Versatile Security Management
Versatile Security Management
The rapid embrace of digital innovation has made networks and network security much more complex—and vulnerable. While malicious cyberattacks remain a serious problem, 48% of all breaches last year came from benign sources that could have been prevented.Moreover, 75% of network outages and performance issues are the result of misconfiguration error. In this regard, a network security strategy that prioritizes network automation can help reduce one of the leading causes of cyber risk and downtime—human error and misconfigurations.
As a key part of the Security Fabric, the Fortinet Fabric Management Center (made up of FortiManager and FortiAnalyzer) simplifies operations by addressing this core challenge of network infrastructure teams across small, medium, or large enterprises
Fabric Management Center
Broad device management:
- Supports central management with a single console across NGFW, software-defined wired-area network (SD-WAN), software-defined branch (SD-Branch), and other use cases
- Scales to support management of 100,000-plus Fortinet devices
- Supports geographically dispersed high availability with up to five units
- Enables creation of administrative domains for better segregation of networks
- Delivers advanced reporting and dashboards for operations and security
- Provides tools to enable scheduling of reports
Network Automation and Orchestration
Automation and orchestration are increasingly implemented, especially in enterprises that have complex infrastructures. These businesses are looking for ways to consolidate configuration and change management for security across complex, hybrid networks—and most importantly, across use cases like NGFW, SD-WAN, and many others.
Operations teams need to actively monitor for anomalies as enterprises increasingly embrace remote work. They also must identify irregularities with virtual private network (VPN) access in real time. This cannot be cohesively achieved if the tools in place are not integrated and automated. The Fabric Management Center enables automation and orchestration across complex infrastructures via connectors, automation hooks, and real-time alerts for any network abnormalities.
Deployment and maintenance:
- Provides an application programming interface (API) that enables anyone to manage Fortinet deployments and integrate with external provisioning, monitoring, inventory, and change-management systems
- Includes command-line interface (CLI) support via sample scripts
- Fortinet Fabric Connectors provide integration to manage policies in a single console across multiple software-defined network (SDN), cloud, and partner technology platforms
- Includes a Fortinet distribution service to act as the upgrade and threat-intelligence gateway for all deployed Fortinet devices
Workflow and orchestration:
- Enables fast and automated responses with FortiOS Automation Stitches—a simple way to define actions on triggers
- Provides interoperability with existing management and analytics tools
Security Fabric Analytics
Real-time network visibility is not easy—especially as enterprises add on an increasing number of point products to already complex infrastructures. As network teams consolidate point products and leverage FortiOS for intrusion prevention (IPS), VPN, NGFW, SD-WAN, SD-Branch, and other functions, they can easily share telemetry data between all deployments and enable real-time visibility of anomalies.
The Fabric Management Center’s FortiAnalyzer solution enables organizations to apply FortiGuard Labs threat intelligence to identify problems in real time. FortiAnalyzer helps correlate threat intelligence across the Security Fabric, leveraging its built-in analytics engine. It applies risk scoring to prioritize anomalies and shares findings across the infrastructure. These core analytics capabilities are managed via FortiManager’s unified console view.
Additionally, the analytics engine powers visualization of the Security Fabric in real time. These visualizations enable operations teams to identify and investigate any network risks in real time. FortiAnalyzer also comes with built-in dashboards and reports that can easily be customized. These functions include over 700 datasets for easy onboarding—advanced queries that are optimized for real-time responses.
- Supports security standards such as National Institute of Standards and Technology (NIST) and Center for Internet Security (CIS)
- Includes a security rating report based on hundreds of Fortinet security best practices
- Offers targeted dashboards for key enterprise stakeholders, including CIO, CISO, network architect, and security architect
- Includes a security assessment dashboard for security operations (SecOps)
Security Fabric back end:
- Integrates into the FortiOS operating system, and can be leveraged for topology and other views
- Uses automation hooks in FortiAnalyzer and orchestrates responses in FortiOS