August 04, 2023 By BlueAlly
For as long as banks and credit unions have digitized their operations, they have been a tempting target for cybercriminals looking to part account holders from their money. As digital banking services have proliferated, cybercrime has become increasingly sophisticated, and the financial sector remains disproportionately affected by everything from ransomware to fraud and identity theft.
Keeping Ahead of Cybercriminals
Like many other financial sector organizations, one local U.S. credit union understands the need to stay ahead of the threat landscape. That is why, when the license agreements on its existing network and security systems came up for renewal, it took the opportunity to reassess the options on the market to ensure it had the best possible protection for its total cost of ownership (TCO). In addition, the credit union wanted to simplify the management of the network and align licensing across multiple solutions.
This decision was also driven by the fact that its legacy infrastructure, which included a software-defined wide-area network (SD-WAN) from a managed service provider (MSP), had become frustrating to manage and increasingly delivered a poor experience. The time was ripe for a refresh.
Fortinet Lends Its Expertise
Fortinet was quickly called on to propose alternatives. A system engineer at the credit union had used Fortinet products prior to joining the firm and was an influential advocate for the user experience and performance of Fortinet’s solutions. Fortinet was also championed by Sentinel Technologies, the credit union’s technology integrator.
Having assessed the proposal for a Fortinet Security Fabric deployment centered on FortiSASE (secure access service edge) and experienced a demonstration of the FortiNAC (network access control) solution, the company realized that Fortinet could deliver on its needs and pressed ahead with deployment.
Explore FortiSASE ➔
Rebuilding the Fortinet Security Fabric
Today, the credit union benefits from a broad range of Fortinet products. Its FortiSASE architecture combines network, security, and the Fortinet Secure SD-WAN solution to provide zero-trust internet, cloud, and data center network access to endpoints including remote users, devices, and branches, as a service.
The SASE architecture realizes secure network access using network security technologies including Firewall-as-a-Service (FWaaS), secure web gateway (SWG), zero-trust network access (ZTNA), and cloud access security broker (CASB). The credit union further expanded its zero trust coverage to end devices with the deployment of FortiNAC, which leveraged the installed Fortinet security fabric to discover and identify all connected assets such as printers, surveillance cameras, and BYOD devices. It then offers granular access control on these access to the network based on their type, roles, and security posture.
With assistance from Fortinet’s FortiCare Professional Services, the firm deployed the Fortinet Secure SD-WAN solution, the foundation of its FortiSASE architecture, by integrating 29 FortiGate Next-Generation Firewalls (NGFW) with its legacy access points and switching infrastructure. The protection provided by the FortiGate NGFWs is augmented by FortiGuard Security Services—advanced capabilities powered by artificial intelligence (AI) that provide application, content, web, and device security. Further endpoint remote access and control are enabled through FortiClient Fabric Agents. The firm manages its solution centrally through the FortiManager console and optimizes it through logging and reporting from the FortiAnalyzer solution.
Enhanced Visibility and Integration at a Lower Cost
By consolidating its network and security systems on the Fortinet Security Fabric, the company is benefiting from unprecedented levels of integration and visibility of devices and users. These benefits have all been achieved at a lower TCO compared to its legacy systems.
The firm has also found the system much easier to manage. For example, the Security Fabric enables new sites to be set up rapidly through templates, which is saving the company time and effort. Similarly, the company found it considerably easier to deploy the FortiNAC and centrally manage all end devices across all their brands and ATM locations.
Meanwhile, the FortiSASE architecture means that users can now access the data center protected by scalable native security, without having to create a virtual private network (VPN) tunnel. As a result, the company has been able to improve both the security and the performance of its remote working capability.