5 Building Blocks for Effective Intent-based Network Security

March 27, 2017 · steveverbanic · · Comments

The Internet of Things (IoT) is here, and it’s driving big changes in enterprise networks. Gartner finds that nearly half (43%) of businesses worldwide planned to have some kind of IoT implementation by the end of 2017, with average deployment sizes in the billions. How can IT effectively keep the network secure and up and running while accommodating such an influx of IoT devices and applications?

Enter intent-based security.

Today, “secure IoT device” is almost an oxymoron. Determined to be first-movers in this new technology wave, IoT device and application makers seldom take the time to build security in before rollout.

The nature of IoT devices themselves – headless and requiring Internet connections to perform any type of management or configuration – leaves them doubly vulnerable to malware and other malicious attacks. It’s no wonder we’re now seeing a wave of unprecedented DDoS attacks fueled by botnets of unsecured IoT devices.

Since traditional toolsets are unable to secure IoT deployments effectively, organizations are pushing security vendors to approach the problem in a new way, and our partner Fortinet has answered the call.

Leveraging the idea of intent-based networking within software-defined networks (SDN), Fortinet has developed what it calls “intent-based security.” The approach effectively separates the “what” of security from the “how,” a paradigm switch that simplifies and improves security at the same time.

Based on Fortinet’s FortiOS and its Security Fabric architecture, Fortinet’s intent-based security automatically translates business requirements into synchronized security actions and policies. No more worrying about the intricacies of the underlying security toolset. Instead, IT can set policies and propagate it throughout the network quickly, accurately and automatically.

The benefits can’t be overstated, especially for large IoT deployments. Since security intent is embedded in the network, even headless IoT devices can be brought into the security fold.

How Intent-based Network Security Works

To create this effective intent-based security, Fortinet provides 5 key building blocks:

  • Complete IT awareness: Using open application program interfaces (APIs), every security element within the network (Fortinet or third-party) communicates and collaborates with every other in the fabric – while monitored and controlled from a single pane of glass. If one tool identifies a threat, any indicators of compromise (IoCs) can be instantly propagated to every other tool, ensuring even zero-day attacks are mitigated quickly.
  • Expanded visibility: Intent-based security brings not only next-generation firewalls and endpoint security into the mix; but also switches, wireless access points, analyzers and sandbox solutions. The result it true end-to-end visibility across every security solution. (Learn more about the range of security solutions included in the Fortinet Security Fabric.)
  • Simple controls: With intent-based security, organizations have clear network topology visualizations and enhanced interactive views across auditing, logging and reporting. FortiOS’ simple yet powerful UI delivers complete intent-based control — enabling easy, efficient modifications of the network’s security posture in real time.
  • Proactive recommendations: Leveraging an organization’s security profile and any changes along the way, Fortinet’s intent-based security provides proactive recommendations to improve compliance and network security effectiveness.
  • Scalability: From IoT to the cloud and from physical to virtual or hybrid infrastructure, Fortinet’s intent-based security scales to protect the entire attack surface regardless of size, network topology, technology portfolio or vertical.

A partner of Fortinet, Slait Consulting can get you on the path to intent-based network security. Learn more