility of endpoints, users, trusted and untrusted devices and applications. Once visibility has been achieved, FortiNAC establishes dynamic controls that ensure that all devices, whether wired or wirelessly connected, are authenticated or authorized, and are subject to a context-driven policy that defines who, what, when and where connectivity is permitted. This ensures that only the appropriate people and devices can connect to and access appropriate applications, infrastructure and assets. Additionally, FortiNAC can enforce company policies on device patching and firmware version. FortiNAC also contains powerful network orchestration capabilities for delivering automated responses to identified threats and can perform threat containment in seconds, where a manual process could take days or weeks.
Networks are in constant flux, with new devices connecting and disconnecting; controlling the network by controlling access to any device seeking access is a key part for ensuring the integrity of a network. Such an approach—where no unknown devices ever gain access to the corporate infrastructure, permitted devices are automatically segmented based on policies and roles and connected devices that begin to violate profiles are immediately quarantined from the network—becomes the foundation for a comprehensive security posture. Furthermore, the FortiNAC network access control solution is cost-effective and highly scalable, extending visibility and protection to an unlimited number of devices and eliminating the need for deployment at every location of a multi-site installation.
NAC and IoT Security Solutions Bolster the Fortinet Security Fabric
With today’s news, Fortinet strengthens its Security Fabric by extending its ability to engage network devices beyond the Fabric-Ready Partner Program to a wider multi-vendor environment, including third-party firewalls, switches, wireless access points and endpoints. FortiNAC is also integrated with the FortiGate Next-Generation Firewall, FortiSwitch, FortiWLC Wireless Controllers, FortiSIEM and FortiAP to minimize the risk and impact of cyber threats and provide broader visibility and security for complex networks.
To read more please click here.