Managed Security Services by Fortinet

Fortinet Confidential

Managed Security Servicespowered by Fortinet

http://www.exclusive-networks.be/

Fortinet Confidential 22

Agenda

Fortinet Introduction

MSSP Requirements

1

2

Fortinet Solution3

Summary4


Company Overview• Leading provider of

ASIC-accelerated ‘Unified Threat Management’ (UTM) Security Solutions

• FW, VPN, SSL, AV, IPS, AS, URL & Content filtering

Database Security : Vulnerability Assessment + Monitoring & Auditing

• Company Stats Founded in 2000

Silicon Valley based with offices worldwide

Seasoned executive management team

1,050+ employees / 550+ engineers

350,000+ FortiGate devices shipped worldwide

• Strong, validated technologies and products 18 patents; 80+ pending

Seven ICSA certifications (first and only security vendor)

Government Certifications (FIPS-2, Common Criteria EAL4+)

Virus Bulletin 100 approved (2005, 2006, 2008)


Fortinet Leads Across UTM Market

“Fortinet is the leading vendor in the UTM security appliance market”

“Fortinet’s UTM product portfolio is seeing success across all price bands, including the high end, which has been the hardest sell for many vendors”


Backed by Global Services Offerings

Security updates via global update servers & engineering team …

… and customer support centers located throughout the world

Fortinet support centersFortiGuard update server locations

Fortinet Confidential 6Fortinet Confidental 6

FortiGuard™ Security Subscriptions

Source: FortiGuard™ Subscription Service

3 hr response Premier SLA Available 24 x 7 Global Threat Research Lab

Antivirus (AV)Antivirus (AV)

21%

9%

9%

7%7%2%2%2%2%1%

38%

1 W32/Bagle.DW-mm 2 W32/Netsky!similar 3 W32/Grew.A!wm 4 HTML/Iframe_CID!exploit 5 W32/Bagle.DY-mm 6 W32/Bagle.DX-mm 7 W32/MyTob.fam-mm 8 W32/MyDoom.M-mm 9 W32/Mytob!similar 10 W32/MyTob.BH.fam-mm . [Non Top 10]

(Includes Anti-Spyware)

Intrusion PreventionSystem (IPS)

Intrusion PreventionSystem (IPS)

edonkeybit_torrentgnutellaMicrosoft.IE.CreateTextRange.Remote.Code.Executionoverlong_uri Slammer MS.Windows.ASN.1.Bitstring.Heap.Overflow.HTTP.BMS.Exchange.XLINK2STATE.CHUNK.OverflowCyberKit.2.2 Apache.CGI.Byterange.Request.DoS

Web Content Filtering (WCF)

Web Content Filtering (WCF)

82+ offensive and dangerous categories

Best Accuracy and Coverage in the Industry!

Anti-Spam(AS)

Anti-Spam(AS)

Greater than 94% spam catch rate

Less than 0.01% false positive rate

FortiGuard Security Subscription enables customers to realize the full potential of the FortiGate product Family


Agenda


MSSP Requirements

1

2

Fortinet Solution3

Summary4


SOC

Centralization & Consolidation

Centralized management of decentralized devices


Security Operations Center

INTERNETCustomer Network

MPLS, Frame, Leased Line

Virtual security devices

BelgacomPortugal Telecom9UF TelecomSFR…

Centralization & Consolidation

Centralize everythingIn-the-cloud services


Security Requirements

• Firewall• IPSec/SSL• Anti-Virus• Anti-Spam• IPS• URL filtering• Content filtering• Application Control

(P2P, IM,…)• Authentication &

Authorization• Reporting

• Traffic Shaping• Routing capabilities• DDoS resistance• High Availability• Ease of administration• Ease of provisioning• Integration in existing

environments• Compliancy (archive, best

practices,…)

Fortinet offers complete solution for all these requirements


Agenda


MSSP Requirements

1

2

Fortinet Solution3

Summary4


Fortinet Key Components

• Enterprise level UTM• Unique virtualization concept for all security features• Powerfull centralized Management• Extensive centralized Logging and Reporting• Comprehensive Anti-Spam & mail compliancy

solution


Enterprise level UTM

• ASIC based performance AV + IPS acceleration Firewall + IPSec/SSL

acceleration

• Carrier grade HW• High Availability• Connectivity


FortiManager

Unique virtualization concept: VDOMsEach VDOM contains its own virtual interfaces, route table, state table, application proxies, protection profiles...


Virtualized Network Security

Each VDOM can be configured with custom:

Virtual Routing features (Static, PBR, OSPF, BGP, RIP, Multicast)

Virtual Firewall (All Firewall features)

Virtual VPN (IPSec VPN, SSL VPN, PPTP)

Virtual IPS (Signature/Anomaly based, Protocol decoding)

Virtual Web filtering (84 Web Filter categories)

Virtual Antivirus (HTTP, FTP, SMTP, IMAP, POP3, NNT, ICQ, MSN, Yahoo, AIM)

Virtual Antispam (SMTP, POP3, IMAP)

Virtual IM/P2P security


Multiple Administrative domains• Administrative Domain (ADOM)• Per customer/device group policy management• Per customer/device report generation• Supports VDOM groups and device groups or

combinations of them

Fortimanager

Admin 2 Device Group 2

Device Group 1

FortiAnalyzer

Admin 1

Customer 1

Customer 2

Powerfull centralized Management


Extensive centralized Logging and Reporting

Customizable with Customer/Private Branding

Per customer reporting Per customer log access


Anti-Spam & mail compliancy solution

• Email is a mission critical communication tool for corporation and business of all sizes

• Security implications associated with Email has brought new challenges to business

• A comprehensive email security strategy must be able to meet all these new business challenges


Email Security Challenges

Solution is needed to provide full protection on both inbound and outbound mails

Easy to deploy and manage with minimum impact on current infrastructure


Introducing FortiMail

• FortiMail sits at a different place in the network

• FortiMail provides a different type of AS/AV inspection for email traffic only

• FortiGate’s perimeter location means it is latency sensitive, unlike email traffic which can be delayed without notice

• FortiMail devices contain large amounts of disk space for mail quarantine and storage

• Email archiving and routing should not be performed from the network perimeter

• FortiMail and FortiGate combined offer an improved level of layered email security for the network


FortiMail Secure Email Messaging Platforms

FortiMail-400 Recommended for 500-5,000 usersSME Deployments

2 x 250GB HDD Up to154,800 emails/hour (Full-Inspection)

RAID Support

FortiMail-100 Recommended for 1-1,000 users Small Business Deployments

250GB HDD Up to 54,000 emails/hour (Full-Inspection)

FortiMail-2000ARecommended for 1,000-20,000 users

Large Enterprise & Service Provider Deployments6 x 250GB HDD

Over 280,800 emails/hour (Full-Inspection) RAID Support

Redundant/Hot-Swappable Power Supplies & Fans

Inbound/Outbound inspection with a single device No per user license, no user or mailbox restrictions All models support High Availability (HA) configurations

FortiMail-4000ARecommended for 8,000-35,000 users

Large Enterprise/ Service Provider Deployments12 x 250GB HDD

Over 295,200 emails/hour (Full-Inspection)RAID Support

Redundant/Hot-Swappable Power Supplies & Fans


FortiMail Overview

Flexible Deployment Options The only email security solution that can be deployed in transparent, gateway or email server mode

Maximum detection accuracy of Email-based threats

Integrated Multi-Threat/Blended-Threat detection including: Antispam, antivirus, antispyware and antimalware detection, all powered by the FortiGuard™ subscription service

Integrated Message Transfer Agent (MTA)

Specialized MTA engine for peak capacity, intelligent routing, QoS, virtualization, inbound and outbound SMTP routing

Inbound & Outbound Email Messaging Security

Unlike other messaging security products, FortiMail secures inbound and outbound mail with only one system

Email Archiving On-box archiving, facilitates regulatory compliance for content archiving

Logging and Reporting Integrated Logging and Reporting engine, provides visibility into email usage, quarantine statistics and others


Powered by FortiGuard Security Services

FortiGuard AntiSpam Security ServiceFortiGuard AntiSpam Security Service• Real-time updates block spam, phishing, and

ID theft• 15.3 Million new AS signatures in 2007

FortiGuard Antivirus Security ServiceFortiGuard Antivirus Security Service• Real-time updates block viruses, malware,

and spyware• 1.07 Million new AV signatures in 2007

Fortinet Global Malware Research Teams

•All AS and AV signatures developed by Fortinet, not 3rd parties

•Combined research of viruses, spam, and vulnerabilities creates synergy

•Security intelligence will not be acquired or impacted by competitive forces

•FortiMail integrates FortiClient’s certified engine/signatures

•Increasing communication between FortiGuard and FortiMail

•These are strong competitive differentiators

FortiMail Appliances FortiClient engine used in FortiMail Appliances


FortiMail Inbound Multi-Layered Security

SMTP

InboundRisks

FortiGuard™Security Services

FortiMail OS™

DOS/DDOSPrevention

DHAPrevention

Spam&

PhishingPrevention

Virus, Prevention

SpywarePrevention

Malware*Prevention

Inbound MTA Engine

EmailContentPolicy

Compliance

EmailArchiving


FortiMail Outbound Multi-Layered Security

FortiGuard™Security Services

FortiMail OS™

RBLPrevention

EmailContentPolicyDLP

Compliance

Spam&

PhishingPrevention

Virus, Prevention

SpywarePrevention

Malware*Prevention

Outbound MTA Engine

EmailArchiving

SpamZombieOr Bot

Detection

SMTP

Outbound Risks


FortiMail Operating Modes

• Transparent Mode (bridge mode) Requires no IP address changes Seamless integration into existing network environments FortiMail is placed in front of the existing email server

• Gateway Mode (relay mode) Proxy MTA services for existing email gateways DNS MX record change redirects email to FortiMail

• Server Mode Full email server functionality Full antivirus and antispam functionality Ideal for small to medium sized companies and remote branch

office locations (Models FE-100/400) Ideal for medium to large companies

(Models FE-2000)

Transparent

Gateway

Server


FortiMail in the MSSP environment

Transparent carrier deployment protecting against spam zombies …


MSSP, ISP & Telco References

• Belgacom (B) MSSP• ATOS (FR) MSSP• Magic Online (FR) Mail

service provider• Colt Telecom (D) Mail

service provider• SFR (FR) Both Mail & MSSP• Vodaphone EMEA wide for

Mail & Mobile (Ice, Ire, UK, Italy)

• Bezeq International (ISR) MSSP

• WM Data (Ice) Managed mail services

• Telenor (Nor) Telco• 3 (UK) 3G mobile operator• Portugal Telecom MSSP• Orange Poland• Orange Slovakia• Orange Israel• HEAnet (Ire) Managed

filtering


Agenda


MSSP Requirements

1

2

Fortinet Solution3

Summary4


Fortinet as market leader & innovator

• Invented the consolidated security principle (UTM)• ASIC based inspection• Virtualization in complete productline• Most certifications of any UTM vendor• Most complete solution from single vendor• Strong world wide market position in enterprise, telco,

MSSP and ISP• No user based licensing• MSSP technology applicable to the SMB as well!


Comprehensive Product Portfolio

Powerful Centralized Powerful Centralized Management & ReportingManagement & Reporting

Secure E-Mail & Client SoftwareSecure E-Mail & Client SoftwareFortiGate-50B – FortiGate-100A

SMB & Remote OfficeSMB & Remote Office

FortiGate-200A – FortiGate-800F

EnterpriseEnterprise

FortiGate-1000A – FortiGate-5000

Carrier, MSSP &Carrier, MSSP &Large EnterpriseLarge Enterprise


FortiGate-310B

• Hardware FortiASIC CP for UTM acceleration 8 FortiASIC Network Processor (NP)

accelerated ports 2 Copper non-NP accelerated ports 1 Single-width front AMC slot 1 GB System Memory 2 USB ports Backup DC connector (for future use) 1 RU height rack mount unit

• Throughput FG-310B Base Model

• 8 Gbps firewall throughput• 6 Gbps IPSec VPN throughput

With Optional AMC (as shown)• 12 Gbps firewall• 9 Gbps IPSec VPN • 14 x GigE ports

• Firmware FortiOS Multi-Threat Engine Supported by FortiManager Supported by FortiAnalyzer Supported by FortiGuard A&M Svc.


Corporate LAN

Finance

Sales

Application Servers

Internal Network Security Segmentation

More Granular Policy

Security Events Isolated

Increased Security

Previously unattainable due to performance and port count

Alternative was single security zone with no protection between LAN segments

Engineering

DMZ

FG-310B

Switch

Switch

Switch

Switch

Switch

Port 1

Port 2

Port

3 Port 4

Port 5


Next-generation Enterprise Security – Perimeter SecurityFirewall + Antivirus + IPS + Web Content Filtering

Secure Web AccessAllows network devices secure access to the Internet while blocking blended threats with the ICSA-certified multi-layered security protection platform


Next-generation Enterprise Security – Remote AccessFirewall + IPSec & SSL VPN + Antivirus + IPS

Secure Perimeter AccessEnterprise-class Firewall and VPN technologies, combined with next-generation Antivirus and Intrusion Prevention technologies ensure that remote users can easily access the corporate network while also ensuring that remote users are not introducing security risks


VDOMs in combination with VMware


Documents

Managed Security Services by Fortinet