What is the Fortinet Security Fabric?

The Fortinet Security Fabric: An Overview

Whether you own a Fortinet product or you’re just shopping around, the Fortinet Security Fabric is a term you’re probably seeing a lot of these days. But what is it? Just like actual fabric – many individual fibers weaved together – the Security Fabric is Fortinet’s vast security portfolio intertwined. In short, it’s an integrated solution allowing you to see, manage, and secure your network products in one place. In long? Let’s get into it.

Blog Banner General Buy Now Red-High-Quality

Fortinet Security Fabric

It Starts With the Firewall

Here at Firewalls.com, we often refer to a firewall as the cornerstone of any network setup. The Fortinet Security Fabric treats it that way as well. It’s the hub around which all the spokes of the wheel connect – forgive the mixed metaphors. In this case, with your FortiGate next generation firewall – aka NGFW – you can coordinate the behavior of other Fortinet (and partner) products. That means your FortiGate can run your security show with visibility into all corners of your network. And by the way, it can also function as a Secure SD-WAN powerhouse in case you’ve missed that news. It supports a variety of other security technologies all under the same FortiOS operating system, including:

  • Secure Wi-Fi and Switching Access
  • Network Access
  • The single-console Fabric Management Center
  • Open Fabric Ecosystems for partner integrations
  • Cloud Infrastructure
  • Business-Critical Applications
  • Security Operations for automated threat detection, prevention, & response
  • Endpoint Protection

What is the goal of the Fortinet secure access solution?

The Fortinet secure access solution as it’s sometimes termed, encompasses secure switching and wireless. The goal is network access that’s easy to manage for admins while at the same time high performing for users.

Access is a word that pops up a few times in this conversation – as both creating and controlling it is key for an optimized, secure network. The Security Fabric integrates with FortiAPs to provide and manage secure wireless access and FortiSwitches to do what switches do – essentially create a network. And speaking of access, with the Fortinet Security Fabric, you can implement a zero-trust network access policy throughout your network.

It starts with network access detection, continuous monitoring,  and control. Next, you can implement multi-factor authentication with a solution like FortiToken. Finally, ongoing visibility and access control of all your endpoints is a must – something you can accomplish with FortiClient. When implemented together, you’ll make it extremely difficult for hackers to gain access to your network – keeping your important data secure.

Blog Banner General Buy Now Red-High-Quality

How does the Security Fabric secure my network?

The Security Fabric is designed with network security as a priority. Fortinet refers to this as security driven networking. This begins with the FortiGate firewall as the front-line network protector. But it also includes the secure access solutions of the switch and wireless appliances, and dynamic cloud security to secure your cloud presence.

We’ve already discussed some of the role the FortiGate plays in the Security Fabric, but let’s expand a bit more. We already know the FortiGate is a firewall. But it also includes other critical security measures. These include a secure web gateway to help stop phishing attacks, SSL/TLS decryption to catch encrypted threats without slowing performance, and intent-based segmentation. And we can’t forget about the Secure SD-WAN component which extends this security outside the physical boundaries of the office to branch locations.

As for the cloud, the Security Fabric integrates a wide array of cloud-based security solutions. We know everyone has some type of cloud presence, so staying protected in that space is paramount. In addition to the FortiGate firewall, Fortinet offers FortiWeb web application firewalls. Email is also a major player in the cloud, and we know that email is a main entry point for malware. The good news is FortiMail is built to stop both traditional and advanced email threats.

Another note on all this security talk. The Fortinet Fabric Manager is your single console to manage all of the solutions mentioned above – and more. But the beauty is you won’t have to micromanage your security. Fortinet’s solutions heavily leverage artificial intelligence and automated security. FortiGuard AI incorporates real-time threat data gathered by FortiGuard Labs to ID and stop just about any online hazard you can think of. In essence, Fortinet Security Fabric solutions are constantly working behind the scenes to stop threats.

Who are Fortinet Security Fabric partners?

The list of Fortinet Security Fabric open fabric ecosystem partners is too numerous to include here. But these partners include heavyweights like Amazon Web Services, Google Cloud, Intel, Oracle, and Siemens to name just a few. The partners leverage the Security Fabric to offer end-to-end security solutions in partnership with Fortinet. It’s just one more way your network gets comprehensive coverage.

How do I get started with the Security Fabric?

We’ve touched on a number of aspects of the Security Fabric in this piece. But in the end, as in the beginning, it all comes back to the firewall. To get started on your Security Fabric journey, find the FortiGate firewall that’s right for your network.

 


SonicWave vs Ubiquiti Wireless Access Points

SonicWave vs Ubiquiti Wireless Access Points

Comparing SonicWave wireless access points to competitors like Ubiquiti can pose a challenge. Which stats are important when selecting an AP? What makes SonicWave so secure? How does  high performance Wave 2 wireless factor in when it comes to super fast WiFi at a low total cost?

SonicWave is the latest series of wireless access points from SonicWall. In short, Wave 2 wireless provides:

  • Gigabit WiFi potential
  • More bandwidth for connected devices
  • Additional 5 GHz channels
  • Improved user experience
  • Beamforming & bandsteering

Blog Banner General Buy Now Red-High-Quality

SonicWave 224W

Beamforming & Bandsteering

In the past, wireless coverage acted sort of like a lightbulb. For instance: you turn it on, light spills out in all directions, and the whole room is evenly lit. Beamforming is more like a flashlight (or a torch for our UK friends). That is to say, it allows more direct and focused paths for connectivity. When a device attempts to connect to your wireless AP, onboard engines determine which channel and device will provide the highest quality connection at the time.

To sum up, key benefits of beamforming include:

  • More stable, reliable connectivity
  • Faster data transfers & fewer errors
  • Reduced interference
  • Better “signal-to-noise” ratio

In addition, bandsteering is a game changer for WiFi. Bandsteering is the process of using dual-band WiFi, allowing APs to choose which Gigahertz band will provide the highest performance.

  • 2.4 GHz – Slower data transfer, more interference, but larger coverage area & penetration
  • 5 GHz – Higher speeds, more reliable connections, & less congestion

Sometimes the higher capacity 5 GHz band is the faster option. However, in some cases the 2.4 GHz can be the best bet if 5 GHz is congested or a little out of reach. With bandsteering, you do not have to decide. SonicWaves automatically connect to the most efficient band. In other words, the AP does the thinking for you.

Go Controller-Free with SonicWave

SonicWall SonicWave APs feature easy deployment and management options that lower costs. There is no need to purchase a separate wireless controller because your wireless network can be managed through the firewall. Single pane of glass management means less clicking around in multiple tabs and windows to find what you’re looking for. You also have the option of SonicWall’s WiFi Cloud Manager, which offers several bonus features of its own.

Blog Banner General Buy Now Red-High-Quality

Network Security Integration

SonicWall comes backed by multiple decades in the greater network security world. While Ubiquiti excels in their own little fish bowl, SonicWall is a shark that has prowled every corner of the cybercrime seven seas. Above all, SonicWave access points integrate into a larger, centrally managed network with real-time communication and unified threat protection operating across several security layers.

Because SonicWall sports a pedigree in security, SonicWave APs are built with security foremost in mind. That means SonicWaves benefit from:

  • Automatic firmware updates
  • Security alerts & rich analytics
  • SSL/TLS decryption & inspection
  • Wireless intrusion detection & prevention

Dedicated Security Radio

SonicWave 400 series access points include three radios. The first two radios operate on the 2.4 GHz and 5 GHz bands. Most importantly – when it comes to a protected network – the third radio is there just to secure your WiFi! SonicWave’s security radios scan for rogue access points and perform other wireless security tasks. Additional security-related features include:

  • Rogue AP Scanning
  • Virtual AP Segmentation
  • RF Monitoring
  • Passive Scanning
  • Wireless Packet Capture

SonicWave 432i vs Ubiquiti Quick Comparisons

Here we break out a few quick side-by-side stats comparing SonicWave APs vs a Ubiquiti UniFi Pro:

Antennas

  • SonicWave: 8 fully internal antennas
  • Ubiquiti: 3 dual-band antennas

802.11ac Max Date Rates

  • SonicWave: 2.34 Gbps – 3.47 Gbps
  • Ubiquiti: 450 Mbps – 1.3 Gbps

Interfaces & Ports

  • SonicWave: (1) 10/100/1000 RJ-45 Ethernet/PoE; (1) 100/1000/2.5 GbE RJ-45 Ethernet; (1) RJ-45 Console; (1) USB 2.0
  • Ubiquiti: (2) 10/100/1000 RJ-45 Ethernet; (1) USB 2.0

MIMO

  • SonicWave: 4×4 MU-MIMO
  • Ubiquiti: 3×3 MIMO

If you’re looking for the bare bones to get a Wi-Fi network up, a Ubiquiti UniFi access point may do the job. If you’re serious about wireless networking, unified security, and user experience, a SonicWave 432i or SonicWave 231c is a better fit for you. SonicWave access points come with the peace of mind that your wireless equipment was home-grown by a company steeped in network security know-how. The demand for fast, stable wireless access continues to grow. Therefore, the volume and variety of advanced attacks targeting WiFi networks will also grow. A SonicWave wireless AP is the way to go for small businesses with cyber security in mind.

 


How to Choose a Cisco Meraki MS Switch for your Small Business

Shopping for Cisco Meraki MS Switches

Cisco Meraki MS Network Switches provide Layer 2 switching that unifies devices. Meraki switches fit best in small businesses, branch offices, distributed enterprises, campuses, and other complex deployment settings. These gigabit switches include SFP+ uplinks on all models. At the high end, Meraki switches reach up to 800 Gbps of switching capacity.  In other words, a Cisco Meraki MS Switch is an ideal fit for a wide range of situations.

Managed through a simple single-pane-of-glass interface, Cisco Meraki MS switches excel in the cloud. Extend greater visibility and control across the network. Because of these features, admins can easily track:

  • User activity
  • Security events
  • Configuration changes

Cisco Meraki MS Switches are stackable. So SMBs can easily add future switches to meet business growth – perfect for scalability.

Blog Banner General Buy Now Red-High-Quality

 

Cisco Meraki MS Switch MS120-48

Why Cisco Meraki MS Switches?

Network switches connect all the devices your business uses. Whether they be VoIP phones, wireless APs, firewalls, SMA devices, or others, a switch acts at the central hub of traffic routing. Cisco Meraki MS Switches intelligently link devices across your network. As a result, admins can take control with:

  • Role-based administration
  • Fully cloud-based management
  • Remote diagnostics tools
  • Packet capture
  • Automated downtime email alerts

Cisco Meraki MS switches let small businesses take advantage of enterprise-grade features without paying enterprise prices. In addition to traditional Ethernet features, MS switches include:

  • MAC Whitelists & MAC Authentication Bypass (MAB)
  • Dynamic ARP Inspection
  • VLAN configuration settings for individual ports
  • Traffic monitoring through port mirroring

And there’s more: deploying a Cisco Meraki MS switch is simple. Plug it in. That’s it.

With auto-provisioning, SMBs that lack IT talent can quickly deploy across multiple sites. That is to say, no messing around with command lines. No complex setup needed. Zero-touch deployment makes Meraki switches a plug-and-play experience.

Choosing a Cisco Meraki MS Switch

Finding a network switch can be a challenge if you’re not familiar with important tech specs and features. So here are a few key features to keep an eye out for:

Power Configuration

Cisco Meraki MS switches include a single power supply, with additional power supply units sold separately. Power supply configurations are hot-swappable, so you can say goodbye to downtime.

Switching Capacity

Switching capacity refers to the total amount of data that a network switch can handle. Vendors measure this in Gbps. If you’re getting a gig or more from your ISP, then you’ll want a network switch that can handle that traffic volume without losing the speed you paid for.

Interfaces

The whole point of a network switch is to act as a central hub. That means you’ll want a lot of ports and types of interfaces to meet the needs of your setup. Cisco Meraki MS switches come in:

  • 8-port
  • 16-port
  • 24-port
  • 48-port

Uplinks

Network switch uplinks are important for stacking. To clarify, uplinks allow two similar devices to directly connect. Whereas devices once required a crossover cable to “talk” back and forth, an uplink port allows your MS appliance to internally route communication between devices.


 

Blog Banner General Buy Now Red-High-Quality

Still Have Questions about Network Switches?

To sum up, Cisco Meraki MS switches are great for SMBs and branches to centralize all their devices. Firewalls.com provides plain-language product knowledge to our customers. This ensures you make a wise security investment. Next, check out our other network switch tools to see if a Cisco Meraki switch is right for you.

Read our article Five Things to Consider Before Buying a Network Switch

Watch our Video Buyers Guide for Network Switches


Best affordable firewall for small businesses

Affordable firewalls that won’t leave you dreaming of bigger budgets

Affordable firewalls are a necessity for small businesses. Especially if they need strong network security in place fast. However, finding an affordable firewall can be tough. Not sure sure how to find SMB firewalls that give real bang for the buck?

Find the best affordable firewall you can rely on for years to come with a few options Firewalls.com recommends:

Blog Banner General Buy Now Red-High-Quality

What sets an affordable firewall apart from a cheap firewall?

Firstly, what do we mean by an affordable firewall? We mean a next generation firewall that reliably delivers high-speed performance and advanced security at a cost-efficient “pound for pound” level. Many third party authorities such as NSS Labs and Gartner measure and quantify high quality, affordable firewalls. This is often done with metrics like “Total Cost of Ownership” and “Price per Protected Mbps.”

Firewall vendors are constantly racing to extend enterprise-grade, multi-gig firewalls to smaller and smaller user bases. The Next Generation Firewall (NGFW) era has grown fully ripe. Now savvy SMBs can get even newer next-er generations of NGFWs. If they know where to look.

Fortinet 40F – Affordable firewall with jaw-dropping stats

The FortiGate 40F launched in 2020 as part of Fortinet’s new F-Series firewalls. The tiny titan FortiGate 40F can reach speeds of up to 5 Gigabits per second. That’s twice as fast as the FG-50E which costs over $50 more! And don’t forget its purpose-built processor for top-notch Secure SD-WAN capabilities.

Secure SD-WAN with FortiGate 40F

The tech specs for the FG-40F are insane for such an affordable firewall.


 

SonicWall TZ 350 – Affordable firewall built to stop ransomware

SonicWall launched the TZ series as NGFWs for SMBs. Now the next gen of NGFWs are sprouting up with new additions like the SonicWall SOHO 250 and SonicWall TZ 350. The SonicWall TZ350 is faster and supports more SSL VPN licenses than the TZ300.

With SonicWall Capture Advanced Threat Protection (ATP) enabled, you get a super fast cloud-based sandbox that uses AI and behavior-based scans. First, identify potential threats. Then isolate them in quarantine. Finally, detonate them before they can touch your network. This squashes the threat of ransomware right in your inbox.


Blog Banner General Buy Now Red-High-Quality

Sophos XG 106 – Affordable firewall with added on-board memory

The Sophos XG 106 is a major revision of the XG 105. The XG 106 includes upgraded onboard memory RAM. XG firewalls use an integrated Solid State Drive (SSD).

XG 106

Sophos XG firewalls are affordable, but still satisfy the cravings of network admins looking for advanced features, increased visibility & control, and synchronized real-time security.


 

WatchGuard T35 – Affordable firewall made to grow with you

WatchGuard T-Series Firebox appliances are built with scalability in mind. That means if your small business doesn’t stay a small business, you can easily expand your network security setup without having to rip and replace from the ground up.

T35

The term “future-proof” is often used to describe the T-Series. WatchGuard makes it easy to upgrade existing services and add emerging tech to your current setup.

 


← Older posts Newer posts →