Welcome to the WEI Tech Exchange Blog

Taking a look at Zero Trust Network Access with Fortinet

Written by Michael Thweatt | Apr 13, 2021 12:45:00 PM

Over the last year, the need to support employees from alternative working locations has risen dramatically. However, even as employees return to the office, when given the choice, many are choosing to continue working from home. For IT, this means finding a longer-term solution that can provide the same network security and user experience at these alternative work locations that employees would have in the office.

One strategy that many enterprises are deploying is the zero-trust access model. In regards to network security, this means that users, whether inside or outside the network, are regarded equally as potential threats and that any access attempt could be a possible threat.

In a time when the impact of cybercrime and number of incidents is at an all-time high, this sort of security philosophy is attractive to many IT leaders.

How Does Zero Trust Network Access Work?

Zero trust network access (ZTNA) can best be described as a piece of the larger zero trust access puzzle. As said by Fortinet, “ZTNA has received more attention lately because it's a way of controlling access to applications regardless of where the user or the application resides.”

While virtual private networks (VPN) have been a popular option for quite some time, ZTNA takes network security and access to the next level, offering a better user experience and more granular control. With these improvements over traditional options, ZTNA has become a popular, long-term solution for ensuring network security for remote workforces.

Three Requirements of Zero Trust Network Access With Fortinet

Fortinet’s approach to zero trust access can be broken down into three pieces: who, what, and what happens after network access.

1. Who is accessing the network?
The first piece is who is accessing the network, which can include employees, supply chain partners, and customers. With a zero-trust model, users are only given access to the resources that are necessary for them. To achieve this, breach-resistant identification and authentication is mandated, with many enterprises going a step further and requiring multi-factor authentication at login.

2. What devices are accessing the network?
The second piece is the devices that are accessing the network. For a zero-trust access strategy to be effective, IT teams need a comprehensive solution to managing and monitoring the myriad of devices that require access to the network. This is especially true as internet-of-things devices continue to grow in usage and popularity. And let's not forget that IoT devices are an attractive entry point for hackers.

3. What happens when devices leave the network?
The third piece is about endpoint security, or what happens when a device leaves the network. According to Fortinet, a comprehensive zero-trust access strategy should provide off-network hygiene control, vulnerability scanning, web filtering, and patching policies.

Fortinet FortiOS 7.0 Prioritizes ZTNA

To address these needs, Fortinet’s FortiOS, the foundation of the Fortinet Security Fabric, was recently updated to include several new features, including ZTNA. With FortiOS 7.0, IT teams can “apply ZTNA to remote users, home offices, and other locations such as retail stores by offering controlled remote access to applications that is easier and faster to initiate.”

It also offers IT teams increased visibility and control when compared to legacy VPNs. An additional benefit is that with FortiOS 7.0, applications are protected whether they exist on the network or in the cloud, offering additional flexibility when allocating workloads.

Through verifying the user and device posture for every application session, the attack surface is dramatically reduced and because ZTNA specifically focuses on application access, security is ensured regardless of what network the user is on and where they are located.

An added bonus is that ZTNA is available right out of the box for FortiGate customers. It also doesn’t require a software-as-a-service solution and because it’s built into FortiOS 7.0, which provides the foundation for Fortinet’s security portfolio, ZTNA is also built into Fortinet’s other solutions, including FortiGate, FortiClient, FortiManager, and FortiAuthenticator.

Are You Interested In Zero Trust Network Access With Fortinet?

Fortinet offers comprehensive and holistic security solutions for the largest enterprise, service provider, and government organizations in the world. From NGFWs for microsegmentation to ZTNA, Fortinet ensures security without compromising performance. If you have questions about how Fortinet can help you improve enterprise security for your company, contact WEI today.

 

NEXT STEPS: Take a closer look at all the security solutions IT leaders consider essential for securing their business throughout the digital transformation journey. Our eBook, "An IT Leader's Guide to Enterprise Security in a Digital World," pulls it all together. Click below to start reading.