College and university business and financial offices are busy collecting student data and processing credit card payments for everything—from tuition to residence fees. University human resource departments regularly use employees direct deposit and health insurance data. This stockpile of sensitive payment and personally identifiable student information, coupled with limited IT resources, makes schools a playground for cyber criminals.  In fact, in 2016, education surpassed healthcare as the sector most targeted by ransomware, the fastest growing cybercrime today.

Ransomware outbreaks, including Petya and WannaCry, cost businesses $1 billion in 2016. Even so, school administrators—even some IT professionals—have a false sense of security in their Mac-heavy environments, with usage rates of 70 percent in K-12 and 80 percent in higher ed.

While Macs are perceived as being “safe” from malware, Mac’s small market share may largely be the reason for fewer attacks, rather than the vulnerability level of the Mac OS X. In fact, attacks on Macs were up 744 percent in 2016.

Ransomware is Getting Smarter

Ransomware doesn’t require entry to the MacOS operating system, not even special privileges. It just needs to target personal files stored in the user’s home directory. Hackers target unsuspecting users with malicious downloads launched from email and social media platforms. If they connect to your network, all it takes is a network vulnerability for the ransomware to take hold.

Hackers are creating new malware that runs on multiple platforms. They’re also scaling up attacks through ransomware-as-a-service (RaaS)—pre-configured ransomware packages offered to “franchisees” in exchange for a cut of the ransom money. FortiGuard Labs recently discovered an RaaS that uses a web portal hosted in a TOR network, possibly the first attack on a non-Windows operating system and the first RaaS to target MacOS.

Education is Your Best Defense

While Mac-specific ransomware attacks haven’t hit the level of Windows occurrences, the risks— the encryption of files to prevent access—are equally serious. To avoid them, schools should:

1. Patch early and often. Pay close attention to Apple’s security updates and apply all patches quickly.
2. Backup devices. Use Apple’s Time Machine service to make redundant backups, storing the most critical information offline. Scan backups for vulnerabilities
3. Encrypt data stored on devices. While this may not be effective against many ransomware variants, it can protect against malware that is designed to steal files and data.
4. Install an endpoint security client. Carefully research security vendors to assure their solutions will protect devices and tie that security back into your network security strategy, allowing you to leverage and share threat intelligence.
5. Cover all threat vectors. Email is still the biggest vehicle for transmitting ransomware, so deploy an appropriate email security solution, along with web security tools, wired and wireless access controls, cloud-based security, and network segmentation to detect, respond to and contain threats found anywhere in your distributed environment.

Ransomware is evolving, and educational institutions can’t afford to be lax. As a value-added distributor of the Fortinet Security Fabric, Fine Tec can help you ensure that your educational customers are aware of ransomware risks to Macs and have a plan in place to counter them. Contact us to learn more.

Earlier this summer, Gartner named Fortinet’s unified threat management (UTM) solution a Magic Quadrant leader for the eighth year in a row. This news presents a valuable opportunity for SMBs seeking a less complex, more scalable security approach.

According to a Fortinet press release, Gartner recognized Fortinet for its “completeness of vision” and “ability to execute on that vision.” Fortinet’s FortiGate UTM is positioned in the highest ranks for its capacity to execute, feature/price/ performance combination and its perennial presence on SMB shortlists. In fact, Gartner says Fortinet is the most frequently shortlisted vendor for SMB and distributed office use cases among all competitors.

It’s no surprise, as Fortinet’s UTM pairs the most advanced security technology on the market with easy management and control required by today’s SMB and distributed office environments. Based on the industry-leading FortiOS operating system, Fortinet’s FortiGate UTM combines the security and feature sets of Fortinet’s FortiGate firewall, FortiAP wireless access points and FortiSwitches into a single, easy-to-manage compact appliance that offers:

• Advanced security, including enterprise firewall, intrusion protection system (IPS), virtual private network (VPN) inspection, web application firewall (WAF), SSL inspection and cloud-based sandboxing.
• Performance networking, handling routing, load balancing, WAN optimization, 3G/4G connectivity and 802.11ac Wi-Fi.

With Fortinet’s UTM, SMB customers have the enterprise-grade networking and security features they require without the enterprise-grade headaches that come with managing complex, multi-vendor point solutions.

SMB Cybersecurity Challenges

The need for robust UTM protection exists because SMBs are being targeted by attackers who know smaller companies have the same type of lucrative data (banking information, personal data, social security numbers, etc.) as larger organizations but are often far easier to infiltrate. Not only do SMBs have fewer staffing and resources than their larger counterparts, but attacks on SMBs are also likely to have more dire consequences; the National Cyber Security Alliance finds that 60% of small companies go completely out of business within six months of suffering a cyberattack.

Gartner’s validation of Fortinet makes the UTM purchase decision easier for SMBs searching for a tried-and-true security solution that is both feature-rich and easy to deploy/manage. Built on Fortinet’s industry-leading security and networking expertise, the FortiGate UTM offers a more powerful, scalable UTM with the added advantage of Fortinet’s Security Fabric approach. Since each tool in Fortinet’s Security Fabric, including its UTM, can dynamically share threat intelligence and coordinate response SMBs can identify, thwart and mitigate security attacks faster and more accurately—even as their business and networks become more complex.

With Fortinet in their corner, SMBs are ready to face even the most advanced, persistent and sophisticated attacks without having to over-tax their staff—or their budgets. As a value-added distributor of Fortinet solutions, Fine Tec can help you deliver to your SMB customers the advantages of a simpler, more scalable security architecture with the award-winning security and performance capabilities provided by the Fortinet UTM solution. Learn more.

SMBs are moving to the cloud in droves, with a recent Techaisle survey finding that 94 percent expect to be using some type of software-as-a-service (SaaS) application by year’s end. While those SMBs that move to the cloud are poised to reap several benefits, from costs savings to scalability, they are also opening themselves up to a new range of cyberattacks that threaten to put those benefits – and their company as a whole – at risk. Fortunately, Fortinet has extended its SMB-focused unified threat management platform (UTM) to the cloud, ensuring that your SMB customers can fully protect their SaaS workloads with industry-leading SaaS-ready security.

SAAS on the Rise

Drilling down into the Techaisle numbers further, it becomes readily apparent that many SMBs are becoming cloud-first organizations, with small businesses expecting a 140 percent increase in SaaS usage and mid-market firms increasing their number of SaaS applications by 80 percent. The move makes sense because the cloud is designed specifically to offload the time- and resource-intensive tasks few SMBs can handle in-house while providing the on-demand infrastructure and scalability a growing business needs.

Consequently, many new SMB converts to SaaS are implementing business-critical SaaS apps, including:

• Customer relationship management (CRM)
• Enterprise resource planning (ERP)
• Supply chain management
• Inventory management
• Marketing automation
• Customer service

The result is an always-on business in which even far-flung employees and small offices can access enterprise-grade business applications anytime, anywhere.

SMBs Under Fire

All that flexibility, however, comes with a price. As more SMBs put more mission-critical data in the cloud, they also find that they are increasingly targeted by attackers looking for fast, easy scores. In fact, Verizon’s latest Data Breach Investigation Report (DBIR) found that attacks on small businesses are on the rise, with 61 percent of all victims that reported a breach last year having fewer than 1,000 employees.

In the past, SMBs could provide their organizations with baseline security using UTM appliances strategically located throughout their environments. Such UTM wares offered SMBs the best of both worlds: strong, flexible networking and security in an easy-to-manage and deploy form factor. But with the move to the cloud, all bets are off as on-premises security solutions no longer have the access or visibility into critical cloud-based workloads.

Cloud-Ready Security

Enter Fortinet’s FortiGate UTM. Fortinet recently expanded its FortiCloud management solution to encompass its FortiGate UTMs, the SMB-focused all-in-one security solution that Gartner just named a Magic Quadrant leader in the space for the eighth year in a row.

The move means SMB customers using FortiGate UTM appliances can now deploy, manage and service their entire security and networking posture from a single pane of glass using Fortinet’s innovative Security Fabric architecture. Fortinet’s fabric uniquely enables all security and network tools to work together in concert to identify, mitigate and stop all manner of attacks in real time, no matter where they occur, on-premises or the cloud.

As a value-added distributor of Fortinet solutions, Fine Tec can help you deliver the advantages of UTM simplicity in the cloud. Learn more.

In 93% of data breaches reported within Verizon’s latest Data Breach Investigations Report, compromise occurred in minutes or less, and the average malware hash was visible for only 58 seconds. These scary stats just go to show that hackers are faster and more sophisticated than ever, armed with threats and attacks that leave traditional, reactive security tools in the dust. To even the playing field, enterprises need to deploy faster, more intelligent defense tactics – strategies built with intelligent security automation at its core.

Network Complexity Creates Complex, Security Challenges

Just as hackers are becoming more sophisticated, enterprise networks are becoming more complex. The days of a single data center supporting employees bound to their desktops are over. More companies are:

• Going mobile, with IDC expecting mobile workers to account for 72.3% of the total U.S. workforce by 2020.
• Using public cloud services, with Gartner projecting the market for public cloud to hit $318 billion by 2019.
• Deploying Internet-of-Things (IoT) initiatives, with Gartner forecasting the number of IoT devices to reach 20 billion by 2020, the majority of which will not only be connected wirelessly, but also be “headless,” with no security capabilities at all.

To manage all this complexity and keep data secure requires a complete rethink of security. You can’t rely on reactive, siloed, signature-based solutions to detect attacks amid the ever-evolving threat landscape.

In today’s complex world, you need security that’s comprehensive, intelligent and automated to identify and proactively thwart attacks before they wreak havoc on your network. But getting there isn’t easy. It requires three primary building blocks:

1. Intelligence: The ability to process and store huge amounts of data gathered from every point across the distributed network — from data center to cloud and back again.
2. Wisdom: The ability to know what to do with all that intelligence; for instance, what does it tell you about your environment and how it’s changing? End-to-end visibility is a key prerequisite. You can’t know what you can’t see.
3. Automation: The ability to take action on that wisdom, automatically and proactively, to stop attacks before they can even get started. After all, fast attacks require even faster response.

With intelligent security automation, security is built directly into the network to ensure every component acts together to gather intelligence, hone wisdom and proactively and automatically respond to security events. It sounds like a futuristic proposal, but our partner Fortinet actually addresses all these building blocks in its Security Fabric architecture.

Fortinet Security Fabric Paves Way to Intelligent Security Automation

With the Fortinet Security Fabric,

every security component in your network – across data center, mobile, IoT and even the cloud – is woven together in on one comprehensive, scalable, API-based fabric. Each component is able to communicate and collaborate with all others, no matter where they are, how they communicate, or most importantly, what vendor they come from.

Together, the fabric provides a single end-to-end view of your entire network, enabling you to fully understand the threats you face while automating the best response.

As a value-added distributor of Fortinet solutions, Fine Tec can help you guide customers on a successful path to intelligent security automation. Learn more.

FortiCloud – Up to 70% off FortiCloud Multitenancy License

With our latest release, FortiCloud has the ability to manage the world’s most popular UTM from the cloud. Access customers’ FortiGate Firewalls from any browser, anywhere, and at any time, simplifying the effort to service customer networks, and easily adding a recurring revenue stream to your business. And, until December 31, partners can receive up to 70% off FortiCloud Multitenancy Licenses, so you can view all managed accounts and devices on one screen.

NSE Xperts Academy (US)

NSE Xperts Academy is Fortinet’s premier training event for top partner sales engineers in the US. The event takes place at Hotel ZaZa in Dallas, Texas, October 22-October 27. Throughout the event, attendees participate in a deep-dive technical track of your choice delivered by Fortinet subject matter experts. All attendees must have at least an NSE 4 certification. Space is limited to 100 attendees (only one attendee per partner). Apply today!

40% Savings on NSE Exams

Now through December 31, you can order Pearson Vue certification testing vouchers at a 40% discount directly through an Authorized Fortinet Distributor. Vouchers are available for NSE 4, NSE 5, NSE 6 (combined exam), NSE 7, and NSE 8 (written and practical). More information is available on the Partner Portal.

Fortinet Launches Global FortiGuard Threat Intelligence Service

Fortinet’s newest offering arms cybersecurity leaders with cyber situational awareness highlighting and prioritizing the latest threat trends and risks. The service empowers CISOs to effectively communicate these risks to the C-Suite while also enabling more efficient management of Security Operations to maximize resources and proactively defend against trending threats. Fortinet’s FortiGuard Threat Intelligence Service is available as an open beta today – click here to learn more.

SWAT Training – Coming to a City Near You!

The SWAT team has set an ambitious goal of training 500 partners by year’s end. This free training is designed to showcase the capabilities of our secure wireless solution, and can even be considered lead-in training for NSE 6. The best part? Attendees walk away with the training bundle kit they work with during training! For more information, please contact your Channel Account Manager.

News to Share:

Ken Xie Named a Top 25 Innovator of 2017 by CRN

The list highlights the 25 Most Innovative Executives in enterprise IT who recognize today’s biggest business challenges and find the most creative ways to solve them.

CRN: 33 Hot New Security Products Announced at Black Hat 2017

Fortinet’s Global Threat Intelligence Service makes the cut.

 

Fireside Chat with Panasonic Avionics: Talking Security for In-Flight Infotainment

Fortinet recently talked with Panasonic Avionics to learn about the company’s security priorities and the tools they use to keep customers’ information safe on today’s connected aircraft.

Upcoming Events

Inconvenient time? All of our events are available on-demand on our events page.

NSE Threat Intelligence Insider: August 2017

Learn more about the recent threats and how Fortinet’s Security Fabric protects against them.

Thursday, August 17, 11am EDT

Register

NSE Solution Insider: FY2018 E-Rate Training

Tuesday, September 26^th, 11AM EDT

Register

In a recent email, an esteemed co-worker* typed ‘could era,’ when he/she intended to write ‘cloud era.’ Or perhaps they were the victim of another one of those unfortunate spell-check autocorrects like ‘covfefe’ may have been – or not. It’s best to leave that to the political pundits to try to decipher.

But that coworker’s innocent typo is food for thought. How many IT managers out there are still wrestling with maximizing the potential of private, public or hybrid clouds? What is keeping them from getting from a best-effort ‘could’ to a fully optimized, powerhouse ‘cloud’ that supports critical business initiatives while streamlining the network?

Network Functions Virtualization (NFV) has been identified as an important step in full cloud optimization. However, a recent survey found several factors inhibiting the adoption of NFV. The leading factor cited was the lack of a compelling business case. Certainly it is hard to quantify the return on investment (ROI) of ‘soft’ benefits like reducing the time needed to deploy new services, achieve greater flexibility in network management, and to improve the end-user experience. However, many of these variables can be recast into pure CAPEX and OPEX numbers that will help prove the case.

We’ve also heard from numerous IT managers that implementing NFV, and SR-IOV in particular, is difficult to the point of hair-pulling frustration. On this and the previously mentioned concern, Array can help.

Array’s AVX Series Network Functions Platform is the first product of its kind to fully address the problems of deploying network functions virtualization, specifically in the realm of networking, security and application delivery virtual appliances (VAs) and virtualized network functions (VNFs).

In terms of building the business case, the AVX Series offers several capabilities that can be directly tied to CAPEX, OPEX and ROI. For example:

• Consolidate the functions of multiple (and expensive) physical/dedicated appliances (such as next-gen firewalls, SSL VPNs, load balancers and WAFs) into a single, one- to two-RU platform – saving rack space, power, cooling and other costs
• Deploy best-of-breed VAs or VNFs on the fly, with a streamlined configuration and the ability to service chain functions (more on that later)
• Pay-as-you-grow – rather than investing all at once and up front, you can purchase Array licenses singly, or in 4, 8, 16 or 32-packs. (Depending on the model and instance sizes, the AVX Series supports up to eight, 16 or 32 instances.) So if you need just a few instances of networking or security functions now, you can easily upgrade later to support more instances
• Choose the size instance that meets your needs, and receive guaranteed performance per instance. For example, you might select a small instance size for an SSL VPN VA that receives fairly light usage (like IT staff remoting in to a management console), but choose a large instance size for a NGFW function that is a main security measure protecting multiple servers and other assets
• Select best-of-breed technologies. While there are a number of “combo” products available that combine two or more functions on a single dedicated appliance, typically two key issues arise: First, the manufacturer may specialize in one function, while others are afterthoughts that cannot really be seen as best of breed. Second, every physical appliances has limits on the amount of resources (compute, I/O, etc.) available. It’s not uncommon to see performance issues for the ‘afterthought’ technologies that can impact user experience, due to resource contention

Demystifying and streamlining NFV and SR-IOV deployment is another area where Array’s Network Functions Platform shines. As mentioned above, one of the factors that have slowed NFV adoption is the sheer complexity of deployment. Adding to the problem is that IT staff retraining and reskilling are costly and time-consuming.

The AVX Series abstracts and streamlines the complexity of NFV deployment and management, and offers an easy-to-use WebUI to further simplify set-up and deployment. VA/VNF licenses for Array and other best-of-breed products (such as Fortinet FortiGate NGFW and Positive Technologies’ WAF at present) can be ordered directly from the interface.

Instances can be created or modified size-wise on the fly. Set-up of SR-IOV for instances is similarly simplified. All required configurations are accomplished with just a click or two. Service chains or topologies can also be set up with just a few clicks. For example, traffic could first be routed through a next-gen firewall VA, then to one or more application delivery controller VAs for load balancing across multiple servers, all within the AVX Series.

NFV is a goal for many organizations worldwide. With the AVX Series Network Functions Platform, getting from ‘could’ to ‘cloud’ has never been easier.

For a brief overview of the AVX Series, see our corporate video. For a more in-depth discussion, see one of our recent webinars titled Consolidating ADCs on Next Gen Network Functions Platforms.

SD-WAN technology is fast growing in popularity. It enables an organization to connect distributed facilities for a much lower cost than traditional technologies like MPLS (multiprotocol label switching). An SD-WAN can be very secure, but only if it’s approached the right way. Expanding a network increases the scope of any existing risks, so securing it becomes more important than ever.

What is SD-WAN?

The term, SD-WAN isn’t precisely defined. It’s a set of enabling technologies based on the SDN (software-defined network) architecture. It lets a network’s architecture use any available transport mechanisms. Paths adjust dynamically to traffic and outages. The network is under a single point of control, usually a GUI control panel. Network-wide end-to-end encryption lets data safely move through the Internet.

Most often the unifying software is cloud-based. This isn’t a requirement, but it’s common enough that people often think of SD-WAN as cloud-based private networking.

Having a fast private network that isn’t restricted by geography offers many advantages. Offices can share servers. Communication by VoIP and video reduces the need to travel for meetings. It’s easy to send documents without resorting to insecure channels.

In the past, MPLS has been the most common way to connect locations in a WAN. It’s expensive, though. It often requires substantial work to set up the “last mile” connection. An SD-WAN can mix MPLS with public Internet connections or go entirely over the Internet.

Security Concerns

Network-wide encryption is a basic requirement of an SD-WAN, but it’s only one piece of security. All the issues that affect a local network increase in scale when a LAN becomes a WAN. If it’s bad when SMB-propagated malware like Wannacry or Petya spreads across one office, it’s worse when it spreads through the whole enterprise.

It’s necessary to build security into the entire network. Every access point is a potential weakness. That includes mobile devices, routers, PoS terminals and IoT devices (Internet of Things). A bigger network has a bigger attack surface and is more complex to manage. The approach to security needs to be as elastic as the network it protects.

Addressing The Challenge

Just as SD-WAN technology brings remote components together into a single network, the security system needs to treat them all as parts of an interconnected whole. The multitude of threats in today’s world requires a layered security strategy. When some of the equipment is far away, keeping track of everything through software becomes even more important.

Controlling access is the first step. Transient devices, such as mobile phones and machines coming through a VPN, need to be identified and authorized. The firewall needs to block inappropriate traffic.

Security software on individual machines should communicate with the rest of the network. An attack on one machine may warn of a threat to the others.

Monitoring needs to cover the whole network and catch any abnormal activity quickly. The faster attacks are discovered, the less damage they can do. The response may be an automated action, a notification to an administrator, or both.

Fortinet’s Security Fabric integrates every aspect of the network into a collaborative whole. It brings together diverse technologies to protect a network that spans multiple data centers, on-premise and remote endpoints and the cloud. It doesn’t just identify known malware but analyzes network behavior to catch previously unknown threats.

Fine Tec is a value-added distributor of Fortinet systems. A properly run SD-WAN can be highly secure. With Fine Tec’s guidance, you can help customers ensure it will be launched with the strongest protection.