Fortinet released FortiOS 7.2, the latest upgrades to its flagship operating system and the foundation of the Fortinet Security Fabric.
Over 300 new features enhance Fortinet’s ability to converge security at every network edge combined with the performance and scale needed to detect and prevent threats across an organization’s entire infrastructure.
Hybrid networks and accelerating business demands
Growing and scaling digital business while protecting a distributed infrastructure has never been more critical or complex. Networks today are hybrid by design – spread across on-premises, multiple edges, and the cloud – and they will continue to be the enabler for digital acceleration. According to Brandon Butler, Research Manager, Enterprise Networks at IDC. “The network is foundational for enabling the secure, scalable, and efficient use of cloud, edge, and IoT applications. Hybrid networks are needed for enterprises today, allowing applications and workflows to move seamlessly across every edge so critical information can be accessed by any user or device from any location. Combined management of advanced networking and security becomes a powerful enabler of digital acceleration.”
FortiOS 7.2 delivers new AI-powered FortiGuard security services, enhancements to the only converged networking and security platform available today, and further consolidation of security point products across networks, endpoints, and clouds.
These enhancements enable FortiOS to further protect today’s hybrid networks in the face of an escalating threat landscape while also helping organizations achieve digital acceleration.
New AI-powered FortiGuard security services
Fortinet’s rich suite of FortiGuard Security Services is powered by FortiGuard Labs and natively integrated across the Fortinet Security Fabric to deliver automated and coordinated security in real-time. FortiGuard services are powered by trusted machine learning and artificial intelligence models informed by unified data sets feeding from networks, endpoints, and clouds, rich independent research, and comprehensive industry collaboration. In FortiOS 7.2, Fortinet expands its offering with multiple new services and enhancements to stop known and unknown threats faster and more effectively than ever before.
New services include:
- Inline sandbox: This innovation transforms a traditional detection sandbox capability into real-time in-network prevention to stop both known and unknown malware, with minimal impact on operations. The result is better ransomware protection when compared to solutions that allow suspicious files into the network and then must chase down malware once it’s been identified.
- Advanced device protection: This service automatically discovers and segments OT and IoT devices based on their unique network features, maintains asset inventory, and uses pattern matching to enforce appropriate policies and automate remediation. This service is offered on our NGFW solution and at the LAN Edge through integration with FortiNAC, including NAC playbooks that enable detection and response close to the protected asset.
- Outbreak detection: Enables faster response to outbreak attacks through immediate alerts and threat hunting scripts that automatically identify and respond to new threats to provide SOC teams with faster time to detection and remediation.
- SOC-as-a-Service: Free up SOC teams to focus on major executions by offloading all tier-one analysis to Fortinet’s global team of experts. This attached service is conveniently priced at a fixed cost for NGFW deployments.
- Dedicated IPS: Designed for finance and other regulated deployments, this solution enables migration from separate hardware to NGFW while preserving operations and compliance practices.
- Inline CASB: This new service for FortiGate NGFWs integrates with the FortiClient Fabric Agent to enable inline ZTNA traffic inspection and ZTNA posture check.
Key enhancements to existing services include:
- Fabric rating: This service guides customers as they design, implement, and continually advance their organization’s security posture, taking into account audit checks, the identification of critical vulnerabilities, and configuration weaknesses.
- Web security: AI-driven URL, DNS, and video filtering services provide comprehensive threat protection to address various threats, including ransomware, credential theft, phishing, and other web-borne attacks.
Fortinet’s security-driven networking approach is uniquely designed for modern networking technologies across all network edges. This ensures that AI-powered security functions can be built-in to enable secure digital acceleration. FortiOS 7.2 further unifies the convergence of networking and security across NGFW, SD-WAN, LAN Edge, 5G, ZTNA, and more:
- SD-WAN: The industry’s most comprehensive Secure SD-WAN solution now includes enhancements to further accelerate and automate overlay orchestration to simplify the scaling of global WAN architectures. With enhanced application analytics monitoring and the addition of Mean Opinion Score (MOS) for voice and video applications, organizations can easily measure quality of experience from an application to end-users.
- SD-branch: The industry’s most complete solution for securing the branch from the WAN edge to the LAN edge includes 5G Wireless WAN, SD-WAN, NGFW security, and LAN equipment in a single converged solution. FortiOS 7.2 introduces additional automated deployment and orchestration features to make setting up and managing branch networks on a global scale even simpler and more secure.
- LAN edge (switch and Wi-Fi): Secure the network by converging networking and security into a single solution that simplifies the secure onboarding of all types of devices. New onboarding features allow for the integrated discovery of devices to enable the implementation of ‘least privilege’ access at the LAN Edge without additional system overhead.
- NGFW: FortiOS 7.2 makes FortiGate the first next-generation firewall to support HTTP/3.0, offering increased visibility and protection for emerging HTTP standards that promise the speed and agility required by digital acceleration.
- Identity: Providing strong, flexible authentication options, Fortinet complements on-prem and VM-based FortiAuthenticator with new cloud-based authentication services ideal for applications and resources in the cloud. Combined with our new FIDO-based passwordless multi-factor authentication (MFA), Fortinet is delivering easier to use, more secure authentication services to today’s hybrid environments.
- ZTNA: The only universal ZTNA enforcement built into a next-generation firewall (appliance, VM, or cloud-delivered) is available across all work locations to enable true Work-from-Anywhere. And it is now even easier to manage with a new unified policy configuration in a single GUI for every connection and improvements to the ZTNA service portal.
- Micro-segmentation: Fortinet is expanding upon its Security Fabric segmentation and micro-segmentation capabilities to deliver intent-based networking and control of east-west traffic.
- Secure remote access – SASE: Provide secure private access to corporate applications with natively integrated ZTNA in FortiSASE for one unified agent for endpoint protection and traffic redirection. Continuous identity and context validation allow organizations to easily shift from implicit to explicit access per application for remote users to overcome traditional VPN challenges.
- Simplified and centralized management and monitoring: New enhancements simplify and automate the roll-out of large deployments with improved zero-touch provisioning. They also enable the deeper integration of AI for network operations (AIOps) with centralized management via FortiManager and Digital Experience Monitoring with FortiMonitor.
Further consolidation of security point products across networks, endpoints, and clouds
Fortinet continues to expand the Fortinet Security Fabric’s ability to consolidate multiple security point products across an ever-expanding attack surface.
- Enhancements across the fabric: Additional upgrades across Fortinet’s entire portfolio of network, endpoint, and cloud solutions introduced in FortiOS 7.2 enhance the Fortinet Security Fabric and Fortinet’s ability to consolidate security point products into a platform that is broad, integrated, and automated.
- Integration with one of the industry’s largest technology alliance ecosystems: The Fortinet Fabric-Ready Technology Alliance Partner Program brings together a community of global technology partners with specialized expertise. As a result of more than 480 integrations, customers can more easily build a platform of integrated solutions to improve security effectiveness, reduce complexity, and simplify operations.
“Fortinet continues to push the boundaries of what is possible in converging networking and security to enable customers and partners to safely and effectively compete in today’s digital marketplace. Networking and security can no longer be treated as separate strategies. The present and foreseeable future consists of hybrid networks, and only with security at their core will those networks be able to adapt at speed and scale to secure every edge. Over 20 years of prioritizing organic research and development have positioned Fortinet as the driving force behind cybersecurity innovation. And now, with the release of FortiOS 7.2, Fortinet is setting new industry standards for converged networking and security,” said John Maddison, EVP of Products and CMO at Fortinet.
FortiOS 7.2 is available now.