new4

Fortinet’s new FortiOS 7.4 enhances SASE

 

Fortios 7.4: Fortios 7.4 Release Date

A new FortiOS operating system update has been unveiled by Fortinet at Accelerate 2023, enhancing automation and internal integration across all its security products. In addition, by unifying management and analytics across Fortinet’s secure networking portfolio, the updated version reinforces Fortinet’s networking and security convergence vision.

 

FortiOS: Operating System

FortiOS is an operating system developed by Fortinet, a leading provider of network security solutions. 

  1. It is designed to provide comprehensive protection for your network by providing an integrated set of security technologies, such as a firewall, intrusion prevention, antivirus, antispam, and web filtering. 
  2. FortiOS offers a range of features to help secure your organization’s network. It provides a secure gateway to the internet, allowing only authorized traffic to pass through. 
  3. It also offers advanced firewall capabilities like application control, content filtering, and VPN. 
  4. In addition, it includes intrusion prevention, which detects malicious traffic and blocks it from entering the network. FortiOS also offers advanced malware protection and antispam capabilities to help keep your network safe from malicious code and spam.

The FortiOS security platform is part of Fortinet’s Security Fabric, which encompasses over 50 products across networks, endpoints, and clouds and pairs its software with its custom ASICs. Fortinet CMO and EVP of Product John Maddison claims the new FortiOS 7.4 offers better platform integration than version 7.2. It “enables more of this kind of come together work, so that the SD-WAN works with the SASE that works with the firewalls that work with zero trust, and it’s all working on our ForOS platform,”

 

A key point: For pre-information, you may find the following posts helpful:

  1. SD WAN SASE
  2. Zero Trust SASE
  3. SASE Model
  4. Cisco Secure Firewall
  5. SASE Solution
  6. SASE Definition

 

Back to Basics: SASE ( Secure Access Service Edge )

Secure Access Service Edge (SASE) is a cloud-based security platform that provides organizations with secure, cloud-enabled access to corporate applications, data, and resources from any device, anytime, from any location.

SASE delivers a single platform that enables organizations to unify network and security services, including user authentication and authorization, data encryption, security policies, and threat protection, into a single, cloud-based service. With SASE, organizations can ensure users have secure access to corporate applications, data, and resources while maintaining compliance with security policies.

SASE utilizes a web proxy between the user’s device and the cloud-based applications and resources. This web proxy provides authentication, authorization, and encryption services to ensure only authorized users can access the applications and resources. It also allows organizations to enforce security policies and protect against threats. Additionally, SASE provides real-time analytics, enabling organizations to monitor user activity and detect threats.

SASE explained
Diagram: SASE explained—source Fortinet.

 

What’s New in FortiOS 7.4

As part of FortiOS 7.4, new features enhance the Fabric’s ability to deliver unprecedented visibility and enforcement across hybrid environments. Additionally, AI-driven prevention, automation, and real-time response accelerate security operations.

FortiOS 7.4 enhances the Fortinet Security Fabric and provides:

  • Better prevention and early detection.
  • Real-time response.
  • Risk reductions for cyber-physical and industrial control systems.

As a result of FortiOS 7.4 and enhancements across our secure networking portfolio, which includes hybrid mesh firewalls, secure SD-WAN, SASE, Universal ZTNA, and secure LAN/WLAN solutions, IT leaders can unify management and leverage analytics across their entire hybrid network.

Through the Security Fabric, security teams can optimize security operations, automate response times, and improve time to resolution. Advanced persistent threats (APTs) such as weaponized AI attacks, ransomware, and targeted attacks are the types of attacks we defend against. In addition, threat intelligence powered by AI, endpoint security, SOC automation, identity and access, and application security have all been enhanced.

With Fortinet’s Security Fabric for OT, IT and security teams can access new capabilities. By using our OT dashboard aligned with MITRE ATT&CK for ICS, teams can correlate and map security events to the Purdue model and use OT-specific threat analysis and playbooks to address threats proactively.

 

Key FortiOS 7.4 Enhancements

Secure Networking and Management

FortiManager, hybrid mesh firewall, secure SD-WAN, single-vendor SASE, Universal ZTNA, and secure WLAN/LAN are the innovations to Fortinet’s Secure Networking Portfolio.

Unified Management and Analytics Across Hybrid Networks:

With FortiManager, IT leaders have unprecedented visibility and control over hybrid mesh firewalls, single-vendor SASEs, Universal ZTNAs, secure SD-WANs, and secure WLANs.

Hybrid Mesh Firewall for Data Center and Cloud:

Through ASIC technology and AI/ML-powered advanced security, FortiGate 7080F delivers higher performance than current next-generation firewalls (NGFWs). 

Secure SD-WAN for Branch Offices:

In addition to providing consistent security and superior user experience for business-critical applications, Fortinet Secure SD-WAN supports a seamless transition to single-vendor SASEs. Overlay orchestration was automated to accelerate site deployments, and the monitoring map view was redesigned to provide WAN status globally.

Single-Vendor SASE for Remote Users and Branch Offices:

By combining cloud-based security and networking, FortiSASE simplifies hybrid network operations. In addition, the FortiManager integration with FortiSASE allows for unified policy management across SD-WAN, SASE, and remote users and unparalleled visibility. 

FortiSASE
Diagram: FortiSASE. Source is Fortinet

 

Universal ZTNA for Remote Users and Campus Locations:

Fortinet Universal ZTNA provides unparalleled zero-trust application access control in the industry. In addition to continuous monitoring of application access, Universal ZTNA now offers user-based risk scoring.

WLAN/LAN for Branch Offices and Campus Locations:

FortiAP secures WLAN access points are now integrated with FortiSASE, marking the industry’s first AP integration with SASE. As a result, secure micro-branches can be deployed using an AP to send traffic to a FortiSASE solution, ensuring comprehensive security for all devices.

 

Security Automation and Real-time response

With Fortinet’s new real-time response and automation capabilities, SOC teams can protect against and reduce time to resolution for sophisticated attacks such as weaponized AI attacks, targeted ransomware, and criminal-sponsored APTs.

Endpoint Security and Early Response:

With FortiEDR and FortiXDR, customers can visualize incident data with enriched contextual information based on multiple threat intelligence feeds to simplify and expedite investigations.

Combined with pragmatic analysis and breach protection technology, FortiNDR Cloud has robust artificial intelligence. As part of the solution, network data is retained for 365 days, playbooks are built-in, and threat-hunting capabilities are available to detect abnormal or malicious behavior on the network. 

FortiGuard Labs offers a guided SaaS offering maintained by advanced threat experts or a self-contained, on-premises deployment powered by the Fortinet Virtual Security Analyst.

With the support of threat experts from FortiGuard Labs, FortiRecon now delivers enhanced proactive threat intelligence into the critical risks associated with supply chain vendors and partners, including externally exposed assets, leaked data, and ransomware attacks.

Vulnerability outbreak defense is now available in FortiDeceptor. As soon as FortiGuard Labs reports a vulnerability, it is automatically pushed as a feed to the outbreak decoy to redirect attackers to fake assets and quarantine the attack early in the kill chain. Moreover, a SOAR playbook can automatically create deception assets and strategically place them to gather granular intel and stop suspicious activity. Moreover, FortiDeceptor offers a new attack exchange program, enabling users to exchange intel anonymously on current attacks and prevent breaches.

SOC Automation and Augmentation 

A new intuitive rules editor that can be mapped to MITRE ATT&CK use cases enhances FortiAnalyzer’s event correlation capabilities across multiple log sources.

With FortiSOAR, you now have the option to subscribe to a turnkey subscription service that includes machine learning-driven inline playbook recommendations, extensive OT security features and playbooks, and the ability to create playbooks without writing a line of code.

FortiSIEM’s new link graph technology lets you easily visualize the relationships between users, devices, and incidents. Additionally, the solution can detect anomalies and outliers that traditional methods may miss, thanks to an advanced machine learning framework.

FortiGuard SOC-as-a-Service now offers AI-assisted incident triage and enhanced SOC operations readiness and compromise assessment services from FortiGuard Labs.

FortiSOAR
Diagram: FortiSOAR. The source is Fortinet.

 

AI-Powered Threat Intelligence

Using global threat intelligence, zero-day research, and CVE query services, FortiGuard Industrial Security Service significantly reduces the time to protection.

The FortiGuard IoT Service enhances granular OT security at the industry level with the convergence of IIoT and IoMT devices.

OT-specific playbooks for threat remediation are now integrated into FortiSIEM’s unified security analytics dashboards, and the ICS MITRE ATT&CK matrix is used to analyze OT threats.

Identity and Access

FortinetPAM provides remote access to IT and OT networks. It includes zero-trust network access (ZTNA) controls to secure access to critical assets. Device posture can be checked continuously for vulnerabilities and updated antivirus signatures, location, and grouping of machines with the help of ZTNA tags.

Application Security

In addition to software development security testing, FortiDevSec also provides runtime application security testing. The solution includes SAST, DAST, and SCA for detecting early vulnerabilities and misconfigurations.

 

Matt Conran: The Visual Age
Latest posts by Matt Conran: The Visual Age (see all)
Tags: No tags

Comments are closed.