Академический Документы
Профессиональный Документы
Культура Документы
HQ 100+
OFFICES
360,000 + Customers 4M+ Appliances
Shipments Worldwide
SUNNYVALE, CA WORLDWIDE (+30% units WW)
4 of 4 9 of 10 11 of 13 4 of 5 3 of 5
Financials/ Aerospace/
Telco Retail Energy
Banking Defense
10 of 12 12 of 15 3 of 5 9 of 11 3 of 5
3
Why Fortinet
Powerful: Comprehensive protection package designed to
effectively address today’s complex and dynamic threat environment
4
VALUE OF DEPLOYING FORTIGUARD SERVICES
5
FortiGuard Labs Delivers Services And
Intelligence
FortiGuard Labs delivers That Protects
services and intelligence that protects And Defends
and defends against theAgainst
evolving threat landscape
6
Threat Landscape Driving the Need for Services
7
DX
is the integration of digital technology into all areas of
[Digital Transformation]
customers
8
SX
is the integration of security into all areas of digital
provides a Continuous
[Security Transformation]
Trust Assessment
9
SECURITY CHALLENGES FACED BY ENTERPRISES
10
Digital Attack Surface Expanding and Becoming Invisible
Network Cloud
BROAD
Attack Surface
Devices Access
11
Too Many Point Solutions and New Regulations
Point Security
Products Consoles
30+
INTEGRATION
Very Difficult
Form Compliance
Factor
12
Rapidly Changing Advanced Threats and Lack of
Resources and Expertise
Noise Skills
AUTOMATION
Critical
Speed Maturity
13
Security Framework for Digital Security
Identify the
Attack Surface
Continuous
14
THREAT LANDSCAPE IS EVOLVING
Volume, Velocity, Sophistication is Increasing
Unique Malware Detections up – 43% to 34,148
Mobile Malware – 26% firms affected
New tactics & techniques
Breach Detection
Compromises are measured in minutes or less 98% of time
Exfiltration of data happens within minutes to days
It can take days, weeks and even months to discover the breach
15
Types Of Threats Attackers
The Explorer
Hacktivist
Cyber Terrorist
Cyber Criminal
Cyber Warrior
16
Infrastructure. Constant Change.
TODAY
Green SaaS IoT
Google’s 13 data
centers use 0.01%
of global power
On average, companies
have 10+ applications
running via the Cloud
35B devices, mostly
headless attaching
to the network
5G
Wireless
FUTURE
Social Internet 2
Bandwidth ever
increasing
100G 100 Gbps and
UHDTV
Virtualization Mobile Bandwidth
80% of data center No control of Wi-Fi speeds rival LANs.
apps are virtualized endpoints (BYOD) 100G networks here
17
Security is borderless.
PoS EndPointMobile
Iaas
1. The attack surface has
increased
18
The Fortinet Security Fabric FortiManager,
FortiAnalyzer,
Third-Generation Network Security FortiSIEM
BROAD
Partner API FortiGate-VM
FortiOS
INTEGRATED
NETWORK
AUTOMATED
FortiSandbox
19
Network Security is… MANAGEMENT-ANALYTICS
NETWORK
FortiGate
Enterprise Firewall
IPS
Appliance Virtual
Machine
SWG
SD-WAN Cloud
20
Multi-Cloud Security is… MANAGEMENT-ANALYTICS
MULTI-CLOUD
FortiCASB
Cloud Access Security Broker
Cloud
Fortinet Connectors
Cloud & SDN Integration
ADVANCED THREAT PROTECTION
21
Web Application Security is… MANAGEMENT-ANALYTICS
NETWORK
FortiWeb
Web Application Firewall
Appliance Virtual
Machine
FortiADC
Application Delivery
Controller
Hosted Cloud
22
Email Security is… MANAGEMENT-ANALYTICS
NETWORK
FortiMail
Appliance Virtual
Secure Email Gateway
Machine
EMAIL
Hosted Cloud
23
Secure Unified Access is… MANAGEMENT-ANALYTICS
NETWORK
FortiAP, FortiWLC, FortiWLM
Wireless Infrastructure
FortiSwitch
Switching Infrastructure Appliance Virtual UNIFIED ACCESS
Machine
FortiAuthenticator, FortiToken
Identity and Access Management
Hosted
ADVANCED THREAT PROTECTION
24
Endpoint Security is… MANAGEMENT-ANALYTICS
NETWORK
FortiClient
NG Endpoint Protection
Platform
Enterprise
Management Server Software
Central Management
25
Advanced Threat Protection is… MANAGEMENT-ANALYTICS
FortiSandbox
Advanced Threat Protection Applianc Virtual
e Machine UNIFIED ACCESS EMAIL
Hosted Cloud
26
Management-Analytics is… MANAGEMENT-ANALYTICS
FortiManager
Central Security
Management Appliance Virtual
Machine
27
#1 Broadest Security Protection - From IoT To The Cloud
INFRASTRUCTURE SECURITY
$47B
$2B
CLOUD SECURITY
Management
Email
SIEM
IOT & OT SECURITY
$9B
Sandboxing
Endpoint WAF
NETWORK
SECURITY
Wi-Fi
$25B
Switch
DevOps FortiSwitch
FortiGate
FortiManager
Cloud Firewall
IPS SD-WAN
SWG VPN
29
Core Fabric Technologies
FORTIOS FORTIGUARD PARALLEL PROCESSING
SPU
CPU
Accelerates Accelerates
Fabric Use Cases Security Rating Threat Intelligence Network Flexible Content
Traffic Policy Inspection
30
The Most Featured NGFW
Wan Optimization
(cache, explicit proxy, wanop) Mobile Security & Endpoint Control
31
A Leader in Network Security
32
NSS Labs 3rd-Party Certifications
Most Recent Test Results
9 Recommendations
out of 9!
Cisco 4
Check Point 3
9
Recommendations 5th year in
a row!
Updated August 20, 2018
Fortinet Confidential 33
Comprehensive Malicious Threat
and Malware Protection
ICSA LABS
AV COMPARATIVES
34
Quality Control Guaranteed
35
We Lead the Industry in Innovation
36
Well-Positioned to Lead the 3rd Evolution of Network Security
NGFW
FIREWALL UTM FABRIC
Connectivity Content Infrastructure
37
Core Fabric Technologies
FORTIOS FORTIGUARD PARALLEL PROCESSING
SPU
CPU
Accelerates Accelerates
Fabric Use Cases Security Rating Threat Intelligence Network Flexible Content
Traffic Policy Inspection
38
Fabric Integrated
• With FortiSwitch, the Fabric offers both L2
and L3 switching features and advanced
multi-switch management
Fa
Advanced bri
Threat c
Protection
40
FORTINET ADDRESSES ALL KEY SECURITY REQUIREMENTS
FOR OPTIMAL SECURITY
Broad Visibility & Prevent concealed Fast detection & High-performance Threat Contain Lateral attacks
auditing to achieve Malware while Achieving prevention based on Protection for expanding automatically with
effective security & Confidentiality at Scale advanced machine Digital Attack Surface shard Intelligence and
compliance learning scaled Multi-Tenancy
FortiCloud
Endpoint
Security
FortiSwitch FortiAP FortiRecorder FortiVoice/ FortiBridge FortiWeb FortiADC
FortiGateVoice
FortiToken L7 D/DOS Web Servers
FortiClient 2 Factor OTP Mitigator
Token
42
Why FortiGate?
43
The Most Flexible NGFW
FortiManager
hardware Cloud
Hypervisor
44
The Most Flexible NGFW
Multi Multi Multi
Chassis
CPU Core Core
System
Core
SoC NP CP CPU NP CP CPU CPU
1000-2000 CCFW
Series
DCFW-
Personality, 600-900 IPS
Performance Series
and VM
Scalability ISFW
100-500 3000 5000 7000 Series
Series Series Series Series
NGFW
60-90 CFW/VM
30-50 Secure
Series SD-WAN FW
Series
UTM
Software &
Services
FortiGuard FortiOS FortiCare
Product Security Services Operating System Virtual
Entry Level Mid Range High End Support Services Appliances
Range
45
Central Monitoring of the Fabric
46
47
Flexible Virtual Domains
• Multi-tenant
• Customizable performance
… 10 /500
• Inter-vdoms links
FortiOS
48
L3 to L7 Security & Identity Management
49
Handling Encrypted Traffic
• DNS Filter : the FortiGate can categorize • Full Inspection: FortiGate can act as a MITM
destination traffic based on the domain name and decrypt flows before analysis. Dedicated
of the requests. It can redirect the filtered ASICs improve global performance.
traffic to a portal
• Extra features: Web categories can be
• Certificate Inspection : the CN and the SNI exempted from Man-In-The-Middle (MITM)
are inspected during the SSL handshake to inspection.
identify the destination without decryption.
50
Advanced SD WAN
• L3 to L7 load balancing
@
• Advanced link health monitoring (Latency, Jitter, Packet
loss, bandwidth) MPLS @2
• Bi-directional advanced QOS
L = 28 ms
J = 0 ms
L = 25 ms PL = 0 % L = 100 ms
J = 0 ms BW = 8 Mbps J = 20 ms
PL = 0 % PL = 5 %
BW = 2 Mbps BW = 18 Mbps
Sensivity to :
PL + L
51
Fabric-Ready Ecosystem Partners Expand the Reach
of the Fabric
FABRIC
API
FABRIC
CONNECTORS
52
Fabric Alliance Ecosystem
Partner
API
53
FORTIGUARD LABS BUNDLES
54
Enterprise Protection Bundle Explained
55
5
ENTERPRISE PROTECTION (ENT) BUNDLE
Consolidates the comprehensive protection needed
to protect and defend against all cyber-attack channels from the endpoint to the cloud
Including the technologies needed to address today’s challenging
OT, risk, compliance and management concerns
• “93% of cyberattacks could have been prevented had routine scans and patches been implemented.” Data hygiene is critical (Online
Trust Association)**
Solution: Security Rating - Security Rating provides continual assessment and visual feedback of your security posture and
provides best practice recommendations
Provides audit checking capabilities to identify critical vulnerabilities and configuration weaknesses and
Security Rating implement best practice recommendations
CASB Provides visibility, compliance, data security, and threat protection for cloud-based services
Web Filtering Provides protection through blocking access to malicious, hacked, or inappropriate websites
IPS Protects against the latest network intrusions by detecting and blocking threats before they reach n/w devices.
Aggregates malicious source IP data to provide up-to-date threat intelligence about hostile sources in near real-
IP Reputation time. Proactively blocks attacks
Provides real-time visibility into applications users are running. Provides ability to improve security and meet
Application Control compliance with enforcement of acceptable use policy 57
USE CASES – KEY ENTERPRISE BUNDLE SERVICE MAPPING
Detection/Protection Capabilities
Endpoint to cloud including proliferation of IoT Cloud-based Platforms
devices Coordination of security services across multi-cloud
environments and on-premises infrastructure
The Enterprise Protection Bundle provides advanced
malware protection to secure these endpoints against FortiCASB provides these organizations with granular
known and unknown threats, and the services that allows visibility and centralized control of cloud security policies
security leaders to better identify the best ways to and practices.
optimize their defenses.
59
ADVANCED MALWARE
PROTECTION
15 Years!
60
CLOUD ACCESS SECURITY BROKER (CASB)
61
SECURITY RATING SERVICE
BEST PRACTICES BY INDUSTRY
VOS
Lookup
FDN
63
FORTIGUARD CONTENT DISARM AND RECONSTRUCTION (CDR)
Data Sanitation Service
Advanced threats … are easily bypassing the signature-based and reputation-based prevention mechanisms that secure email
gateway (SEG) has traditionally used – (Gartner)
per user
Content can be rolled back (provided content was clean)
if customer has FortiSandbox on premise
64
FORTIGUARD ANTISPAM
Ten Years of 100% Success with VBSPAM
65
FORTIGUARD WEB FILTERING
Process OVER 100 BILLION Web Queries a DAY
66