Upload
vanque
View
222
Download
4
Embed Size (px)
Citation preview
© Copyright Fortinet Inc. All rights reserved.
Fortinet Security FabricPeter KocikSystems Engineer, CEE
2Fortinet - Confidential
Infrastructure. Constant Change.
GreenGoogle’s 13 data centers use 0.01% of global power
SDN/NFVSoftware-defined everything. SD WAN
SaaSOn average, companies have 10+ applications running via the Cloud
IaaSSecurity still the No.1 inhibitor
IoT35B devices, mostly headless attaching to the network
Virtualization80% of data center apps are virtualized
MobileNo control of endpoints (BYOD)
SocialBandwidth ever increasing
BandwidthWi-Fi speeds rival LANs. 100G networks here
AnalyticsBig Data
Internet 2100 Gbps and
UHDTV
5GWireless
FUTURE
100G
3Fortinet - Confidential
Accidental Architecture
§Routers§Switches§Wireless Access
NETWORKTEAM
MESSAGINGTEAM
SECURITY TEAM
OS TEAM
§Firewall§ IPS§Web Application
§Desktop OS§Antivirus§Mobile Device Mgmt
§Email§ Instant Messaging§Voice§Unified
CommunicationMany Isolated Point Solutions
4Fortinet - Confidential
The attack surface has increased dramatically, everywhere, inside and out.
PoSIoT
UTM
NGFW
Campus
Mobile
Endpoint
Data Center
DCFWBranch Office
Internal External
5Fortinet - Confidential
Fortinet Security Fabric
AccessEndpoint Application Cloud
NOC/SOCAdvanced
Threat Intelligence
Network
Fabric Ready
• Scalable• Aware• Secure• Actionable• Open
6Fortinet - Confidential
Aware - The Fabric gives you complete visibility allowing network segmentation
7Fortinet - Confidential
Aware - The Fabric gives you complete visibility allowing network segmentation
8Fortinet - Confidential
FortiMail
FortiClient
FortiGateAdvanced
ThreatProtection
Appliance Virtual Cloud
App Control Antivirus Anti-spam
IPS Web App Database
WebFiltering
VulnerabilityManagement
Botnet MobileSecurity
CloudSandbox
DeepApp Control
Partner
FortiWeb
Actionable – The Fabric cuts Time to Protect from hours to seconds
9Fortinet - Confidential
Open – The Fabric allows integration of existing security solutions
SIEM
PrivateCloud(SDN)Endpoint
PublicCloud
Vulnerability
Management
10Fortinet - Confidential
Attacker Defender Life Cycle – Kill Chain
Threat Methodology
Defender ResponseIncreasing Risk and Cost to the Business
Recon Weaponize Delivery Exploit C&C Internal Recon Maintain
Prepare Prevent Detect Response
Zero-DaySocial Engineering
Botnet Lateral MovementRecruitment
EvadeInfection Vector
11Fortinet - Confidential
Continuous Monitoring and Analytics
PrepareSegmentationProcessesTraining
PreventHardenIsolate
Network Application
Endpoint
DetectATP
SIEMTIS
RespondContainRemediate Clean
12
34
12Fortinet - Confidential
End-to-End Security OperationsSandbox to SIEM
AutomationCustom Feed
Security Analysts
Sandbox IOC Extraction
Samples Sent for Automated Extraction
Restful API
Telemetry Flow2M+ Sensors
50B+ Daily Events
FortiGuard Global CTI
FP Reduction
Global Context
Global CTI Database
Do not delete dot – for animation
Value-Added
ServicesCustomers
QA
CTI Platform
SIEM
SOC / MSS
001001101100100011
Respond