Introduction to the Fortinet Security Fabric Introduction to the Fortinet Security Fabric manager systems

  • View
    10

  • Download
    0

Embed Size (px)

Text of Introduction to the Fortinet Security Fabric Introduction to the Fortinet Security Fabric manager...

  • © Copyright Fortinet Inc. All rights reserved.

    Introduction to the Fortinet Security Fabric

    manager systems engineering Erwin Schürmann CISSP

  • 2

    “All organizations should now assume that they are in a state of continuous compromise.” - Gartner, 14-2-2014

    A TRUE STATEMENT?

    Source: Gartner. Designing an Adaptive Security Architecture for Protection From Advanced Attacks. February 2014.

  • 3

    SECURITY HAS CHANGED

    3.2BILLIONINTERNETUSERS 1.3BILLIONSMARTPHONES SHIPPED WORLDWIDE 3BILLIONNEW DEVICES PER YEAR THROUGH 2020 INCREASE IN CYBER THREATS

    10,000x PUBLIC CLOUD MARKET IS ESTIMATED TO REACH $191BILLION

  • 4

    So have the Risks

    Email Attachment

    Web drive-by

    Email link

    Download malware

    Network propagation

    Incident count

    Top 5 Avenues for Crimeware

    Source: Verizon. 2016 Data Breach Investigations Report. 2016.

  • 5

    Given the Time Malware Remains Undetected

    Random Detection (average ~200 days,

    prior to response)

    DURATION

    IM PA

    C T

  • 6

    Problem No.1 – Expanded Attack Surface ENCRYPTED TRAFFIC INCREASING MULTIPLE CLOUD TYPES

    IP ENABLED OPERATIONAL TECH (OT) BROADBAND WAN ACCESS

    BROAD Visibility and Protection

  • 7

    Problem No.2 – Increased Security Complexity TOO MANY POINT SECURITY PRODUCTS TOO MANY SECURITY CONSOLES

    NO SHARING OF THREAT INTELLIGENCE AND MITIGATION INFORMATION INCREASING COMPLIANCE REQUIREMENTS

    INTEGRATED Detection and Response

  • 8

    Problem No.3 – Rapidly Changing Advanced Threats TOO MANY SECURITY ALERTS (HOW TO PRIORITIZE)

    NEED RAPID AND SMART ANALYSIS APPLIED TO DIRECT ACTION

    HIRING CRITICAL CYBERSECURITY SKILLS WHAT IS MY SECURITY STANDING?

    (THREAT SCORE)

    AUTOMATED Operations and Analytics

  • 9

    Security

    ComplianceInfrastructure

    Cybersecurity is a foundation of Digital Business

     The Evolving Security Landscape » Advanced Threats » Detect and Respond » Ransomware

     Governance/Compliance » Digital Risk Framework » Industry Regulation » 3rd Party Certification

     Infrastructure Evolution (New Edge) » Data in Public Cloud » Headless OT/IoT Devices » The Need for Speed

  • 10

    Stopping Advanced Threats require rapid communication of Security elements

    1980s

    Hardware Theft

    Pe rfo

    rm an

    ce D

    eg ra

    da tio

    n

    Viruses & Spyware

    Intrusion & Worms

    Malicious Apps

    Advanced Targeted Attacks

    Spam

    Today

    Malicious Sites

    Machine to Machine Attacks

    Anti-malware

    Firewall

    Exploits Vulnerability Management

    Intrusion Prevention

    Secure Email Gateway

    Botnets

    Network Segmentation

    Application Control

    IP Reputation

    URL Filtering

    Advanced Threat Protection

    Point Products CONTENT BASED SECUTY

    Rapid Communication & Action INFRASTRUCTURE

    CONNECTION SECURITY

  • 11

    Digital Attack Surface Requires an Adaptive Security Framework

    RAPID RESPONSE INTEGRATED DETECTION OF UNKNOWN THREATS

    PROTECT AGAINST KNOWN THREATS

    IDENTIFY THE BROAD ATTACK SURFACE

    AUTOMATED TRUST ASSESSMENT

    NOC

    SOC

  • 12

    2018 Fortinet Security Fabric A Security Architecture that provides:

    BROAD Visibility & Protection of the Digital Attack Surface

    INTEGRATED Detection of Advanced Threats

    AUTOMATED Response & Continuous Trust Assessment

    Delivered as:

    Appliance Virtual Machine

    Hosted Cloud

    NETWORK

    MULTI-CLOUDPARTNER API

    EMAILUNIFIED ACCESS

    IOT-ENDPOINT WEB APPS

    ADVANCED THREAT PROTECTION

    MANAGEMENT-ANALYTICS

    Software

  • 13

    2018 Fortinet Solutions Network Security

    Multi-Cloud Security

    Endpoint Security

    Email Security

    Web Application Security

    Secure Unified Access

    Advanced Threat Protection

    Management - Analytics

    FortiGate Enterprise Firewall

    FortiGate Cloud Firewall

    Network Security

    FortiClient EPP

    FortiWeb Web Application

    Firewall

    FortiMail Secure Email

    Gateway

    FortiSandbox Advanced Threat

    Protection

    FortiAnalyzer Central Logging /Reporting

    FortiManager Central Security Management

    FortiSIEM Security Information &

    Event Management

    FortiGate Virtual Firewall Network Security

    FortiAP Wireless

    Infrastructure

    FortiSwitch Switching

    InfrastructureSWG

    SD-WAN

    IPS

  • THE FORTINET SECURITY FABRIC SOME EXAMPLES

  • 15

    Flexible/Open

    Broad – The Fabric Gives You Complete Visibility, Coverage and Flexibility Across The Entire Dynamic Attack Surface

    CoverageVisibility

    Application Security

    Cloud Security

    Client/IoT Security

    Access Security

    Network Security

  • 16

    Fortinet Security Fabric Topology View Fabric Integration

    Internet

    NGFW

    ISFW.2

    ISFW.1

    SD-WAN NGFW

    NGFW

    Cloud NGFWSaaS / CASB

    Virtual FW Switch.1

    Switch.2 WiFi.3

    WiFi.2

    WiFi.1

    Switch.3

    HOSTS (APPS)

    CLIENTS (DEVICES)

    Email WAF

    Advanced Threat Protection

    32

    3

    3

    13

    4

    1

    1

    Manager Analyzer

    5 2 1 11733 111

  • 17

  • 18

    Broad – The Fabric Allows Flexible, Open Integration of Other Security Partners

  • 19

    Multi-Cloud Security Connectors

    Networking

    Servers

    Virtualization

    O/S

    Applications

    API

    Data

    SaaS

    SaaS Cloud

    CASB CONNECTORS

    Networking

    Servers

    Virtualization

    O/S

    Applications

    Virtual Security

    Data

    Private

    Private Cloud

    SDN CONNECTORS

    Networking

    Servers

    Virtualization

    O/S

    Applications

    Cloud Security

    Data

    Public

    Public Cloud

    CLOUD CONNECTORS

    Single Console

    Connectors

  • 20

    Powerful – Increasing Performance Reduces The Burden on Infrastructure

    Comprehensive Range

    Parallel Path Processing

    Security Processors (SPU’s)

    Accelerates Content Inspection

    Optimized Performance for Entry Level

    Accelerates Network Traffic

    High End

    Mid Range

    Entry Level

    1 Tbps

  • 21

    Less Latency

    Less Power

    Less Space

    More Performance

    FortiGate 3980E > 1Tbps FW FortiGate 7060E > 100bps NGFW

    Powerful – The Fastest Network Security Appliance’s on the market

  • 22

    Automated to Provide a Fast, Coordinated Response to Threats

    CoordinatedAudit & RecommendGlobal & Local

    Known Threats FortiGuard

    Unknown Threats FortiSandbox

    ISFW-PRI

    Demo_ISFW-Sales

    Demo_ISFW-Finance

    Demo_ISFW-ENG

    FP320C3X15002440

    2.62 GB

  • 23

    Automated Security Audit and Recommendations

  • 24

    Workflow Automation

    Automated workflows using triggers to deliver appropriate actions

    AUTOMATED WORKFLOW

    Notification Reports Quarantine Adjust Configuration

    ACTIONSTRIGGERS

    System Events

    Threat Alerts

    User & Device Status

    External Inputs

    Automation

  • Introduction to the Fortinet Security Fabric Slide Number 2 Slide Number 3 So have the Risks Given the Time Malware Remains Undetected Problem No.1 – Expanded Attack Surface Problem No.2 – Increased Security Complexity Problem No.3 – Rapidly Changing Advanced Threats Cybersecurity is a foundation of Digital Business Stopping Advanced Threats require rapid communication of Security elements Digital Attack Surface Requires an Adaptive �Security Framework Slide Number 12 2018 Fortinet Solutions THE FORTINET SECURITY FABRIC �SOME EXAMPLES Slide Number 15 Fortinet Security Fabric Topology View Slide Number 17 Slide Number 18 Multi-Cloud Security Connectors Slide Number 20 Slide Number 21 Slide Number 22 Slide Number 23 Workflow Automation Slide Number 25

View more >