Fortinet Unveils SSL VPN, VoIP Security Updates
Both enhancements, unveiled at Interop in Las Vegas, are slated to show up in the second half of the year in FortiOS 3.0 and will be free to customers with ongoing maintenance contracts for FortiGate appliances, said Anthony James, senior product manager at Sunnyvale, Calif.-based Fortinet.
The SSL VPN addition supports a clientless approach to remote access and includes technology to ensure end-point integrity before authorizing a network connection, James said. FortiOS also supports IPsec, which gives users the option of choosing which protocol to use in specific situations, he said.
The VoIP-related function is being added to address the growing need for firewalls to handle IP telephony applications, according to James. "VoIP doesn't play well with network address translation," he said.
Fortinet's technology works by opening ports as needed during the call-signaling phase and then closing them again as soon as the call ends, James said. Other firewalls open up a whole range of ports to accommodate VoIP traffic.
Fortinet has been testing that approach with Polycom's videoconferencing technology, allowing H.323 traffic to flow through its new H.323 network address translation traversal technology.
Sam Fadala, CTO of Sacramento Technology Group, a Carmichael, Calif.-based solution provider, said VoIP security becomes challenging when companies try to communicate from one location to another, and the latency becomes "pretty unforgiving." Most firewalls are unable to handle multicasting, which is used to serve up audio or video streams, he said.
"Fortinet has found a way not only to deal with multicasting but also to secure the transmission," Fadala said. "It certainly allows us to give our customers something where they can push VoIP outside their enterprise to multiple locations."