End-to-end security requires multi-vendor automation

To make it easier to use security tools from multiple vendors, as well as bake security into the development process, Fortinet introduces Fabric Connectors and DevOps integration.

End-to-end security requires multi-vendor automation
Thinkstock

The concept of “end-to-end” security is a bit of a vague one. Depending on the lens one looks through, it could mean having security products from a single vendor that range from endpoints to the data center within the corporate environment. If you’re in a business that relies heavily on the cloud, this might not be sufficient and the security capabilities might need to extend into public clouds.

But is that enough?

The answer is, in actuality, probably not. Security encompasses a broad range of technologies, and no single vendor can deliver everything. Despite an effort to consolidate down the number of vendors, businesses must face the harsh reality that multi-vendor is the norm. The goal for security vendors should be to enable customers to use multiple vendors but maintain a single architecture. Fortinet is attempting to do that with its “Fabric Ready” partner program.

Fortinet’s Fabric Ready makes multi-vendor possible

This week, Fortinet announced an update to its program to bring in a number of new partners to extend the value proposition of its Security Fabric. The goal of the Security Fabric is to provide a broad, integrated approach to security where many of the manual steps required to stitch products together are automated. Initially the Security Fabric was comprised solely of Fortinet technology, but last year the company introduced APIs to enable third-party security vendors to integrate into it. Several vendors took advantage of this, including Arista, Intel, VMware, Hughes, and IBM.

Fortinet currently has 43 Fabric-Ready partners, which is an excellent sign that the broader industry, and not just the security vendors, are thinking about how they can participate more actively in the fight against growing threats.

2 new integration methods for Fabric-Ready

Fortinet has added two new integration methods: DevOps scripts and Fabric Connectors. The scripts were developed by Fortinet and were designed to integrate security into the DevOps process.

This is an often-omitted step by DevOps practitioners and can slow down application roll outs. What happens is developers will go through the entire development process and then everything grinds to a halt while the security is figured out. By baking security into every step of the DevOps process, the final product and processes surrounding it will be secure. The scripts automate security provisioning, configuration, and management. Fortinet has made the scripts available in the Fortinet developer network and GitHub.

Fabric Connectors rely on partner APIs

The Fabric Connectors automate operational capabilities in multi-vendor environments through API integration. The first wave or Fabric-Ready partners interoperated through Fortinet’s APIs. With the Fabric Connectors, Fortinet did the heavy lifting and integrated using the partners APIs, which can be activated with a single click. The initial set of Fabric Connectors are:

  • Dynamic Policy Cloud – Enables dynamic policies in multi-cloud environments. Partners include Amazon Web Services (AWS), Microsoft Azure and Oracle Cloud, with Google Cloud Platform on the roadmap
  • Dynamic Policy SDN – Integration with software-defined networking (SDN) platforms for dynamic policies. Partners include VMware, Cisco, and Nuage
  • Automation action – Integration of Fabric Automation rules to automate the triggering of actions based on events. Current partners include AWS Lambda
  • IT service management/incident response. Improves security workflows.  Partners include ServiceNow, Webhook, and BMC on the roadmap
  • Threat feeds. Obtains external threat sources and automates remediation. Partners include AWS Guard Duty, with STIX on the roadmap
  • Single sign-on/identity. Lets you centrally manage user information and automatically applies security protection profiles assigned to users. Partners include Microsoft Active Directory and Radius
  • Endpoint. Invokes auto quarantine of comprised endpoints. Currently integrates with FortiClient EMS, with AWS on the roadmap.

There’s no question that security is more complex than ever, resulting in a growing number of blind spots and security gaps. The solution certainly isn’t more siloed vendors. Fortinet's Fabric-Ready partner program lets customers use “best of breed” tools that plug into a common “fabric,” providing improved management and visibility.

Fortinet’s approach creates a broad ecosystem of third parties that can leverage its Fabric to automate workflows, threat feeds, and automation.

Many of the security pros I've talked to have finally bought into the concept of automation. However, automating silos doesn't shed light on the blind spots. The focus needs to be on automating across multiple vendors. This can reduce complexity and speed up threat identification and remediation.

NEW! Download the Winter 2018 issue of Security Smart