Evoluci£³n Fortinet Security Fabric Network Security Network Security Cloud & Apps Security Multi-Cloud

  • View
    0

  • Download
    0

Embed Size (px)

Text of Evoluci£³n Fortinet Security Fabric Network Security Network Security Cloud & Apps...

  • 1

    Evolución Fortinet Security Fabric Rubén Aparicio Márquez

    Regional Account Manager

  • © Fortinet Inc. All Rights Reserved.

    Expanding Digital Attack Surface

    2

    Infrastructure

    Risk

    Digital

    Attack

    Surface

    Compliance

  • © Fortinet Inc. All Rights Reserved.

    Customer Issues

    3

    Complexity

    Too many security

    vendors is costly and

    ineffective

    Platform

    Manual

    Operations creates

    mistakes and a

    slow response

    Hybrid

    Multiple types of

    Networks, Clouds

    and Devices

    Automation Integration

    Measurement

    How well is my

    Security doing, How

    can I improve?

    Visibility

  • © Fortinet Inc. All Rights Reserved.

    Fortinet Security Fabric

    4

    Information Security

    Information Security

    Network Operations

    Network Security

    Network Security

    Cloud & Apps Security

    Multi-Cloud Security

    Open API

    Fabric Connectors

    Infrastructure Security

    Endpoint Protection

    Secure Access

    Email Security

    Ecosystem

    INTEGRATED Protection across all devices, networks and applications

    AUTOMATED Operations and continuous trusted assessment

    BROAD visibility of the entire digital attack surface

  • © Fortinet Inc. All Rights Reserved. 5© Fortinet Inc. All Rights Reserved. 5

    Evolution of SECURITY FABRIC

    3rd Generation

    5.6 6.0 6.2

    Visibility & Control

    Automation & Incident

    Management

    Integration & Connectors

    Telemetry

    5.4

    FEATURES

    CISO

    NOC / SOC

    Advanced Malware Policy Awareness & Control

    Dynamic Data Protection

    Extended Trust & Assurance

    1st Gen. Co-ordinated Operations

    Reduced time of visibility & management

    Self-assessment and automated ops

    Managed security state across the topology

  • 6© Fortinet Inc. All Rights Reserved.

    Highlights FortiOS 6.2

    EXPANDING

    FABRIC FAMILY MULTI-CLOUDSD-WAN

    FABRIC

    CONNECTORS

    AUTOMATION &

    DEV-OPS

    ADVANCED

    THREATS UX / USABILITYCOMPLIANCESOC ADOPTION INDUSTRIAL / OT

    Spilt-task VDOM and

    FTNT Product Integration

    New SDN and Threat

    Feed Connectors

    VPN setup and rule

    definition enhancements

    Public Cloud extensions

    and FortiMeter Support

    Additional Triggers

    and Actions

    Flow-based Inspection

    Improvements

    Consolidated risk View on

    Topology Map

    Linking Fabric Rating

    checks with standards

    Enhancements to policy

    setup and visibility

  • © Fortinet Inc. All Rights Reserved. 7© Fortinet Inc. All Rights Reserved. 7

    SDN | MULTI - CLOUD | IAAS | AUTOMATION | THREAT FEEDS | SSO

    SECURITY FABRIC: CONNECTORS

  • © Fortinet Inc. All Rights Reserved. 8© Fortinet Inc. All Rights Reserved. 8

    Types of partner integrations

    Fabric Connectors • Fortinet develops specific code in our

    products

    • Explicitly referenced in our GUI/CLI

    • Mainly based on APIs

    • Feature development made by FTNT

    • Validation might require testing with the partner

    Fabric-Ready (Fabric APIs) • Partner developed solutions to

    integrate with FTNT products

    • Based on existing APIs and/or standard protocols(RADIUS, SYSLOG, SSH, etc)

    • (usually) no specific code development from FTNT side

    • FTNT tests solution to assure it works as expected

  • 9

    FOS 6.2b3 Fabric Connectors

    30

    FOS 6.2b3 Fabric Connectors roadm

    ap

  • 10© Fortinet Inc. All Rights Reserved.

    Fabric Connectors

    Threat Feeds Connectors

     Extends existing external list integration with new list types and usages

     supports username/password authentication while retrieving from external DB

    Remote

    category on

    web filter

    profile

    Address

    object on

    firewall policy

    / Domain

    Filter

    Remote

    category on

    DNS filter

    profile

    Virus

    Outbreak

    Prevention

    on AV profile

    Authentication Option

  • 11© Fortinet Inc. All Rights Reserved.

    Fabric Connectors

    Cloud and SDN Connectors

     Increase number of connectors to public clouds and SDN components

     Multiple fabric connectors of any type to can be defined

  • 12

    IDENTITY MGMT. IoT/OT/NAC

    Snapshot in 2019; new partners added continuously.

    ENDPOINT

    SIEM

    CLOUDSDN/NFV & VIRTUALIZATION

    MANAGEMENT

    Fortinet Fabric Technology Alliances

  • 13© Fortinet Inc. All Rights Reserved.

    INDUSTRIAL SECURITY | OT |

    SECURITY FABRIC: INDUSTRIAL

  • 14

    Valve

    Fan

    Pump

    Segmentation and Encrypted

    Communication (FortiGate)

    Vulnerability and Patch Management

    (FortiWeb, FortiClient and FortiGate)

    Access Control – Users, Devices,

    Applications and Protocols (FortiGate

    and FortiAuthenticator)

    Secure Access

    (FortiSwitch/FortiAP/FortiExtender)

    Visibility, behavioral Analytic, tracking

    and simplicity: (Fortisiem, FAZ,

    Nozomi, FortiClient , Fortiswitch,

    FortiAP and FortiGate)

    Industria = Hay que securizarlo también

  • 15© Fortinet Inc. All Rights Reserved.

    SDWAN | SDBRANCH| FORTIAP | FORTISWITCH |

    SECURITY FABRIC: SD-WAN

  • 16

    Branch

    MPLS

    IPSec VPN

    Public Cloud

    Private Cloud

    Aplicaciones críticas son redirigidas

    a otro túnel si las condiciones de la

    línea bajan de ciertos umbrales.

    Acceso directo balanceado a Internet

    para SaaS y contenido público

    Aplicaciones no

    críticas se balancean

    para aprovechar

    mejor el ancho de

    banda

    Aplicaciones críticas como

    Voz/Vídeo elige el mejor

    camino en términos de

    latencia, jitter y pérdidas.

    Internet

    ¿Que es SDWAN Segura?

  • 17

    Extender SD-WAN a SD-Branch

    Data Center

    Internet

    Multi-Cloud

    SaaS

    Simplified Management Integrated Security Lower TCO

    FortiSwitch

    FortiAP

    FortiAP FortiLink