Enterprise Network Security with Fortinet FortiGate Firewalls and Nile

Segmenting and securing the enterprise network against intrusions to protect IT assets and sensitive data creates immense complexities for today’s campus networks. Data breaches and cyber-attacks are rising at an alarming rate – 2021 experienced 50% more cyber attacks per week on corporate networks compared to 2020¹. The recent cyber attacks have used lateral movement to gain deep access to the network through east-west propagation. Network segmentation and other security strategies, such as zero trust, can mitigate these attacks.

Nile’s enterprise network architecture for wired and wireless connectivity integrates with Fortinet’s next-generation firewalls (NGFWs), simplifying and centralizing policy enforcement while securing the network against unauthorized access and malware proliferation. This network design drives a zero-trust enterprise network using next-generation firewalls as the single policy enforcement point.

The Nile technology seamlessly integrates with Fortinet NGFWs providing customers with powerful security capabilities to prevent unauthorized access to the network and to protect against sophisticated threats like malware and external hackers. Fortinet users can strengthen their network security posture by leveraging complementary capabilities from Nile and FortiGate.

Joint Solution Components

• Nile Service
• Fortinet FortiGate Next-Generation Firewall

Joint Solution Benefits

Security

• Centralized enterprise policy enforcement with NGFW
• Prevent malware proliferation with dedicated north-south traffic flow
• End-to-end enterprise network MACSec encryption
• Prevent malware proliferation with dedicated north-south traffic flow

Enterprise

• Complete enterprise network system delivery
• Guaranteed network performance backed by SLAs
• End-to-end operations Day 0 → Day N
• Automated lifecycle management, software updates, and security patches

Fortinet and Nile: Securing the Enterprise Network Together

Segmenting and securing the enterprise network against intrusions to protect IT assets and sensitive data creates immense complexities for today’s campus networks. Data breaches and cyber-attacks are rising at an alarming rate – 2021 experienced 50% more cyber attacks per week on corporate networks compared to 2020¹. The recent cyber attacks have used lateral movement to gain deep access to the network through east-west propagation. Network segmentation and other security strategies, such as zero trust, can mitigate these attacks.

Nile’s enterprise network architecture for wired and wireless connectivity integrates with Fortinet’s next-generation firewalls (NGFWs), simplifying and centralizing policy enforcement while securing the network against unauthorized access and malware proliferation. This network design drives a zero-trust enterprise network using next-generation firewalls as the single policy enforcement point.

The Nile technology seamlessly integrates with Fortinet NGFWs providing customers with powerful security capabilities to prevent unauthorized access to the network and to protect against sophisticated threats like malware and external hackers. Fortinet users can strengthen their network security posture by leveraging complementary capabilities from Nile and FortiGate.

Centralizing Segmentation:

Building upon zero trust principles, all traffic within the Nile network flows north-south, i.e., Nile does not support peer-to-peer communication. The Nile network leverages the Fortinet firewall to apply segmentation and access policies that customers can control and evolve for client communication.

Prevention of peer-to-peer communication also deters malware proliferation. The Nile Service Block (NSB) integrates with the Fortinet firewalls for client-to-client segmentation and prevents unauthorized access to enterprise resources.

Flexible Routing:

Customers can use Open Shortest Path First (OSPF) or static routes between Fortinet firewalls and an NSB. These options provide IT leaders with the flexibility to choose either or both methods depending on their network size and in-house expertise. Many customers today use static routes and add default static routes for WAN interfaces. For faster traffic convergence, Nile recommends using OSPF on the FortiGates.

Link Monitoring:

Link monitoring capabilities help monitor the status of the link between the NSB and the Fortinet Firewall when a static route is configured. This capability probes the link before forwarding the traffic on that link, thereby eliminating traffic black-holing and improving network reliability and performance.

High Availability Design:

To avoid the firewall being a single point of failure, FortiGates are built with redundancy capabilities for enhanced reliability and increased performance. Simple integration with the NSB and the FortiGates is possible through active-active or active-passive clustering modes.

Conclusion

52% of networking professionals say network security is a top concern when managing the network². The integration of Nile and Fortinet is critical in strengthening and simplifying network security. The Nile Service provides seamless interoperability with Fortinet firewalls and leverages all FortiGate capabilities. IT teams can feel confident that centralized enterprise policy enforcement with Next-Generation Firewalls will protect the network from malware proliferation. In addition, the Nile service provides end-to-end enterprise network MACSec encryption to protect your data and sensitive information from unauthorized users. Zero trust access with IEEE 802.1X for wired/wireless MAB support ensures the authentication of all devices on your site.

Security is a foundational element of Nile technology. Nile delivers enterprise network as a service, from Day 0 site survey and installation thru Day N operations, including total lifecycle management (hardware refreshes, software updates, and security patches). The Nile network is guaranteed to offer always-on connectivity backed by easily verifiable SLAs.

You can visit the Nile Security page to learn more about how Nile secures your network from end to end. Nile and Fortinet are continuously innovating to support dynamic policy capabilities soon to enhance user and device security within an enterprise.

Fortinet Delivers Enterprise-Grade Security to the Network:

Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations worldwide. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network—today and into the future. The Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges in networked, application, cloud, or mobile environments.

Fortinet ranks number one in the most security appliances shipped worldwide, and more than 500,000 customers trust Fortinet to protect their businesses.

(1) https://www.cybersecurityintelligence.com/blog/corporate-cyber-attacks-up-50-last-year-6069.html
(2) IDC: Network as a Service Enables Flexible Consumption of Secure and Agile Enterprise Networks