Fortinet Security Solution

Ricky Dwi Putra

Product Marketing Rep. Jr.
Ricky.Putra@metrodata.co.id

© Copyright Fortinet Inc. All rights reserved.

Corporate Overview
Network Security Leader

Fortinet is among the top 5 public

$10.6B Mkt Cap ~$1.5B - 2017
cybersecurity companies in the world. (revenue)

Its broad portfolio of solutions spans

Network, Infrastructure, Cloud, and IoT
Security.

HQ 100+
OFFICES
360,000 + Customers 4M+ Appliances
Shipments Worldwide
SUNNYVALE, CA WORLDWIDE (+30% units WW)

* As of June 29th 2018

2
70% of F100 Are Fortinet Customers

4 of 4 9 of 10 11 of 13 4 of 5 3 of 5

Financials/ Aerospace/
Telco Retail Energy
Banking Defense

10 of 12 12 of 15 3 of 5 9 of 11 3 of 5

Technology Healthcare Transportation Financials/Ins Food/Bev

3
Why Fortinet
 Powerful: Comprehensive protection package designed to
effectively address today’s complex and dynamic threat environment

 Cost-effective: Most economical way to purchase the robust

security services needed to successfully address today’s highly
sophisticated threat landscape

 Best-in-Class: Unrivaled validation through third-party

certifications proving security effectiveness (NSS Labs, Virus Bulletin,
ICSA, AV Comparatives)

 Unequalled: Over 100 billion security events analyzed daily –

unprecedented volume that gives Fortinet an advantage and unique
perspective of the global threat landscape

4
VALUE OF DEPLOYING FORTIGUARD SERVICES

• Combine automation & AI/ML with comprehensive protection

Comprehensive package for effective security in expanding threat landscape

• Unrivaled 3rd party validation and industry recognition

Best-in-Class • NSS, Virus Bulletin, ICSA, AV Comparatives

• 100 Billion security events analyzed daily

Research & Innovation • Unique insights on global threat landscape

• Broad visibility, audit with multi-layered security

Compliance • Dashboard and Benchmarking

• Robust end to end security to achieve threat protection

Price/Performance • Most cost-effective TCO (validated by NSS Labs)

5
 FortiGuard Labs Delivers Services And
Intelligence
FortiGuard Labs delivers That Protects
services and intelligence that protects And Defends
and defends against theAgainst
evolving threat landscape

The Evolving Threat Landscape

6
Threat Landscape Driving the Need for Services

7
DX
is the integration of digital technology into all areas of

a business, resulting in fundamental changes to how

businesses operate and how they deliver value to

[Digital Transformation]
customers

8
SX
is the integration of security into all areas of digital

technology, resulting in a Security Architecture that

provides a Continuous

[Security Transformation]
Trust Assessment

9
SECURITY CHALLENGES FACED BY ENTERPRISES

53% 45% 68%

of firms indicated
that the rapidly of organizations say of breaches took
evolving nature they have a months or longer to
of cyber threats ‘problematic discover
is #1 challenge to shortage of Verizon, 2018 DBIR
securing their cybersecurity skills.
organization ESG Research, 2017

Forrester Survey, July

2017

10
Digital Attack Surface Expanding and Becoming Invisible

Network Cloud

BROAD
Attack Surface

Devices Access

11
Too Many Point Solutions and New Regulations

Point Security
Products Consoles

30+
INTEGRATION
Very Difficult
Form Compliance
Factor

12
Rapidly Changing Advanced Threats and Lack of
Resources and Expertise

Noise Skills

AUTOMATION
Critical

Speed Maturity

13
Security Framework for Digital Security
Identify the
Attack Surface

Trust Protect Against

Assessment Known Threats

Continuous

Rapid Detect Unknown

Response Threats

14
THREAT LANDSCAPE IS EVOLVING
Volume, Velocity, Sophistication is Increasing
Unique Malware Detections up – 43% to 34,148
Mobile Malware – 26% firms affected
New tactics & techniques

Poor Vulnerability and Patch Management

Botnet persistence
Malware re-infections
Vulnerability re-use on rise

Breach Detection
Compromises are measured in minutes or less 98% of time
Exfiltration of data happens within minutes to days
It can take days, weeks and even months to discover the breach

Expanding Attack Surface

IOT/OT bringing unprecedented opportunities for cybercriminals
Firms often don’t have inventory of devices access network
Industrial Control Systems attacks, highly targeted and very
destructive, are increasing

15
Types Of Threats Attackers

 The Explorer
 Hacktivist
 Cyber Terrorist
 Cyber Criminal
 Cyber Warrior

16
Infrastructure. Constant Change.
TODAY
Green SaaS IoT
Google’s 13 data
centers use 0.01%
of global power
On average, companies
have 10+ applications
running via the Cloud
35B devices, mostly
headless attaching
to the network
5G
Wireless

SDN/NFV IaaS Analytics

Software-defined Security still the Big Data
everything. SD WAN No.1 inhibitor

FUTURE

Social Internet 2
Bandwidth ever
increasing
100G 100 Gbps and

UHDTV
Virtualization Mobile Bandwidth
80% of data center No control of Wi-Fi speeds rival LANs.
apps are virtualized endpoints (BYOD) 100G networks here

17
 Security is borderless.
PoS EndPointMobile

Iaas
1. The attack surface has
increased

2. Strategy changes bring Mobile

new security challenges
Branch Office Campus
3. There are security holes
in existing infrastructure
(ATP, unsecured Internet
Data Center
wireless, no dedicated
0-Day
security...)

=> Security is Borderless

Remote Office
Cloud
Saas
IoT

18
The Fortinet Security Fabric FortiManager,
FortiAnalyzer,
Third-Generation Network Security FortiSIEM

BROAD
Partner API FortiGate-VM

Visibility & Protection for the

Digital Attack Surface

FortiOS
INTEGRATED

Detection of Advanced Threats FortiClient FortiWeb

NETWORK
AUTOMATED

Response & Continuous Trust

Assessment FortiAP | FortiSwitch
FortiGuard
FortiMail

FortiSandbox

19
Network Security is… MANAGEMENT-ANALYTICS

Products and services that provide

high-performance, consolidated
advanced security and deep
visibility to protect the network
from known and unknown threats

NETWORK
FortiGate
Enterprise Firewall

IPS
Appliance Virtual
Machine
SWG

SD-WAN Cloud

ADVANCED THREAT PROTECTION

20
Multi-Cloud Security is… MANAGEMENT-ANALYTICS

MULTI-CLOUD

Products and services that

protect the expanded attack
surface across private cloud,
public cloud and SaaS

FortiGate Virtual Firewall

Network Security
NETWORK

FortiGate Cloud Firewall

Network Security
Virtual
Machine

FortiCASB
Cloud Access Security Broker
Cloud
Fortinet Connectors
Cloud & SDN Integration
ADVANCED THREAT PROTECTION

21
Web Application Security is… MANAGEMENT-ANALYTICS

Products and services that protect

web-based applications from
threats that target known and
unknown exploits WEB APPS

NETWORK

FortiWeb
Web Application Firewall

Appliance Virtual
Machine
FortiADC
Application Delivery
Controller
Hosted Cloud

ADVANCED THREAT PROTECTION

22
Email Security is… MANAGEMENT-ANALYTICS

Products and services that inspect

corporate email for unwanted (spam)
and malicious (phishing, malware)
messages as well as inappropriate
or sensitive content

NETWORK

FortiMail
Appliance Virtual
Secure Email Gateway
Machine
EMAIL

Hosted Cloud

ADVANCED THREAT PROTECTION

23
Secure Unified Access is… MANAGEMENT-ANALYTICS

Products and services necessary

to provide secure network connect-
ivity, wired or wirelessly, to users
of the Fortinet Security Fabric

NETWORK
FortiAP, FortiWLC, FortiWLM
Wireless Infrastructure

FortiSwitch
Switching Infrastructure Appliance Virtual UNIFIED ACCESS
Machine

FortiAuthenticator, FortiToken
Identity and Access Management
Hosted
ADVANCED THREAT PROTECTION

24
Endpoint Security is… MANAGEMENT-ANALYTICS

Products and services that detect

and block malicious objects
delivered via web, email, network,
or personal storage to an endpoint IOT-ENDPOINT

NETWORK

FortiClient
NG Endpoint Protection
Platform

Enterprise
Management Server Software
Central Management

ADVANCED THREAT PROTECTION

25
Advanced Threat Protection is… MANAGEMENT-ANALYTICS

PARTNER API MULTI-CLOUD

Products and services that continue

inspecting for malware and other
signs that cyber criminals have
gained entry despite traditional IOT-ENDPOINT WEB APPS
threat prevention products
(NGFW, SEG, EPP, WAF, etc)
NETWORK

FortiSandbox
Advanced Threat Protection Applianc Virtual
e Machine UNIFIED ACCESS EMAIL

Hosted Cloud

ADVANCED THREAT PROTECTION

26
Management-Analytics is… MANAGEMENT-ANALYTICS

PARTNER API MULTI-CLOUD

Products and services that weave

Fortinet and partner products into
a cohesive solution, uncovering
hidden insights and reducing the IOT-ENDPOINT WEB APPS
total cost of ownership
FortiAnalyzer
Central Logging & NETWORK
Reporting

FortiManager
Central Security
Management Appliance Virtual
Machine

FortiCloud UNIFIED ACCESS EMAIL

Cloud-based
Central Management
Hosted Cloud
FortiSIEM
Security Information &
Event Management ADVANCED THREAT PROTECTION

27
#1 Broadest Security Protection - From IoT To The Cloud

INFRASTRUCTURE SECURITY

$47B
$2B
CLOUD SECURITY

Management

Email
SIEM
IOT & OT SECURITY
$9B
Sandboxing

Endpoint WAF
NETWORK
SECURITY
Wi-Fi
$25B
Switch

Source: Fortinet reclassification of IDC data

28
The Broadest Security Portfolio in the Industry
Built From The Ground Up To Deliver True Integration End To End

Network Multi-Cloud Email Secure Management

Security Security Security Unified Access & Analytics

Open Endpoint Web Application Advanced

Ecosystem Security Security Threat Protection

Partner API FortiGate FortiClient FortiMail FortiAP FortiSandbox FortiAnalyzer

Virtual Firewall FortiWeb
FortiGate
Enterprise Firewall

DevOps FortiSwitch
FortiGate
FortiManager
Cloud Firewall

IPS SD-WAN

Connectors FortiCASB FortiSIEM

SWG VPN

29
Core Fabric Technologies
FORTIOS FORTIGUARD PARALLEL PROCESSING
SPU

CPU
Accelerates Accelerates
Fabric Use Cases Security Rating Threat Intelligence Network Flexible Content
Traffic Policy Inspection

Connectors API Web Filtering FortiSandbox

Cloud Optimized for entry-level
form factors

Automation Fabric Agent Intrusion Prevention Antivirus

More Performance Less Latency

CASB Orchestration Application Control IP Reputation

Less Power Less Space

30
The Most Featured NGFW

Accelerated Firewall IPv4 IPv6 Virtual Domains & vClustering

SSL & IPSec VPN (+ADVPN) Advanced HA

Dynamic Web Filtering Cloud / on-premise Sandboxing

Anti-Virus & Anti-Botnet QoS & Traffic shaping

Application Control & DLP Identity & Device Awareness

IPS & IDS Advanced SD WAN & VXLAN

Wan Optimization
(cache, explicit proxy, wanop) Mobile Security & Endpoint Control

31
A Leader in Network Security

32
 NSS Labs 3rd-Party Certifications
Most Recent Test Results

9 Recommendations
out of 9!
Cisco 4

Check Point 3

Palo Alto Networks 4

9
Recommendations 5th year in
a row!
Updated August 20, 2018

Fortinet Confidential 33
 Comprehensive Malicious Threat
and Malware Protection
ICSA LABS

AV COMPARATIVES

34
Quality Control Guaranteed

35
We Lead the Industry in Innovation

Based on patents issued as listed by the US Patent and Trademark Office

* As of June 30 2018 Global Patents = 539

36
Well-Positioned to Lead the 3rd Evolution of Network Security

Network Security Evolution

NGFW
FIREWALL UTM FABRIC
Connectivity Content Infrastructure

1990 2000 2010 2020 2030

37
Core Fabric Technologies
FORTIOS FORTIGUARD PARALLEL PROCESSING
SPU

CPU
Accelerates Accelerates
Fabric Use Cases Security Rating Threat Intelligence Network Flexible Content
Traffic Policy Inspection

Connectors API Web Filtering FortiSandbox

Cloud Optimized for entry-level
form factors

Automation Fabric Agent Intrusion Prevention Antivirus

More Performance Less Latency

CASB Orchestration Application Control IP Reputation

Less Power Less Space

38
 Fabric Integrated
• With FortiSwitch, the Fabric offers both L2
and L3 switching features and advanced
multi-switch management

• All emails can be transparently forwarded to

FortiMail relay for deep email inspection

• All web traffic can be transparently

forwarded to FortiWeb for deep WAF
inspection

• FortiSandbox inspects all files and provides

ATP. Associated to FortiMail, it can avoid
the patient 0 which makes the Fabric unique
on the market.

• When connected to the FortiGate, the

FortiAP extends the security features of the
Fabric to the wireless.
39
 Advanced Threat Protection
1. Fortinet products can collaborate with
FortiSandbox on-premise (or Cloud)

2. They continuously receive updated Malware

Packages from the fortiSandbox (temporary) and
from Fortiguard service (long term)

3. Patient 0 is avoided with fortimail/Forticlient

Fa
Advanced bri
Threat c
Protection

FortiClient FortiGate FortiMail FortiWeb Partner

40
 FORTINET ADDRESSES ALL KEY SECURITY REQUIREMENTS
FOR OPTIMAL SECURITY

Broad Visibility & Prevent concealed Fast detection & High-performance Threat Contain Lateral attacks
auditing to achieve Malware while Achieving prevention based on Protection for expanding automatically with
effective security & Confidentiality at Scale advanced machine Digital Attack Surface shard Intelligence and
compliance learning scaled Multi-Tenancy

COORDINATED, AUTOMATED MULTI-DEFENSE SECURITY 41

 SECURITY/NETWORK OPERATING CENTER
User ID Central Log & Central Device File Analysis Network SIEM Client Mgmt.
Mgmt. report Mgmt. Tester System
Cloud based Mgmt.

FortiCloud

FortiAuthenticator FortiAnalyzer FortiManager FortiSandBox FortiTester FortiSIEM FortiClient

3G/4G EMS
WAN
FortiExtender
Mail Security Mail Servers
Gateway
Site-to-site
Secure WiFi VPN
Access FortiWAN Security
gateway

FortiWiFi Link Load FortiMail

Balancer FortiGate
Secure Web
Caching server

REMOTE LAN DATA CENTER

FortiCache
L2 IP Cam. Failopen Web App. Load Balancer
Remote Switching WiFi Access Recorder IP PBX Device Firewall
VPN

Endpoint
Security
FortiSwitch FortiAP FortiRecorder FortiVoice/ FortiBridge FortiWeb FortiADC
FortiGateVoice
FortiToken L7 D/DOS Web Servers
FortiClient 2 Factor OTP Mitigator
Token

MOBILE FortiCamera FortiFone FortiDDoS

42
Why FortiGate?

43
The Most Flexible NGFW

FortiManager

hardware Cloud

Hypervisor

44
 The Most Flexible NGFW
Multi Multi Multi
Chassis
CPU Core Core
System
Core
SoC NP CP CPU NP CP CPU CPU

1 Gbps 10 Gbps 10 Gbps - 50 Gbps 50 Gbps - 1 Tbps H/W Dependent

1000-2000 CCFW
Series
DCFW-
Personality, 600-900 IPS
Performance Series
and VM
Scalability ISFW
100-500 3000 5000 7000 Series
Series Series Series Series
NGFW
60-90 CFW/VM
30-50 Secure
Series SD-WAN FW
Series

UTM

Software &
Services
FortiGuard FortiOS FortiCare
Product Security Services Operating System Virtual
Entry Level Mid Range High End Support Services Appliances
Range

45
Central Monitoring of the Fabric

46
47
 Flexible Virtual Domains

• 10 Vdoms included (even on VM)

• Full security and networking features (L2 or L3)

• Multi-tenant

• Customizable performance
… 10 /500
• Inter-vdoms links
FortiOS

48
L3 to L7 Security & Identity Management

49
 Handling Encrypted Traffic
• DNS Filter : the FortiGate can categorize
destination traffic based on the domain name
of the requests. It can redirect the filtered
traffic to a portal
• Certificate Inspection : the CN and the SNI
are inspected during the SSL handshake to
identify the destination without decryption.
• Full Inspection: FortiGate can act as a MITM
and decrypt flows before analysis. Dedicated
ASICs improve global performance.
• Extra features: Web categories can be
exempted from Man-In-The-Middle (MITM)
inspection.
50
 Advanced SD WAN

• Automatic link backup and outbound LB

• L3 to L7 load balancing

@
• Advanced link health monitoring (Latency, Jitter, Packet
loss, bandwidth) MPLS @2
• Bi-directional advanced QOS
L = 28 ms
J = 0 ms
L = 25 ms PL = 0 % L = 100 ms
J = 0 ms BW = 8 Mbps J = 20 ms
PL = 0 % PL = 5 %
BW = 2 Mbps BW = 18 Mbps

Sensivity to :
PL + L
51
Fabric-Ready Ecosystem Partners Expand the Reach
of the Fabric

MANAGEMENT ENDPOINT CLOUD/NFV/SDN

FABRIC
API

VULNERABILITY/SIEM TECHNOLOGY IOT/OT/NAC/IDENTITY

FABRIC
CONNECTORS

52
Fabric Alliance Ecosystem
Partner

API

Cloud SDN Endpoint Management

Vulnerability/SIEM IoT/OT/NAC Identity Technology

53
FORTIGUARD LABS BUNDLES

54
 Enterprise Protection Bundle Explained

55
5
 ENTERPRISE PROTECTION (ENT) BUNDLE
Consolidates the comprehensive protection needed
to protect and defend against all cyber-attack channels from the endpoint to the cloud
Including the technologies needed to address today’s challenging
OT, risk, compliance and management concerns

• “95% of cloud security failures will be fault of organizations” (Gartner)*

Solution: CASB - Provides visibility, compliance and security for cloud-based applications

• “93% of cyberattacks could have been prevented had routine scans and patches been implemented.” Data hygiene is critical (Online
Trust Association)**
Solution: Security Rating - Security Rating provides continual assessment and visual feedback of your security posture and
provides best practice recommendations

 Rated top security company in OT space (Forrester) ***

 1133 industrial control signatures addressing multiple threats specific to the OT landscape
 100’s of security checks mapped to CIS Security Controls and PCI Standards

*Smarter With Gartner: https://www.gartner.com/smarterwithgartner/is-the-cloud-secure/

**Online Trust Alliance Cyber Incident & Breach Trends Report: https://otalliance.org/
***Fortinet SCADA Market Credibility Data Review, Feb 14, 2018 56
 ENTERPRISE PROTECTION BUNDLE
POWERFUL PROTECTION PACKAGE
Robust technologies that provides protection from known and unknown threats. Includes: Antivirus, FortiSandbox
Advanced Malware Protection Cloud, Botnet, Mobile, Virus Outbreak Protection, Content Disarm & Reconstruction

Provides audit checking capabilities to identify critical vulnerabilities and configuration weaknesses and
Security Rating implement best practice recommendations

CASB Provides visibility, compliance, data security, and threat protection for cloud-based services

Industrial Security Service Provides signatures for common ICS/SCADA protocols

Web Filtering Provides protection through blocking access to malicious, hacked, or inappropriate websites

IPS Protects against the latest network intrusions by detecting and blocking threats before they reach n/w devices.

Anti-Spam Service that detects and filters spam

Internet DB Service that categorizes reputation of internet websites

Aggregates malicious source IP data to provide up-to-date threat intelligence about hostile sources in near real-
IP Reputation time. Proactively blocks attacks

Provides real-time visibility into applications users are running. Provides ability to improve security and meet
Application Control compliance with enforcement of acceptable use policy 57
USE CASES – KEY ENTERPRISE BUNDLE SERVICE MAPPING
Detection/Protection Capabilities
Endpoint to cloud including proliferation of IoT
devices
The Enterprise Protection Bundle provides advanced
malware protection to secure these endpoints against
known and unknown threats, and the services that allows
security leaders to better identify the best ways to
optimize their defenses.
Compliance and Risk Management
Satisfy auditors and C-suite executives
The Security Rating Service equips enterprises with an
instantaneous view of their security posture and
associated IT risks. The service also provides
recommendations about how to improve that posture.
Cloud-based Platforms
Coordination of security services across multi-cloud
environments and on-premises infrastructure
FortiCASB provides these organizations with granular
visibility and centralized control of cloud security policies
and practices.
ICS/SCADA
Exposes formerly unexposed operational technology
systems to new cybersecurity risk
The Fortinet Industrial Security Service monitors ICS
and SCADA systems and alerts security administrators to
vulnerabilities in common protocols.
© Fortinet Inc. All Rights Reserved. 58
58
Key Services Defined

59
ADVANCED MALWARE
PROTECTION

15 Years!

60
CLOUD ACCESS SECURITY BROKER (CASB)

Extend Visibility & Control to Cloud Data and Applications

 Visibility and control for SaaS and

Public Cloud usage and data
SaaS and IaaS
Applications and
Infrastructure  Enforce IT policies and provide
compliance tools

 Prevent threats that propagate

from and across cloud services

61
SECURITY RATING SERVICE
BEST PRACTICES BY INDUSTRY

 Performs hundreds of security checks

based on CIS controls & benchmarks
• Endpoint Management
• Vulnerability Management
• Security Hardening
• Network Design and Policy Management
• Audit Logging & Monitoring

 Prioritizes discoveries from critical to low

importance
 Pre set fixes are available
 Actionable recommendations
 Benchmarking scorecard

354 Passed 25 Low 65 Medium 31 High 22 Critical

62
FORTIGUARD VIRUS OUTBREAK PREVENTION
DETECTION BETWEEN SIGNATURE UPDATES

VOS
Lookup
FDN

 Provides malware detection for the latest

emerging threats discovered between your
signature updates

 Additional layer of protection targeted at newly

emerged malwares

 Initiates real-time hash lookup with our Global

Intelligence DB

63
FORTIGUARD CONTENT DISARM AND RECONSTRUCTION (CDR)
Data Sanitation Service
Advanced threats … are easily bypassing the signature-based and reputation-based prevention mechanisms that secure email
gateway (SEG) has traditionally used – (Gartner)

 Strips all active content from files in real-time, creating a

flat file
 All active content is treated as suspect and erased Sandbox

 Microsoft Office and Adobe documents only (for now)

 CDR is a firewall policy – Admin can enable the feature ?
AV Engine

per user
 Content can be rolled back (provided content was clean)
if customer has FortiSandbox on premise
64
 FORTIGUARD ANTISPAM
Ten Years of 100% Success with VBSPAM

 Protections against threats delivered through

email with highly effective antispam protection

 Reduce the spam volume at the perimeter with

dual-pass technology

 FortiClient endpoint agents can block spam

messages on remote computers and mobile
devices

 Fastest possible updated and customizable

antispam filtering

65
FORTIGUARD WEB FILTERING
Process OVER 100 BILLION Web Queries a DAY

 Improves security by blocking access to malicious

and risky websites
 Prevents malware downloads from malicious or
hacked websites x x
 Keeps your defense current with automatic
intelligence tools, target threat analysis, and
continuous updates
 Controls access through policy-based controls with
highly granular blocking and filtering
 Outcome also used to detect IOCs and
compromised endpoints

66