Fortinet expands industrial network protection lineup

Fortinet has expanded its security portfolio with new hardware and software designed to protect resources attached to industrial networks. The vendor’s OT Security Platform includes a new ruggedized switch and wireless AP as well as expanded support for its analytics and threat-detection software.

Fortinet’s OT platform encompasses its FortiGate Next-Generation Firewalls (NGFWs), FortiSwitch Secure Access Switches, FortiAP Secure Wireless Access Points, its Network Traffic Analyzer, and FortiClient Endpoint Security Agent. Together these resources watch OT traffic and protect endpoints from malware, viruses, and other threats.

All of this is controlled by the vendor’s flagship FortiOS operating system that works with Fortinet’s overarching Security Fabric, which delivers enterprise IT functions such as firewalls, access control, authentication, SD-WAN, switching, and wireless services. 

The ultimate goal is to enable enterprise customers to seamlessly converge OT and enterprise IT networks, said Nirav Shah, vice president of products and solutions for Fortinet. “The Security Fabric, with expansive solutions in the enterprise environment, coupled with the purpose-built OT solutions in the OT Security Platform, enables IT and OT convergence as a guiding strategy for CIOs and CISOs.”

In the release this week, Fortinet added a new FortiSwitch Rugged 424F industrial Ethernet switch and a FortiAP 432F access point for use in hazardous OT environments. The switch supports real-time OT networking protocols and integrates with FortiGate NGFWs to offer integrated security and access control.

The new AP, like other APs in the Fortinet product line, is designed to let customers easily segment Wi-Fi networks to thwart attacks from spreading across unprotected devices, according to Fortinet. The vendor also added a ruggedized FortiExtender Vehicle 211F wireless gateway for connected fleets, mobile systems, and OT deployments.

On the software side, the company updated the FortiOS OT View dashboard, which correlates and displays OT data. This dashboard is aimed at making it easy for organizations to understand their entire attack surface – both IT and OT – and take action from a single console.

“Fortinet customers familiar with FortiOS on the enterprise side of the network will benefit from the same look, feel and functionality in the OT environment with additional OT features,” Shah said. “Operators can manage network security, zero trust and security operations across IT and OT while ensuring operational safeguards are in place to support the OT priorities of safety and production reliability.”

In addition, the dashboard can integrate data from FortiAnalyzer, which includes OT-specific analytics, risk, and compliance reports; FortiNDR [network detection and response], which can now analyze more than 15 different OT-network protocols; FortiDeceptor, the vendor’s deception technology for early breach and attack isolation, which now supports 30 OT protocols and additional OT decoys; OT threat intelligence from FortiGuard OT Security Service; and FortiGuard Outbreak Alerts, which now include OT-specific threat reports.

“The OT Security Platform enables the initial connectivity of previously air-gapped factory and systems all the way to advanced security solutions as customers build out their OT Security Operations Center,” Shah said.

OT security is critical to safeguard cyber-physical systems, which includes critical infrastructure and industry verticals. In addition, Fortinet’s OT threat intelligence shows that the manufacturing sector is an increasing target as nefarious actors look to monetize production interruptions as part of their ransomware campaigns, Shah said. 

According to Fortinet’s 2023 State of Operational Technology and Cybersecurity Report, three-fourths of OT organizations reported at least one intrusion in the last year with malware (56%) and phishing (49%) among the most common type of incidents. That same research showed nearly 80% of respondents reported having greater than 100 IP-enabled OT devices in their OT environment, highlighting just how significant a challenge it is for security teams to secure an ever-expanding threat landscape. Add to that the difficulty in protecting many of these ‘aging’ systems – the average age of ICS systems across their organization are between 6 and 10 years old.

“In OT, priorities include safety, production reliability, and business continuity, whereas the IT priority is business continuity. OT production concerns and safety are typically distant concepts for IT teams. Technically, network devices may need to operate in harsh environmental conditions, and security solutions need to be able to understand OT communication protocols to protect vulnerable OT devices,” Shah said.

All products are available now.