Fortinet expands security lineup with sovereign SASE

The concept of the secure access service edge (SASE) is one that many organizations have embraced in recent years. A challenge for some enterprise adopters, however, is a lack of control, as some SASE technologies rely on a vendor managing data in the cloud.

That’s a challenge Fortinet is now aiming to solve with the latest updates to its Unified SASE portfolio, announced this week. The network security vendor unveiled a sovereign SASE technology that it says will provide organizations with more control than a typical SASE deployment. Fortinet is also jumping on the generative AI bandwagon with enhancements to its FortiAI technology, which is getting updated to help manage and orchestrate SD-WAN infrastructure. 

The latest updates come on the heels of a busy summer for Fortinet, highlighted by the company’s acquisition of cloud security vendor Lacework.

What is sovereign SASE and why is it needed?

An organization might want or need to have more local control of certain aspects of its infrastructure and security for a number of different reasons – risk consideration, for example, or regulatory compliance requirements in a specific jurisdiction. The basic idea behind the new Fortinet Sovereign SASE offering is that it provides a SASE delivery option that enables organizations to maintain local control over inspection and logs. 

“This gives customers even more ways to take advantage of SASE and build a solution that works for their unique data security needs,” Nirav Shah, vice president, products and solutions at Fortinet, told Network World. “With Fortinet Sovereign SASE, customers can determine how their data is routed and where security inspections occur.”

Shah emphasized that regardless of how the data is routed and where the inspections occur, Sovereign SASE ensures the traffic is protected by Fortinet’s security stack. Target users for Sovereign SASE are organizations operating in highly regulated verticals with sensitive data, such as financial institutions, healthcare providers and governments, he said.

From a software perspective, Sovereign SASE supports the same features that are provided as part of Fortinet’s security service edge (SSE) offering, FortiSASE. The difference with Sovereign SASE is how SASE is deployed, Shah said. With Sovereign SASE, customers or partners (including managed security service providers) host the hardware based on Fortinet’s predefined hardware bundles, which vary by scale requirements such as number of users and bandwidth.

FortiAI brings AI smarts to Unified SASE

These days nearly every vendor has to have some form of AI-enhanced service, and Fortinet is no exception. Fortinet introduced its FortiAI technology last December, and since then, it has been integrating the generative AI technology across its Fortinet Security Fabric

Past releases of FortiAI have been focused on accelerating threat investigation and remediation for SOC analysts, SecOps and network operations teams, so they can configure and manage their networks and more seamlessly investigate and remediate threats.

The latest integration as part of Unified SASE is with Fortinet Secure SD-WAN.

GenAI integration with Fortinet Secure SD-WAN assists with Day 0 through Day 2 operations, Shah said. That includes automating configuration of underlay secure SD-WAN tunnels between sites, setting up SD-WAN policies, troubleshooting issues such as why tunnels are down, or drilling down on IoT vulnerabilities. 

“Applying FortiAI across the Fortinet Security Fabric is all about simplifying things for resource-constrained IT teams and minimizing arduous or repetitive tasks,” Shah said.

Read more Fortinet news

• Fortinet eases firewall management with hardware-as-a-service package
• Fortinet reinforces OT network security protection
• IBM, Fortinet expand cloud security protection
• Fortinet targets enterprises with secure Wi-Fi 7 package
• Fortinet adds management, AI features to network security platform