Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
BOULEIMEN Kamel
Manager System Engineer
© Copyright Fortinet Inc. All rights reserved.
2015: Another Record Year of Security Breaches
V-Tech Anthem
US Federal
Government
4.3 M exposed IRS One-thirAmricans
affected
100,000 + Taxpayer
OPM
British Gas personal information Hacking
21.5M + 2,000
Team
Fortinet - Confidential 3
Cybercrime is Now One of the
TOP FOUR
Economic Crimes in the World
Fortinet - Confidential 4
Cybercriminal Ecosystem
CRIME SERVICES ENABLERS
Hosting
Quality Assurance Infections / Drop Botnet Rentals Money Mules Consulting
Crypters / Packers Zones Installs / Spam / Accounts Receivable
Scanners Management SEO / DDoS
Credential
s & Data
CRIMEWARE PRODUCERS
Fortinet - Confidential 5
Infrastructure. Constant Change.
FUTURE
Social Internet 2
Bandwidth ever
increasing
100G 100 Gbps and
UHDTV
Virtualization Mobile Bandwidth
80% of data center No control of Wi-Fi speeds rival LANs.
apps are virtualized endpoints (BYOD) 100G networks here
Fortinet - Confidential 6
Infrastructure. Constant Change.
82% 20 Billion 4X
IoT devices Growth
of Enterprises
connected in
have a
by 2020 100G ports
multi-cloud
strategy
Fortinet - Confidential 7
Security. Moving Landscape.
Item Cost
500,000 1
Reconnaissance
2
Infiltration Vector
3
Host Infection
Zero Day $5K - $50K
Fortinet - Confidential 8
Threats. Huge Volumes.
Malware programs
95,000 neutralized 1.8M New & updated AV definitions 5,800 Application control rules
Fortinet - Confidential 9
Regulatory Compliance. Evolving Requirements
Fortinet - Confidential 10
Accidental Architecture
Mobile
Endpoint
Campus
Data Center
NGFW
DCFW
Branch
Office UTM
PoS
IoT
Internal External
Fortinet - Confidential 13
End-to-End Segmentation
Internal
Data Center
External SDN Orchestration
Mobile
Endpoint
Campus
Data Center
NGFW
DCFW
Branch
Office UTM
Cloud
PoS
IoT
Fortinet - Confidential 14
Fortinet Security Fabric – Protecting from IoT to Cloud
Global Intelligence
Fortinet
Security Fabric
Application
Secure LAN Access Security
Local
Intelligence
Secure WLAN Access
Network Security
Fortinet - Confidential 15
Fortinet Security Fabric
Advanced
Threat Intelligence NOC/SOC
• Scalable
• Aware
• Secure
Endpoint Access Network Application Cloud
• Actionable
• Open
Fabric Ready
Fortinet - Confidential 16
Scalable - The Fabric covers the entire network attack
surface (From IoT to Cloud)
CPU Only Parallel Path Processing (PPP)
More Performance
Less Space
1 Tbit/s
Private & Public
Cloud Security
NGFW
Distributed
Access Firewall
Endpoint Switch Point
Fortinet - Confidential 19
Aware - The Fabric gives you complete visibility enabling
network segmentation
Automated
Visibility Segmentation
Operation
Fortinet - Confidential 21
Aware – Visualization of the Security Architecture
Real-Time Network Topology and Interaction (Physical/Functional)
Cloud
Firewall
Access Point
Endpoint Internal Segmentation FW NGFW
Endpoint
Switch Global
Internal Segmentation FW Management
Distributed
Firewall
Fortinet - Confidential 22
Aware - The Fabric gives you complete visibility
Fortinet - Confidential 23
Aware - The Fabric gives you complete visibility
Fortinet - Confidential 24
Secure – The Fabric shares Global and Local Threat
Intelligence and Mitigation Information
Fortinet - Confidential 25
Secure - Rapid Cooperation to Stop Threats across the
Entire Attack Surface
Global Local
Intelligence Intelligence
FortiGate
FortiWeb
(Firewall)
(Web Application)
FortiClient FortiMail
(Endpoint Security) (Email Security)
Fortinet - Confidential 26
Secure – The Fabric cover all the possible attack vectors such
as Network, Endpoint Access, Web, Email and Cloud
Security
Updates
FW VPN IPS APP AV
WLAN / LAN Distributed Edge Segmentation Data Center Carrier Class Applicatio
Endpoint/IoT North-South SDN/NFV n Private Cloud IaaS/SaaS
Rugged Enterprise Branch
Security
Chassis
>Terabit
Appliance
Appliance >300G
Appliance >30G Virtual Machine Virtual Machine
Device
>5G FLOW SDN/NFV On Demand
>1G
Appliance
Client Embedded System on a Chip Packet and Content Processor ASIC Virtual Hardware Dependent
Cloud
Fortinet - Confidential 27
Actionable – The Fabric provides real time Security
Alerts, Recommendations and Audit Reports
Audit
Rank Severity Recommendation Report
Fabric
Element
5 Critical Zero Day Vulnerability
Alert
5
4 Critical Not connected to Fabric
Fortinet - Confidential 28
Actionable – The Fabric cuts Time to Protect from hours
to seconds
Vulnerability Web Cloud Partner
App Control Antivirus Anti-spam Management Filtering Sandbox
FortiWeb
Deep Mobile
IPS Web App Database Botnet
App Control Security
FortiMail
Advanced
FortiGate
Threat
Protection
Appliance Virtual Cloud
FortiClient
Fortinet - Confidential 29
Continuous Monitoring and Analytics
Prepare 1 Prevent
Segmentation Harden
Processes 2 Isolate
Training Network
Application
Endpoint
Respond Detect
Contain
4 ATP
Remediate
3 SIEM
Clean TIS
Fortinet - Confidential 30
End-to-End Security Operations Respond
Sandbox to SIEM
Global Context
Restful
CTI SOC /
API 001001
101100
Platform MSS
100011
50B+ Daily
Automation QA Events
Custom Feed
SIEM
Telemetry Flow
2M+ Sensors
Security Analysts FP Reduction
Security
Audit
Recommendations based
on security posture
Policy Audit
Vulnerability awareness
Fortinet - Confidential 32
Open – The Fabric allows integration of existing security
solutions
SIEM Management
Private
Cloud
Endpoint (SDN)
Vulnerability Public
Cloud
Fortinet - Confidential 33
Open – The Fabric allows integration of other security
technologies
SDN/NFV Cloud Endpoint
Alliances Partners
Fortinet - Confidential 34
THE FORTINET SECURITY FABRIC
REALIZED
FORTINET SECURITY FABRIC
Sandbox
DATA CENTER/PRIVATE CLOUD
Endpoint
Secure Access NGFW
Protection
Point
Virtual
Top-of-Rack Firewall
Internal
PUBLIC CLOUD
CAMPUS Segmentation FW Email
Server
DCFW/
NGFW
Distributed Ent FW
Email
Security
Client Devices
Internal
Client Devices LTE Extension Segmentation
FW
Sandbox
BRANCH
OFFICE
OPERATIONS CENTER
Fortinet - Confidential 37
FORTINET SECURITY FABRIC
ENTERPRISE
FIREWALL
Sandbox
DATA CENTER/PRIVATE CLOUD
Endpoint FortiGate
Secure Access
Protection NGFW
Point
Virtual
Top-of-Rack Firewall
FortiGate Internal
PUBLIC CLOUD
CAMPUS Segmentation FW Email
Server
FortiGate
DCFW/
FortiGate/FortiWiFi NGFW
Distributed Ent FW Email
Security
Client Devices
FortiGate Internal
Client Devices LTE Extension Segmentation FW
FortiAnalyzer
DDoS Protection FortiCloud
Sandbox
FortiManager
BRANCH FortiSIEM
OFFICE
OPERATIONS CENTER
Fortinet - Confidential 38
FORTINET SECURITY FABRIC
CLOUD SECURITY ENTERPRISE
FIREWALL
Sandbox
DATA CENTER/PRIVATE CLOUD
Endpoint FortiGate
Secure Access
Protection NGFW
Point
Fortinet
Top-of-Rack Virtual Firewall
FortiGate Internal
PUBLIC CLOUD
CAMPUS Segmentation FW Email
Server
FortiGate
DCFW/
FortiGate/FortiWiFi NGFW
Distributed Ent FW Email
Security
Client Devices
FortiGate Internal
Client Devices LTE Extension Segmentation FW
FortiAnalyzer
DDoS Protection FortiCloud
Sandbox
FortiManager
BRANCH FortiSIEM
OFFICE
OPERATIONS CENTER
Fortinet - Confidential 39
FORTINET SECURITY FABRIC
ADVANCED THREAT CLOUD SECURITY ENTERPRISE
PROTECTION FIREWALL
FortiSandbox
Fortinet
Top-of-Rack Virtual Firewall
FortiGate Internal
PUBLIC CLOUD
CAMPUS Segmentation FW Email
Server
FortiCloud Sandboxing
FortiGate
DCFW/
FortiGate/FortiWiFi NGFW
Distributed Ent FW FortiMail
FortiClient Email Security
FortiGate Internal
FortiClient LTE Extension Segmentation FW
FortiAnalyzer
DDoS Protection FortiCloud
FortiSandbox
FortiManager
BRANCH FortiSIEM
OFFICE
OPERATIONS CENTER
Fortinet - Confidential 40
FORTINET SECURITY FABRIC
APPLICATION ADVANCED THREAT CLOUD SECURITY ENTERPRISE
SECURITY PROTECTION FIREWALL
FortiSandbox
Fortinet
Top-of-Rack Virtual Firewall
FortiGate Internal
PUBLIC CLOUD
CAMPUS Segmentation FW Email
Server
FortiCloud Sandboxing
FortiGate
DCFW/
FortiGate/FortiWiFi NGFW
Distributed Ent FW FortiMail
FortiClient Email Security
FortiGate Internal
FortiClient LTE Extension Segmentation FW
FortiAnalyzer
FortiDDoS Protection FortiCloud
FortiSandbox
FortiManager
BRANCH FortiSIEM
OFFICE
OPERATIONS CENTER
Fortinet - Confidential 41
FORTINET SECURITY FABRIC
SECURE ACCESS APPLICATION ADVANCED THREAT CLOUD SECURITY ENTERPRISE
SECURITY PROTECTION FIREWALL
FortiSandbox
Fortinet
Top-of-Rack Virtual Firewall
FortiCloud Sandboxing
FortiGate
DCFW/
FortiGate/FortiWiFi NGFW
Distributed Ent FW FortiMail
FortiClient Email Security
FortiGate Internal
FortiClient FortiExtender Segmentation FW
LTE Extension
FortiAnalyzer
FortiDDoS Protection FortiCloud
FortiSandbox
FortiManager
BRANCH FortiSIEM
OFFICE
OPERATIONS CENTER
Fortinet - Confidential 42