Consistency is critical for securing cloud deployment

Asia-Pacific enterprises often lack uniformed visibility and security enforcement across their IT environments, which can slow their ability to combat cyber attacks.

Organisations in Asia-Pacific often do not have a uniform view of their entire IT environment, which can encompass multiple cloud platforms and a multitude of web-connected devices including Internet of Things (IoT). This can slow down their ability to counter cyber attacks.

Enterprises typically have too many security point solutions to manage and find it difficult to scale up, said Sean Hong, Fortinet's Southeast Asia and Hong Kong director of strategic alliance for cloud.

Speaking at Fortinet's 361┬░Security 2019 in Singapore, he noted that this brought about several challenges for these enterprises in terms of their ability to secure their IT environment in a consistent manner. The security conference series wrapped up in the city-state following a nine-city roadshow across the Asia-Pacific region that included Bangkok, Jakarta, Manila, Yangon, Kuala Lumpur, Ho Chi Minh City, Hanoi, and Hong Kong.

To help them resolve these challenges, Fortninet created Security Fabric, which was designed to sit across all major cloud platforms, with native integration to enable organisations to better manage all these security endpoint solutions. This also facilitates automation and reliable enforcement of their security policies, Hong said.

Hong added: "We support organisations' journey to the cloud by focusing on their need for consistent visibility across their heterogeneous cloud environments, including public and private clouds. They also want consistent security enforcement across these different environments, so our solutions are built to help them maintain functionality and security at all times.

"Furthermore, most organisations' security environments are made up of multiple point solutions, which become difficult to manage and scale up," he said. "By providing native integration for Fortinet users across different cloud environments, they can enjoy automation and have a consistent security posture."


Sean Hong, Fortinet's Southeast Asia and Hong Kong director of strategic alliance for cloud.

With Fortinet's Security Fabric, he said, all the different security components can be managed under the same management platform via a single control pane.

Fortinet Singapore's country director Thiantara Kruathorn said the convergence between network and security are especially critical as data speeds continue to increase and the number of connected devices might outgrow the number of users on the network.


Fortinet Singapore's country director Thiantara Kruathorn.

Without this convergence, companies would not be agile or fast enough to respond to threats and protect their data effectively, Kruathron said during his opening address at the conference.

Importance of secure SD-WAN

Fortinet's Southeast Asia and Hong Kong senior business development manager Wong Ching Ping noted: "In this hyperconnected environment, we need to look at what we're connecting, which is not just users but also objects such as IoT devices. To connect them, what's required is fast and secured connectivity."

This, Wong said, underscored the importance of solutions such as Fortinet's Secure SD-WAN (software-defined WAN). The underlying purpose of this solution is to provide the robust infrastructure that facilitates high quality, secured connectivity between sites and objects.


Fortinet's Southeast Asia and Hong Kong senior business development manager Wong Ching Ping.

He added that Fortinet's Secure SD-Branch has also enabled customers to converge their security and network access, bringing the benefits of the vendor's Security Fabric solution to their distributed branches.

Secure SD-Branch encompasses Fortinet's next-generation firewall FortiGate, network access control FortiNAC, FortiSwitch, and FortiAP, which consolidates branch services for network edge as well as device edge protection.

Wong said: "Together, Fortinet's Secure SD-WAN and SD-Branch solutions bring about best of both worlds for customers, delivering robust connectivity in terms of performance as well as security in this hyperconnected world."

To further secure organisations' network environment, the security vendor also deploys various techniques to block hackers from causing further damage.

Fortinet Singapore's manager for systems engineering Yeo Hsien Loong said: "We look at the applications that companies use most, specifically email and web services, which are the most susceptible to attacks due to the prevalence of malicious malware and websites.

"Through our Deception technology, Fortinet lures attackers into a safe zone in the network and from there, expose their position or what they're attempting to achieve with their attacks," Yeo said. "We then can carry out the necessary mitigation and reduce the attack surface in our customers' environment."

He noted that enterprises also could be easily infected when employees visit websites with malicious scripts. To address this, Fortinet provides an isolated web environment that allows customers to access any website without directly accessing the site in a public domain. This reduced or prevented the download of scripts directly onto the end-point device or customers' network environment, he explained.

Fortinet's Southeast Asia and Hong Kong principal consultant Anthony Lim said: "In today's hyperconnected world, where organisations embrace technology such as IoT, BYOD (Bring Your Own Device), mobile apps, and cloud, they now have to defend against more devices and endpoints that connect to their network. So instead of having one door to protect, they now have multiple doors to protect."


Lim urged organisations to galvanise their various department leads and collectively agree on how they should defend the company's network. They also must understand where their networks are connected in order to identify connection points through which hackers could potentially breach, he said.

"Fortinet's secure D-WAN solution encourages security-driven networking and adds to a company's cyber resilience," he said. "It espouses the need to think about security first before building your network, compared to the old way of thinking where you build the network first and then figure out what security should be.

"This is critical because there are so many endpoints to consider," he said. "In cyber resilience, it's about security-driven network advocacy rather than network first, security second."

Make your cloud migration a success. Explore how Fortinet's dynamic cloud security solutions can work for you.