Fortinet and Arqit have partnered to integrate FortiGate Next-Generation Firewalls with QuantumCloud™, our unique symmetric key agreement software. QuantumCloud™ provides symmetric keys that can be created and rotated on-demand, to encrypt and protect sensitive data between point-to-point VPN links.
PKI systems are often complex, and if not correctly configured, can increase the risk of cyber attacks and data breaches. QuantumCloud™ can replace or be layered on top of existing PKI asymmetric key agreement technologies, to make your network more secure.
An optional customer-provided MQTT server can be deployed in your network, facilitating secure messaging between all QuantumCloud™ network adaptors across your network, and stopping any malicious actors from eavesdropping on your communications.
The easy-to-use Arqit console makes it simple to manage devices and enforce new security policies for everything from device permissions to the symmetric key rotation rate. It’s also zero trust - the quantum-secure session keys are only known to FortiGate firewalls.
In today’s increasingly sophisticated threat landscape, encryption is essential for safeguarding sensitive data. Our solution is designed to deliver enhanced security against today’s attacks and the future threat of quantum computers, reducing the administrative burden and inefficiencies of today’s symmetric encryption solutions.
Symmetric keys are universally used to encrypt internet traffic, but the most commonly-used approaches for generating shared symmetric keys are both vulnerable to attack and difficult to set up and administer. These approaches include:
• PKI systems. As well as being complex, they can pose potential risks in the future, when adversaries could use quantum technology to decrypt stolen data.
• Physical delivery of cryptographic keys. This can be inefficient, and restricts the ability to achieve the high-frequency, rapid, and on-demand symmetric key rotation associated with the highest level of cybersecurity.
Arqit and Fortinet have partnered to provide organisations with an additional layer of security, protecting IPsec VPN traffic against current cyber attacks and encroaching quantum threat, which can exploit weaknesses in asymmetric (public) key cryptography. Our joint solution also improves efficiency, flexibility, and scalability at a lower cost.
By integrating Fortinet Fortigate Next-Generation Firewalls with the Arqit QuantumCloud™ Symmetric Key Agreement (SKA) Platform, we provide quantum-secure symmetric keys, which enhance the security and manageability of IPsec VPN connections.
Each FortiGate securely connects to its NetworkSecure™ Adaptor over the local network over the local network. When point-to-point IPsec VPN sessions are initiated, each participating firewall requests a shared quantum-safe key. Our network adaptors agree to a shared symmetric key with each other, and deliver them in near real time. The FortiGate firewalls use the keys to construct the IPsec VPN tunnel, providing the user with enhanced protection.
The QuantumCloud™ Cloud Console can define and implement security policies that govern FortiGate firewall registration and permissions and key usage. It also enables centralised configuration management, audit tracking, and allows users to check on the health of all deployed QuantumCloud™ network adaptors.
Symmetric keys are created and consumed by physical or virtual FortiGate Next Generation Firewalls during the formation of secure IPsec tunnels. The Fortinet FortiGate integration with QuantumCloud™ enables enhanced security of VPN tunnels between FortiGate (physical or virtual) site locations and cloud infrastructure, for the site-to-site IPsec VPN use case.
QuantumCloud™ is a cloud-based software solution that delivers an entirely new way to create unbreakable shared symmetric keys as often as required. QuantumCloud™ can either be consumed as a Platform-as-a-Service (PaaS) or deployed on-premises, to meet data sovereignty and compliance requirements.
A QuantumCloud™ network adaptor is an Arqit software application deployed in the customer’s local network, and serves as an intermediary to deliver quantum-safe symmetric keys to FortiGate firewalls using the ETSI 014 API interface.
An optional MQTT server can be deployed in the customer’s network, to facilitate secure messaging between every QuantumCloud™ Network Adaptor | Fortinet across a network. The use of a centralised MQTT broker like this avoids the need for opening inbound firewall ports to support network adaptor key peering communications.
Fortinet FortiGate Next-Generation Firewalls deliver industry-leading enterprise security with full visibility and threat protection. They can deliver ultra-fast end-to-end security, improve operational efficiency, and automate workflows, and enable consistent real-time defence with their AI/ML-powered FortiGuard Services.