FORTIFYING
NETWORKS IN THE NEW GENERATION
Fortinet chief executive explains how the tech firm has stitched together a broad protection ‘fabric’ to secure companies from outside attacks
As more businesses embrace the cloud for everything from communications services to data storage, the need for security continues to grow, causing companies to have to build the equivalent of a technological fort to protect their networks and data content. But as the nature of cyberattacks has evolved, the means of defending against unwarranted network intrusions have also had to adjust to the realities of the security environment.
“There’s no border anymore,” said Ken Xie, chief executive and co-founder of Sunnyvale-based network security company Fortinet. “The trust has disappeared. So, everything needs to be checked and secured because there are so many ways to bypass connections. You have to check the cloud, check mobile devices, check internal servers. Everything.”
In 18 years, Xie has led Fortinet from a startup he began with his brother Michael to what is seen as one of the top companies in the network security market. The company develops firewalls, software, intrusion protection, anti-virus and other products and services, as well as technology used to connect other companies’ products within a “fabric” of security across network operations.
During a recent interview at Fortinet’s headquarters, Xie talked about the issues facing the security-technology industry, how Fortinet is adapting to changes in security, and the difference between Fortinet and the game Fortnite. His comments have been edited for length and clarity.
Q
For those unfamiliar with Fortinet, how would you best describe the company? A
Basically, we’re all about security. Network security. Intrusions. Viruses. Malware. Today, something like 99 percent of attacks come from the network side, so it’s important to stop these attacks from the network side. With our name, we think it means: to fortify the network and network security.
Q What steps or technologies do you see as crucial to fortifying a network?
A You need to check on the content, the applications being used and the user. Sometimes, it depends on the device and sometimes on the location. Because all of this is about the network layer.
Q Security today certainly isn’t the same as it was when you first started Fortinet. How would you say the nature of network security has evolved over the years?
A We view network security in three generations. The first generation was like the early days of air travel; you just bought a ticket and you’d get on the airplane. That was pretty simple. With security, in the early days, we would just have firewalls and you’d check who could come into the network and who could not. That was working quite well until about 20 years ago. At that time, internet content became much more active. And you had more viruses, more intrusions coming from permitted connections. It was like you had your ticket to get on the plane, but you were carrying something dangerous; they would only check your ticket and it didn’t matter what you carried.
That brought up the second generation of security. You need to check not just who can connect to your network and where you can connect, but the content, too. Inside a company, everything had been trusted, but outside was not trusted. If you knew the user, you’d let them in. But, the content could contain a lot of dangerous stuff, even if you know the person using that content, you have to check what’s inside there. That’s where Fortinet started, trying to go deep inside of content, or inside an application to make sure those were secure.
Now, we’re in a third generation, where everyone has a mobile phone, and there’s the cloud and so many connected devices. You no longer can say that inside a company everything is trusted because you could bring in a contaminated device. And it’s the same thing with data, because so much is no longer stored inside a company.
Q
Let’s talk about the cloud for a minute. What kinds of challenges does the cloud present in terms of extending your fabric to an area that didn’t exist a few years ago?
A
When you move a lot of data to the cloud, two things happen. One is that the data is less under your control, and the second is you need access to it. But, with the convenience of access to information, there’s an increase in security risk. So, the cloud increases the security issue. You also need additional bandwidth to access the data. But again, the increase in flexibility also comes with an increase in risk, so you’d better be protected.
Q
You have something called the Fortinet Security Fabric. What is this and how does it work for your customers?
A
I think there are three key things to the Security Fabric. First, it needs to be very broad. Not just the one part of the infrastructure. It needs to
cover the endpoint side, the mobile device side, the cloud side, the IoT (internet of things) side, also the application side. It can no longer be just one part of coverage. Second, these parts all have to work together. Today, most companies tend to buy different products from different sources. And none of them talk to each other or integrate together. So, without integration you can’t go to the third stage, which we call automation. Without automation, if a hacker comes in (to a network) he can just take information away. If everything is working together, it (network hacking) becomes much more difficult to do. That’s part of the fabric. We work with 45 partners that are fabric-ready and can work together right away because of the Fortinet Fabric.
Q
On a light note, with the name of Fortinet, have you heard of anyone getting your company mixed up with the game Fortnite? Both names are anagrams of each other.
A
Actually, we got paid because the name Fortinet is so close to Fortnite, so I’m fine with their name being close to ours.