SDN SECURITY DATA CENTER FOR VMWARE ENVIRONMENTS
Purpose-built virtual security appliances will be increasingly used alongside hardware appliances to secure enterprise data centers, which are becoming increasingly dynamic due to rapid adoption of server virtualization and SDN
Today’s Security Hardening Trend of Virtualization
With virtualization and cloud computing technology, IT can provision Virtual Machines (VMs) to run a web application within minutes at a fraction of the cost of physical machines. Fortinet supports server virtualization platforms like VMware, Hyper-V, Xen, and KVM. There are a number of reasons why server virtualization has been so benefi cial, including hardware cost savings and decreased data center footprint
Fortinet Security VM Products
Simply replacing hardware appliances with software ports running on VMs helps to improve cost and introduce data center agility. For more information on the current VM-centric security solution, download the solution brief
Software-Defi ned Networking (SDN) Security
Data Center Networking is going through a major overhaul driven by virtualization (server compute and storage) and convergence (data, I/O, and control network). Current work on network virtualization is focused on the Layer 2/3 infrastructure level, leaving advanced application features, such as content fi rewall and network IPS/IDS, to either hardware hair-pinning or software appliances complementing hardware-based services in the network. Rigid infrastructure will soon become the bottleneck as a new generation of applications demands a fully elastic platform in the cloud, public, hybrid, or private. FortiGate-VMX is a virtual appliance solution for VMware environments that provides purpose-built integration for VMware’s Software-Defi ned Data Center (SDDC) and interoperability with vSphere and vCloud Networking and Security.
Purpose Built for vSphere and vCloud Networking and Security
FortiGate-VMX is based on the latest version of the Fortinet FortiOS, a security-hardened, purpose-built operating system, which delivers the advanced protection and performance that standalone products simply cannot match. It supports all the advanced NGFW/UTM features of FortiOS. IT administrators set IPS/IDS, AV, web fi ltering, etc., policies just as they would in any FortiOS deployment. Fortinet services work together as a system to provide better visibility and mitigation of the latest network and application threats, stopping attacks before damage can occur. This ensures the product is deployed from all ESXi hypervisors.
How does the system work?
Leveraging a shared object database with VMware vCenter for easy creation of security policies, FortiGate-VMX makes process-intensive deployment of security services and policy enforcement with greater agility. FortiGate-VMX also supports live migrations of applications within clustered environments. With the VMware NSX compatibility integration, any host added will embrace the security zone policy, and these updates are real-time and dynamic for newly created services without normal time lag in the paper trail requests. With NetX API providing backward compatibility to VMware NSX manager, FortiGate-VMX can provide network visibility and inspection on East-West network traffic among VMs instantly.
Secured by FortiGuard
Beyond the platform integration, FortiGuard can be implemented to provide a continuous protection model in the integration with real-time sandboxing detecting new malware variants. FortiGuard helps recognize suspect content exhibiting malicious attributes, and investigate accordingly.
The integrated solution provides full next-generation security functionality in one platform, accommodating different network and security functions. And the IT administrator does not need to guess how much network security is required. The joint integrated solution is the most costeffective, simplified, and secure approach to apply security policies when any hypervisor is provisioned on-demand.
The sharing of the object database with VMware vCenter, aimed at simplifying the creation of security policies, enables FortiGate-VMX to confer greater agility to the distribution operations of the security services and application criteria. FortiGate-VMX also supports the dynamic migration of applications clustered environments. Compatibility with VMware NSX then allows each host added to adopt the criteria of the safety zone, with dynamic updates and real-time for new services and without the normal delays in requests for paper documents. Thanks NetX API, which ensures backward compatibility with VMware NSX manager, the FortiGate-VMX can instantly provide network visibility and inspection of east-west traffic between VMs.
In addition to the integration of the platform you can implement FortiGuard, to provide a continuous security model enriched by sandboxing in real time, for the detection of new malware variants. FortiGuard allows to recognize suspicious content with harmful attributes and carry out the necessary investigations. The integrated solution includes a full range of next-generation security features implemented in a single platform, to meet network requirements and different protection. IT administrators can now avoid evaluating the level of network security required. The joint solution is the easiest way, safe and economical to apply security policies when provisioning of any hypervisor is done on-demand.