Fortinet K

La sécurité Globale de votre SI
du Poste de Travail au Cloud
BOULEIMEN Kamel
Manager System Engineer
© Copyright Fortinet Inc. All rights reserved.
2015: Another Record Year of Security Breaches
V-Tech Anthem
US Federal
Government
4.3 M exposed IRS One-thirAmricans
affected
100,000 + Taxpayer
OPM
British Gas personal information Hacking
21.5M + 2,000
Team
customer data Talk Talk

Twitter 157,000 T-Mobile
customers, 15M customers at
Scottrade
4.6M customers 21,000 bank risk for personal and
Carphone details stolen social security data
Warehouse
Ashley Madison
2.4M Users - 4% of
37M Innocent
UK Population Hello Kitty
Cheaters
Excellus Personal information
Source: DataBreaches.net BlueCross BlueShield for 3.3 million
UCLA Health
10M Patient Records accounts
Fortinet - Confidential 3
Cybercrime is Now One of the
TOP FOUR
Economic Crimes in the World
Cybercriminal Ecosystem
CRIME SERVICES ENABLERS
Hosting
Quality Assurance Infections / Drop Botnet Rentals Money Mules Consulting
Crypters / Packers Zones Installs / Spam / Accounts Receivable
Scanners Management SEO / DDoS
Bank COMPOUNDED CYBERCRIME

Accounts
Credential
s & Data
Digital Criminal Sales, Licensing,

Real Victims Organizations Maintenance Affiliates
Estate Partnerships
CRIMEWARE PRODUCERS
Copy & paste
Exploits Packers Special Mobile Senior Junior

Platforms Affiliate Programs
Developers Source Developers
FakeAV / Ransomware / Botnets
Code
Infrastructure. Constant Change.
Green SaaS IoT

Google’s 13 data
centers use 0.01%
of global power
On average, companies
have 10+ applications
running via the Cloud
35B devices, mostly
headless attaching
to the network
5G
Wireless
SDN/NFV IaaS Analytics

Software-defined Security still the Big Data
everything. SD WAN No.1 inhibitor
FUTURE
Social Internet 2
Bandwidth ever
increasing
100G 100 Gbps and
UHDTV
Virtualization Mobile Bandwidth
80% of data center No control of Wi-Fi speeds rival LANs.
apps are virtualized endpoints (BYOD) 100G networks here
Infrastructure. Constant Change.
CLOUD IoT SPEED
82% 20 Billion 4X
IoT devices Growth
of Enterprises
connected in
have a
by 2020 100G ports
multi-cloud
strategy
Security. Moving Landscape.
VOLUME ADVANCED COMMERCIAL

Kill Chain
Item Cost
500,000 1
Reconnaissance
2
Infiltration Vector
3
Host Infection
Zero Day $5K - $50K
IPS Exploit Kit $1K - $20K

Attacks 6 5 4 Botnet Rental 10 cents
Further Exploitation Exfiltration Vector Malware Action
Per Spam 100,000 $120
Minute
Threats. Huge Volumes.
Per Minute Per Week Total Database

35,000 Threat events
46M
New & updated
290
Terabytes of threat
spam rules samples
21,000 Spam emails intercepted

Intrusion prevention rules
100 generated 18,000 Intrusion prevention rules
545,000 Network intrusions resisted
Malware programs
95,000 neutralized 1.8M New & updated AV definitions 5,800 Application control rules
170,000 Malicious websites blocked

Rated websites in
1.4M New URL ratings 250M 78 categories
Botnet C&C attempts
310,000 thwarted
Hours of threat research
43M
Website categorization 8,000 globally 312 Zero-day threats discovered
requests
Regulatory Compliance. Evolving Requirements
REGULATORY GOVERNMENT CERTFICATION
Accidental Architecture
NETWORK OS MESSAGING SECURITY

TEAM TEAM TEAM TEAM
 Routers  Desktop OS  Email  Firewall

 Switches  Antivirus  Instant Messaging  IPS
 Wireless Access  Mobile Device Mgmt  Voice  Web Application
 Unified
Communication
Many Isolated Point Solutions
The attack surface has increased dramatically, everywhere,
inside and out.
Mobile
Endpoint
Campus
Data Center
NGFW
DCFW
Branch
Office UTM
PoS
IoT
Internal External
End-to-End Segmentation
Internal
Data Center
External SDN Orchestration
Mobile
Endpoint
Campus
Data Center
NGFW
DCFW
Branch
Office UTM
Cloud
PoS
IoT
Fortinet Security Fabric – Protecting from IoT to Cloud
Global Intelligence
Client Security Alliance Partners
IoT Cloud Security
Fortinet
Security Fabric
Application
Secure LAN Access Security
Local
Intelligence
Secure WLAN Access
Network Security
Fortinet Security Fabric
Advanced
Threat Intelligence NOC/SOC
• Scalable
• Aware
• Secure
Endpoint Access Network Application Cloud
• Actionable
• Open
Fabric Ready
Scalable - The Fabric covers the entire network attack
surface (From IoT to Cloud)
CPU Only Parallel Path Processing (PPP)
More Performance
Packet Policy Content

Optimized
Processing Management Inspection
Policy Management
Packet Processing CPU Less Latency

SoC
Deep Inspection
Less Space
CP 9 SoC 3 Less Power
Slow is Broken Fortinet - Confidential 18

Scalable - The Fabric scales from IoT to Cloud
1 Tbit/s
Private & Public
Cloud Security
Email & Web

Security
1 Gbit/s
Carrier Class
Firewall
Data Center
Firewall
NGFW
Distributed
Access Firewall
Endpoint Switch Point
Aware - The Fabric gives you complete visibility enabling
network segmentation
Automated
Visibility Segmentation
Operation
All Elements Discovery Fabric wide policy control

Connectivity Data Flow Synchronized configuration
Aware – Visualization of the Security Architecture
Real-Time Network Topology and Interaction (Physical/Functional)
Endpoint Access Point Data Center FW

Internal Segmentation FW
Cloud
Firewall
Access Point
Endpoint Internal Segmentation FW NGFW
Endpoint
Switch Global
Internal Segmentation FW Management
Distributed
Firewall
Aware - The Fabric gives you complete visibility
Aware - The Fabric gives you complete visibility
Secure – The Fabric shares Global and Local Threat
Intelligence and Mitigation Information
Global Local Cooperation

Threat Intelligence Threat Intelligence
Known Threats Unknown Threats Rapid Communication
Secure - Rapid Cooperation to Stop Threats across the
Entire Attack Surface
Global Local
Intelligence Intelligence
FortiGate
FortiWeb
(Firewall)
(Web Application)
FortiClient FortiMail
(Endpoint Security) (Email Security)
Secure – The Fabric cover all the possible attack vectors such
as Network, Endpoint Access, Web, Email and Cloud
Security
Updates
FW VPN IPS APP AV
Device Access Network Cloud
WLAN / LAN Distributed Edge Segmentation Data Center Carrier Class Applicatio
Endpoint/IoT North-South SDN/NFV n Private Cloud IaaS/SaaS
Rugged Enterprise Branch
Security
Chassis
>Terabit
Appliance
Appliance >300G
Appliance >30G Virtual Machine Virtual Machine
Device
>5G FLOW SDN/NFV On Demand
>1G
Appliance
Client Embedded System on a Chip Packet and Content Processor ASIC Virtual Hardware Dependent
Cloud
Actionable – The Fabric provides real time Security
Alerts, Recommendations and Audit Reports
Audit
Rank Severity Recommendation Report
Fabric
Element
5 Critical Zero Day Vulnerability
Alert
5
4 Critical Not connected to Fabric
3 Critical Logging Disabled Regulatory

Template
Actionable – The Fabric cuts Time to Protect from hours
to seconds
Vulnerability Web Cloud Partner
App Control Antivirus Anti-spam Management Filtering Sandbox
FortiWeb
Deep Mobile
IPS Web App Database Botnet
App Control Security
FortiMail
Advanced
FortiGate
Threat
Protection
Appliance Virtual Cloud
FortiClient
Continuous Monitoring and Analytics
Prepare 1 Prevent
Segmentation Harden
Processes 2 Isolate
Training Network
Application
Endpoint
Respond Detect
Contain
4 ATP
Remediate
3 SIEM
Clean TIS
End-to-End Security Operations Respond
Sandbox to SIEM
Value- FortiGuard Global CTI

Added Global CTI
Services Database
Customers
Global Context
Restful
CTI SOC /
API 001001
101100
Platform MSS
100011
50B+ Daily
Automation QA Events
Custom Feed
SIEM
Telemetry Flow
2M+ Sensors
Security Analysts FP Reduction
Samples Sent for Fortinet - Confidential Sandbox IOC 31

Automated Extraction Extraction
Actionable – The Fabric provides real time Security
Audits and Recommendations
Security
Audit
Recommendations based
 on security posture
 Policy Audit
 Vulnerability awareness
Open – The Fabric allows integration of existing security
solutions
SIEM Management
Private
Cloud
Endpoint (SDN)
Vulnerability Public
Cloud
Open – The Fabric allows integration of other security
technologies
SDN/NFV Cloud Endpoint
Management Systems Integrator SIEM
Alliances Partners
THE FORTINET SECURITY FABRIC
REALIZED
FORTINET SECURITY FABRIC
Sandbox
DATA CENTER/PRIVATE CLOUD
Endpoint
Secure Access NGFW
Protection
Point
Virtual
Top-of-Rack Firewall
Switching SDN, Virtual Database

Firewall Protection
Internal Internal
Segmentation Segmentation FW
FW Web Servers Application
Delivery
Controller
IP Video
Web Application
Security
Firewall
Internal
PUBLIC CLOUD
CAMPUS Segmentation FW Email
Server
DCFW/
NGFW
Distributed Ent FW
Email
Security
Client Devices
Internal
Client Devices LTE Extension Segmentation
FW
DDoS Protection FortiCloud
Sandbox
BRANCH
OFFICE
OPERATIONS CENTER
ENTERPRISE
FIREWALL
Sandbox
Endpoint FortiGate
Secure Access
Protection NGFW
Point
Virtual
Top-of-Rack Firewall

Firewall Protection
FortiGate Internal FortiGate Internal
Segmentation FW Segmentation FW
Web Servers Application
Delivery
Controller
IP Video
Web Application
Security
Firewall
FortiGate Internal
PUBLIC CLOUD
Server
FortiGate
DCFW/
FortiGate/FortiWiFi NGFW
Distributed Ent FW Email
Security
Client Devices
FortiGate Internal
Client Devices LTE Extension Segmentation FW
FortiAnalyzer
Sandbox
FortiManager
BRANCH FortiSIEM
OFFICE
OPERATIONS CENTER
CLOUD SECURITY ENTERPRISE
FIREWALL
Sandbox
Endpoint FortiGate
Secure Access
Protection NGFW
Point
Fortinet
Top-of-Rack Virtual Firewall
Switching FortiGate VMX Database

SDN, Virtual Protection
FortiGate Internal FortiGate Internal Firewall
Delivery
Controller
IP Video
Web Application
Security
Firewall
FortiGate Internal
PUBLIC CLOUD
Server
FortiGate
DCFW/
Distributed Ent FW Email
Security
Client Devices
FortiGate Internal
Client Devices LTE Extension Segmentation FW
FortiAnalyzer
Sandbox
FortiManager
BRANCH FortiSIEM
OFFICE
OPERATIONS CENTER
ADVANCED THREAT CLOUD SECURITY ENTERPRISE
PROTECTION FIREWALL
FortiSandbox

FortiClient FortiGate
Secure Access
NGFW
Point
Fortinet
Switching FortiGate VMX Database

SDN, Virtual Protection
FortiGate Internal FortiGate Internal Firewall
Delivery
Controller
FortiWeb
IP Video
Web Application
Security
Firewall
FortiGate Internal
PUBLIC CLOUD
Server
FortiCloud Sandboxing
FortiGate
DCFW/
Distributed Ent FW FortiMail
FortiClient Email Security
FortiGate Internal
FortiClient LTE Extension Segmentation FW
FortiAnalyzer
FortiSandbox
FortiManager
BRANCH FortiSIEM
OFFICE
OPERATIONS CENTER
APPLICATION ADVANCED THREAT CLOUD SECURITY ENTERPRISE
SECURITY PROTECTION FIREWALL
FortiSandbox

Secure Access
NGFW
Point
Fortinet
Switching FortiGate VMX FortiDB

SDN, Virtual Database
FortiGate Internal FortiGate Internal Firewall Protection
Segmentation FW Segmentation FW FortiADC
Delivery
Controller
FortiWeb
IP Video
Web Application
Security
Firewall
FortiGate Internal
PUBLIC CLOUD
Server
FortiGate
DCFW/
FortiGate Internal
FortiClient LTE Extension Segmentation FW
FortiAnalyzer
FortiDDoS Protection FortiCloud
FortiSandbox
FortiManager
BRANCH FortiSIEM
OFFICE
OPERATIONS CENTER
SECURE ACCESS APPLICATION ADVANCED THREAT CLOUD SECURITY ENTERPRISE
SECURITY PROTECTION FIREWALL
FortiSandbox

Secure Access
NGFW
Point
Fortinet
FortiSwitch FortiGate VMX FortiDB

FortiGate Internal FortiGate Internal Firewall Protection
Segmentation FW Segmentation FW FortiADC
Delivery
Controller
FortiWeb
IP Video
Web Application
Security
Firewall
FortiSwitch
Switching FortiGate Internal
PUBLIC CLOUD
Server
FortiCloud AP Management
FortiGate
DCFW/
FortiGate Internal
FortiClient FortiExtender Segmentation FW
LTE Extension
FortiAnalyzer
FortiDDoS Protection FortiCloud
FortiSandbox
FortiManager
BRANCH FortiSIEM
OFFICE
OPERATIONS CENTER

Fortinet K

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Fortinet K

Загружено:

Авторское право:

Доступные форматы

La sécurité Globale de votre SI

du Poste de Travail au Cloud

customer data Talk Talk

Bank COMPOUNDED CYBERCRIME

Digital Criminal Sales, Licensing,

Copy & paste

Exploits Packers Special Mobile Senior Junior

Green SaaS IoT

SDN/NFV IaaS Analytics

CLOUD IoT SPEED

VOLUME ADVANCED COMMERCIAL

IPS Exploit Kit $1K - $20K

Per Minute Per Week Total Database

21,000 Spam emails intercepted

170,000 Malicious websites blocked

REGULATORY GOVERNMENT CERTFICATION

NETWORK OS MESSAGING SECURITY

 Routers  Desktop OS  Email  Firewall

Client Security Alliance Partners

IoT Cloud Security

Packet Policy Content

Packet Processing CPU Less Latency

CP 9 SoC 3 Less Power

Slow is Broken Fortinet - Confidential 18

Email & Web

All Elements Discovery Fabric wide policy control

Endpoint Access Point Data Center FW

Global Local Cooperation

Known Threats Unknown Threats Rapid Communication

Device Access Network Cloud

3 Critical Logging Disabled Regulatory

Value- FortiGuard Global CTI

Samples Sent for Fortinet - Confidential Sandbox IOC 31

Management Systems Integrator SIEM

Switching SDN, Virtual Database

DDoS Protection FortiCloud

Switching SDN, Virtual Database

Switching FortiGate VMX Database

DATA CENTER/PRIVATE CLOUD

Switching FortiGate VMX Database

DATA CENTER/PRIVATE CLOUD

Switching FortiGate VMX FortiDB

DATA CENTER/PRIVATE CLOUD

FortiSwitch FortiGate VMX FortiDB

Вам также может понравиться