ChannelLife New Zealand - Industry insider news for technology resellers
Story image
Protecting your client’s digital assets in the public cloud
Mon, 24th Apr 2017
FYI, this story is more than a year old

Regardless of which particular model of cloud computing your clients adopt – Amazon Web Services (AWS), Microsoft Azure, Revera's Vault (or any other NZ-based cloud solution) or their own virtualised environment – they still need protection. Typically the cloud provider manages the security of the cloud and the client is responsible for security in the cloud.

Fortinet's purpose-built public cloud FortiGate firewalls are designed to run inside public cloud-based data centers to provide extra layers of protection including internal segmentation, intrusion prevention, application control, WAN optimisation, data loss prevention, anti-virus, antispam, anti-spyware and VPN (IPsec and SSL).

More importantly, your clients can manage their Fortinet cloud-based security environment from their own familiar Fortinet ‘single pane of glass' dashboard which allows them to automate many security operations, reduce manual intervention and monitor traffic and activity at the granular level… even in the cloud.

Security requirements remain the same

“The cloud has changed the way many Kiwi organisations manage their digital assets,” says Andrew Khan, Fortinet Senior Business Manager at Ingram Micro, New Zealand's largest and most experienced distributor of Fortinet's cyber security solutions.

“But their security requirements remain exactly the same: keep adversaries out of their cloud-based digital assets, isolate any malware that sneaks through the various secure gateways, mitigate adverse effects before any damage is done and keep the defenses up-to-date with the very latest real time threat intelligence. This is what Fortinet's security fabric does and the functionality is the same regardless of where or how the digital assets are hosted.

In effect, Fortinet's FortiGate virtualised firewalls are simply an extension of your client's existing Fortinet security infrastructure. They don't have to learn new interfaces, undergo any training, figure out procedures or engage with additional service providers.

And they provide you with a sustainable solution set that ‘future-proofs' your security revenues as your clients evolve from on-premises computing into the cloud. And, for those clients not yet Fortinet customers, this model serves as a strong incentive for them to adopt Fortinet's security fabric.

AWS, Azure or virtual: No problem

Fortinet's FortiGate virtual appliances are available in three distinct iterations: FortiGate Virtual Appliances that run on most virtualised architectures either in-house or cloud-based; FortiGate for AWS that runs within AWS deployments on a BYOL (bring your own licensing) basis and FortiGate for Azure that runs within Microsoft Azure, again on a BYOL basis.

In addition to FortiGate firewalls, Fortinet offers FortiWeb, FortiAnalyzer, FortiManager and FortiMail as virtualised solutions. And, of course, all of the FortiGuard Security Services are available to further protect your client's data and applications in the cloud or in-house.


For the channel, it is absolutely essential that you steer your clients towards a BYOL solution, especially if they are taking advantage of the AWS platform. “FortiGate AWS is available from the Amazon Marketplace,” notes Khan, “but we strongly recommend that clients purchase their FortiGate licenses through Partners, ie you.

When end users buy from AWS direct, they are on their own with limited support and have no one local to turn to for assistance. So it really is up to you to explain why the BYOL paradigm is best.

Another good reason to promote BYOL is that you will be building a relationship with the client so that you can cross-sell and upsell complementary Fortinet security solutions. “If their primary FortiGate vendor is AWS they are just another customer,” he says. “But when they buy from you they get personalised, localised and proactive support.

Scalability - licensing fees

One of the key advantages of cloud-based computing is scalability and the ‘pay-as-you-go' pricing model. This means that your clients have virtually unlimited capacity to scale up when the need arises and reduce excess processing and storage capacity when appropriate. As the workloads increase or decrease, the fees scale as well. Licensing fees can be based on an hourly/ annual basis (per instance) or utility-based as a function of traffic and storage. Azure is particularly helpful as they will work with BYOL customers to consolidate billing.

“Before you get too far in offering either AWS or Azure-based FortiGate firewalls and ancillary security solutions,” continues Khan, “it would be a good idea to have a solid understanding of their own license and fee structures. In fact, helping clients figure out the best strategies for their public-cloud based implementations could become a valuable service and generate income whilst building sustainable relationships.

Competing in a virtual world

As your customers move to the cloud they'll reduce their hardware acquisition programmes which might affect your revenues. “Your best bet is to understand the public cloud model and add the security and expertise that cloud providers don't offer,” concludes Khan.

“It's a complex proposition and many end user organisations (and resellers for that matter) don't fully appreciate the nuances. But cloud computing is here to stay and you'll have to adapt your product and services portfolio in order to thrive. Fortinet has the solutions to help you make that transition.

For further information, please contact:

Andrew Khan, Senior Business Manager Email: M: 021 819 793

James Meuli, Solutions Architect Email: M: 0275 520 167

Hugo Hutchinson, Business Development Manager Email: P: 09 414 0261 | M: 021 245 8276