Managed Security Services - MSSP

Software-defined wide-area networking (SD-WAN) affords managed security service providers (MSSPs) an incredible opportunity: to increase their footprint at customer sites by expanding into networking services. The opportunity is equally attractive to customers, as it enables them to scale their network traffic using the public internet without paying for new multiprotocol label switching (MPLS) bandwidth. But security is a big challenge for companies considering SD-WAN, as network traffic moving on the public internet opens a big, new element of the attack surface.

Other SD-WAN offerings are often based on point products that are purchased and administered separately from a security solution. This can reduce margins, degrade security, and reduce the overall quality of the service. FortiGate Secure SD-WAN combines complete security and robust networking performance in a single platform, enabling MSSPs to broaden their reach profitably.

Such an offering also provides the potential for an MSSP to expand its services to secure networking at branch locations without adding additional point products with Fortinet SD-Branch. The solution includes FortiGate next-generation firewalls (NGFWs) combined with switching, wireless access, and network access control (NAC) tools.

Launching a managed secure SD-WAN service powered by Fortinet brings a number of advantages to MSSPs:

• The opportunity to grow ARPU at existing customer sites by expanding into networking services to, from, and within branch locations
• The ability to grow this new business over time with a lack of expensive additional contracts and deployments required
• Operational efficiency and enhanced profitability by delivering the service via a fully integrated, multi-tenant toolset

Building and staffing a security operations center (SOC) is an expensive undertaking for organizations of all sizes, and maintaining it on a 24×7 basis can be an ongoing resource drain for the security team. Unfortunately, the cybersecurity skills shortage means that the problem is only getting worse.

Yet, the visibility and actionable insights that can be derived from an SOC are important for the business.

MSSPs can fill this gap by delivering a range of services from their own SOC. These services can be offered at specific levels or as tailored services for individual customers’ needs. For example, many customers benefit from managed security information and event management (SIEM) services because of the deep visibility and analytics they provide. And managed detection and response services can leverage artificial intelligence (AI)-driven threat intelligence and indicators of compromise (IOCs) feeds to add layers of protection to customer environments. Customers can even have their own login to view the analytics for themselves.

The Fortinet Security Fabric, powered by FortiSOAR and FortiSIEM enables MSSPs to build a full-spectrum SOC with end-to-end integration across the entire architecture. Numerous security tools from Fortinet and third-party Fabric Partners integrate seamlessly into the Fabric, and Fortinet’s open architecture and robust representational state transfer application programming interface (REST API) enable MSSPs to integrate other solutions. MSSPs managing small to mid-sized enterprises with smaller IT security teams can use FortiSIEM and/or FortiAnalyzer for security operations. For managing large enterprises and with a mature SOC team, FortiSOAR and the Fortinet Security Fabric provide the best functionality, performance, and value.

Delivering managed SOC services using the Fortinet Security Fabric brings these benefits to MSSPs:

• The ability to offer comprehensive services without managing a plethora of point products
• The benefit of real-time, AI-powered threat intelligence along with other layers of protection against unknown threats
• Operational efficiency and enhanced profitability by delivering the service via a fully integrated, multi-tenant toolset

Organizations are moving more and more business-critical applications to public cloud platforms, with public cloud spending expected to exceed $20 billion this year—an annual growth rate of more than 17%. Unfortunately, the rapid adoption of sprawling cloud infrastructures increases security operations complexity, and the result is often that cloud-based applications are vulnerable.

Managed security service providers (MSSPs) can offer comprehensive cybersecurity protection for all services running on multiple clouds. Alternatively, they can offer protection on an application-by-application basis using a Web Application Firewall (WAF)-as-a-Service model. Both approaches can increase an MSSP’s footprint at customer sites. At the same time, operational efficiencies derived from end-to-end integration can increase their margins.

Fortinet offers robust, cloud-native tools to bring MSSP customers’ entire distributed cloud infrastructure together under a single umbrella, with consistent security protection, policy management, and configuration management. FortiGate VM brings the NGFW to a virtual machine that works well for cloud environments, and the FortiWeb web application firewall (WAF) is available in several form factors, including Software-as-a-Service (SaaS). The FortiCASB cloud access security broker (CASB) service and the FortiCWP cloud workload protection (CWP) tool deliver visibility, compliance, threat protection, and configuration management across the cloud infrastructure.

A managed cloud security service powered by Fortinet brings these advantages to MSSPs:

• Security tools native to each cloud bring a consistent set of security policies and practices to all customer cloud deployments
• Inline, real-time threat intelligence in FortiWeb enables instant, automated response to security events
• Operational efficiency and enhanced profitability by delivering the service via a fully integrated, multi-tenant toolset

Organizations are relying on an increasing number of web applications, and users are expecting to access these business-critical applications from any internet connection, on any device. Since they no longer have the luxury of keeping these applications inside the traditional network perimeter, these internet-facing web applications cannot be protected via traditional perimeter-based defenses. A web application firewall (WAF) is the first line of defense for web applications. FortiWeb delivers a WAF that can deliver protection anywhere organizations deploy applications, including in public and private cloud environments.

As customers roll out new applications in cloud environments, they need MSSPs that can take on the challenge of securing their web applications. Launching a managed WAF-as-s-Service powered by FortiWeb Cloud WAF as a Service brings a number of advantages to MSSPs, including:

• Industry-leading WAF protection against advanced threats
• Robust protection against common vulnerabilities such as the OWASP Top 10
• The ability to protect applications deployed in public cloud environments, including AWS, Azure, and Google Cloud, with minimal upfront investment
• Ability to leverage the public cloud to deliver a scalable, multi-tenant solution with the role-based access control and management APIs that MSSPs require
• The ability to deliver the same protection to applications deployed with WAF-as-a-Service hosted on the private cloud with FortiWeb Private Cloud