FortiGate Cloud is a cloud-based SaaS, offering a range of management and services for Fortinet Firewalls. FortiGate Cloud offers zero-touch deployment, configuration management, reporting and analytics. As a cloud service, FortiGate Cloud can grow with your requirements from a single FortiGate all the way up to a full MSP management solution for thousands of devices across multiple customers.
How FortiGate Cloud Addresses Key Security Challenges
Challenge | Solution |
Facilitating turnkey provisioning of FortiGates at remote sites when on-site configuration expertise is unavailable | FortiGates include FortiGate Cloud registration functionality in their firmware that allow individual or multiple devices to provision themselves with minimal on-premise expertise. |
Keeping initial investment costs down and preference for a consumption-based, OPEX model | FortiGate Cloud uses a Software as a Service (SaaS) model that eliminates the need for upfront capital purchases. |
Maintaining single pane of glass management for overseeing security infrastructure | FortiGate Cloud provides control over FortiGates while providing granular visibility and reporting at the same time. |
Investing in a future-proof security solution that will scale with your business | As FortiGate Cloud is cloud-based, it can grow as your business grows and accommodate additional event log storage as needed. |
Deploying different configurations across multiple sites with speed and without manual effort | Bulk templates combined allow Managed service providers to deploy multiple configurations across many customers with simplicity and ease. |
FortiGate® Cloud Features
FortiDeploy
Initial configuration of firewalls, switches and access points can be a difficult proposition, often requiring expert staff on site to configure each device individually. FortiDeploy greatly simplifies initial configuration and onboarding by providing one-touch provisioning when devices are deployed, locally or remotely. FortiDeploy provides deployment for FortiAPs into a Cloud AP Network, and automatic connection of FortiGates to be managed by FortiGate Cloud.
Hundreds of FortiGates or FortiAPs can be provisioned by using a bulk FortiCloud key in distributed environments, such as large retail or education networks. Once a communication tunnel is established, FortiGate Cloud leverages provisioning profiles and setup wizards to quickly configure managed devices as required.
Configuration and device management from a single pane of glass
Consistent configuration of the devices within your network is essential to maintain an optimal performance and security posture. FortiGate Cloud provides a central web-based management console to control your FortiGates. Device settings such as IP addresses can be centrally configured for individual devices or pushed to multiple devices. Configuration backups are kept in FortiGate Cloud to assist with replacement or recovery efforts. Device firmware updates can also be centrally managed and controlled, thereby ensuring uniformed policy enforcement and allowing you to take advantage of the latest features.
Fabric integration with FortiSwitch and FortiAP
FortiGate Cloud has the added benefit of being able to deploy, configure and manage your extended infrastructure through the FortiGate. This provides several immediate benefits — not only can you manage your entire infrastructure from a single Cloud Management Interface, but by allowing the FortiGate to manage your Switch and AP infrastructure, it is able to extend its functionality into them, for example, the switch ports inherit the same properties as the Firewall, making them extensions of the firewall — the same principle goes for the FortiAP as well. This unique Fabric integration enables this cross product functionality and can further enable automation in the face of a threat. Such as, when an infected client is detected through Indicators of Compromise, the switch or AP can block the device until the problem is remediated.
Hosted log retention and cloud-based storage
Log retention is an integral part of any security and compliance best practice, but administering a separate storage system can be burdensome and costly. FortiGate Cloud takes care of this automatically and stores your valuable log information securely in the cloud.
Depending on your device, you can easily store and access different types of logs including traffic, system, web, applications and security events. The default free service provides 7 days of logs, the subscription service extends this to 1 full year of logs.
Two-factor authentication
FortiGate Cloud supports two-factor authentication using the FortiToken application which is provided as a free security service with the product.
Instant security intelligence and analytics with FortiView
In order to place better security controls on your network, you must first know how it is being utilized. FortiGate Cloud’s extensive set of dashboards gives you an immediate view of FortiGate usage, including a breakdown of network traffic and bandwidth usage. FortiGate Cloud analytics provides you with drill-down and filtering functionality to instantly determine how applications, websites, user and threats are impacting your network.
Deployment and Management of SD-WAN
Deploying SD-WAN need not be a complicated and expensive endeavor — FortiGate Cloud allows you to roll out and manage your SD-WAN deployment easily using Zero-Touch Deployment through it’s interface either manually or automatically as the FortiGates come online. Once your interfaces are up, you can move on to setting up the SD-WAN rules to optimize application prioritization on the WAN interfaces.
Exceptional network visibility with FortiGate Cloud reporting
Periodic review of network and security activity is essential in order to keep costs down and security breaches at bay. Reporting allows you to be proactive about optimizing your network and satisfying executive staff scrutiny. FortiGate Cloud provides both preconfigured and custom reports to give you the information you need for your specific reporting and compliance requirements. A broad variety of rich canned and custom reports such as a 360 Degree Activity Report, Fortinet Security Best Practices Report or Cyber Threat Assessment Report, amongst others, can be run on demand or scheduled giving you full visibility with actionable outcomes.
FortiGate Cloud transport security and service availability
FortiGate Cloud encrypts all communication, including log information, between your FortiGate devices and the cloud. Fortinet deploys redundant data centers to give the FortiGate Cloud service its high availability. Fortinet has also used its years of experience in protecting sophisticated networks around the world to implement operational security measures that make sure your data is secure and only you can view or retrieve it.
This information is made available from Fortinet’s FortiGate® Cloud Data Sheet. You can download it here: FortiGate® Cloud Data Sheet.
Tech-Refresh is a Fortinet partner that provides solutions that reduce complexity within your IT infrastructure. We can help you customize a security solution that combines the visibility and control of UTM with the ease-of-use and cost-efficiency of the cloud. Contact us to learn more.