Fortinet Security Fabric - Exclusive Networks USA 2018-02-03¢  FORTINET SECURITY FABRIC DDoS Protection

  • View
    7

  • Download
    0

Embed Size (px)

Text of Fortinet Security Fabric - Exclusive Networks USA 2018-02-03¢  FORTINET SECURITY FABRIC...

  • © Copyright Fortinet Inc. All rights reserved.

    Fortinet Security Fabric Emeka Mgbeahuru – Inside System Engineer

    June 7, 2017

  • 2

    Agenda

     Introduction

     Three Security Challenges Driving Fortinet’s Security Vision Today

     How This Vision is Being Realized With FortiOS

     Threat Intelligence

     Recap & Discussion

  • 3

    Cybersecurity is expanding to become Digital Security

    Security

    Compliance Infrastructure

    Cybersecurity at the New Edge

     Leadership and Governance

     The Evolving Threat Environment

  • 4

    Security Life Cycle Management NIST CYBERSECURITY FRAMEWORK

    Identify 1

    Protect 2

    Detect 3

    Respond 4

    Recover 5

    ie. Topology View

    ie. Access Control

    ie. IPS, AV

    ie. Mitigate

    ie. Topology View

  • 5

    Dissolving Network Perimeter

    IoT

    Mobile

    Windows

    Mac

    Access

    Campus

    WAN

    Core

    Private

    Public

    No Trust

    Trusted

  • 6

    1980s

    Hardware Theft

    P e

    rf o

    rm a

    n c e

    D e g

    ra d

    a ti o

    n

    Layer 1-2: Physical

    Layer 3-4:

    Layer 5-7: Viruses

    & Spyware

    Intrusion

    & Worms

    Malicious

    Apps

    Advanced

    Targeted Attacks

    Spam

    Today

    Malicious

    Sites

    Machine to

    Machine Attacks

    Threats (and Technologies To Counter Them) Constantly Evolve

    Antimalware

    Firewall

    Exploits Vulnerability Management

    Intrusion Prevention

    Secure Email

    Gateway

    Botnets

    Integrated Fabric

    Application Control

    IP Reputation

    URL Filtering

    Advanced Threat

    Protection

    Generation 2

    CONTENT

    Generation 3

    INFRASTRUCTURE

    Generation 1

    CONNECTION

  • 7

    Fortinet’s Vision: Protecting the Borderless Network with a Strong,

    Segmented Security Fabric

     BROAD

     POWERFUL

     AUTOMATED

    Advanced

    Threat

    Intelligence

    Access

    Client Cloud

    Partner API

    NOC/SOC

    Network

    Application

  • BROAD

    Deeper visibility and control throughout the Security Fabric

    to reduce the attack surface from IoT to Cloud

  • 9

    Flexible/Open

    Broad – The Fabric Gives You Complete Visibility, Coverage and Flexibility Across The Entire Dynamic Attack Surface

    Coverage Visibility

    Application Security

    Cloud Security

    Client/IoT Security

    Access Security

    Network Security

  • THE FORTINET SECURITY FABRIC

    REALIZED

  • 11

    FORTINET SECURITY FABRIC

    DDoS Protection

    Database

    Protection

    Web Application

    Firewall

    Application

    Delivery

    Controller

    Top-of-Rack

    BRANCH

    OFFICE

    Distributed Ent FW

    LTE Extension

    Endpoint

    Protection NGFW Secure Access

    Point

    IP Video

    Security

    Email

    Server

    Web Servers

    SDN, Virtual

    Firewall

    DCFW/

    NGFW

    Sandbox

    Internal

    Segmentation

    FW

    Sandbox

    Switching

    Internal

    Segmentation FW

    Email

    Security

    Internal

    Segmentation

    FW

    CAMPUS

    Internal

    Segmentation FW

    DATA CENTER/PRIVATE CLOUD

    Virtual

    Firewall

    FortiCloud

    Client Devices

    Client Devices

    PUBLIC CLOUD

    OPERATIONS CENTER

  • 12

    FORTINET SECURITY FABRIC

    DDoS Protection

    Database

    Protection

    Web Application

    Firewall

    Application

    Delivery

    Controller

    Top-of-Rack

    BRANCH

    OFFICE

    LTE Extension

    Endpoint

    Protection

    FortiGate

    NGFW Secure Access

    Point

    IP Video

    Security

    Email

    Server

    SDN, Virtual

    Firewall

    FortiGate

    DCFW/

    NGFW

    Sandbox

    FortiGate Internal

    Segmentation FW

    Sandbox

    Switching

    FortiGate Internal

    Segmentation FW

    Email

    Security

    FortiGate Internal

    Segmentation FW

    FortiGate Internal

    Segmentation FW

    CAMPUS

    Client Devices

    DATA CENTER/PRIVATE CLOUD

    Web Servers

    ENTERPRISE

    FIREWALL

    FortiGate/FortiWiFi

    Distributed Ent FW

    Client Devices

    FortiManager

    FortiAnalyzer

    FortiSIEM

    OPERATIONS CENTER

    Virtual

    Firewall

    FortiCloud

    PUBLIC CLOUD

  • 13

    FORTINET SECURITY FABRIC

    DDoS Protection

    Database

    Protection

    Web Application

    Firewall

    Application

    Delivery

    Controller

    Top-of-Rack

    BRANCH

    OFFICE

    LTE Extension

    CAMPUS

    Secure Access

    Point

    IP Video

    Security

    Switching

    FortiGate

    NGFW

    FortiGate

    DCFW/

    NGFW

    FortiGate Internal

    Segmentation FW

    FortiGate Internal

    Segmentation FW

    FortiGate Internal

    Segmentation FW

    FortiGate Internal

    Segmentation FW

    FortiGate VMX

    SDN, Virtual

    Firewall

    DATA CENTER/PRIVATE CLOUD

    Web Servers

    ENTERPRISE

    FIREWALL

    Client Devices

    CLOUD SECURITY

    Client Devices

    Endpoint

    Protection

    Email

    Server

    Sandbox

    Sandbox

    Email

    Security

    OPERATIONS CENTER

    Fortinet

    Virtual Firewall

    FortiManager

    FortiAnalyzer

    FortiSIEM

    FortiCloud

    PUBLIC CLOUD

    FortiGate/FortiWiFi

    Distributed Ent FW

  • 14

    FORTINET SECURITY FABRIC

    DDoS Protection

    Database

    Protection

    Application

    Delivery

    Controller

    Top-of-Rack

    BRANCH

    OFFICE

    LTE Extension

    CAMPUS

    FortiClient Secure Access

    Point

    IP Video

    Security

    Switching

    FortiGate

    NGFW

    FortiGate

    DCFW/

    NGFW

    FortiGate Internal

    Segmentation FW

    FortiGate Internal

    Segmentation FW

    FortiGate Internal

    Segmentation FW

    FortiGate Internal

    Segmentation FW

    FortiGate VMX

    SDN, Virtual

    Firewall

    DATA CENTER/PRIVATE CLOUD

    Web Servers

    CLOUD SECURITY ADVANCED THREAT

    PROTECTION

    ENTERPRISE

    FIREWALL

    FortiClient

    FortiSandbox

    FortiClient

    FortiSandbox

    FortiMail

    Email Security

    Email

    Server

    FortiWeb

    Web Application

    Firewall

    OPERATIONS CENTER

    FortiManager

    FortiAnalyzer

    FortiSIEM

    Fortinet

    Virtual Firewall

    FortiCloud

    PUBLIC CLOUD

    FortiCloud Sandboxing

    FortiGate/FortiWiFi

    Distributed Ent FW

  • 15

    FORTINET SECURITY FABRIC

    Top-of-Rack

    BRANCH

    OFFICE

    LTE Extension

    CAMPUS

    FortiClient Secure Access

    Point

    IP Video

    Security

    Switching

    FortiGate

    NGFW

    FortiGate

    DCFW/

    NGFW

    FortiGate Internal

    Segmentation FW

    FortiGate Internal

    Segmentation FW

    FortiGate Internal

    Segmentation FW

    FortiGate VMX

    SDN, Virtual

    Firewall

    FortiDDoS Protection

    FortiWeb

    Web Application

    Firewall

    FortiADC

    Application

    Delivery

    Controller

    DATA CENTER/PRIVATE CLOUD

    Web Servers

    FortiGate Internal

    Segmentation FW

    APPLICATION

    SECURITY

    ENTERPRISE

    FIREWALL

    FortiClient

    FortiSandbox

    FortiClient

    FortiSandbox

    FortiMail

    Email Security

    FortiDB

    Database

    Protection

    CLOUD SECURITY ADVANCED THREAT

    PROTECTION

    Email

    Server

    OPERATIONS CENTER

    FortiManager

    FortiAnalyzer

    FortiSIEM

    Fortinet

    Virtual Firewall

    FortiCloud

    PUBLIC CLOUD

    FortiCloud Sandboxing

    FortiGate/FortiWiFi

    Distributed Ent FW

  • 16

    FORTINET SECURITY FABRIC

    FortiWeb

    Web Application

    Firewall

    FortiADC

    Application

    Delivery

    Controller

    Top-of-Rack

    BRANCH

    OFFICE