Engineers from La Salle-URL share the latest news and projects in the field of network solutions in telematic engineering.

06 March 2022 | Posted by userDataCenter

Firewalls applied to datacenters

Datacenters are constantly processing private information in large quantities and for the simple fact of being connected to the Internet they are vulnerable to external attacks. Only by having a public IP we will recieve millions of of this attacks by hackers from all around the world. These attacks range from someone trying to use our desktop remotely to the stealing or modification of our data.

A Firewall controls the traffic that enters and exits from our computer, or in this case, the datacenter. It allows (or not) the entrance to whatever tries to reach us from the Internet, like a security guard does in a nightclub. These Firewalls can be of two types: hardware or software. The former being a router for example, and the latter an app or program.
Fortigate, the main Firewall in the market, is from the company Fortinet. These NGFW (Next Generation Firewalls) consist of a series of physic devices that make possible the creation of safe networks while allowing a complete automatic protection against threats. Just like any other Firewall, it ensures that no malware gets into our network by continuously inspecting out traffic and devices.

These devices are known for both their performance and security, and have the following features:

  • Application control. Policies can be quickly created to allow, deny or restrict access to applications.
  • Prevention of external intrusions to our network.
  • Antivirus, with one of the most up-to-date and complete malware databases in the market.
  • URL filtering, blocking access to malicious websites.
  • Sandboxing. This is an advanced solution to protect us from previously unknown malware (those that don’t not appear in the previously mentioned database).
  • SSL inspection. Meaning that we can see and monitor the traffic that enters and leaves our device.
  • Protection of all our devices, due to constant monitoring of our operations, allowing faults to be detected.

Additionally, Fortigate appliances come with SD-WAN capabilities. Software Defined WAN technology allows us to efficiently manage our networks, taking into account that many of our services today are in the cloud. This technology is very recent and allows better results with lower costs. Therefore it is another point for the Fortigates.

Setting up a Fortigate is like setting up a router and there is a lot of information on the Internet to consult about it. We will not stop at this because it is not the aim of the post. When it configure it, we can relate it to other Fortinet products since they offer other services related to security.

The range of FortiGate options contemplates its installation in small, medium and large companies and even in data processing centers and internet providers. Therefore, when  we design a datacenter, regarding its security we know that we can count on this option, which according to Gartner is the main one in the market.

Eduard Lecha and Matías Balzamo

Share

Comments

The NGFW (Next Generation Firewalls) offer unique features in terms of network protection, especially the 4400F model with about 75 Gbps in terms of threat protection, so cool. Very good post!

Enric Sasselli

Is clear that Next Generation Firewalls is a required component for a new generation CPD and will provide many important security features.

Eduard Lecha Puig

Add new comment

CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
5 + 1 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.