SOLUTION BRIEF

FORTINET AND TUFIN INTEGRATED SECURITY SOLUTIONNetwork Security Policy Orchestration for Fortinet Firewalls

FORTINET AND TUFIN PROVIDE SECURE, MANAGEABLE AND COMPLIANT ENVIRONMENTS

Fortinet and Tufin have developed an integrated offering for comprehensive network security policy orchestration. Together, the Tufin Orchestration Suite with Fortinet FortiGate firewalls and FortiManager network security management products reduce attack surface for mitigation of cyber threats. The joint offering enables IT security teams to manage complex heterogeneous physical networks and cloud platforms through a single pane of glass, providing advanced visibility and risk-free policy modifications. Based on advanced analysis and automation technologies, network security policies are orchestrated across the enterprise networks, leveraging the advanced capabilities and unparalleled security protection of Fortinet FortiGate firewalls.

TUFIN ORCHESTRATION SUITE INTEGRATES WITH FORTIMANAGER

Network security changes require end-to-end analysis for risk and compliance, change management, documentation, authorization, audit trails and so forth. Tufin Orchestration Suite is a comprehensive solution for these challenges – for automatically managing, designing, provisioning, analyzing and auditing network security changes from the application layer down to the network layer. Tufin’s solution provides management and network security change automation for Fortinet FortiGate firewalls through FortiManager network security management. This integration enables the addition of Fortinet FortiGate firewalls as part of the organization’s network in a smooth and simple manner.

AUTOMATIC NETWORK SECURITY CHANGE DESIGN AND VERIFICATION

Tufin significantly shortens the time previously required to make network security changes by automating both design and implementation. Automation is based on cutting-edge network topology simulation that identifies the relevant devices affected and performs an analysis of each relevant firewall policy. Then a detailed change plan is suggested and, once approved, deployed to security and network devices. This ensures a quick and accurate process to grant the needed application connectivity while maintaining the network security policy.

KEY BENEFITS

nn Unparalleled security protection

nn Single pane of glass for managing security policies across network firewalls, private cloud and public cloud

nn Optimize security policies

nn Reduce attack surface for mitigation of cyber threats

nn Implement network security changes securely in minutes

nn Assure business continuity by minimizing network and application downtime

nn Enable continuous compliance with enterprise and industry regulations

nn Improve security, compliance and business agility through firewall change automation.

SOLUTION BRIEF: FORTINET AND TUFIN INTEGRATED SECURITY SOLUTION

Copyright © 2018 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.

GLOBAL HEADQUARTERSFortinet Inc.899 Kifer RoadSunnyvale, CA 94086United StatesTel: +1.408.235.7700www.fortinet.com/sales

EMEA SALES OFFICE905 rue Albert Einstein06560 ValbonneFranceTel: +33.4.8987.0500

APAC SALES OFFICE300 Beach Road 20-01The ConcourseSingapore 199555Tel: +65.6513.3730

LATIN AMERICA HEADQUARTERSSawgrass Lakes Center13450 W. Sunrise Blvd., Suite 430Sunrise, FL 33323Tel: +1.954.368.9990

February 20, 2018 11:17 AM

GAIN INSIGHT AND CONTROL OVER COMPLEX NETWORKS

Understanding network and cloud segmentation is a major challenge for IT experts. Tufin’s Security Zone Matrix simplifies this task by visually mapping the desired network zone-to-zone traffic flow and instantly providing detailed insights across all platforms, including which services are allowed between different network zones and zone sensitivity, restricting unauthorized east-west traffic.

FIGURE 1: TUFIN’S ZONE-BASED UNIFIED SECURITY POLICY ENABLES POLICY

OPTIMIZATION AND NETWORK SEGMENTATION AND REDUCES THE ATTACK

SURFACE.

OPTIMIZE YOUR FIREWALLS

Tufin Orchestration Suite helps enterprises optimize firewalls across heterogeneous environments with:

nn Optimization of policies by identifying rules and objects that are misconfigured, risky or unused

nn Recommendations for aligning firewall policies with industry best practices

nn Firewall analysis and reporting tools that enable security teams to achieve better productivity

nn Built-in, customizable workflows for network and firewall changes

nn Integration with leading enterprise service management solutions, e.g., BMC Remedy and ServiceNow.

PROACTIVE RISK ANALYSIS AND IMPACT SIMULATION

Every change made to the firewall configuration is a potential threat to data security and application availability. Simulating the impact of a change is virtually impossible without the proper tools. As part of the automated change process, Tufin Orchestration Suite checks every access rule against your corporate security and internal compliance policies to identify and flag potential risks.

CONTINUOUS REGULATORY COMPLIANCE WITH INDUSTRY STANDARDS

Tufin Orchestration Suite provides closed-loop process for enforcing, verifying and maintaining an automated audit trail for compliance with industry standards such as PCI DSS, SOX, and NERC CIP. Every firewall policy change is evaluated before implementation ensuring safe deployment ahead of time. In addition, manual changes that result in compliance issues are detected automatically and a resolution fix plan is suggested.

ABOUT TUFIN ORCHESTRATION SUITE

Tufin Orchestration Suite™ is a complete solution for automatically managing, designing, provisioning, analyzing and auditing network security changes from the application layer down to the network layer. It minimizes errors and redoes for rapid service delivery, continuous compliance and business continuity. Tufin provides world-class network security policy orchestration solutions that enable organizations around the world to manage network configuration changes accurately and efficiently. By orchestrating complex processes involving multiple teams, applications, servers and network devices, Tufin addresses the challenges of a variety of stakeholders throughout the organization, while enabling them all to collaborate more effectively.