Responding to continued vulnerability of systems to security threats as more internet of things devices attach to networks, information technology security company Fortinet Inc. has introduced a new network access control solution to enable visibility at scale across multi-vendor environments. FortiNAC is a next step following the acquisition of Bradford Networks Inc. in June and is designed to provide a measure of control and automated response capabilities so that network administrators can see and respond quickly to suspicious activity.

The proliferation of IoT devices across the enterprise has raised new challenges for network security. What was once only a small number of attached devices has mushroomed to many thousands for a number of companies today.

“Our advantage really is now scale,” said John Maddison (pictured), senior vice president of products and services at Fortinet. “We can see huge amounts of IoT devices which are attaching, and then take action not only at the access level, but all the way into the cloud.”

Maddison spoke with John Furrier (@furrier), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, at theCUBE’s studio in Palo Alto, California, to discuss FortiNAC’s network security capabilities, the importance of micro-segmentation, new threats in encrypted packets, and Fortinet’s commitment to multicloud support. (* Disclosure below.)

Need for full network picture

This month’s addition of FortiNAC to the Fortinet Security Fabric recognizes the rising security threat posed by unsecured IoT devices attaching to networks. Companies in areas such as manufacturing and retail have become more dependent on IoT technology, but this has complicated the ability of information technology departments to monitor the full picture of network activity.

“The whole idea is to make sure you’re covering the digital attack surface,” Maddison said. “The network access control can see all of the IoT devices attaching, and then it integrates back into the Fabric, and the Fabric can then apply a policy. The Fabric can see everything from IoT to the campus to the WAN to the data center to the cloud.”

When Fortinet acquired Bradford Networks, it obtained technology that was designed for multi-vendor support, which enabled FortiNAC to automate micro-segmentation configuration on third-party devices. This is a key element in Fortinet’s approach because as customers move toward a multi-cloud platform, the ability to manage different orchestration systems can quickly become complex.

“Your network access control system is kind of an orchestration system, allowing different devices to come in and off the network,” Maddison explained. “You build a holistic security fabric, and then you let the different infrastructure orchestrators like VMware or an SD-WAN vendor do their job really focused on the infrastructure.”

SSL-based attacks on the rise

One of the rising threats in network security today involves the use of Secure Socket Layer attacks. Criminals are beginning to use SSL to mask damaging malware, thus requiring enterprises to use security tools to inspect encrypted packets before they enter a network environment.

The problem for many network administrators is that deep SSL inspection can often degrade system performance, so the monitoring is frequently set aside. This is taking a big risk, according to Maddison, who said that Fortinet’s own tools have managed to reduce performance degradation for these critical inspections.

“SSL inspection is extremely important in that a lot of enterprises have switched it off,” Maddison said. “You’ve got to switch that on because otherwise it’s just a giant hole in your firewall.”

The introduction of FortiNAC comes five months after Fortinet announced Fabric Connectors to automate security operations through one-click integration with cloud vendors such as Google, Microsoft Corp. and Amazon Web Services Inc.

“It’s no easy task to support six clouds now, to go through all of the different items and integrations across that,” Maddison said. “We’ve got probably the most expansive integration across the most security products in the industry, and we’ll continue to do that going forward.”

Here’s the entire video interview with Maddison, part of many CUBE Conversations from SiliconANGLE and theCUBE. (* Disclosure: Fortinet Inc. sponsored this segment of theCUBE. Neither Fortinet nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE