Last year, the E-rate program received 35,000 applications for a total of $2.77 billion. Within 30 days of the window closing, USAC issued the first funding commitment wave, which included 15,000 applications (43% of the applications) and over $503 million in funding requests. By the beginning of June, the USAC had committed $1 billion on 18,000 applications.
Category 1 vs. Category 2 Funding
The E-rate program has strict qualifications for the types of services and products eligible for funding. Administrators must be careful to only apply for items approved by USAC. Category 1 funding covers data transmission and Internet access services. Category 2 requests apply to infrastructural costs, such as:
Internal connections. Hardware such as wireless access points, switching, caching, and firewalls. These products make it possible for students, teachers, and staff to have easy and consistent access to the web as they move from class to class. These tools also offer bandwidth controls to ensure that as more people and devices access the network, bandwidth is not misallocated.
Managed Internal Broadband Services (MIBS). This refers to Wi-Fi services provided by a third-party vendor in charge of design, configuration, and updates for the internal connection’s infrastructure. MIBS enables a school to outsource the management and monitoring of their network.
Basic maintenance of internal connections. This covers the upkeep of eligible products, such as hardware and wiring. Software upgrades and security patches are also funded under this basic maintenance clause given that internal connections would not otherwise operate reliably or as intended.
Use your 2015 Funds in 2019—or Lose Them
Category 2 funding was established in 2015 so that schools and libraries could obtain funding for these sorts of needs over a five-year period. The clock on the five-year term begins the first year any school in the district obtains E-rate Category 2 funds. For example, if one school in the district received funding in 2017, then that becomes year 1 for all schools in the district (with eligibility extending through year 5 in 2021). All allocated funds must be spent within the funding year. So, if any school in your district started receiving funds in 2015, you must request Category 2 funding in 2019 before your eligibility expires next year.
K-12 schools across the United States are currently applying for E-rate Funding Year (FY) 2019. Schools and libraries have recently been making requests for E-rate Category 2 projects at a record pace. Requests this fall were up 56% over last year—well above the high-mark set in 2015.
Fortinet Products that Qualify for Category 2
Cybersecurity is one of the main needs driving organizations to apply for E-rate funds. Fortinet’s E-rate eligible solutions support cybersecurity in each tier of Category 2 funding and include:
FortiGate: FortiGate Next-Generation Firewalls (NGFW) offer network protection from the sophisticated known and unknown threats schools now have to deal with. Each NGFW offers a range of integrated security functions combined with the latest threat intelligence from FortiGuard Labs, including secure internal segmentation. Internal segmentation ensures that at-risk student or faculty devices that connect to the network are isolated to prevent any associated malware from spreading and infecting the rest of the network.
FortiAP and FortiSwitch: Fortinet’s secure access points and switches offer secure internal connections for reliable, seamless Wi-Fi. FortiAP is integrated with NGFWs to provide defense in-depth as students and faculty connect various devices to the network, while FortiSwitch improves network efficiency and scalability.
FortiCache: FortiCache manages bandwidth allocation across the school. With greater numbers of connected devices coming to school with students and teachers, the extra traffic can be a strain on bandwidth. Content and video caching through FortiCache allows for regularly accessed content and video to be stored and served faster, thereby reducing costs and improving network performance. FortiCache also offers anti-malware protection and gives administrators the ability to block any content and websites that students should not be visiting.
FortiCare: FortiCare is eligible under the Basic Maintenance of Internal Connections section of Category 2 funding. With FortiCare in place, schools have 24x7 fast access to technical support. Additionally, FortiCare offers firmware upgrades, technical resources, incident reporting, and more.
Our experts say about Fortinet Certification Exams
Migration to cloud-based compute and services platforms has allowed organizations to quickly adapt to the global transition to a digital economy. The ability to quickly spin up resources, adopt new applications, and respond in real time to end user and consumer demands allows organizations to compete effectively in today’s new digital marketplace. The result has been astounding. In just a few years, over 80% of enterprises have adopted two or more public cloud infrastructure providers, and nearly two-thirds are using three or more.
Growing Cloud Challenges
While the business advantages are significant, this rapid migration is also introducing complexities and risks that few organizations have adequately prepared for—right at a time when the cybersecurity skills gap is dangerously wide, and cybercriminals are more capable of exploiting vulnerabilities than ever before. Here are a few of the challenges that unchecked cloud adoption has introduced:
New Cloud services are being adopted and used every day. However, it turns out that it is much easier to deploy a cloud application than to decommission it, so organizations are finding that cloud-based applications and services are piling up, making them increasingly difficult to manage and secure.
The adoption of cloud-based applications and services is remarkably easy. Literally anyone across the organization can source a new cloud service. The challenge is that service creation is often not funneled through the central IT department, resulting in the creation of shadow IT. As a result, the organization has little idea of what services are being used, where corporate information is being stored, who has access to it, or what security strategies are in place to protect it.
Complicating this further, adoption of these services is heterogeneous. Employees use different cloud services from different providers, and these different providers all offer different security tools, different native security controls, and different levels of security. This can make it extremely difficult to impose any sort of consistency to security policy distribution, orchestration, or enforcement.
What many organizations may not realize when moving to a cloud environment is to what extent they are responsible for securing their own cloud environment. Cloud providers secure the infrastructure, such as storage and compute resources shared by everyone, but securing data, content, and applications are all the responsibility of the cloud customer. And those security controls need to be built separately inside each cloud environment that has been adopted. If those security solutions aren’t fully integrated and interoperable across multiple environments, then the number and variety of security tools that need to be implemented can compound, quickly overwhelming the resources available to manage them.
Part of the challenge is that the cloud has become so large and so complex that the word itself has lost much of its meaning. Even the term multi-cloud isn’t much better. So, to build an effective, consistent, and manageable cloud strategy we need to start by clearly defining what we mean when we talk about the cloud.
Defining Cloud Options
Cloud solutions can be broken down into three categories: deployment models, delivery models, and service providers.
Deployment Models: While most people only think of private or public cloud environments, or even hybrid models, a new model is beginning to emerge—the community cloud.
Public: This is a publicly accessible cloud environment owned by a third-party cloud provider. In this deployment model, the cloud provider is responsible for the creation and on-going maintenance of the public cloud and its IT resources, while the consumer is responsible for the implementation and security of virtual devices, applications, and data.
Private: In a private cloud model, the same organization is both the cloud consumer and cloud provider. Private clouds enable an organization to use cloud computing technology to centralize access to IT resources, usually across a geographically distributed enterprise, and to do so they require a change in how organizational and trust boundaries are defined and applied.
Hybrid: This cloud model is built using two or more different cloud deployment models. For example, an organization may choose to process sensitive data is their private cloud while distributing other, less sensitive cloud services to a public cloud.
Community: A community cloud provides a cloud computing solution to a limited number of individuals or organizations that is governed, managed, and secured commonly by all the participating organizations or by a third party managed service provider. AWS GovCloud is a good example for this.
Delivery Models: Organizations have a variety of options for how much of their services they want to implement, from simply adopting specific applications or services to a full-blown infrastructure.
IaaS: Infrastructure-as-a-Service provides a self-contained IT environment that includes infrastructure resources that can be accessed and managed using cloud-based interfaces. It can include hardware, network devices, connectivity tools, operating systems, and other "raw" IT resources. These virtualized IT resources enable real-time scaling and infrastructure customization. However, they are not pre-configured, which makes your IT team responsible for their configuration, management, and security.
PaaS: The Platform-as-a-Service delivery model provides a "ready-to-use" environment generally comprised of pre-configured IT resources that developers can leverage to write code. This relieves IT of the responsibility to set up and maintain a bare infrastructure of IT resources, but the trade-off is that the customer has less control over those underlying IT resources.
SaaS: Software-as-a-Service makes applications and other services widely available to a range of cloud customers. The prime drivers for such services, such as Salesforce.com or DropBox, are ease of use and minimal need to develop anything but customizable interfaces that can be easily adapted to specific organizational and business needs. SaaS is typically combined with dynamic scalability and ubiquitous access. However, a cloud consumer is generally granted very limited administrative control over a SaaS implementation.
Service Providers: A variety of service providers are also available. Each include their own native controls and marketplaces for buying technologies and services—either their own or from a third-party vendor—and different environments provide distinct advantages to customers, such as compatibility with existing infrastructures or business objectives.
Major Providers: The primary cloud providers include Amazon AWS, Microsoft Azure, Google CloudPlatform, Oracle Cloud, IBM Cloud, and Alibaba Cloud. The challenge for many organizations using multiple providers is establishing consistent policies and controls across different environments. Finding security vendors that can operate natively across all major cloud platforms provides maximum flexibility in terms of adoption and control.
Minor Providers: In addition to the major providers, a growing number of smaller cloud shops, regional telecom companies, and even partners (for community cloud environments) are joining the marketplace. They typically provide more flexibility in pricing and more personalized attention.
Multi-Cloud Environments Introduce New Risks
Eventually, all organizations will end up having deployed some combination of the cloud solutions described above. However, adopting multi-cloud environments not only expands the attack surface and complicates the ability to deploy, manage, and orchestrate security with consistent visibility and control, but it also increases other cyber risks, including:
· Data breaches
· Insufficient identity, credentials and access management
· Insecure interfaces and APIs
· System vulnerabilities
· Account hijacking
· Increased opportunities for malicious insiders
· An increased footprint for Advanced Persistent Threats
· Data loss and insufficient due diligence due to an exponential increase in network complexity
· The hijacking and abuse of cloud services by cybercriminals.
Addressing these challenges, however, needs to be handled delicately. Performance cannot be sacrificed for security. Instead, organizations need to strike a balance between ubiquitous, on-demand cloud services and establishing consistent controls, policies, and processes. This requires looking for security solutions that help you move from a model where security inhibits business agility, to a model where security can be combined with cloud and automation to help business move faster and more securely.
Organizations not only need to deploy security solutions that can function consistently across cloud ecosystems. They also need to be able to push automation into templates so security can be consistently applied simultaneously across every cloud provider’s environment, especially when compensating for critical differences in native controls. This includes automating the entire data chain so security can dynamically adapt as workloads and information move within and between different cloud environments. The cloud enables these capabilities.
Rethinking Security for the Cloud
All of this requires a new approach to security. Legacy security solutions will need to be replaced with security tools that can function natively and consistent across any environment, whether physical or cloud. Solutions that operate natively in cloud environments need to also be aware of cloud based resources as well as leverage native cloud services in order to better support the scale and dynamic nature of cloud workloads. Ultimately, organizations should also strive to fully decouple security management from data classification in order to classify resources on any infrastructure in the most natural way possible, while consistently referring to these objects when defining the multi-cloud security policy.
The more security solutions natively integrate with cloud based services, the more secure the enterprise. By leveraging the threat feeds and native security capabilities of all clouds, and integrating these into the multi-cloud security framework, organizations can turn the risk multiplication effect into a security multiplication effect. Layering the ability to automate security operations on top of the native integration and threat intelligence integration aspects allows organizations to automatically coordinate a threat response that includes isolating infected devices, identifying and shutting down malware, and extending protections across the entire multi-cloud environment, thereby significantly mitigating risk and confidently deploying applications anywhere that makes the most business sense.
Our experts say about Fortinet Certification Exams
“Fortinet is committed to helping customers make their journey to the cloud even more secure by expanding our offerings on Amazon Web Services and supporting additional cloud security use cases. To further support resource-constrained teams, today’s announcement is helping our customers automate additional security processes and more seamlessly integrate into their application life cycle.”
News Summary
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced the expansion of its Fortinet Security Fabric offerings and new automation capabilities for AWS to provide streamlined and consistent security management for hybrid infrastructures. New offerings are grouped into the following categories:
New Management and Automation Capabilities: Fortinet now facilitates a more streamlined and automated rollout of security services that are designed to be less prone to human error with new automation templates, FortiCASB configuration assessments and web application firewall (WAF) rulesets for Amazon API Gateway.
Containers, AWS Security Hub, and Broad Protection: On top of the existing broad set of Fortinet security offerings on AWS, Fortinet is announcing support for AWS Security Hub. Fortinet now also offers FortiWeb Web Application Firewall in AWS Container Marketplace, enhancing multi-layer security protection at the API level, the VM level and the container level for applications running on AWS.
Native Integration for DevOps Teams: New Fortinet WAF rules for API Gateway, Quick Start guides for initial deployment and support for AWS Transit Gateway help DevOps teams more easily integrate security into their automated application lifecycle routines.
Access to Cloud Offerings Via Partners: Fortinet has been named one of the few vendors selling solutions on the AWS Marketplace to participate in the AWS Consulting Partner Private Offer program. Participation in this program allows Fortinet partners to easily provide AWS customers with best-of-breed Fortinet security solutions for their cloud applications.
The rapid deployment of new applications and introduction of new services on AWS require DevOps and IT teams to integrate security into everything they do as quickly as possible so as not to stifle the pace of innovation. This is no small task that requires both time and resources. To help organizations keep up with this pace, Fortinet is introducing new solutions and more automation in its security offerings on AWS Marketplace.
With new automation templates, FortiCASB configuration assessments, and WAF rulesets on Amazon API Gateway, users who used to have to manually build automation scripts for integrating and configuring security for their applications on AWS can now leverage these automated pre-packaged best practice templates for quick and reliable security visibility.
Fortinet now leverages security intelligence from AWS Security Hub to help customers form a consistent on- and off-cloud security posture view. AWS Security Hub provides users with a comprehensive view of their high-priority security alerts and compliance status by aggregating, organizing, and prioritizing alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie as well as from other APN security solutions. The findings are then visually summarized on integrated dashboards with actionable graphs and tables.
Fortinet is also announcing support for containers via the FortiWeb Web Application Firewall on the AWS Container Marketplace. Customers can now enhance their multi-layer security protection by leveraging FortiWeb to secure container-based web applications and integrating WAF into their container-based application PODs, providing consistent security onto rapidly provisioned services. With this announcement, Fortinet provides an additional layer of security for the cloud at the API level, the VM level and the container level.
DevOps teams can also now utilize native integration with AWS via new Fortinet WAF rulesets for API Gateway, quick start guides for initial deployment and integration with AWS Transit Gateway. With these new features, DevOps teams can save time and resources by quickly integrating security best practices into their automated application lifecycle routines.
Fortinet has also joined the AWS Consulting Partner Private Offer ecosystem. With this, Fortinet channel partners are now a part of AWS’ on-demand ecosystem and will be natively ingrained to the new AWS selling process, allowing them to more naturally facilitate their customers’ journey to the cloud.
The new offerings and capabilities announced today allow AWS users the ability to natively introduce best-of-breed multi-layer security into their application lifecycle routines and workflows, significantly mitigate risk and provide even more peace of mind when deploying applications on the cloud. The Fortinet Security Fabric provides a broad set of cloud security use cases. By implementing the Fortinet Security Fabric on AWS, customers can apply consistent security policies throughout their hybrid infrastructures and can realize multi-layer security protection and operational benefits for running applications on AWS.
AWS is a member of the Fortinet Fabric-Ready Partner program, a premium category of Fortinet's technology alliance collaborations and a vital part of the Fortinet Security Fabric. This program allows Fortinet and third-party products to better integrate their respective solutions in order to provide more consistent and effective end-to-end security.
Our experts say about Fortinet Certification Exams
