For most businesses today, the last several weeks have been a massive transition to an increased remote workforce. Many organizations had some level of business continuity and contingency plan. Those plans need to be able to adapt to dynamic and distributed network requirements to accommodate such an unexpected situation such as our current mass “quarantine” situation.
Fortunately, FortiGate customers already have the tools in place to support such a dramatic shift in where and how their employees and contractors can access critical online and cloud-based resources.
Most next-generation firewall (NGFW) solutions on the market include support for terminating and managing SSL and IPSec connections. However, many of those NGFW devices are often already fully burdened by existing functionality requirements and use cases. As a result, they are often simply unable to support a sudden and dramatic increase in the number of connections and volume of traffic that an emergency shift to a remote workforce may require.
FortiGate NGFW security platforms have been designed with custom security processors capable of scaling to dramatically higher capacity. The latest SOC4, for example, not only provides four times greater concurrent connections and connections per second than the industry average for NGFW devices but 14 times higher IPSec performance and 20 times greater capacity to inspect SSL-encrypted traffic.
As a result, most FortiGate customers can immediately switch from having a primarily on-site workforce to a comprehensive teleworker strategy without any additional hardware.
FortiClient Agent Provides Seamless VPN Connectivity – General Users
A common component required for such a transition is making sure that your teleworkers have a VPN agent installed on their mobile devices. While your FortiGate already supports a web portal for remote access without a VPN client, as well as a range of compatible VPN clients, FortiClient – available online as a free download – offers an easier experience for end users, more scalable connectivity than the web portal, and a more intuitive UI for existing FortiGate customers. FortiClient provides seamless, always-on connectivity to your FortiGate, enabling you to bring your new teleworkers online immediately.
Extend Your Network to the Home – Power Users
Executives, technical support teams and other power users may need advanced services when working remotely. A FortiAP wireless access point enables secure wireless connectivity at the user’s remote location, combined with a reliable, secure tunnel back to the corporate network. For users that need access to highly sensitive data, a FortiWiFi solution combines FortiAP with a FortiGate allowing the FortiAP to be configured as a RAP (Remote Access Point). The access point establishes a secure tunnel back to the corporate office and terminates with the corporate FortiGate allowing the corporate SSID’s and VLAN’s to be extended while to providing secure wireless connectivity, VPN, and admission control with a full spectrum of security services and advanced threat protection, including built-in data loss prevention. With Zero Touch Provisioning, the access point simply needs to be shipped to the remote location and the ethernet cable plugged into the local network. It will check in across the internet and establish the tunnel with the FortiGate and pull the appropriate configuration. You are now ready to work.
Secure Your VPN Connections With MFA
If you are like most organizations, you have also already enhanced your network access strategy with multifactor authentication (MFA). If not, FortiToken can be quickly installed to provide an extra layer of authentication. A FortiAuthenticator solution at the head end securely terminates those MFA connections, as well as enable singles sign-on. Combined, they increase the certainty of the identity of users as they enter the network.
The remote workers are not just accessing your networked resources. They also need to access SaaS and cloud infrastructure-based applications and resources. Fortunately, your virtual FortiGate-VM footprint running on your IaaS vendor of choice offers the same remote access capabilities as your on-premise FortiGate NGFWs, providing seamless VPN connectivity to your applications in the public cloud. And if you haven’t already done so, you can quickly and easily set up a FortiCASB cloud access and security broker to secure your SaaS applications.
Click Here to select a convenient appointment time with one of our Business Relationship Managers to learn more about how Innovative Integration can help you manage, support and secure your workforce.