Story image

Defence-in-depth: Hardening every component on the network

16 Oct 2017

If there are any positives to be taken from the recent Equifax data breach, which exposed the personal information of some 143 million customers in North America, it’s that cyber security has been highlighted once again as a priority for boards, C-level executives and CISOs in particular. Indeed, recent research has indicated that a company’s share price drops on average 5% on the day a data breach is disclosed. If that doesn’t make your clients think twice about investing more resource into their cyber defences, nothing will.

“There is always room for improvement when it comes to cyber security,” says Swapneil Diwaan, Business Unit Manager at Ingram Micro, New Zealand’s largest and most experienced distributor of Fortinet’s cyber security solutions.

“Your clients have most likely built up their network infrastructure over time when their major concerns were scalability, interoperability, transmission speeds, support and affordability. Security was seen as something to be tacked onto the network at the perimeter and maybe at end user devices. But as adversaries have upped their game, that approach to security is no longer viable. Your clients have to build in security at every layer on the network: devices, applications, data and users.”

“But that takes time, money, resources and strategic vision from upper level management,” continues Diwaan. “Your challenge, as a trusted advisor on cyber security, is to provide a workable plan that gives your clients clarity on how they can improve their security profile without breaking the bank.”  

Building depth into your client’s security profile

“It starts with the firewall at the perimeter,” says Rod Christie, Solutions Architect with Ingram Micro’s Fortinet Business Unit. “That is the basic unit and orchestrates every other security component. Today’s next-generation firewalls go one step further and add firewall protection between individual server instances (both physical and virtual) inside the network. Called internal segmentation, this key function of FortiGate firewalls ensures that even if malware sneaks by the perimeter, it gets stopped before it can corrupt anything else.”

Adding security to end user devices is also absolutely necessary. “It’s not enough to simply load anti-virus client-side protection,” continues Christie. “Mobile phones and laptops are at risk for any number of reasons. But they can also be a valuable tool for proactive security. For instance, FortiClient integrates endpoints into Fortinet’s Security Fabric for early detection and prevention of advanced threats. This deep real-time visibility into the network allows administrators to investigate and remotely quarantine compromised endpoints.”

Incremental implementation

“These twin strategies set the stage for incremental implementation of additional security solutions,” adds Diwaan.” For instance, inside the network itself, FortiSwitches can be fully integrated into the Security Fabric and reduce complexity and decrease overheads whilst streamlining policy management. So whenever your clients need to upgrade based on performance requirements, you can suggest a FortiSwitch. Available in multiple form factors, the data centre-ready FortiSwitch 3032D boasts a massive 2560 Gbps throughput.”

“The same is true for access points,” he continues. “Fortinet’s Secure Access Points add additional security to protect users whilst feeding valuable metrics back into the Security Fabric. Again, any time your clients want to expand their wireless coverage, you can suggest FortiAP-S series access points with on-board IPS, antivirus scanning, web-filtering and application control.”

“As your clients harden their hardware they can add more specialised security functionality on an as needed basis,” continues Diwaan. “FortiMail, FortiAuthenticator, FortiAnalyzer, FortiSandbox, FortiSIEM and other members of the Fortinet family all increase the depth and resilience of the Security Fabric. Your clients don’t have to do it all at once…if for no other reason that it might overwhelm their IT support staff… but at least they can plan specific timeframes and budget allocations.”

“It’s a winning strategy,” concludes Diwaan. “By adopting a defence-in-depth security profile, your clients will enhance protection for their data, applications, users and networks whilst reducing complexity and operational overheads. It will also provide a firm foundation for you to solidify your relationship with the client and build sustainable revenues. And, with Fortinet’s track record of innovation, you’ll be assured of a steady stream of enhancements and new solutions into the future.”

For further information, please contact:

James Meuli, Solution Architect / NSE4 Trainer Email: james.meuli@ingrammicro.com M: 027 552 0167

Rod Christie, Solution Architect Email: rod.christie@ingrammicro.com M: 027 568 0053

Jeffrey Whale, Business Development Manager Email: jeffrey.whale@ingrammicro.com M: 027 543 5927

Gerrard Kennedy, Business Development Manager Email: gerrard.kennedy@ingrammicro.com M: 027 543 8212

Swapneil Diwaan, Business Manager Email: swapneil.diwaan@ingrammicro.com M: 021 240 1240

Virtustream launches new services for cloud applications
The new suite of professional and managed services expands Virtustream’s enterprise application and services solutions.
Secureworks Magic Quadrant Leader for Security Services
This is the 11th time Secureworks has been positioned as a Leader in the Gartner Magic Quadrant for Managed Security Services, Worldwide.
Datto expands A/NZ presence with Sydney office
This investment will enable Datto and its partners to continue to grow and address the IT needs of small and medium businesses (SMBs) in the region.
Google puts Huawei on the Android naughty list
Google has apparently suspended Huawei’s licence to use the full Android platform, according to media reports.
New Zealand Govt announces cloud framework agreement with SAP
“Data-driven solutions are the most powerful way to solve some of society’s most pressing problems."
How digitisation delivers speed to Porsche service documents
With its Service Department drowning in paperwork, Giltrap Porsche looked to Fuji Xerox New Zealand and its DocuShare Flex cloud document management solution for digital answers.
AI driving 'unprecedented' M&A growth
Breakthroughs in artificial intelligence are causing ‘unprecedented’ growth for mergers and acquisitions, as companies grapple for their share of an AI market that will be worth $190 billion by 2025.
DimData: Fear finally setting in amongst vulnerable orgs
New data ranking the ‘cybermaturity’ of organisations reveals the most commonly targeted sectors are also the most prepared to deal with the ever-evolving threat landscape.