Fortinet aims for speedy security, Part 1

One of the problems faced by high-volume transaction-processing systems is that security tools can cause significant bottlenecks in transmission. Firewalls, anti-virus filters, VPN tools, and intrusion-detection systems can all cause significant slowdowns in throughput. Despite massive increases in processing power, running security programs as ordinary software is not fast enough to keep up with the growing bandwidth of modern networks.

I had the pleasure last month of interviewing Rick Kagan, vice president of marketing for Fortinet. Kagan is an electrical engineer with 20 years in the industry working at ROLM, Bell Labs, Echelon, NARUS and VPNet (now Avaya).

Q: Tell us about your history.

A: We were founded by Ken Xie, former president and CEO of NetScreen, which was recently sold to Juniper for about $4 billion. The basic formula for NetScreen was to take a stateful inspection firewall and accelerate it in hardware, make it easier to deploy and more cost-effective. He applied similar logic in the founding of Fortinet, only this time he decided to tackle content-level threats in addition to network-level threats. We now have 440 employees and do business all over the world. The first thing that comes to mind about why Fortinet is different is that we make the world’s only ASIC-accelerated anti-virus system.

We have branded our platforms under the “FortiGate” name. They handle not only connection-based attacks as a firewall does, but also content-based attacks such as spam, malicious software, and inappropriate Web content. Connection-based attacks include unauthorized access and denial of service. But most of the harmful attacks are content-based.

We have already shipped over 40,000 units since May 2002. The FortiGate series are also the only product line to have four separate certifications from TruSecure’s ICSA Labs: firewall, IPSec, anti-virus, and IDS.

Our customers include many small-to-midsize businesses, large enterprise organizations and increasingly ISPs and managed security service providers (MSSP). We offer a value proposition for MSSPs that is unique: we integrate critical functions into a single system, providing easier management and lower management costs. It’s better for the customer, too; they get better security than from a mixture of devices.

Q: What prompted you to integrate dedicated appliances into a single device?

A: Speed, lower costs and ease of management of an integrated platform are obvious answers, but the more subtle issue is that the integration itself leads to better security. I would defy anyone to beat our system if they have to coordinate the parameters and responses of separate firewall, anti-virus, anti-spam and content tools.

The nature of threats has evolved, with earlier systems focused on physical security, connection-based attacks focused on intrusions, and content-based attacks which are increasingly indiscriminate and which attack anyone connected to a public network. Spam and worms, for example, are the great levelers – they don’t seem to be focused on specific companies, but rather impact everyone. The earlier defenses to connection-oriented attacks were network-based devices like firewalls and VPN gateways; in contrast, content-based defenses tend to be deployed as software (either on the server or on the clients) – like AV software for example. In our history, those solutions that have migrated to a network-centric installation have always won.

[More in the next and concluding article.]