托管服务提供商 (MSP) 和托管安全服务提供商 (MSSP) 的运营环境竞争非常激烈。要想吸引新客户并留住现有客户,MSP 和 MSSP 必须能够提供从竞争对手中脱颖而出的产品和服务。在人满为患的产业中,这一目标可能很难实现。
在尝试从竞争中脱颖而出时,MSP 和 MSSP 要保证能够履行自己的承诺。如果每个解决方案必须单独部署、设置、监控和管理,那么通过部署一系列单点解决方案,为供应商的供应项目快速添加新功能的方法很快就会失去可扩展性。
MSP 和 MSSP 可以采用另一种方法:在坚实可靠的集成基础上构建产品和服务。安全的软件定义广域网 (SD-WAN) 将网络和安全功能集成到单一设备中,从而减少安全蔓延。它还为 MSP 和 MSSP 奠定了基础,使其能够以最小的额外开销提供增值服务。
随着企业级 SD-WAN 需求的增加,越来越多的组织不再购买和运作自己的 SD-WAN 设备,而是转向使用托管 SD-WAN 服务。托管 SD-WAN 服务提供商承担 SD-WAN 设备的资本支出,在客户场所部署 SD-WAN,或交付云托管的 SD-WAN。托管 SD-WAN 服务提供商通过专业知识增加价值,企业为此努力留住专业人才,持续投资最新的 SD-WAN 技术来造福客户,并详细了解 SD-WAN 解决方案如何与其他供应商集成,尤其是云基础架构供应商。
对于托管服务提供商 (MSP) 和托管安全服务提供商 (MSSP) 来说,引导新客户和推广新客户网站需要一笔不小的费用。随着新客户的增加,以及所支持企业的不断增长,MSP 和 MSSP 需要能够轻松部署到新客户环境中、并能与客户现有基础架构集成的解决方案
Fortinet Secure SD-WAN 为将服务部署到新客户位置的 MSP 或 MSSP 提供了基础。集成式下一代防火墙 (NGFW) 和入侵防护系统 (IPS) 可提供威胁防护和流量检测功能,即使是 SSL 或 TLS 加密流量也能检测。与 Fortinet Secure SD-Branch 集成,可将集中可视性和网络管理扩展至交换层。
Fortinet 是业内最大的网络安全生态系统的成员,拥有超过 250 个 Security Fabric 生态系统合作伙伴。通过 Fortinet Security Fabric,Fortinet Secure SD-WAN 和其他 Fortinet 解决方案只需点击即可立即与所有这些供应商的产品集成。Fortinet 开放安全生态系统包括:
传统的 WAN 安全解决方案将安全性作为网络的首要考量因素,通过一系列独立设备来实现安全性。这种 WAN 安全方法会损害可视性并造成孤岛现象,因为企业安全部署中的单点产品之间可能无法通信。这会降低托管服务提供商 (MSP) 和托管安全服务提供商 (MSSP) 有效管理其客户网络的能力,并提高他们的运营成本和开销。最后,使用独立的单点产品会让企业受困于其支持的传输媒介之中。
Fortinet Secure SD-WAN 将网络和安全功能集成到单个设备中,无需部署一系列单点安全产品。这使 MSP 和 MSSP 能够为客户的广域网 (WAN) 提供一致的企业级安全性,并显著降低总体拥有成本 (TCO)。
使用 Secure SD-WAN,MSP 和 MSSP 还可以通过安全混合 WAN 为其客户提供传输独立性。混合 WAN 允许通过多种传输模式路由流量,这使得它们能够减少对昂贵的多协定标签交换 (MPLS) 带宽的依赖。
Secure SD-WAN 也可以为云应用程序提供直达互联网的安全连接,因为流量检测现在是在网络边缘进行的。随着客户逐渐迁移至云,从用户端环境中的任何位置为云流量提供直接路由的能力,成为一项重要竞争优势。
作为 Fortinet SecurityFabric 的一部分,Fortinet Secure SD-WAN 能够与各种 Fortinet 解决方案及第三方供应商的解决方案进行即时集成。MSP 和 MSSP 可以为其客户提供托管 Secure SD-WAN 服务,作为各种其他网络和安全服务的基础,例如:
MSSP 和 MSSP 可利用 Fortinet Secure SD-WAN 提供以下功能:
企业广域网正在日益扩展,纳入了云软件即服务 (SaaS) 和基础架构即服务 (IaaS) 资源。来自分支机构的流量需要通过总部网络路由发送,以便进行安全扫描和原则运行,这样会降低网络性能、增加延迟,并造成企业 WAN 拥塞。以提升云连接能力作为卖点的托管服务提供商 (MSP) 和托管安全服务提供商 (MSSP) 有明显的竞争优势。
Fortinet Secure SD-WAN 为云流量实现直达互联网的安全连接,这对客户逐渐过渡到使用 IaaS 和 SaaS 产品至关重要。内置 FortiGate 下一代防火墙 (NGFW) 提供第 3 层至第 7 层保护,并通过业界首款 SD-WAN 应用程序专用集成电路 (ASIC) 芯片提供了高性能保证。作为 Fortinet SecurityFabric 的一部分,FortiGate NGFW 可以为 MSP 和 MSSP 提供集中可视性和管理,从而提高运营效率并简化客户 WAN 的管理工作。
服务提供商还可以提供与 Fortinet Security Fabric 集成的云原生安全保护。FortiCASB 和 FortiCWP 可在云环境中实现自动化安全和合规管理。FortiWeb Web 应用防火墙以虚拟机 (VM)、实体设备或 SaaS 产品的形式提供,能够为客户的云网页、支付门户网站和应用程序开发接口 (API) 提供保护。FortiGate NGFW 以云原生 IaaS(及其他)形式提供,可在任何部署环境中实现云原生保护。
随着客户迁移到云,MSP 和 MSSP 必须能够提供以云为主的安全支持,例如 Fortinet 解决方案提供的安全防护:
View by:
MSPs and MSSPs require solutions that allow them to operate more efficiently. SD WAN Solutions should provide a rapid time to revenue by requiring minimal configuration and deployment time on provider or customer networks. They should also offer high margins and scale easily to larger customer bases.
MSPs and MSSPs seek solutions that allow them to offer value-added services to their customers. Deploying managed SD-WAN services to customer networks allows them to offer additional products such as managed SD-Branch and IoT security services. Secure SD-WAN can also favorably compete with pure SD-WAN solutions since they also offer integrated security and analytics functionality.
MSPs and MSSPs seek offerings that they can quickly deploy to their customers after purchase. This includes both current customers, where new functionality can be added or enabled in an existing deployment, and new customers that require onboarding and solution deployment before services can be provided.
MSPs and MSSPs have customers with widely differing needs. They require the capability to offer pay-as-you-grow models for their products and services, allowing them to scale their offerings and prices to a customer’s unique situation.
The Fortinet Security Fabric, with out-of-the-box integration with over 250 third-party vendor products, enables single-pane-of-glass visibility and configuration management and real-time threat-intelligence sharing across a service provider’s entire network environment. With Secure SD-WAN Solutions, this enables MSPs and MSSPs to manage their customers’ entire network infrastructure from a single pane of glass. This also allows MSPs and MSSPs to improve efficiency, decrease total cost of ownership (TCO), and reduce their clients’ cybersecurity risk. FortiGate next-generation firewalls (NGFWs) also support numerous administrative domains (ADOMs) and virtual domains (VDOMs), providing management flexibility and supporting role-based access control (RBAC).
Secure SD-WAN enables MSPs and MSSPs to centralize visibility and management of their customers’ entire WAN. The Fortinet Security Fabric takes this a step further by enabling out-of-the-box integration with over 250 third-party vendor products through 12 Fabric Connectors, over 135 third-party application programming interfaces (APIs), 9 Fabric DevOps scripts, over 130 Extended Security Fabric Ecosystem partnerships, and an open-API architecture.
This integration enables MSPs and MSSPs to automate threat prevention, detection, and response, minimizing the overhead associated with securing customer environments. Centralized security management also enables MSPs and MSSPs to efficiently establish and enforce policies that comply with security standards. This, in turn, facilitates the automatic generation of reports for customers that demonstrate compliance for regulators and provide important security insights for the C-suite and the board.
Fortinet Secure SD-WAN links a customer’s entire security architecture via the Fortinet Security Fabric. The Security Fabric orchestrates threat intelligence across and between each of the organization’s security elements in real time. FortiGuard Labs leverages artificial intelligence (AI) and machine learning (ML) capabilities to pinpoint known and unknown threats and communicate actionable intelligence across the Security Fabric. Threat intelligence is enhanced through partnerships with over 30 threat-sharing organizations and integration with over 100 other vendor products. With the Fortinet Security Fabric, this threat intelligence is communicated to all SD-WAN appliances in a customer’s WAN, ensuring enterprise-wide threat detection and prevention.
FortiGate NGFWs, with corroborated performance testing by NSS Labs, offer the industry’s lowest latency, which is an important feature for MSPs’ and MSSPs’ customers. The highly efficient custom FortiGate application-specific integrated circuit (ASIC), as well as the world’s first SD-WAN ASIC, enables Fortinet to provide high-performance security at the WAN edge and throughout the network. Moreover, turning on advanced features such as secure sockets layer/transport layer security (SSL/TLS) encryption inspection does not impact network performance in speed or throughput, unlike competitive solutions.
This is crucial for MSPs and MSSPs, whose customers expect security to not impact network performance and who require solutions that minimize capital expenditures (CapEx) and operational expenditures (OpEx). Fortinet is named a Leader in the Gartner Magic Quadrant for Network Firewalls and a Leader in the Gartner Magic Quadrant for WAN Edge Infrastructure. Fortinet has won 2019 MEF 3.0 Proof of Concept Awards for Security Assurance in SD-WAN and Cloud Service Implementation, and is the only vendor to have NSS Labs Recommended status for nine different security products.
With FortiManager, Fortinet solutions can be easily deployed and centrally managed, allowing MSPs and MSSPs to easily roll out security infrastructure to new customers. FortiManager and FortiAnalyzer also allow MSPs and MSSPs to integrate and automate their client’s security deployment via the Fortinet Security Fabric, enabling analytics and compliance reporting through FortiAnalyzer. This integration also allows MSPs and MSSPs to break down silos that isolate security operations center (SOC) and network operations center (NOC) operations, enabling improved global visibility and more efficient operations. By deploying Fortinet Secure SD-Branch, centralized visibility and management is expanded to cover everything from the internet to the switching infrastructure in customer locations, simplifying security monitoring and management for MSPs and MSSPs.
Fortinet devices are capable of touchless onboarding and provisioning with the ability to preconfigure deployment settings before sending devices to customer locations. Fortinet devices also allow a single key for supported devices on bulk orders and expose a JavaScript object notation/extensible markup language (JSON/XML) API for device customization. This enables automated or programmatic deployment of Fortinet devices, enabling MSPs and MSSPs to eliminate truck rolls and achieve faster onboarding of new customers.
Multiple pricing and product consumption options offer MSPs and MSSPs and their customers the flexibility needed to optimally secure their data, infrastructure, and applications. This enables MSPs and MSSPs to scope their customers’ SD-WAN deployment, and the value-added services that it supports, to meet their customers’ specific needs.
Fortinet solutions are designed to be multitenant from the ground up, enabling MSPs and MSSPs to isolate but still manage multiple customer networks from a single console. This enables MSPs and MSSPs to take advantage of cost savings by offering customers networking over shared, but isolated, SD-WAN infrastructure—increasing average revenue per user (ARPU) while improving operational efficiencies.
Fortinet offers a range of training opportunities to help MSPs and MSSPs better attract and serve customers and to differentiate their services and grow their business. Opportunities include seller training, technical training, and advanced training. This helps MSPs and MSSPs to learn how to optimize their SD-WAN deployment and efficiently deploy value-added services to their customers.
The Fortinet Joint Solution Marketing Model provides MSPs and MSSPs with numerous opportunities to improve and grow their business. These include a partner-focused marketing team, support for developing messaging, blogs, case studies, and selective support for partner campaigns. This helps MSPs and MSSPS to maximize the impact of their marketing regarding SD-WAN offerings and the additional value-added services that it enables.
