Blogs

Advanced Security for Software Defined Anything with Fortinet and NVIDIA Morpheus

By Phil posted 29 days ago

  

Security is evolving due to new regulations, new threats, and changes to how services get deployed.  Today’s cyber-attack methods demonstrate increased sophistication and scale, and cloud deployments can be more vulnerable than on-premises deployments.   As customers become more privacy-conscious, requirements for encrypting communications are growing and making proper security enforcement more difficult.  The introduction of 5G and the increased implementations of IoT further increase the demand for scale and performance.  A new direction in cyber security is needed to deliver the scale and performance required without compromising on the security functionality deployed. Fortinet and NVIDIA are collaborating to create these scalable, adaptive solutions by combining the Fortinet FortiGate® Next Generation Firewall with NVIDIA BlueField DPUs.

The advent of virtualized infrastructures (virtual machines and containers) and modern data center architectures increase the attack surface and expose organizations to more cyber threats. The network perimeter that used to be so clearly defined—and easily defended with a traditional firewall—now extends across a spectrum of enterprise facilities, branch offices, homes, mobile devices, other remote locations and multiple clouds.   Multi-tenant data centers with distributed, containerized applications can potentially render current network isolation/segmentation techniques ineffective against cyber threats that have already made it inside the data center and hide within the growing volume of east-west network traffic.

The shift to software defined anything requires a comprehensive security strategy for the entire cyber infrastructure, not just perimeter firewalls.  This truly requires a broad, integrated and automated approach characterized by  product integration and AI-powered operations. Unfortunately, most organizations are using a collection of different products and systems from multiple vendors that don’t integrate. What’s worse is that many of these systems are often not properly configured or patched.

The Fortinet Security Fabric is an architectural and platform approach to security designed to connect security solutions into a unified framework, allowing them to dynamically adapt to the evolving IT Infrastructure in order to defend its rapidly changing attack surface. The Fortinet Security Fabric is the industry’s highest-performing cybersecurity platform, powered by FortiOS, with a rich open ecosystem. It spans the extended digital attack surface and cycle, enabling self-healing security and networking to protect devices, data, and applications. This approach enables the broad, integrated, and automated approach to security that today’s organizations need to compete effectively in the digital marketplace.

To keep up with the volume, sophistication, and rapidly-changing nature of today’s cyber threats, organizations need security operations that can function and adapt automatically, at machine speed. By applying artificial intelligence and automation, as well as close integration between security software and hardware, organizations can both reduce risk and improve efficiency.

Data centers need to upgrade and evolve to address today’s challenges.  NVIDIA® BlueField® DPUs enable organizations to modernize their data center architectures and securely run data-driven, cloud-native applications alongside legacy applications. The significant advancements announced for BlueField-3 DPU push the boundaries for what hardware can accelerate, making it an ideal solution for practically all infrastructure applications and services available today, as well as those not yet invented.

 This software-defined, hardware-accelerated, DPU-powered architecture provides the following benefits to organizations seeking a modern IT infrastructure:

  • Increased infrastructure efficiency resulting in higher ROI
  • Higher performance for the next wave of applications
  • Granular, zero-trust security for the entire solution stack, protecting every server
  • Streamlined security and management operations for modern cloud-native environments
  • Faster innovation for digital products and services

The Fortinet FortiGate-VM is a virtual appliance version of the market-leading, high-performance FortiGate next-generation firewall. FortiGate-VM shares the same advanced features of the FortiGate NGFW, enabling and enforcing security policies across all environments and providing single-pane-of-glass management. FortiGate-VM ensures comprehensive North-South perimeter protection with network layer and application layer security in addition to secure VPN connectivity. For SDN environments it offers micro-segmentation for East-West Protection. FortiGate-VM DPI capabilities also enable advanced Intrusion Protection, Malware Protection, Web Filtering and Anti-virus technology. FortiGate-VM offers a consistent security posture and protects cloud networks - public and/or private clouds, while high-speed VPN connections protect data in transit.

Combining the Fortinet FortiGate® Next-Generation Firewall virtual appliance with the NVIDIA® BlueField® DPUs enables customers to gain unparalleled security protection provided by the FortiGate-VM, together with host isolation, performance and scale benefits offered by the BlueField DPU.   The DPU Arm cores’ programmability allows additional security functions to be added as needed for next-generation cybersecurity solutions.  Artificial intelligence (AI) is essential for real-time security analytics, including identifying abnormal traffic that could indicate theft of confidential data, analyzing encrypted traffic at line rate, and performing host introspection to identify malicious activity, as well as dynamic security orchestration, and automated responses.   

Today NVIDIA announced the BlueField-3 third generation DPU and a new GPU AI accelerated framework for cybersecurity use cases.  BlueField-3   is the industry’s first DPU to offer 400 gigabits per second (Gb/s) networking, bringing 5X more compute power, 2X more networking throughput, and 4X more crypto acceleration power compared to the previous generation— - all while delivering full backward compatibility through the NVIDIA DOCA software development kit (SDK). Providing more powerful, fully programmable Arm CPU cores, zero-trust security capabilities, and an accelerated processing unit (APU) application acceleration engine, BlueField-3 is perfectly positioned to address the most demanding infrastructure and security applications and will allow even more powerful security solutions when running Fortinet FortiGate-VM.  This new DPU enables organizations to build software-defined, hardware-accelerated IT infrastructure from cloud to core data center to edge. The DPU platform offloads, accelerates, and isolates software-defined networking, storage, security, and management functions from the application workloads.


Manage Security Risks Better

In summary, the NVIDIA BlueField platform adds new deployment options and accelerates the performance of existing security operations while isolating and offloading workloads and services processes. The high-performance Fortinet® FortiGate-VM virtualized next-generation firewall offers unparalleled security protection from the market-leader. Together, NVIDIA and Fortinet deliver exceptional security with high performance and scale, enabling customers to secure and future-proof their deployments.

 

0 comments
18 views

Permalink