Intelligent Network Automation for Fortinet Next- Generation Firewalls

Fortinet FortiGate NGFWs

FortiGate NGFWs simplify security complexity and provide visibility into applications, users, and networks. Innovative security processor units (SPUs) technology delivers high-performance application layer security services (NGFW, SSL inspection, and threat protection), coupled with the industry’s fastest SSL inspection engine to help protect against malware hiding in SSL/TLS encrypted traffic. The platform also leverages global threat intelligence to protect individual customers, by using Fortinet’s FortiGuard Security Subscription Services to enable visibility and control for next-generation protection against advanced threats, including zero-day attacks.

BackBox and Fortinet Integrated Solution

The Fortinet and BackBox integrated solution provides automated backup and recovery of FortiGate NGFWs, eliminating the need to either manually backup devices or customize in-house scripting, thus minimizing downtime when recovery is needed. BackBox collects asset information from FortiGate NGFWs and then reports on inventory information, including license information, device model, serial number, and more. BackBox can change operating system-level parameters on multiple devices with a single click, providing customers or network administrators with the option of delegating administrative tasks to individuals who do not require full policy access, in turn minimizing human errors that could lead to configuration errors.

BackBox also provides seamless integration to meet with specific organization and industry standards and requirements. The combined offering of FortiGate NGFW and Backbox is additionally complemented by FortiCare services. Audit services by FortiCare measure operational performance of a firewall in the customer’s production environment. Supplemented by personalized reports, it provides a firewall review to identify issues and provide configuration tuning recommendations that create a solid foundation from which to evolve the security infrastructure.

Fortinet Security Fabric ties all of these products and services together to provide enterprises and service providers with a seamless and integrated security posture for their growing and ever-evolving security infrastructure. The Fortinet Security Fabric is designed around a series of open APIs, Open Authentication Technology, and standardized telemetry data to enable organizations to integrate existing security technologies via open interfaces and provide end-to-end security without compromise.

Integration Highlights

  • Automated FortiOS upgrades and patches for all security devices from Fortinet and OS upgrades for devices from other vendors across your network infrastructure in a timely manner to maintain security posture

  • Automated remediation of discovered compliance conflicts or security vulnerabilities of FortiGate NGFWs configuration to comply with organization or industry/government policies or standards.

  • Monitor device performance and status of FortiGate NGFWs and other network and security devices to predict possible outages so that proactive actions can be taken as preventive measures

  • Automated backup of the latest configurations of Fortinet FortiGate NGFWs and other security devices. The self-verification mechanism of BackBox ensures configuration backup files validity

  • Automated discovery of FortiGate NGFWs and all other Fortinet devices connected to the network for tight management of device inventory to comply with cybersecurity standards, such as CIS

  • Easily restore FortiGate NGFWs configuration with ‘single-click’ disaster recovery to minimize downtime, even if it is offline and has no connection to the FortiManager

Supported Fortinet Network Products

Fortinet FortiAnalyzerV.3 and Above

  • FortiADC

  • FortiAnalyzer

  • FortiAuthenticator

  • FortiBalancer

  • FortiDDos

  • FortiGate

  • FortiMail

  • FortiManager

  • FortiSandbox

  • FortiSiem

  • FortiWeb

  • FortiWiFi

With its unique customization options, BackBox can be configured to support any device in your network.

If your specific product does not appear in the list above, please contact support and we will work with you to make sure that BackBox can support your entire infrastructure.

See for yourself how consistent and reliable your device backups and upgrades can be