Fortinet combines SD-WAN with rugged firewalls in appliances for OT environments

The FortiGate Rugged 60F next-generation firewalls are the first to integrate SD-WAN to provide a complete and cost-effective solution for OT networks.

Today, cybersecurity vendor Fortinet is announcing a pair of new next-generation firewalls, the FortiGate Rugged 60F and FortiGate Rugged 60F with built-in LTE. While Fortinet already has a good presence in operational technology [OT] environments, this is the first time that they – or anyone else – have been able to provide both the firewall and SD-WAN for rugged OT environments.

“We have had rugged firewalls for some time, but these have SD-WAN capability,” said Peter Newton, Senior Director of Products at Fortinet. “Fortinet is unique in deploying SD-WAN and firewall in a single unit for OT environments.”

Newton said that the fact that Fortinet is the first vendor to bring this solution to market did not  require overcoming a major technical hurdle –  only making addressing the issue a priority.

“SD-WAN operators have been focused on the enterprise environment,” he indicated. “They just haven’t paid attention to the OT space. As we refresh our firewalls for OT, we are adapting them with new capabilities.”

Both models of FortiGate Rugged feature the company’s new SOC4 SD-WAN ASIC, a small 1U form factor, and flexible mounting capabilities designed for OT sites with more challenging mounting and power options. They also have a faster firewall and lower latency as part of that refresh.

“They are also designed to fit in harsher environments like electrical substations, which aren’t a fit for other SD-WANs out there,” Newton added. Utilities have been a strong early market for this, including renewable wind farms.

Up until now, customers who wanted SD-WAN capabilities in their OT sites, whether from Fortinet or another vendor, have had limited options, and these have been expensive.

“They’ve been using a  standard rugged firewall and getting the WAN with MPLS or leased lines,” Newton said. “In our older generation products, we did have some SD-WAN capabilities — application load balancing, and measuring link quality for jitter or latency – but not like this. So these new products not only provide the reliability that customers need, but do so at a lower operational cost.”

Because Fortinet already has a strong presence in the OT space, Newton said that their existing channel will be fully capable of handling these new products.

“We have a 100% channel strategy, and we have partners of all types who work in the OT market,” he indicated. “This includes companies like WWT and OT focused VARs who use us as part of their security solutions for OT. However, we partner with just about everybody who is a specialist in the OT space. They need us for enforcement, to see into the protocols which exist in the IT space.”

Schneider Electric for example, is not only an integration partner, but a Fortinet reseller as well,

“We are certified to work alongside them and we are on their line card,” Newton said. “We also have integrations with major OT vendors like Siemens and Nozomi Networks. Hydro One in Ontario is a partner. We also have partnerships with all the major SIs.”