Financial institution leverages Fortinet to increase efficiency of security infrastructure
At the same time, the bank was upgrading its security architecture. After a rigorous proof of concept, it selected FortiGate next-generation firewalls (NGFWs) to protect its many data centers. Decision-makers liked the depth of integration with Red Hat Ansible, a tool the institution had deployed to automate software provisioning and configuration. They also appreciated Fortinet’s ability to scale efficiently to support the bank’s centralized network, which is one of the largest of its kind in the world. Additional reasons for choosing the FortiGate NGFWs were their exceptional performance and manageability. The bank began deploying FortiGate NGFWs in data centers across three geographic regions: Europe, the Middle East, and Africa (EMEA); Asia-Pacific (APAC); and North America. Its pre-purchase financial analysis indicated that the project will provide a return on investment (ROI) of $100 million in cost savings and productivity gains over five years. The rollout is still in its early days, but the bank will soon have hundreds of FortiGate NGFWs protecting systems around the world. The benefits are already accruing, primarily from improved security manageability. The technology making this possible is the Fortinet Fabric Management Center, a combination of the FortiManager network management solution and the FortiAnalyzer analytics and log management solution. Drastically Improved Efficiency for Firewall Management In each geographic region where the bank operates, staff manage FortiGate NGFWs through a high-availability (HA) cluster of FortiManager appliances, as well as high-availability FortiAnalyzer devices. More than 100 engineers work with FortiManager on a regular basis to manage every facet of the security infrastructure lifecycle, from design and implementation to operations and auditing of the FortiGate estate. The new security infrastructure represents a significant upgrade over the solution it is replacing. The bank’s legacy firewalls enable centralized management, but it is highly inefficient. Changes often take days to propagate throughout the firm’s data centers, so it is impossible to ensure they complete within specified maintenance windows. Even small updates may encroach on production hours, degrading performance or requiring downtime. FortiManager, by contrast, enables more efficient management of the NGFWs. An update that takes 48 hours to distribute with the legacy management solution requires less than an hour with FortiManager. Automation Enables No-Touch Firewall Deployment In pursuit of its companywide IT objectives, the financial institution is fully leveraging the Fortinet solutions’ automation capabilities. FortiManager uses the Fortinet robust representational state transfer (REST) application programming interface (API) to automate every aspect of firewall management. For example, when the bank needs to roll out a new FortiGate NGFW, local staff connect the appropriate cables. From there, the Fabric Management Center solutions take over, and installation requires no further human touch.