Business continuity and contingency plans need to be able to adapt to today’s dynamic and distributed network requirements. When an emergency or crisis hits, networks need to be able to rapidly adapt to accommodate new requirements, such as shifting the majority of on-site workers to remote teleworker environments.
The biggest challenge for such a transition is ensuring that you have the technology in place to make such an adjustment rapidly and seamlessly. That not only includes having the proper technologies in place but also ensuring that you can scale broadly and rapidly enough to accommodate new network demands.
Your FortiGate Security Platform Already Supports Your Teleworker Strategy
Fortunately, FortiGate customers already have the tools in place to support such a dramatic shift in where and how their employees and contractors can access critical online and cloud-based resources.
Of course, most next-generation firewall (NGFW) solutions on the market include support for terminating and managing SSL and IPSec connections. However, many of those NGFW devices are often already fully burdened by existing functionality requirements and use cases. As a result, they are often simply unable to support a sudden and dramatic increase in the number of connections and volume of traffic that an emergency shift to a remote workforce may require.
FortiGate NGFW security platforms have been designed with custom security processors capable of scaling to dramatically higher capacity. The latest SOC4, for example, not only provides four times greater concurrent connections and connections per second than the industry average for NGFW devices but 14 times higher IPSec performance and 20 times greater capacity to inspect SSL-encrypted traffic.
As a result, most FortiGate customers can immediately switch from having a primarily on-site workforce to a comprehensive teleworker strategy without any additional hardware.
The Free FortiClient Agent Provides Seamless VPN Support for Endpoint Connectivity
Another common component required for such a transition is making sure that your teleworkers have a VPN agent installed on their mobile devices. While your FortiGate already supports a web portal for remote access without a VPN client, as well as a range of compatible VPN clients, FortiClient – available online as a free download – offers an easier experience for end users, more scalable connectivity than the web portal, and a more intuitive UI for existing FortiGate customers.
FortiClient provides seamless, always-on connectivity to your FortiGate, enabling you to bring your new teleworkers online immediately. And for larger customers, the quick addition of the FortiClient EMS solution (FortiClient Enterprise Management Server) adds centralized configuration and control to simplify the rollout of a new teleworker strategy even faster and further.
Teleworker Solutions are Part of the Fortinet Security Fabric
That’s it. These tools – solutions that Fortinet customers likely already have in place – will provide you with an effective teleworker solution that can scale to meet the demands of your entire organization.
Fortinet customers like you already understand the value of having an integrated security fabric in place that has been designed to secure their entire distributed network. By implementing or extending a FortiGate/FortiClient teleworker solution, your remote workers and their connections and transactions receive the full stack of security protection and inspection that the Security Fabric provides. And that can provide welcome peace of mind, especially when so much is on the line.
Additional Teleworker Options
Given that cybercriminals are likely to target organizations that have made a sudden transition to a mobile worker framework, having the automatic protection of the full Security Fabric in place from the moment a teleworker program is implemented is crucial. That comes standard with your FortiGate security platform.
However, once your basic teleworker solution is in place, you may want to enhance it with additional tools designed to provide extra security and simplification. Each of the following solutions is designed to enhance your teleworker strategy, and can work as an integral part of your existing Security Fabric environment.
Endpoint Detection and Response
You probably already have some sort of desktop antivirus or other security tool in place on your remote devices. But as you implement your teleworker strategy, you will need to ensure that remote workers have properly updated those applications.
However, if you are looking for a more aggressive endpoint security strategy, the latest endpoint detection and response (EDR) technology provides an extra level of security beyond traditional AV or other endpoint security clients. FortiEDR delivers advanced, real-time threat protection for endpoints both pre- and post-infection. It proactively reduces the attack surface, prevents malware infection, detects and defuses potential threats in real time, and can automate response and remediation procedures with customizable playbooks.
If you are like most organizations, you have also already enhanced your network access strategy with multifactor authentication (MFA). If not, FortiToken can be quickly installed to provide an extra layer of authentication. A FortiAuthenticator solution at the head end securely terminates those MFA connections, as well as enable singles sign-on. Combined, they increase the certainty of the identity of users as they enter the network.
Network Access Control
FortiNAC helps identify devices seeking network access to make sure they are what they claim to be. It can then assign them to appropriate network segments. And because FortiNAC can be fully integrated into the Security Fabric, it can ensure that any device that suddenly begins behaving badly, or that fails to meet your network access security baseline, can be immediately identified and quarantined for remediation.
Of course, your remote workers are not just accessing your networked resources. They also need to access SaaS and cloud infrastructure-based applications and resources. Fortunately, your FortiGate-VM footprint running on your IaaS vendor of choice offers the same remote access capabilities as your on-premise FortiGate NGFWs, providing seamless VPN connectivity to your applications in the public cloud. And if you haven’t already done so, you can quickly and easily set up a FortiCASB cloud access and security broker to secure your SaaS applications.
Executives and technical support teams may need advanced services when working remotely. A FortiAP wireless access point enables secure wireless connectivity at the user’s remote location, combined with a reliable, secure tunnel back to the corporate network. For users that need access to highly sensitive data, a FortiWiFi solution combines FortiAP with a desktop FortiGate to provide secure wireless connectivity, VPN, and admission control with a full spectrum of security services and advanced threat protection, including built-in data loss prevention. And physical and soft client FortiFone solutions enable users to make or receive calls, access voicemail, check call history, and search the organization’s directory over voice over IP (VoIP) to ensure secure communications.
Written by Peter Newton
Powered by Fortinet, Delivered by IT Vortex.