Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
1© Copyright Fortinet Inc. All rights reserved. © Copyright Fortinet Inc. All rights reserved.
La Transformation de la sécuritérecquiert une “Security Fabric”
David KRZESIAK
Expert Securité Préventes
2
[Digital Transformation]
DXis the integration of digital technology into all
areas of a business, resulting in fundamental
changes to how businesses operate and how
they deliver value to customers.
3
[Security Transformation]
SXis the integration of security into all
areas of digital technology, resulting in
a Security Architecture that provides a
Continuous Trust Assessment.
4
More than 1 hour for
85%
Minutes Hours Days
Weeks Months Years
15%50%
27%
5%
2%
2%
Minutes Hours Days
Weeks Months Years
Dealing with today’s issues…
Areas of Greatest
Concern for Security*
Time to
Detect Breach*
Cloud
Vulnerability in IT systems
Inside Threats
BYOD
IoT
1
2
3
4
5
* Source: Fortinet-sponsored Lightspeed GMI survey
51%
OF ENTERPRISES
BREACHED
IN THE LAST 12 MONTHS*
3bnNEW DEVICES PER YEAR
THROUGH 2020
5
Digital Attack Surface Expanding and Becoming Invisible
Cloud
Access
Network
BROADAttack Surface
Devices
6
Too Many Point Solutions and New Regulations
Security
Consoles
Compliance
Point
Products
INTEGRATIONVery Difficult
Form
Factor
30+
7
Rapidly Changing Advanced Threats and Lack of Resources and Expertise
Skills
Maturity
Noise
AUTOMATIONCritical
Speed
8
Digital Attack Surface Requires an Adaptive Security Framework
RAPID RESPONSEINTEGRATED DETECTIONOF UNKNOWN THREATS
PROTECT AGAINST KNOWN THREATS
IDENTIFY THE BROADATTACK SURFACE
AUTOMATED TRUST ASSESSMENT
NOC
SOC
9
Fortinet Security Fabric
A Security Architecture that provides:
BROAD Visibility & Protection of the
Digital Attack Surface
INTEGRATED Detection of Advanced
Threats
AUTOMATED Response & Continuous
Trust Assessment
Delivered as:
Appliance Virtual
MachineHosted Cloud Software
10
How the Security Fabric Delivers ValueAddressing the pain across the network
TODAY’S NETWORK
IS BORDERLESS
BROAD
S E C U R I T Y S T R A T E G Y :
BROAD QUESTIONS
• Who is accessing the network? (employees, contractors, customers,
third parties)
• Where are they accessing the network from? (home office, branch
office, remote geographies)
• What types of devices, applications and services access the network?
(applications, laptops, desktops, mobile devices, IoT, OT, servers,
cloud services, B2B services)
• How are networks being accessed? (wired, wireless, VPN)
• When is the network being accessed and how does this affect usage?
(peaks and valleys by geo? business cycles? customer behaviors?)
• Does the customer have consistent visibility and policy control across
all aspects of their network?
11
How the Security Fabric Delivers ValueUnderstand the pain that comes from growth and change
TOO MANY POINT
SOLUTIONS
INTEGRATED
S E C U R I T Y S T R A T E G Y :
INTEGRATED QUESTIONS
• What security solutions are currently deployed?
• How are policies and processes currently managed? Is there a
1-to-1 mapping of the management interface(s) to the
departments responsible?
• How is threat intelligence shared across the organization? Can
all geographic regions consume the same information?
• Does the customer have any Fabric Ready partners deployed?
• How much have they invested in each vendor? Is each vendor
widely deployed?
12
How the Security Fabric Delivers ValueFind customer pains addressed by Automated Security Strategy
COMPLEXITY
IS THE ENEMY
OF SECURITY
AUTOMATED
S E C U R I T Y S T R A T E G Y :
AUTOMATED QUESTIONS
• How many incidents does the customer experience per month,
and, what is the average cost per incident?
• How many repeat incidents?
• What is the size of the customer’s IT/Sec team? Are they
buried on non-strategic tasks? What is the loaded labor rate for
an IT/Sec resource?
• What are the process, visibility and response improvements
that may result
13
FORTINET SECURITY FABRIC
DDoS Protection
Database Protection
Web ApplicationFirewall
ApplicationDeliveryController
Top-of-Rack
BRANCH
OFFICE
Distributed Ent FW
LTE Extension
Endpoint Protection NGFWSecure Access
Point
IP VideoSecurity
Email Server
Web Servers
SDN, VirtualFirewall
DCFW/ NGFW
Sandbox
Internal Segmentation
FW
Sandbox
Switching
Internal Segmentation FW
Email Security
Internal Segmentation FW
CAMPUS
Internal Segmentation FW
DATA CENTER/PRIVATE CLOUD
VirtualFirewall
FortiCloud
Client Devices
Client Devices
PUBLIC CLOUD
OPERATIONS CENTER
14
FORTINET SECURITY FABRIC
DDoS Protection
Database Protection
Web ApplicationFirewall
ApplicationDeliveryController
Top-of-Rack
BRANCH
OFFICE
LTE Extension
Endpoint Protection
FortiGateNGFW
Secure AccessPoint
IP VideoSecurity
Email Server
SDN, VirtualFirewall
FortiGateDCFW/ NGFW
Sandbox
FortiGate Internal Segmentation FW
Sandbox
Switching
FortiGate Internal Segmentation FW
Email Security
FortiGate Internal Segmentation FW
FortiGate Internal Segmentation FW
CAMPUS
Client Devices
DATA CENTER/PRIVATE CLOUD
Web Servers
ENTERPRISE FIREW ALL
FortiGate/FortiWiFiDistributed Ent FW
Client Devices
FortiManager
FortiAnalyzer
FortiSIEM
OPERATIONS CENTER
VirtualFirewall
FortiCloud
PUBLIC CLOUD
15
FORTINET SECURITY FABRIC
DDoS Protection
Database Protection
Web ApplicationFirewall
ApplicationDeliveryController
Top-of-Rack
BRANCH
OFFICE
LTE Extension
CAMPUS
Secure AccessPoint
IP VideoSecurity
Switching
FortiGateNGFW
FortiGateDCFW/ NGFW
FortiGate Internal Segmentation FW
FortiGate Internal Segmentation FW
FortiGate Internal Segmentation FW
FortiGate Internal Segmentation FW
FortiGate VMX SDN, Virtual
Firewall
DATA CENTER/PRIVATE CLOUD
Web Servers
ENTERPRISE FIREW ALL
Client Devices
CLOUD SECURITY
Client Devices
Endpoint Protection
Email Server
Sandbox
Sandbox
Email Security
OPERATIONS CENTER
FortinetVirtual Firewall
FortiManager
FortiAnalyzer
FortiSIEM
FortiCloud
PUBLIC CLOUD
FortiGate/FortiWiFiDistributed Ent FW
16
FORTINET SECURITY FABRIC
DDoS Protection
Database Protection
ApplicationDeliveryController
Top-of-Rack
BRANCH
OFFICE
LTE Extension
CAMPUS
FortiClientSecure AccessPoint
IP VideoSecurity
Switching
FortiGateNGFW
FortiGateDCFW/ NGFW
FortiGate Internal Segmentation FW
FortiGate Internal Segmentation FW
FortiGate Internal Segmentation FW
FortiGate Internal Segmentation FW
FortiGate VMX SDN, Virtual
Firewall
DATA CENTER/PRIVATE CLOUD
Web Servers
CLOUD SECURITYADVANCED THREATPROTECTION
ENTERPRISE FIREW ALL
FortiClient
FortiSandbox
FortiClient
FortiSandbox
FortiMailEmail Security
Email Server
FortiW ebWeb Application
Firewall
OPERATIONS CENTER
FortiManager
FortiAnalyzer
FortiSIEM
FortinetVirtual Firewall
FortiCloud
PUBLIC CLOUD
FortiCloud Sandboxing
FortiGate/FortiWiFiDistributed Ent FW
17
FORTINET SECURITY FABRIC
Top-of-Rack
BRANCH
OFFICE
LTE Extension
CAMPUS
FortiClientSecure AccessPoint
IP VideoSecurity
Switching
FortiGateNGFW
FortiGateDCFW/ NGFW
FortiGate Internal Segmentation FW
FortiGate Internal Segmentation FW
FortiGate Internal Segmentation FW
FortiGate VMX SDN, Virtual
Firewall
FortiDDoS Protection
FortiW ebWeb Application
Firewall
FortiADCApplicationDeliveryController
DATA CENTER/PRIVATE CLOUD
Web Servers
FortiGate Internal Segmentation FW
APPLICATIONSECURITY
ENTERPRISE FIREW ALL
FortiClient
FortiSandbox
FortiClient
FortiSandbox
FortiMailEmail Security
FortiDBDatabase Protection
CLOUD SECURITYADVANCED THREATPROTECTION
Email Server
OPERATIONS CENTER
FortiManager
FortiAnalyzer
FortiSIEM
FortinetVirtual Firewall
FortiCloud
PUBLIC CLOUD
FortiCloud Sandboxing
FortiGate/FortiWiFiDistributed Ent FW
18
FORTINET SECURITY FABRIC
FortiW ebWeb Application
Firewall
FortiADCApplicationDeliveryController
Top-of-Rack
BRANCH
OFFICE
FortiExtenderLTE Extension
CAMPUS
FortiClientSecure AccessPoint
IP VideoSecurity
FortiGateNGFW
FortiGateDCFW/ NGFW
FortiGate Internal Segmentation FW
FortiGate Internal Segmentation FW
FortiGate Internal Segmentation FW
FortiGate VMX SDN, Virtual
Firewall
FortiDDoS Protection
FortiGate Internal Segmentation FW
DATA CENTER/PRIVATE CLOUD
Web Servers
SECURE ACCESS APPLICATIONSECURITY
ENTERPRISE FIREW ALL
FortiClient
FortiSandbox
FortiClient
FortiSandbox
FortiMailEmail Security
FortiSwitchSwitching
CLOUD SECURITYADVANCED THREATPROTECTION
FortiSwitchSwitching
Email Server
FortiDBDatabase Protection
OPERATIONS CENTER
FortiManager
FortiAnalyzer
FortiSIEM
FortinetVirtual Firewall
FortiCloud
PUBLIC CLOUD
FortiCloud Sandboxing
FortiCloud AP Management
FortiGate/FortiWiFiDistributed Ent FW
19
Fortinet End-to-End Solution
NetworkSecurity
Multi-Cloud Security
Endpoint Security
Email Security
Web Application Security
SecureUnified Access
Advanced Threat Protection
Management& Analytics
FortiGate
Enterprise Firewall
FortiGate
Cloud Firewall
Network Security
FortiClient
EPPFortiWeb
Web Application
Firewall
FortiMail
Secure Email
Gateway
FortiSandbox
Advanced Threat
Protection
FortiAnalyzerCentral Logging /Reporting
FortiManagerCentral Security Management
FortiSIEMSecurity Information & Ev ent Management
FortiGate
Virtual Firewall
Network Security
FortiAP
Wireless
Infrastructure
FortiSwitch
Switching
Infrastructure
Endpoint
IoTMulti
Cloud Applications
Web Unified
AccessEmail Threat
Protection
AdvancedManagement
Analytics
FortiCASB
IPS
SWG
SD-WAN
VPN
20
Fabric Alliance Ecosystem
Cloud SDN Endpoint Management
Vulnerability/SIEM IoT/OT/NAC Identity Technology
21
Darwin 2.0
22