A 3 Point Approach to Security Automation

Posted by Shruthika Kamat on June 15, 2018 at 1:13 PM

The recent WannaCry ransomware worm hit an estimated 74 countries worldwide and affected more than 550,000 total computers – 60,000 in just its first day. And now Petya is following in Wannacry’s footsteps, exploiting the same Windows vulnerability to get infosec pros scrambling again. With high impact attacks becoming faster and more sophisticated than ever, security needs to evolve as well. And the best way to even the playing field is through security automation.

Piecemeal Security Approaches Make You Vulnerable

Today’s diverse, distributed networks support a range of mobile, cloud and, increasingly, Internet of Things (IoT) devices. Each requires its own specific security platform with its own unique configuration.

Most security teams use a number of security solutions; but all too often, they deploy them in a piecemeal approach. Such approaches can be slow going and add to the complexity of distributed networks, raising your risk of attack. Further, they take precious time away from other operations tasked to your security team.

Automated Solutions Offer Network-Wide Protection

Enter intelligent security automation, which builds security directly into the network. In doing so, it ensures every component can communicate and collaborate to gather intelligence across the network, understand its implications, and proactively and automatically respond to security events – no cumbersome manual interventions required.

The idea is to build in enough intelligence so that if one tool identifies a threat, it can automatically propagate the intelligence to all other tools across the network, whether in a data center, Wi-Fi LAN or with a cloud service provider. Armed with that info, those tools can then automatically and intelligently respond, before the attacker gains a foothold.

3 Building Blocks to Successful Security

Automated, intelligent security requires three primary building blocks:

  •  Intelligence gathering: The ability to process and store huge amounts of data, also known as intelligence, gathered from every point across the distributed network, from datacenter to cloud and back again.
  • Data translation: The ability to translate intelligence into action steps — what does it tell you about your environment and how it’s changing? End-to-end visibility is a key prerequisite here. You can’t know what you can’t see.
  • Action: The ability to take action on that wisdom, automatically and proactively, to stop attacks before they can even get started. After all, fast attacks require even faster response.

Automated, intelligent security solutions are the way to keep up with growing cyber threats. With Fortinet’s advanced “Security Fabric” approach every security component in your network – across data center, mobile, IoT and even the cloud – is woven together in on one collaborative and scalable API-based fabric.

Each component communicates and collaborates with all others — no matter where they are located, how they communicate, or even what vendor they come from. Together, the fabric provides a single end-to-end view of your entire network, enabling you to fully understand the threats you face while automating the best response.

Tags: Tags: , , , ,