View
22
Download
0
Category
Preview:
Citation preview
© Copyright Fortinet Inc. All rights reserved.
Fortinet Security Fabric
Innovative Solutions Security SummitMay 7th 2018
2
Fortinet: Global Network Security LeaderHighlights: 2000 - present
4,900+
EMPLOYEES WORLDWIDE
100+OFFICESACROSSTHE GLOBE
439PATENTS
291 INPROCESS
ISSUED
3.4mSHIPPEDSECURITYDEVICES
330KCUSTOMERS
$1bnREVENUE
IN EXCESS OF
$1.5bnIN CASH
24%YEAR ON YEARGROWTH
2000BY KEN XIE
FOUNDED IN
HEADQUARTERED IN
SUNNYVALECALIFORNIA
3
A Leader in Network Security
Gartner Magic Quadrant for Enterprise Network Firewalls, Adam Hills, Jeremy D'Hoinne, Rajpreet Kaur, 10 July 2017
Disclaimer: This graphic was published by Gartner, Inc. as part of a larger research document and should be
evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise
technology users to select only those vendors with the highest ratings or other designation. Gartner research
publications consist of the opinions of Gartner's research organization and should not be construed as statements of
fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of
merchantability or fitness for a particular purpose
Gartner Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls), Jeremy D'Hoinne, Rajpreet
Kaur, Adam Hils, June 2017
Disclaimer: This graphic was published by Gartner, Inc. as part of a larger research document and should be
evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise
technology users to select only those vendors with the highest ratings or other designation. Gartner research
publications consist of the opinions of Gartner's research organization and should not be construed as statements
of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any
warranties of merchantability or fitness for a particular purpose.
4
Minutes Hours Days
15%
50%
27%
5%
2%2%
Minutes Hours Days
Dealing With Today’s Issues
3BILLIONNEW DEVICES
PER YEAR
THROUGH 2020
OF EMEA ENTERPRISES
BREACHED IN THE LAST 12
MONTHS*
51%TIME TO DETECT BREACH*
More than 1 hour for
85%
AREAS OF GREATEST CONCERN FOR SECURITY
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
1
2
3
4
5
5
And Those of Tomorrow
INFRASTRUCTURE
EVOLUTION
EVOLVING THREAT
LANDSCAPE
REGULATION, COMPLIANCE
AND CERTIFICATION
6
The State of the Enterprise Network
Today’s Network is
BORDERLESS
Today’s Network is
FASTER Than Ever
Today’s Network is More
COMPLEX Than Ever
7
Branch
OfficeCampus
Data
Center
Remote
Office
Mobile
PoS
IoT
More Ways to Get In
More Ways to Get Data Out
8
Containing the Borderless
Internal External
Perimeter and internal security in equal doses
» Segmentation Strategies
Security extending outward from the core to the access
layer
Integration between the elements of the broader network
security solution
Branch
Office
PoS
IoT
Campus
Mobile
Endpoint
Data
Center
10
Powering the Solution
Integration into the underlying network, not resting on top
Scalability
» In terms of size and function
» Current and projected performance requirements
» Of the security model – the 3 P’s
SOLUTION
11
Branch
Office Campus
Data
Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Complexity Decreases Security Effectiveness
Each product is “Silo’d”
No interaction
No integration
12
Eliminating Complexity
Individual elements that work together, automatically
Pervasive threat intelligence
Single pane of glass management
THREAT
INTELLIGENCE
Endpoint Clients
Application Security
Email Gateways
Firewalls
13
Addressing Today’s Security Challenges
Security Objective:
Automated
Security Objective:
Broad
Security Objective:
Powerful
Today’s Network is
BORDERLESS
Today’s Network is
FASTER Than Ever
Today’s Network is More
COMPLEX Than Ever
14
Flexible/Open
Broad – The Fabric Gives You Complete Visibility, Coverage and Flexibility Across The Entire Dynamic Attack Surface
CoverageVisibility
Application Security
Cloud Security
Client/IoT Security
Access Security
Network Security
15
NetworkSecurity
Multi-Cloud Security
Endpoint Security
Email Security
Web Application Security
SecureUnified Access
Advanced Threat Protection
Management& Analytics
FortiOS 6.0
FortiClient 6.0FortiWeb 6.0
FortiMail
Secure Email
Gateway
FortiSandbox 3.0 FortiAnalyzer 6.0
FortiManager 6.0
FortiSIEM 5.0
FortiOS 6.0 FortiAP 6.0
FortiSwitch 6.0
Endpoint
IoTMulti
Cloud Applications
Web Unified
AccessEmail Threat
Protection
Advanced Management
Analytics
FortiCASB 1.2
The Broadest Security Portfolio in the Industry Built from the ground up to deliver true integration end-to-end
16
Powerful – Increasing Performance Reduces The Burden on Infrastructure
Comprehensive
Range
Parallel Path
Processing
Security Processors
(SPU’s)
Accelerates
Content Inspection
Optimized
Performance for
Entry Level
Accelerates
Network Traffic
High End
Mid Range
Entry
Level
1 Tbps
17
Automated to Provide a Fast, Coordinated Response to Threats
CoordinatedAudit & RecommendGlobal & Local
Known Threats
FortiGuard
Unknown Threats
FortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
2.62 GB
18
Rapid Sharing of Global and Local Threat Intelligence
Web Mail
Local Threat Intelligence
FirewallClient
Firewall
Security Fabric
Global Threat
Intelligence
Traffic Analysis
Clustered Local Intelligence distributed
throughout the Security Fabric speeds mitigation
Correlation of Global IoCs and networking
logs pinpoints new threats
IoCsIoCs
19
Threat Intelligence Sharing and IOCs
Asset
Threat
Identity
Activity
Risk
Data
Location
DDoS Protection
Database
Protection
Web Application
Firewall
Application
Delivery
Controller
Top-of-Rack
Server
Web Servers
SDN, Virtual
Firewall
DCFW/ NGFW
Sandbox
Internal Segmentation
FW
Security
Internal
Segmentation FW
Internal Segmentation
FW
20
DDoS Protection
Database
Protection
Web Application
Firewall
Application
Delivery
Controller
Top-of-Rack
Server
Web
Servers
SDN, Virtual
Firewall
DCF
W/
NGF
W
Sandbox
Internal
Segmentati
on FW
Security
Internal
Segment
ation FW
Internal
Segmentati
on FW
Threat Intelligence Sharing and IOCs
- Attack telemetry from clients
- Malware samples
- Public & private information sources
- Website monitoring
- Attack signatures
- Domain names
- Host names
- IP addresses
- - File names
• - Registry data
• - Vulnerabilities
• - Catalogued malware
21
Takeout Menu
More efficient operations
with a Security Fabric
audit/recommendations,
intelligence sharing, and
NOC views
Multivendor integration for
maximum ROI
AutomatedPowerful
Accelerated cloud-scale
and security processor-
based appliances with
coordinated logging to
enable maximum threat
protection without
affecting performance
Broad
Deeper visibility and
control throughout a
Security Fabric to reduce
the attack surface from
IoT to cloud
23
Fortinet Security Fabric Topology View Fabric Integration
Internet
NGFW
ISFW.2
ISFW.1
SD-WANNGFW
NGFW
Cloud NGFWSaaS / CASB
Virtual FW Switch.1
Switch.2 WiFi.3
WiFi.2
WiFi.1
Switch.3
HOSTS (APPS)
CLIENTS (DEVICES)
Email WAF
Advanced ThreatProtection
32
3
3
13
4
1
1
Manager Analyzer
5 2 1 11733 111
24
More Security Device Visibility Leads to Improved SEGMENTATION
NGFW.1 ISFW.1
ISFW.2 Switch.2
Switch.1
Sandbox Analytics
Private Cloud
Public Cloud
New Downstream Device Quarantine
New Devices and Status Visibility
New Aggregate FortiGate View
AWSFW.1
ACI.1
Internet
Now 5 M 1H 24H 7D
500MB
300MB
50MB
Physical Logical
New Historic Trending
WAFEmail
25
Aggregated Data
Available on upstream FortiGate in the Security Fabric» Display consolidated info gathered from all participating downstream FortiGates
Upstream FortiGate is able to end session or quarantine endpoints belonging to downstream FortiGates» By send instructions to downstream FortiGates
Expanded Visibility
26
Better Endpoint Control via the Network for Increased Security
No Agent IoT0
Fabric AgentFabric Telemetry
Endpoint ComplianceVulnerability Scan/Remediation
1
Advanced Persistent
Threats
Zero-day, Advanced
Malware Detection and
Remediation3
Preventive Security
Controls
Anti-malware
App FW, Web Filtering
Single Sign-on4
Secure Remote AccessSSL & IPSec VPN
Two-factor Authentication2
Registered Vulnerability Score (Points)
Device Type MAC FGT Identity Traffic
27
Topology Views
New visual elements added» FortiGates in HA setup
» FortiAPs
» FortiAnalyzer and FortiSandbox
Improved endpoint contextual info
Ability to remote login to downstream FortiGates
Adds ‘Threat’ and ‘Vulnerability’ filters
Search bar
Expanded Visibility
28
Endpoint Vulnerability View
Endpoints covered in the Security Fabric are ranked by their FortiClient
Vulnerability score
» Visible on ‘Endpoint Vulnerability’ and Topology views
» Score is calculated using weights on severity
» Supports drill-in for details
Expanded Visibility
29
Fortinet Fabric-Ready Technology Alliance Partnerships
SDN/NFV & VIRTUALIZATION CLOUD ENDPOINT
MANAGEMENT IoT & OTSIEM IDENTITY MGMT.
Snapshot in Q3 2017; new partners added continuously.
30
Scaling Performance from IoT to Cloud
Measurement
Firewall
Firewall + App Control
IPS (HTTP)
App Control (HTTP)
NGFW (IPS + App Ctrl)
Threat Protection (IPS + App Ctrl + AV)
SSL (IPS Enabled)
Reporting On (Degradation)
Chassis
High-End
Mid-Range
Virtual/Cloud
Entry-Level
EmbeddedIoT
31
Scaling Security Application into the Private and CSP Cloud
Applications
NGFW WAF Email MNGR Reports Sandbox
Applications
Performance Platforms
1-32+ vCPU
Non VDOM Version
On-Demand Orchestration
Performance Platforms
Non VDOM Version
On-Demand Orchestration
Single Pane of Management Glass
Volume & Resource MeteringPublic Cloud Only
CSP
Cloud
Private
Cloud
NGFW WAF Email MNGR Reports Sandbox
1-32+ vCPU
NSX ACI
vSphere Hyper-V XenServer
32
Scaling Security Application into the Public Cloud
Applications
NGFW WAF Email MNGR Reports Sandbox
Applications
NGFW WAF Email MNGR Reports
Performance Certifications
1-32+ vCPU
Non VDOM Version
On-Demand Orchestration
Auto-scaling
Performance Certifications
Non VDOM Version
On-Demand Orchestration
Auto-scaling
2-16 vCPU
Security Center
Single Pane of Management Glass
Security Competency
Auto-scalingSecurity Competency
33
NSS Labs Certification
Product 2012 2013 2014 2015 2016 Q1 2017 Q2 2017 Q3 2017 Q4 2017
Breach Detection Recommended Recommended Recommended Target
Breach Prevention Target
Data Center IPS Neutral Recommended Retired
Data Center Security Gateway Target
Data Center Firewall RecommendedPassed
(No SVM)
vFW Target
vSG Target
NGFW Neutral Recommended Recommended Recommended Target
IPS Recommended Neutral Retired
WAF Recommended Recommended
NGIPS Recommended Target
Endpoint Protection Recommended Recommended
Wireless Target
SSL QTR QTR QTR QTR
CAWS Real Time
34
Audit Risk Level Prioritizes the Network and Vulnerability Score of the Endpoint
NGFW.1 ISFW.1
ISFW.2 Switch.2
Switch.1
Private Cloud
Public Cloud
AWSFW.1
ACI.1
Internet
Now 5 M 1H 24H 7D
500MB
300MB
50MB
Physical Logical
11
1
11 26
11
Network Audit Risk Level
Endpoint Vulnerability Score Critical
100 Points
High
50 Points
Medium
5 Points
Low
2 Points
Info
1 Point
Critical High Medium Low Passed
Sandbox AnalyticsWAFEmail
35
New Security Fabric Audit for Automated Compliances and Best Practices
Visual Audit Indicator
1
Run Fabric Audit(Priority-based)
Apply Recommendations
Security Best Practices
Strong administrative access
Current firmware &
subscriptions
Logging Working Correctly
…....
Reporting
Regulatory Templates
Firewall Identity
Severity
Number ISFW.2
Low
1.
2.
3.
4.
Critical
Priority
ISFW.1
7High
1
NGFW.1
Low 1
1
AWSFW.1
Element Severity No.
2
1
6
1
36
Rapid Sharing of Global and Local Threat Intelligence
FortiWeb FortiMail
FortiSandbox
(Local)
FortiGateFortiClient
FortiGate
Security Fabric
FortiGuard
(Global)
FortiAnalyzer
Clustered Local Intelligence distributed
throughout the Security Fabric speeds mitigation
Correlation of Global IoCs and networking
logs pinpoints new threats
IoCsIoCs
37
Single Pane of Glass with New NOC Functionality
FortiAnalyzerFortiManager
FortiAP
Manager
FortiClient
Manager
FortiSwitch
Manager
VPN Manager
Unified Management &
Analytics/Reporting in Appliance,
Virtual Machine and Cloud format
Management of Endpoint, Access
Points and Switching added
Upgrades to VPN Manager (Topology
View), FortiView, Event Management
and Reporting
Device
Manager
FortiGuard
FortiView Log View Event Management Reports
39
Summary
More efficient operations
with new Security Fabric
audit/recommendations,
intelligence sharing, and
NOC views
AutomatedPowerful
Accelerated cloud-scale
and security processor-
based appliances with
coordinated logging to
enable maximum threat
protection without
affecting performance
Broad
Deeper visibility and
control throughout the
Security Fabric to reduce
the attack surface from
IoT to cloud
Recommended