Story image

Protecting your client’s digital assets in the public cloud

24 Apr 17

Regardless of which particular model of cloud computing your clients adopt – Amazon Web Services (AWS), Microsoft Azure, Revera’s Vault (or any other NZ-based cloud solution) or their own virtualised environment – they still need protection. Typically the cloud provider manages the security of the cloud and the client is responsible for security in the cloud.

Fortinet’s purpose-built public cloud FortiGate firewalls are designed to run inside public cloud-based data centres to provide extra layers of protection including internal segmentation, intrusion prevention, application control, WAN optimisation, data loss prevention, anti-virus, antispam, anti-spyware and VPN (IPsec and SSL). 

More importantly, your clients can manage their Fortinet cloud-based security environment from their own familiar Fortinet ‘single pane of glass’ dashboard which allows them to automate many security operations, reduce manual intervention and monitor traffic and activity at the granular level… even in the cloud.

Security requirements remain the same

“The cloud has changed the way many Kiwi organisations manage their digital assets,” says Andrew Khan, Fortinet Senior Business Manager at Ingram Micro, New Zealand’s largest and most experienced distributor of Fortinet’s cyber security solutions.

“But their security requirements remain exactly the same: keep adversaries out of their cloud-based digital assets, isolate any malware that sneaks through the various secure gateways, mitigate adverse effects before any damage is done and keep the defenses up-to-date with the very latest real time threat intelligence. This is what Fortinet’s security fabric does and the functionality is the same regardless of where or how the digital assets are hosted.”

In effect, Fortinet’s FortiGate virtualised firewalls are simply an extension of your client’s existing Fortinet security infrastructure. They don’t have to learn new interfaces, undergo any training, figure out procedures or engage with additional service providers.

And they provide you with a sustainable solution set that ‘future-proofs’ your security revenues as your clients evolve from on-premises computing into the cloud. And, for those clients not yet Fortinet customers, this model serves as a strong incentive for them to adopt Fortinet’s security fabric.

AWS, Azure or virtual: No problem

Fortinet’s FortiGate virtual appliances are available in three distinct iterations: FortiGate Virtual Appliances that run on most virtualised architectures either in-house or cloud-based; FortiGate for AWS that runs within AWS deployments on a BYOL (bring your own licensing) basis and FortiGate for Azure that runs within Microsoft Azure, again on a BYOL basis.

In addition to FortiGate firewalls, Fortinet offers FortiWeb, FortiAnalyzer, FortiManager and FortiMail as virtualised solutions. And, of course, all of the FortiGuard Security Services are available to further protect your client’s data and applications in the cloud or in-house.


For the channel, it is absolutely essential that you steer your clients towards a BYOL solution, especially if they are taking advantage of the AWS platform. “FortiGate AWS is available from the Amazon Marketplace,” notes Khan, “but we strongly recommend that clients purchase their FortiGate licenses through Partners, ie you.

When end users buy from AWS direct, they are on their own with limited support and have no one local to turn to for assistance. So it really is up to you to explain why the BYOL paradigm is best.”

Another good reason to promote BYOL is that you will be building a relationship with the client so that you can cross-sell and upsell complementary Fortinet security solutions. “If their primary FortiGate vendor is AWS they are just another customer,” he says. “But when they buy from you they get personalised, localised and proactive support.”

Scalability & licensing fees

One of the key advantages of cloud-based computing is scalability and the ‘pay-as-you-go’ pricing model. This means that your clients have virtually unlimited capacity to scale up when the need arises and reduce excess processing and storage capacity when appropriate. As the workloads increase or decrease, the fees scale as well. Licensing fees can be based on an hourly/ annual basis (per instance) or utility-based as a function of traffic and storage. Azure is particularly helpful as they will work with BYOL customers to consolidate billing. 

“Before you get too far in offering either AWS or Azure-based FortiGate firewalls and ancillary security solutions,” continues Khan, “it would be a good idea to have a solid understanding of their own license and fee structures. In fact, helping clients figure out the best strategies for their public-cloud based implementations could become a valuable service and generate income whilst building sustainable relationships.”

Competing in a virtual world

As your customers move to the cloud they’ll reduce their hardware acquisition programmes which might affect your revenues. “Your best bet is to understand the public cloud model and add the security and expertise that cloud providers don’t offer,” concludes Khan.

“It’s a complex proposition and many end user organisations (and resellers for that matter) don’t fully appreciate the nuances. But cloud computing is here to stay and you’ll have to adapt your product and services portfolio in order to thrive. Fortinet has the solutions to help you make that transition.”

For further information, please contact:

Andrew Khan, Senior Business Manager
M: 021 819 793

James Meuli, Solutions Architect
M: 0275 520 167

Hugo Hutchinson, Business Development Manager
P: 09 414 0261 | M: 021 245 8276

White box losing out to brands in 100 GE switching market
H3C, Cisco and Huawei have all gained share in the growing competition in the data centre switching market.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Genesys PureCloud generates triple-digit revenue growth year on year
In Australia and New Zealand, the company boosted PureCloud revenue by nearly 100%.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
IDC: Standalone VR headset shipments grow 428.6% in 3Q18
The VR headset market returned to growth in 3Q18 after four consecutive quarters of decline and now makes up 97% of the combined market.
Kidd made Ingram Micro executive for cloud
Barbara Kidd has been promoted to cloud general manager as the company signs new vendors to its Cloud Marketplace.
Open source will be the next big thing for the channel
Channel firms should be on the lookout for opportunities across open source and more diverse software offerings like software-defined containers and storage.