In This Article

The massive nature of service providers' network architectures can make it difficult to put a sound security strategy into action. These networks are giant and oftentimes composed of legacy systems and disparate assets that aren't even in the purview of providers' security concerns.

These challenges are only going to become more pronounced as service providers begin to roll out 5G networks, which will increase exposure and vulnerability to a wider spectrum of security threats.

When considering security, understanding your own complex network architecture is key, especially as customer requirements continue to change and market demands shift. Visibility is also important -- after all, you can't protect what you don't know is yours.

The next logical step is finding an appropriate Next-Generation Firewall (NGFW) platform that can scale and limit or prevent cyberattacks by connecting multiple components into the infrastructure and, thereby, extending threat intelligence.

Scalability and performance are vital

The NGFW combines a traditional firewalls with other network- and application-related filtering functionalities to provide unparalleled visibility into traffic.

NGFWs need to easily integrate across platforms and an ecosystem partner community to deliver consistent security across clouds, networks and mobile devices. Because of this, choosing the right vendor can be difficult.

One vendor that stands out is the FortiGate product family, which offers one of the most comprehensive ranges of scalable hardware and software solutions in the industry.

No matter the use case for the service provider, the hardware-based platform comes in a variety of sizes and modules from their smallest footprint -- the FortiGate 30E, which has amazing NGFW performance of 150 megabits per second (Mbps), all the way up to the FortiGate 6500 series, which has industry leading performance of 150 gigabits per second (Gbps). Now, that is power.

Fortinet has multiple hardware-based models between each of the products listed above, so their ability to scale and perform is pretty amazing.

Fortinet's all-star lineup of virtual machines (VMs) that scale from 12 Gbps up to 50 Gbps is also a benefit. These VMs support the following private cloud vendors:

  • VMware ESXi v5.5 / v6.0 / v6.5 / v6.7
  • VMware NSX-T v2.3
  • Microsoft Hyper-V Server 2008 R2 / 2012 / 2012 R2 / 2016
  • Microsoft AzureStack
  • Citrix Xen XenServer v5.6 sp2, v6.0, v6.2 and later
  • Open source Xen v3.4.3, v4.1 and later
  • KVM qemu 0.12.1 & libvirt 0.10.2 and later for Red Hat Enterprise Linux / CentOS 6.4 and later / Ubuntu 16.04 LTS (generic kernel)
  • KVM qemu 2.3.1 for SuSE Linux Enterprise Server 12 SP1 LTSS Nutanix AHV (AOS 5.10, Prism Central 5.10)

Plus, Fortinet's support for public cloud is unmatched. Fortinet supports:

  • Amazon AWS (including GovCloud and AWS China)
  • VMware Cloud on AWS
  • Microsoft Azure (including regional Azure: US Gov, Germany, and China) and AzureStack syndication
  • Google GCP (Google Cloud Platform)
  • Oracle OCI
  • Alibaba Cloud (AliCloud)

Many conversations with service providers regarding firewalls naturally lead to questions about automation. Before jumping in too deep, we recommend service providers perform a gap and impact analysis to gauge their ability to automate or their capacity to facilitate automated firewall changes.

When ready, Fortinet has several approaches that can support various use cases.

The FortiManager and FortiAnalyzer provide customers centralized management and visibility of thousands of devices. Workflow automation that usesFortiManager and FortiAnalizer has automation-ready tools that easily plug into tools like Ansible, Puppet, Chef and, perhaps more importantly, integrate easily with other platforms via open APIs.

Security should be baked into your service providers' 5G strategy from the beginning. And Fortinet's NGFW portfolio remains a strong choice for any 5G architecture design, by helping to provide a fabric-based security strategy that goes beyond the isolated security devices and platforms to provide:

  • Broad protection for all devices.
  • Power systems to cover bandwidth growth.
  • Integrated systems that correlate across and between security layers.
  • Automated security tools capable of dynamically responding to detected events.

Built for carrier class

In effect, Fortinet NGFW was built for carriers before people were thinking about "Carrier Class" and can provide unmatched scale and performance while remaining the most cost-effective solution in the market. It's no surprise Fortinet is deployed in every Tier 1 and Tier 2 service provider network, including mobile architecture and internal IT infrastructure.

Our partnership with Fortinet helps us in our mission to fundamentally transform the service provider industry by enabling service providers to deliver next-generation technology platforms for their own internal organization as well as to their customers.

Align business outcomes to technical solutions

We take an integrated approach to security rather than focusing on point solutions. This helps us align business goals and objectives to technical solutions, providing more effective outcomes and solutions that further the development of an enterprise architecture.

Our goal is to streamline the design, implementation, management and evolution of NGFW platform architecture to establish security awareness, optimize defense capabilities, improve threat response, mitigate breaches and close compliance gaps for all of our service provider customers.

Learn more about how we can integrate and deploy NGFW platforms to help reduce vulnerabilities, which can set the stage for future innovation, or request our NGFW Workshop to better understand your organization's current security deployment state.