GEC NEWS WIRE“We are continuously adding as well as identifying new partners who can really help us cover the geographical area or an industry”
The modern day sophisticated attacks like Ransomware or mobile malware is forcing the security watch guards to provide next-gen network security solutions covering the broad spectrum of the enterprise – from end point, network, to applications. Enterprise Channels MEA spoke to Bashar Bashaireh, Senior Regional Director – Middle East & Pakistan, Fortinet, to get his perspective on security trends in the MEA region and the company’s offerings in this space. Excerpts
What are the security trends in the Middle East region?
Security breaches have changed a lot in the recent times. The attacks have become very different. If we go a decade back, then at that time, threats were just infected attachments to the mail, which could download either a virus or a Trojan to the PC. Today, threats have become very dynamic with multiple vectors, wherein having a standalone anti-virus is not enough. The way cyber criminals are approaching their target victims is beyond the imagination. They can infect your system with DDOS attack to distract the attention of security administrators within an enterprise while a malware has somehow been injected into the end user network that has started doing a parallel job by entering into the database of the customer or end users’ accounts and probably started to transfer funds outside the organization.
We are also witnessing a trend of increasing mobile malware. Till three years ago, malware was not really widespread in the mobiles and smartphones. At that time, the known operating system was majorly Symbian that has now shifted with the increasing adoption of Android and iOS. With the explosion of the smartphone industry and high penetration of mobile phones within the market, the availability of applications and content which encourage people to move into that direction has increased manifold. This has created the opportunity for cyber criminals and hackers to tap into these areas and spread the modern day threats. Today, we see malware on smartphones is increasing and this is becoming a concern of security administrators, especially when you talk about concepts like BYOD that is being adopted by enterprises worldwide.
BYOD is becoming more and more acceptable by decision makers as well. Then, you have Gen Y users of smart devices, who bring these gizmos to the enterprise environment and use it for both personal and business purposes. As a security administrator, you have to make sure that if an employee is taking a mobile device outside the premises of the organization, he or she will abide by the security policies. If an employee is using the device at a public place or at a home and if the security policies are not enforced then there are chances that the devices will be infected by malicious websites, which in turn, can download a malware on the device. And next time, when the employee is in office premise then that malware can easily propagate to your office network and reach to the final destinations like web application or database and ultimately, do the damage that cyber criminals are looking for.
This trend which is in line with the increasing threats out there with the emergence and widespread usage of mobile phones and smartphones is called ‘Ransomware’. Earlier, we were accustomed to ‘Ransomware’ with PCs and notebooks, but this malware is now widespread on mobile phone industry. If a smartphone user accesses a website that will download that piece of malware on his device, then the smartphone will get locked and the hacker would ask for a ransom to release the smartphone. In this situation, the user has just two options to make – either pay the ransom and get the smartphone unlocked or forget about the data residing on his device, reformat it, and start using it again.
This is where users should realize the importance of anti-malware end point security solutions. The organizations should also keep a backup of their computing devices. Another cyber threats that are increasingly becoming visible are advanced persistent threats (APTs) which are of long term. Here, the hacker won’t go on the spot, get the financial gain, and get out. Instead, they attack on intellectual property, probably strategic, industrial, financial and economic information. These are sophisticated attacks wherein the hackers try to get into inside network of the end user and reside for the longer period while continuously taking phishing attempts to try and find out the right individual within the organization to give them the necessary information to penetrate or by social engineering where they can obtain necessary details to get into that environment. The hackers also try to identify an insider that could help them get into the organization’s network. And once they get into the network, they start accessing the resources that help them achieve the ultimate goal.
Tell us about the solutions that Fortinet offers to address the market?
At Fortinet, we are pioneers of providing next generation network security solutions and we really cover the broad spectrum of the enterprise – from end point, network, to applications. With multiple vectors of attacks and threats that are out there in the market, you really need to look at multi-layer security solution approach. It is really not recommended to go and buy an independent and separated solution addressing the different threats today. It is because the components will not be talking to each other, correlating events together, and giving you the right reports in order to help you take the right decision at the right time. You have to adopt a multi-layer comprehensive solution where from a single console, you can have a centralized management and thus, giving you the bigger picture. Threats and attacks are becoming multi-vector, so you need to look at a broader spectrum of your enterprise and correlate things together so that you can take rights decisions for your organization. That’s how Fortinet addresses these emerging threats.
The recent introduction of our FortiOS version 5, which we released at the beginning of this year is doing very well in the market. Its two features – customer reputation and Sandboxing – differentiate us from the others. Customer reputation really looks at the behavior of IT assets and IT resources on your network, analyses the behavior of these resources, and do a scoring. You either positively where there is no threat or negatively where there is a threat arising. As far as Sandboxing is concerned, it looks at software that is suspicious and there is likelihood that it would constitute a threat or carry a malware. In this case, you isolate the software and put it in the Sandbox which can be either in the same machine or a virtual environment. Once it is done, you start looking at the behavior of the malware. If it turns out to be malicious, then you quarantine it. These are the unique features of FortiOS 5.
Another feature is ‘wireless controller’ that comes with the FortiGate. Right now, each FortiGate can act as a secured wireless controller to the access points that we can deploy around the enterprise network. With the high adoption of BYOD concept across the businesses, you need to make sure that users or guests who come into your network are given certain rights and privileges based on their category. All this is being enforced through FotiGate as security policies through the access points around the enterprise so that each user can work according to the security policies that govern his usage for network and resources.
Another platform of defense that we provide is our FortiWeb that is our web application firewall. It protects your web-based applications and internet-facing data from attack and data loss. Using advanced techniques to provide bidirectional protection against malicious sources, application layer DoS attacks and sophisticated threats like SQL injection and Cross-site scripting, FortiWeb platforms help you prevent identity theft, financial fraud and denial of service.
We also offer FortiDDoS family of DDoS attack mitigation appliances. FortiDDoS helps you protect your internet-facing infrastructure from threats and service disruptions by surgically removing network and application-layer DDoS attacks. You can defend your critical on-premise and cloud infrastructure from attacks while relying on FortiDDoS appliances’ sophisticated filtering technologies to allow legitimate traffic to continue to flow.
What has been your channel strategy for this region?
Fortinet works through three tier business model globally as well as in the Middle East region. We have distribution partners who are at the first level of channel network. These are the value added distributors who have trained resources on board, stocking facilities across the region, and provide RMA services for fast turnaround and replacement of defective units. We have 4 VADs in this region viz. Secureway, Oxygen Technologies, Mantrac distribution, and Online distribution in Pakistan. This is our first line of channel.
Then we go to our value added resellers. We have different levels of VAR partnerships, wherein we have Bronze, Silver, and Gold partners – depending upon the capabilities of those resellers in terms of trained and certified resources. Each level of partnerships require a certain number of certified and trained resources on board. Then, we look at revenue associated with that partner and involvement in the sales cycle. The higher is the level of partnerships; his involvement in the sales cycle will be more. If a partner has enough resources on board, it’s very much natural that they will get more involved and thus adding more value to the sales cycle.
Another category of partnerships that we have in this region are the managed security service providers. Today, the traditional Internet service providers business doesn’t really carry a lot of financial margins and benefits. These companies are really looking for that piece of value added service where they can differentiate each other. We have a very nice portfolio for such kind of businesses, whether it is CPE based equipment or cloud-based. Our MSSP partners can either provide security-as-a-service to a CPE based model or cloud-based model or hybrid model. These are really the different categories of partners that we have on the ground.
How much of your focus is on the partner as well as customer enablement?
We really emphasize on the technology enablement for the partners as well as customers. We have authorized training centers across the region. In these centers, the certified Fortinet trainers go and train the partners and customers alike. Since, we are not able to cover all the cities physically; we have come out with online classrooms where a partner or customer can undertake a training course at his own ease and convenience – whether he is at office or home.
These are the different components as far as go to market component for the channel is concerned. We are continuously adding as well as identifying new partners who can really help us cover the geographical area or an industry. In the year 2012, we increased our partner base by 30 percent compared to 2011. Last year, we brought Oxygen Technologies on board covering Saudi Arabia, Iraq, and Pakistan. We are always trying to broaden our reach to the market and help our customers in the long run.
How is Fortinet growing in this region and what are your growth projections?
Fortinet is growing very strongly year-on-year in this region. When I started in 2007, we were just 2 employees and right now, we are more than 25 across the region. We have invested and opened offices in Saudi Arabia, local presence in Kuwait and Pakistan. Hence, we are investing as our business grows. According to IDC, we have 30 percent of UTM market share in the Middle East. We achieved almost 60 percent growth in 2012 compared to 2011. This year, our target is to either match that number or surpass it. In line with this growth, we are hiring more resources in Saudi Arabia, Qatar, and UAE.
