Fortinet Cloud Access Security Broker. How does Fortinet Cloud Access Security Broker (FCASB) differ from other cloud access security brokers? What are its strengths and weaknesses?
Things About Fortinet’s Cloud Access Security Broker
The FCASB is only available as part of a FortiGate Security Fabric (SF). This is a hardware appliance that must be purchased and installed in your own data center. The idea behind this is to provide a unified security platform that can be managed from a single interface. However, some users might prefer a cloud-based solution.
Is the FCASB Best for You?
The FCASB was for organizations that want to take advantage of cloud services such as Office 365 or Amazon Web Services. It might also be useful for organizations that use applications such as Salesforce.com or Slack.
It’s worth noting that the FCASB includes several features that are not included with other cloud access security brokers. Such as application control and malware protection. However, it does not include features such as user provisioning or profile management. It also lacks support for enterprise mobility management.
Pros
Built-in malware protection:
Fortinet has built-in malware protection into the FCASB. Hence, means you don’t need to purchase an additional solution to protect against malicious applications and files. This is particularly useful. Since the cloud services, you use most likely do not provide any type of malware protection themselves. It’s worth noting that this feature is only available when using web or desktop apps, not mobile apps.
User provisioning:
There is no native way to provision users in the FCASB. So it cannot manage employees who sign up for accounts with third-party cloud services on their own (such as Salesforce). However, it does support integration with ADFS and LDAP servers, which makes it possible to tie user accounts back to your organization’s existing user account system. This can make it easier for IT staff to manage all of their users from a single dashboard, even if they do not use Fortinet’s SF.
Cons
Not available as a cloud-based service:
The FCASB is only available as part of Fortinet’s security fabric, which means you need to buy hardware appliances and install them in your own data center. This also means that you will need to hire an IT professional or security consultant to deploy and configure the solution.
No mobile application management:
The FCASB does not have native support for mobile apps, although Fortinet has announced plans to expand support for mobile devices in the future. This means that you will either have to rely on third-party mobile application management (MAM) solutions or integrate the FCASB with an existing MAM solution such as Airwatch.
Limited user activity reporting: As previously mentioned, there is no native way to provision users in the FCASB, so reporting on user activity is limited. However, this might be less of an issue if your organization already has a user access management solution in place.