Introduction

FortiGate Cloud-Native Firewall (CNF) is software-as-a-service that simplifies cloud network security while providing availability and scalability. FortiGate CNF reduces the network security operations workload by eliminating the need to configure, provision, and maintain any firewall software infrastructure while allowing security teams to focus on security policy management. FortiGate CNF offers you the flexibility to procure on demand or use annual contracts.

Features

• Enterprise-grade protection: includes geo-IP blocking, advanced filtering, and threat protection.

• Streamlined security management: Aggregate security from all networks in a region into a single FortiGate CNF and apply a single policy for all resources.

• Known bad IP filtering: Protect your cloud-based workload from accessing known bad IP addresses. FortiGate CNF, powered by FortiGuard Labs IP Reputation Service, can restrict your workloads from accessing unwanted resources.

• DNS filtering: Protect your networks with DNS filtering, including FortiGuard category-based filtering, domain filters, and DNS translation.

• IPS profile: Utilize Fortinet's Intrusion Prevention System (IPS) to detect network attacks and prevent threats from compromising your network. IPS utilizes signatures, protocol decoders, heuristics (or behavioral monitoring), threat intelligence (such as FortiGuard Labs), and advanced threat detection to prevent exploitation of known and unknown zero-day threats.

• Geo fencing: Define security policies to limit the countries that your cloud resources can access.

• East-west security: FortiGate CNF instances can attach to your cloud transit networks to enforce network security policies across cloud networks as well as into cloud networks.

• Dynamic security: Define policies using countries, FQDN, and cloud resource meta data attributes.

• REST API: Manage cloud accounts, infrastructure, and FortiGate CNF instances through the FortiGate CNF REST API.