© Copyright Fortinet Inc. All rights reserved.

Third Generation of Network Security

The Fortinet Security Fabric

Jose Grandmougin – Director System Eng.

jgrandmougin@fortinet.com

2 2

Enterprise SMBTelco

Slow Is BrokenToday’s Network Is Borderless Complexity Is The Enemy of Security

Enterprise Firewall Cloud Security Advenced Persistent Threat Application Security Security OperationsSecure Access

Emerging Security Challenges

Fortinet’s mission is to deliver the most innovative, highest performing

network security fabric to secure and simplify your IT infrastructure

3

Generation of security solutions

1rst Generation 2nd Generation

Application

ControlWeb application

security

Advance threat

Protection

Anti botnet

Antivirus Intrusion

preventionDDOS

Protection

…

Firewall Ipsec VPN

4

Advanced

Threat

Intelligence

Access

Client Cloud

Partner API

NOC/SOC

Network

Application

BROAD

POWERFUL

AUTOMATED

3rd Generation

5

Flexible/Open

Broad – The Fabric Gives You Complete Visibility, Coverage and Flexibility Across The Entire Dynamic Attack Surface

CoverageVisibility

Application Security

Cloud Security

Client/IoT Security

Access Security

Network Security

6

Broad – The Fabric Allows Flexible, Open Integration of Other Security Partners

7

Powerful – Increasing Performance Reduces The Burden on Infrastructure

Comprehensive

Range

Parallel Path

Processing

Security Processors

(SPU’s)

Accelerates

Content Inspection

Optimized

Performance for

Entry Level

Accelerates

Network Traffic

High End

Mid Range

Entry

Level

1 Tbps

8

Automated to Provide a Fast, Coordinated Response to Threats

CoordinatedAudit & RecommendGlobal & Local

Known Threats

FortiGuard

Unknown Threats

FortiSandbox

ISFW-PRI

Demo_ISFW-Sales

Demo_ISFW-Finance

Demo_ISFW-ENG

FP320C3X15002440

2.62 GB

9

Apply to FabricFabric TranslationBusiness Language

“Add This Mobile Phone

to This Application

Securely”

“Convert into Policies,

Ports, Connections…”

Allows Intent-based Network Security, Powered by FabricWE CAN NOW AUTOMATICALLY TRANSLATE BUSINESS NEEDS TO INFRASTRUCTURE POLICIES

10

THE FORTINET SECURITY FABRICThe Fortinet Security Fabric is the vision that delivers on the promise of Security

without Compromise: Broad, Powerful and Automated

Advanced Threat

Intelligence

Access

Client Cloud

Partner API

NOC/SOC

Network

Application

THE FORTINET SECURITY FABRIC REALIZED

12

FORTINET SECURITY FABRIC

DDoS Protection

Database

Protection

Web Application

Firewall

Application

Delivery

Controller

Top-of-Rack

BRANCH

OFFICE

Distributed Ent FW

LTE Extension

Endpoint

Protection NGFWSecure Access

Point

IP Video

Security

Email

Server

Web Servers

SDN, Virtual

Firewall

DCFW/

NGFW

Sandbox

Internal

Segmentation

FW

Sandbox

Switching

Internal

Segmentation FW

Email

Security

Internal

Segmentation

FW

CAMPUS

Internal

Segmentation FW

DATA CENTER/PRIVATE CLOUD

Virtual

Firewall

FortiCloud

Client Devices

Client Devices

PUBLIC CLOUD

OPERATIONS CENTER

13

FORTINET SECURITY FABRIC

DDoS Protection

Database

Protection

Web Application

Firewall

Application

Delivery

Controller

Top-of-Rack

BRANCH

OFFICE

LTE Extension

Endpoint

Protection

FortiGate

NGFWSecure Access

Point

IP Video

Security

Email

Server

SDN, Virtual

Firewall

FortiGate

DCFW/

NGFW

Sandbox

FortiGate Internal

Segmentation FW

Sandbox

Switching

FortiGate Internal

Segmentation FW

Email

Security

FortiGate Internal

Segmentation FW

FortiGate Internal

Segmentation FW

CAMPUS

Client Devices

DATA CENTER/PRIVATE CLOUD

Web Servers

ENTERPRISE

FIREWALL

FortiGate/FortiWiFi

Distributed Ent FW

Client Devices

FortiManager

FortiAnalyzer

FortiSIEM

OPERATIONS CENTER

Virtual

Firewall

FortiCloud

PUBLIC CLOUD

14

FORTINET SECURITY FABRIC

DDoS Protection

Database

Protection

Web Application

Firewall

Application

Delivery

Controller

Top-of-Rack

BRANCH

OFFICE

LTE Extension

CAMPUS

Secure Access

Point

IP Video

Security

Switching

FortiGate

NGFW

FortiGate

DCFW/

NGFW

FortiGate Internal

Segmentation FW

FortiGate Internal

Segmentation FW

FortiGate Internal

Segmentation FW

FortiGate Internal

Segmentation FW

FortiGate VMX

SDN, Virtual

Firewall

DATA CENTER/PRIVATE CLOUD

Web Servers

ENTERPRISE

FIREWALL

Client Devices

CLOUD SECURITY

Client Devices

Endpoint

Protection

Email

Server

Sandbox

Sandbox

Email

Security

OPERATIONS CENTER

Fortinet

Virtual Firewall

FortiManager

FortiAnalyzer

FortiSIEM

FortiCloud

PUBLIC CLOUD

FortiGate/FortiWiFi

Distributed Ent FW

15

FORTINET SECURITY FABRIC

DDoS Protection

Database

Protection

Application

Delivery

Controller

Top-of-Rack

BRANCH

OFFICE

LTE Extension

CAMPUS

FortiClientSecure Access

Point

IP Video

Security

Switching

FortiGate

NGFW

FortiGate

DCFW/

NGFW

FortiGate Internal

Segmentation FW

FortiGate Internal

Segmentation FW

FortiGate Internal

Segmentation FW

FortiGate Internal

Segmentation FW

FortiGate VMX

SDN, Virtual

Firewall

DATA CENTER/PRIVATE CLOUD

Web Servers

CLOUD SECURITYADVANCED THREAT

PROTECTION

ENTERPRISE

FIREWALL

FortiClient

FortiSandbox

FortiClient

FortiSandbox

FortiMail

Email Security

Email

Server

FortiWeb

Web Application

Firewall

OPERATIONS CENTER

FortiManager

FortiAnalyzer

FortiSIEM

Fortinet

Virtual Firewall

FortiCloud

PUBLIC CLOUD

FortiCloud Sandboxing

FortiGate/FortiWiFi

Distributed Ent FW

16

FORTINET SECURITY FABRIC

Top-of-Rack

BRANCH

OFFICE

LTE Extension

CAMPUS

FortiClientSecure Access

Point

IP Video

Security

Switching

FortiGate

NGFW

FortiGate

DCFW/

NGFW

FortiGate Internal

Segmentation FW

FortiGate Internal

Segmentation FW

FortiGate Internal

Segmentation FW

FortiGate VMX

SDN, Virtual

Firewall

FortiDDoS Protection

FortiWeb

Web Application

Firewall

FortiADC

Application

Delivery

Controller

DATA CENTER/PRIVATE CLOUD

Web Servers

FortiGate Internal

Segmentation FW

APPLICATION

SECURITY

ENTERPRISE

FIREWALL

FortiClient

FortiSandbox

FortiClient

FortiSandbox

FortiMail

Email Security

FortiDB

Database

Protection

CLOUD SECURITYADVANCED THREAT

PROTECTION

Email

Server

OPERATIONS CENTER

FortiManager

FortiAnalyzer

FortiSIEM

Fortinet

Virtual Firewall

FortiCloud

PUBLIC CLOUD

FortiCloud Sandboxing

FortiGate/FortiWiFi

Distributed Ent FW

17

FORTINET SECURITY FABRIC

FortiWeb

Web Application

Firewall

FortiADC

Application

Delivery

Controller

Top-of-Rack

BRANCH

OFFICE

FortiExtender

LTE Extension

CAMPUS

FortiClientSecure Access

Point

IP Video

Security

FortiGate

NGFW

FortiGate

DCFW/

NGFW

FortiGate Internal

Segmentation FW

FortiGate Internal

Segmentation FW

FortiGate Internal

Segmentation FW

FortiGate VMX

SDN, Virtual

Firewall

FortiDDoS Protection

FortiGate Internal

Segmentation FW

DATA CENTER/PRIVATE CLOUD

Web Servers

SECURE ACCESS APPLICATION

SECURITY

ENTERPRISE

FIREWALL

FortiClient

FortiSandbox

FortiClient

FortiSandbox

FortiMail

Email Security

FortiSwitch

Switching

CLOUD SECURITYADVANCED THREAT

PROTECTION

FortiSwitch

Switching

Email

Server

FortiDB

Database

Protection

OPERATIONS CENTER

FortiManager

FortiAnalyzer

FortiSIEM

Fortinet

Virtual Firewall

FortiCloud

PUBLIC CLOUD

FortiCloud Sandboxing

FortiCloud AP Management

FortiGate/FortiWiFi

Distributed Ent FW