Q4/2017
THE FORTINET SECURITY FABRIC SECURES IoT
Learn. Segment. Protect.
$2M
~$1.275B
2002 2016
REVENUE
CAGR 57%
Founded: Nov. 2000
First Product Release: May 2002
Fortinet IPO: Nov. 2009
NASDAQ: FTNT
Headquarters: Sunnyvale, California
Employees: 4,900+
FY 2016 Revenue: $1.275B
Q3 2017 Revenue: $374M
Q3 2017 Billings: $432M
Q3 2017 EPS (GAAP): $0.15
Q3 2017 EPS (non-GAAP): $0.28
Market Cap (Oct. 26, 2017): $7B
$1.5B Cash and No Debt
Units Shipped to Date: 3.4M+
Customers: 330,000+
Global Patents Issued: 439
Global Patents Pending: 291
OVERVIEW
Operations3%
G&A7%
Service & Support20%
Sales & Marketing
45%
R&D25%
Americas43%
EMEA37%
APAC20%
High-End Appliances41%Large enterprises & telcos/ service providers
Entry-Level Appliances30%
SMBs, branch offices, and retail
Mid-Range Appliances29%
Enterprises
Americas63%
EMEA24%
APAC13%
EMPLOYEESby Function
EMPLOYEECOST
by Region
REVENUEby Region
FortiGate Billings
by Segment
Fortinet is a major player in many segments of the fast-growing Network Security and WLAN markets.
Fortinet’s mission is to deliver the most innovative, highest-performing network security fabric to secure and simplify your IT infrastructure. We are a leading global provider of network security appliances for carriers, data centers, enterprises and distributed offices.
Q3 2017
25
20
15
10
5
02016 2019
$33.6B
$27.3B
Network Security and WLAN Market Size
Source: IDC Worldwide Endpoint Security Forecast, 2016–2020IDC Worldwide Security and Vulnerability Management Forecast, 2016–2020IDC Worldwide Enterprise WLAN Forecast, 2016–2020IDC Worldwide Specialized Threat Analysis and Protection Forecast, 2016–2020IDC Worldwide Web Security Forecast, 2016–2020IDC Worldwide IT Security Products Forecast, 2015–2019
30
35
Messaging
EnterpriseEndpoint
Web Security
EnterpriseWLAN
NetworkSecurity
ATP
SIEM
2
NextGen Firewall/IPS/VPN/AVSecure WirelessSwitch/WANASICDDoSSecurity Analytics/IoTADC/Load BalancerClient/MailCloud ServiceMisc-Machine Learning/Web Access/SDN/Sandboxing
281
142
87
49
37
37
29
2522 21
0 50 100 150 200 250 300 350 400 450
Check Point 69
Palo Alto Networks 109
FireEye 105
Barracuda 41
413
Sophos 52
SonicWall 115
WatchGuard 44
#1 FASTEST GROWING ENTERPRISE NETWORK SECURITY COMPANY
#1 MOST ADOPTED NETWORK SECURITY SOLUTION
Source: IDC Worldwide Security Appliances Tracker, April 2017 (based on annual unit shipments)
2011 2012 2013 2014 2015 2016
500,000
600,000
700,000
400,000
300,000
200,000
100,000
Check Point
Palo Alto Networks Juniper Networks
Cisco
3-5XOther comparable Network Security Companies
Detection Prevention & Remediation Integration Performance & Value
100s of Companies < 50 < 5
Fortinet Is the Only Company to Excel at All Key Stages of Network Security
Based on patents issued as listed by the US Patent and Trademark Office
Fortinet Issued Patents
and Applications (Global)
#1 SECURITY INNOVATOR
Based on network security related billings growth of recognized Enterprise Firewall market leaders1
Based on annual unit shipments (IDC)
0
5%
10%
15%
20%
25%
-10%
-5%
Palo Alto Networks
17%
24%
Check Point 0%
Cisco -4% Juniper
-6% 1 Most recently disclosed financial information as of Nov. 7, 20172 Publicly reported quarterly billings3 Calculated as revenue recognized plus change in deferred revenue from beginning to end of most recent period
2
2
3
3
3
as of Sept.30 2017
3
EMERGING SECURITY CHALLENGES
Today’s Network Is BorderlessIoT and the cloud have
expanded the attack surface−
the “edge” is no longer clearly
defined. There are more ways
in and more ways out.
Slow Is BrokenSecurity has become a
bottleneck; enterprises
compromise security features
to achieve performance goals.
Complexity Is the Enemy of SecurityToo many point solutions
create security gaps and a
slow response to threats; no
communication or coordination.
Perf
orm
ance
Degra
dat
ion
1980s Today
Generation 3INFRASTRUCTURE
Generation 2CONTENT
Generation 1CONNECTION
Machine toMachine Attacks
AdvancedTargeted Attacks
MaliciousApps
MaliciousSites
SpamBotnets
Viruses& Spyware
Intrusion& Worms
Fabric
Advanced ThreatProtection
Anti-spam
Lock & Key
Firewall/VPN
IPS
Antivirus
Web Filter
Application Control
Layer 5-7:Content & Application
Layer 3-4:Connection
Layer 1-2:PhysicalHardware Theft
APP
URL
Security Fabric
NGFW/UTM
Stateful Firewall
First-generation network security, known as stateful firewalls, focused on securing the connection. Led by Fortinet, a second
generation of network security, next-generation firewalls and UTMs, expanded inspection to the application and content.
4
THE FORTINET SECURITY FABRIC
THIRD-GENERATION NETWORK SECURITY
BROADThe Fabric covers the entire attack surface—security can be applied to the network, endpoints, access, applications, and cloud, and visibility extended to other vendor solutions.
POWERFULThe Security Fabric utilizes security processors to reduce the burden on infrastructure, allowing comprehensive security without affecting performance.
AUTOMATEDThe Security Fabric enables a fast and coordinated response to threats—all elements can rapidly exchange threat intelligence and coordinate actions.
NOC/SOC
Cloud
Partner API
Access
Client/IoT
ThreatIntelligence
Application
Network
FortiGate VMAWS and AzureFortiCASB
FortiMailFortiWeb
FortiManagerFortiAnalyzerFortiSIEM
FortiAPFortiSwitch
FortiSandboxFortiGuard
FortiClient
FortiGate
5
FortiGate 1500D
Fortinet’s core firewall platform, FortiGate, is powered by our purpose-built operating system, security processors, and threat intelligence from FortiGuard Labs.
HIGH-END APPLIANCES
FortiGate 5144C
155
Gb
ps
- 1.
12 T
bp
s80
- 3
20 G
bp
s52
- 8
0 G
bp
s
HIGH-PERFORMANCE NETWORK SECURITY
Hypervisor
Deployment Service Provider or Enterprise
Form Factor 2U/3U Appliance and Chassis
Interfaces 10, 40, and 100 GbE
FW Throughput 10 Gbps to more than 1 Tbps
Special Features Carrier Class
Deployment Service Provider or Enterprise
Form Factor 1U/2U/3U Appliance
Interfaces 10, 40, and 100 GbE
FW Throughput 16 to 320 Gbps
Special Features VDOM Management, Ultra-low Latency
Deployment Edge or Border Firewall
Form Factor 1U/2U/3U Appliance
Interfaces 1, 10, and 40 GbE
FW Throughput 1 to 160 Gbps
Special Features Advanced Threat Protection
Deployment Distributed Enterprise or SMB
Form Factor Desktop
Interfaces High-density 1 GbE
Throughput 1 to 3.5 Gbps
Special Features Wi-Fi, PoE, Ruggedized
Deployment East/West Data Center
Form Factor Virtual Machine
SDN Integration Cisco ACI, VMware NSX, OpenStack
Throughput Hardware Dependent
Hypervisors All Major Hypervisors Supported
Licensing Perpetual, Subscription, Metered
Deployment AWS, Microsoft Azure, Google
Form Factor Cloud Virtual Machine
Throughput Cloud Dependent
Licensing BYOL or On-Demand
Data Center Firewall (DCFW)/Carrier Class Firewall (CCFW)
Internal Segmentation Firewall (ISFW)
Next-Generation Firewall (NGFW)
Unified Threat Management (UTM)
Private Cloud−Virtual Machine Firewall
Public Cloud−Cloud Firewall
FortiGate 3800D
100G
FortiGate 3700D
40G
FortiGate 3200D
FortiGate 2000E
FortiGate 7060E
40G
100G
FortiGate 3980E
100GNEW
40G
FortiGate 7040E
40G
100G
6
FortiGate 60E
FortiGate 30E
FortiGate 80E
FortiGate 100E
FortiGate 300E
FortiGate 500E
MID-RANGE APPLIANCES
ENTRY-LEVEL APPLIANCES
FortiGate 200E
7.4 - 36 Gb
ps
950 Mb
ps - 3.5 G
bp
s
HIGH-PERFORMANCE NETWORK SECURITY FortiGate 800D
FortiAP U421EV FortiAP U423EV
Platform (FortiGate)
¡¡ Hardware or VM¡¡ Deployment Mode¡¡ # and Type of Ports¡¡ Throughput
Base HW/VM List price
Support (FortiCare) & Services
¡¡ 24x7 + Prem. Replacement + Advanced Services¡¡ FortiCare 360°¡¡ Professional Services
25% Varies Varies
+ 10% Daily rate
Subscriptions (FortiGuard)
¡¡ Individual Threat Intelligence Feeds¡¡ UTM or Enterprise Bundles
+ 20% ea. or +40/65%
Term
¡¡ 1, 3, 5 year¡¡ Discount for multi-year term length
The Security Processor Advantage
VS.
MOREPERFORMANCE
LESSLATENCY
LESSSPACE
LESSPOWER
CPU & Serial Processing-based
Fortinet SPU-basedParallel Path Processing
Slow, Not Scalable& Poor TCO
FlexiblePolicy
AcceleratesNetworkTraffic
AcceleratesContent
Inspection
FW
IPsec VPN
SSL VPN
IPS
40 Gbps
25 Gbps
28 Gbps
20 Gbps
6X - 12X performance
FortinetSystem-on-a-Chip
Optimized for Entry-level
Form Factors
5X FW8X/11X SSL/IPsec VPN5X IPS5X Concurrent Sessions3X Power Efficiencyvs. similarly priced offerings
based on Intel E5 2640v2(8 core 2Ghz)
802.11ac Wave 2
FortiGate 50E
SIMPLE PRICING MODEL
Fortinet Security Processors radically increase the security performance, scalability, and
throughput of Fortinet solutions while greatly shrinking space and power requirements,
compared to CPU-based solutions.
The FortiOS AdvantageFortiOS is the foundation of the Fortinet Security Fabric, consolidating many technologies
into a simplified, single policy and management framework. FortiOS provides customers with
superior protection, deeper visibility and control, reduced complexity, and greater operational
efficiency across their entire attack surface.
1
2
3
4
Networking Security Integration Management
Firewall Intrusion Prevention Email NOC/SOC/Policy
VPN Application Control WAF Reporting & Compliance
Routing Anti-malware Endpoint Topology Views
Switching Anti-botnet Sandboxing Management
SD-WAN Web Filtering Vulnerability Analytics
Wi-Fi Controller Mobile Security Partner APIs VDOM/ADOM
More... More... More...
The FortiGuard Threat Intelligence AdvantageFortinet solutions are powered by the security services developed by FortiGuard Labs.
Working with world-class, in-house tools and data collected from sensors around the globe,
our 200+ researchers and analysts discover breaking threats and then update FortiGuard
threat intelligence services to protect over 330,000 customers every day.
Enterprise Bundle x x x x x x x
UTM Bundle x x x x x
Applic
ation
Contro
l*
IPS Antiv
irus/A
nti-b
otnet
Anti-
spam
Web Fi
lterin
g
Mobile
Secu
rity
Adv. T
hreat
Protec
tion/
Cloud S
andb
ox
Indus
trial S
ecuri
ty
Vulne
rabilit
y
* Application Control comes standard with every FortiCare support contract
Individual Subscription Services
NEW
NEW
FortiGate 90E
NEW
7
#1 BROADEST SECURITY PROTECTION
NETWORK SECURITY FortiGate firewalls excel in every deployment scenario
ENDPOINT, APPLICATION AND ACCESS SECURITYThe Security Fabric connects an integrated, broad portfolio of complementary security and access solutions
CLOUD SECURITYSingle management console and policy extends out to
private and public cloud
IoT and OT SECURITYThe Security Fabric enhances visibility and extends security
out to the IoT and OT Infrastructure
Partner API
Management Endpoint
SandboxingSIEM
WAF
WiFi
Switch
Private SaaSPublic
Coverage for the entire attack surface from IoT/Endpoint to Access to Core to Application to Cloud
8
#1 BROADEST SECURITY PROTECTION
Step Level Objective
NSE 1 Develop a foundational understanding of network security concepts.
NSE 2Develop the knowledge and skills necessary to sell key Fortinet solutions. (For Fortinet employees and partners only)
NSE 3Sales Associate
Develop the knowledge and skills to sell Fortinet products. (For Fortinet employees and partners only)
NSE 4Professional
Develop the technical knowledge and skills needed to configure and maintain a FortiGate Next-Generation Firewall solution.
NSE 5Analyst
Develop a detailed technical understanding of how to implement network security management and analytics.
NSE 6Specialist
Develop an understanding of advanced security technologies beyond the firewall.
NSE 7Troubleshooter
Demonstrate a deep technical understanding of key Fortinet solutions.
NSE 8Expert
Demonstrate the ability to design, configure, install, and troubleshoot a comprehensive network security solution in a live environment.
FortiCare
Our FortiCare customer support team provides global technical
support for all Fortinet products. With support staff in the Americas,
Europe, Middle East, and Asia, FortiCare offers services to meet the
needs of enterprises of all sizes.
ProfessionalServices24x7
Become a Fortinet Network Security Expert!
Fortinet’s Network Security Expert (NSE) Program is an 8-level
training and assessment program designed for customers, partners,
and employees, with over 83,000 security certifications to date.
Validate YourSecurity Experience
DemonstrateValue
AccelerateSales
12345678
SecurityAuditServices
360º
NETWORK SECURITY FortiGate firewalls excel in every deployment scenario
ENDPOINT, APPLICATION AND ACCESS SECURITYThe Security Fabric connects an integrated, broad portfolio of complementary security and access solutions
CLOUD SECURITYSingle management console and policy extends out to
private and public cloud
IoT and OT SECURITYThe Security Fabric enhances visibility and extends security
out to the IoT and OT Infrastructure
Partner API
Management Endpoint
SandboxingSIEM
WAF
WiFi
Switch
Private SaaSPublic
Coverage for the entire attack surface from IoT/Endpoint to Access to Core to Application to Cloud
9
Palo AltoNetworks
IBM
JuniperNetworks
FortinetIntel
Security
HPE
90%
80%
70%
60%
50%
40%
30%
20%
10%
0%$20 $10 $0$30$40$50$60$70$80$90$100$110$120$130$140
100%
*TrendMicro
TCO per Protected Mbps
Secu
rity
Eff
ectiv
enes
s
Average
Average
• Fortinet FortiGate 3000D v5.4.0, build 7184 • HPE TippingPoint S7500NX v3.7.2.4252 • IBM Security Network Protection XGS 7100 v5.3.2.1
PRODUCTS TESTED
On March 1, 2016, TippingPoint, owned by Hewlett Packard Enterprise (HPE), submitted the S7500NX v3.7.2.4252 to the NSS Labs DCIPS Public Group Test. During testing, NSS discovered a number of security issues, which caused the product to receive a Caution rating. After testing began, Trend Micro finalized the acquisition of TippingPoint from HPE (March 8, 2016). As the new owner of TippingPoint, Trend Micro was made aware of the test results. Trend Micro quickly took action, resolved the issues, and provided NSS with a late submission for testing. NSS confirmed TOS v3.8.3.4494 resolved the security is-sues found in the HPE version of the product, and also improved both Security Effectiveness and performance (see individual Test Report). The NSS Security Value Map™ (SVM) is a point-in-time measurement, and due to the timing of the acquisition, the HPE version of the product is represented in the SVM. How-ever, in light of these unusual circumstances, we have included this notation to inform our enterprise clients of the corrective actions taken by Trend Micro.
*
• Intel Security McAfee Network Security Platform NS9100 v8.2.5.120 • Juniper Networks SRX5400 v12.3X48-D18 • Palo Alto Networks PA-7050 v7.0.4
DATA CENTER INTRUSION PREVENTION SYSTEM (DCIPS) SECURITY VALUE MAP™
JUN
E 2
016
Data Center IPS FortiGate 3000D
INDEPENDENTLY TESTED AND VALIDATED PROTECTION
UNPARALLELED THIRD-PARTY CERTIFICATION
NGFW FortiGate 3200D & 600D
10
Palo AltoNetworks
IBM
JuniperNetworks
FortinetIntel
Security
HPE
90%
80%
70%
60%
50%
40%
30%
20%
10%
0%$20 $10 $0$30$40$50$60$70$80$90$100$110$120$130$140
100%
*TrendMicro
TCO per Protected Mbps
Secu
rity
Eff
ectiv
enes
s
Average
Average
• Fortinet FortiGate 3000D v5.4.0, build 7184 • HPE TippingPoint S7500NX v3.7.2.4252 • IBM Security Network Protection XGS 7100 v5.3.2.1
PRODUCTS TESTED
On March 1, 2016, TippingPoint, owned by Hewlett Packard Enterprise (HPE), submitted the S7500NX v3.7.2.4252 to the NSS Labs DCIPS Public Group Test. During testing, NSS discovered a number of security issues, which caused the product to receive a Caution rating. After testing began, Trend Micro finalized the acquisition of TippingPoint from HPE (March 8, 2016). As the new owner of TippingPoint, Trend Micro was made aware of the test results. Trend Micro quickly took action, resolved the issues, and provided NSS with a late submission for testing. NSS confirmed TOS v3.8.3.4494 resolved the security is-sues found in the HPE version of the product, and also improved both Security Effectiveness and performance (see individual Test Report). The NSS Security Value Map™ (SVM) is a point-in-time measurement, and due to the timing of the acquisition, the HPE version of the product is represented in the SVM. How-ever, in light of these unusual circumstances, we have included this notation to inform our enterprise clients of the corrective actions taken by Trend Micro.
*
• Intel Security McAfee Network Security Platform NS9100 v8.2.5.120 • Juniper Networks SRX5400 v12.3X48-D18 • Palo Alto Networks PA-7050 v7.0.4
DATA CENTER INTRUSION PREVENTION SYSTEM (DCIPS) SECURITY VALUE MAP™
JUN
E 2
016
Data Center IPS FortiGate 3000D
The Only NSS Labs Recommended Edge to Endpoint ATP Solution
Fortinet has participated in the following Real-world group tests, open to the industry, and conducted by NSS Labs. In doing so, Fortinet stands out as the only vendor to provide an ATP Solution that is NSS Labs Recommended from the data center to the edge to the endpoint in the latest group tests.
¡ NGFW ¡ DC IPS ¡ Web Application Firewall ¡ Endpoint Protection ¡ Breach Detection (Sandbox)
Breach Detection FortiSandbox 2000E
11
Copyright © 2017 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Certain offerings mentioned herein may not be generally available, and Fortinet reserves the right to change, modify, transfer or otherwise revise this publication without notice, and the most current version of the publication shall be applicable. Revision: Q4 / 2017 v3 11.27.17
Edward JonesLeading North American investment firm (USA)Scope: Protection and access for data centers and over 13,000 offices in the US and CanadaKey Requirements: SD-WAN, dual-active VPN, intrusion prevention, endpoint protectionSolution includes: FortiGate, FortiClient, FortiManager, FortiGuard ServicesCustomer benefits realized:
¡ Easy zero-touch deployment
¡ Reduced complexity via integrated switching/routing and single-pane-of-glass management
¡ Better protection via improved threat visibility/mitigation and automated policy deployment
¡ Higher performance and reduced latency to boost speed of business
“It is critical that our branches have responsive, reliable network access to serve our clients. By partnering with Fortinet, we were able to deploy a network architecture to help us improve the delivery of our data with high-performance, more bandwidth and improved redundancy.” — Chris Boedges, Chief Technology Officer
GEMÜ Gebrüder Müller Apparatebau GmbH & Co. KGIndustrial manufacturing (Germany)Scope: Integrated security for locations in 50 countriesKey Requirements: Next-generation firewall, Web application security, sandboxing, secure Wi-FiSolution includes: FortiGate, FortiGate VM, FortiWeb VM, FortiSandbox, FortiAP, FortiWiFi, FortiGuard ServicesCustomer benefits realized:
¡ Comprehensive visibility and protection across the entire business
¡ Scale of solution matched unique needs and size of each site
¡ More efficient security operations via single-pane-of-glass management
“The combined set of capabilities across the entire Fortinet Security Fabric gives GEMÜ a significant security advantage.” — Bruno Scharpfenecker, Systems Administrator
Macquarie Cloud ServicesIT Service Provider for businesses and government (Australia)Scope: Managed security infrastructure Key Requirements: High-performance firewall, SSL encryption/decryption, antivirus, Web filtering, intrusion prevention, and more; granularity of both scale and featuresSolution includes: FortiGate, FortiSwitch, FortiWiFi, FortiAuthenticator, FortiToken, FortiManager, FortiAnalyzer, FortiPortal, FortiGuard ServicesCustomer benefits realized:
¡ Ability to tailor a solution for enterprises of all sizes and needs
¡ Ease of management via single-pane-of-glass and visibility across entire customer infrastructure
¡ Increased customer satisfaction and convenience via self-service portal and high uptime
“The wide range of Fortinet solutions – together with highly flexible licensing options – enables us to chose the optimal fit for each company…” — Jamie Gillespie, Security Architect
Pittsburgh SteelersNFL football team and stadium operator (USA)Scope: Security and Wireless Connectivity for operations and fansKey Requirements: Secure, high-performance Wi-Fi; complete venue coverageSolution includes: Fortinet security and wireless access solutions, managementCustomer benefits realized:
¡ Improved connectivity for better live fan experience
¡ Created new business opportunities
¡ More efficient operations with better protection
“Fortinet solutions protect all business lines in our organization, from ticketing to marketing, stadium operations, security, and of course football.” — Scott Phelps, VP of Technology
FEATURED CUSTOMER STORIES
For more customer stories, go to www.fortinet.com/customers.html
Recommended
![Fortinet Security Fabric. Unify your security technologies across … · 2018-11-22 · Fortinet - Confidential 2 [Digital Transformation] is the integration of digital technology](https://img.dokumen.tips/doc/110x75/5e95761afc10fd121921399b/fortinet-security-fabric-unify-your-security-technologies-across-2018-11-22-fortinet.jpg)
