Virtualization Fortinet

8/6/2019 Virtualization Fortinet

1/11

Understanding VirtualizationProviding UTM Security Virtualization

,Saul Rosales, LatAm Channel Account Manager

Fortinet Confidential


2/11

Better Support

u ower

Consumption

Get a Better Return

TodaysIT Dept.

AddressTechnological

ComplexityMake IT

More Secure

ReduceOperating Costs


How do I optimally manage and utilize my IT infrastructure?


3/11

Virtualization decouples software from hardware.

Virtualization software or h ervisor is an

abstract layer between applications / operatingsystems and physical hardware.

machine.

Create shared pools of resources to optimize your n ras ruc ure.


4/11

Virtualization provides multiple instances of a software

.Allows server hardware to be shared by different applicationsProvides separate management of individual application access

Reduces network hardware and switch portsImproves utilization of under-used hardware resources

Data Centers / Enter rise use virtual servers to saverack space, electricity, cooling, cabling, and reduce ITstaffing requirements.Virtual Securit S stems

Optimize the use of security and networking hardwaresystems in data centersProvide custom levels of securit for each virtual server



5/11

-All Fortune 100 use virtualization solutions

c eve pos ve n o monAchieve TCO savings of 35%-75%Increase hardware utilization to 60%-80%Consolidation ratios:

10-15 : 1 in production15-20 : 1 in development & testing

Provisioning time cut from hours to minuteSave 40% by powering down underutilized physical serversDesktop management reduces power usage by 35% per year10:1 consolidation = 80%-90% less energy costsZero-downtime hardware maintenance


applications across physical hardware


6/11

Driving the benefits of virtualization across IT

3000 Desktops

1650 Desktops

% of x86 InfrastructureVirtualized

DataCenter

Desktop andRemote PCs

50%

50%

67%

Dev &Test

75%

IT InfrastructureHundreds

Hundreds

Dozens

4

4

15

sers es

Optimize network infrastructure

Manage and secure desktops

Maximize continuity and uptime

Optimize and automate lab infrastructure


7/11

Potential decrease in fault tolerance

ng e po n o a ure

Server management challengesPatching/rebooting physical host serversIncreased backup data and complexityVirtual server provisioning automation in heterogeneousenvironments (multiple virtualization platforms)New security risks: VM cross-infection, single point of attackMonitor both physical and virtual servers

Increased hardware re uirements for h sicalservers (memory / multi-port network adapters)Increased power consumption and cooling needs



8/11

Virtual Domains (VDOMs) are containers for virtualized

securit devices

Allows physical security hardware to be shared by differentdepartments or customersProvides se arate mana ement of individual VDOMs

Customer A has their own management interfaceCustomer B has their own management interface

Allows a lobal admin to control rivile es of VDOM administratorsAbility to log and report on a per-VDOM basisProvides separate security zones, FW objects, routing tables, usergroups, VPN configurations, logging to local disk, etc.

Benefits MSSP/Service providers use VDOMs to separate customers traffic Enter rises use VDOMs to se arate business units or de artments VDOMs reduce the overall cost of security infrastructure


9/11

.

omp ete networ segregat on at ot 2 & 3 ayerAbility to assign high-granular administrative privileges (vs.role-based administration)Ability to manage and enable overlapping subnetsAbility to mix transparent and NAT/route virtual securitysystems to protect VMsAbility to prevent vulnerabilities associated with sharedrouting/MAC tablesAbilit to centrall re ort on a er-VDOM basisAbility to offer truly 100% virtualized security systemsAbility to separate into isolated administrative domains



10/11

Enterprise Deployment (Partner Solutions)

RIVERBEDSTEELHEAD

MOBILE CLIENT

Phase 2 Deployment

RIVERBEDSTEELHEAD

BRANCH OFFICE CORPORATEOFFICE

a es ng neer ng

GenericFirewall/VPN

RIVERBEDSTEELHEAD Applications

FortiClientWinOS

Virtual Domain 1

Virtual Domain 2

Application-1X

-

DATACENTER

VMwareESX

Server

ApplicationsFortiClient

WinOS

Applications

Virtual Domain 3

Virtual Domain 4

-

Application-1X

A lication-1X

IEEE 802.1Q VLANTransparent, NAT,

Route Modes

Phase 1Deployment

FortiClientWinOS Virtual Domain 5

Application-1X Administrative

Domains(ADOMs)

FortiManager / Fort iAnalyzer


11/11


Documents

Virtualization Fortinet