© Copyright Fortinet Inc. All rights reserved.

Introduction to the Fortinet Security Fabric

manager systems engineeringErwin Schürmann CISSP

2

“All organizations should now assume that they are in a state of continuous compromise.”- Gartner, 14-2-2014

A TRUE STATEMENT?

Source: Gartner. Designing an Adaptive Security Architecture for Protection From Advanced Attacks. February 2014.

3

SECURITY HAS CHANGED

3.2BILLIONINTERNETUSERS 1.3BILLION

SMARTPHONES SHIPPED WORLDWIDE 3BILLION

NEW DEVICES PER YEAR THROUGH 2020

INCREASE IN CYBER THREATS

10,000x PUBLIC CLOUD MARKET IS ESTIMATED TO REACH

$191BILLION

4

So have the Risks

Email Attachment

Web drive-by

Email link

Download malware

Network propagation

Incident count

Top 5 Avenues for Crimeware

Source: Verizon. 2016 Data Breach Investigations Report. 2016.

5

Given the Time Malware Remains Undetected

Random Detection(average ~200 days,

prior to response)

DURATION

IMPA

CT

6

Problem No.1 – Expanded Attack SurfaceENCRYPTED TRAFFIC INCREASING MULTIPLE CLOUD TYPES

IP ENABLED OPERATIONAL TECH (OT) BROADBAND WAN ACCESS

BROADVisibility and Protection

7

Problem No.2 – Increased Security ComplexityTOO MANY POINT SECURITY PRODUCTS TOO MANY SECURITY CONSOLES

NO SHARING OF THREAT INTELLIGENCEAND MITIGATION INFORMATION INCREASING COMPLIANCE REQUIREMENTS

INTEGRATEDDetection and Response

8

Problem No.3 – Rapidly Changing Advanced ThreatsTOO MANY SECURITY ALERTS(HOW TO PRIORITIZE)

NEED RAPID AND SMART ANALYSISAPPLIED TO DIRECT ACTION

HIRING CRITICAL CYBERSECURITY SKILLSWHAT IS MY SECURITY STANDING?

(THREAT SCORE)

AUTOMATEDOperations and Analytics

9

Security

ComplianceInfrastructure

Cybersecurity is a foundation of Digital Business

The Evolving Security Landscape» Advanced Threats» Detect and Respond» Ransomware

Governance/Compliance» Digital Risk Framework» Industry Regulation» 3rd Party Certification

Infrastructure Evolution (New Edge)» Data in Public Cloud» Headless OT/IoT Devices» The Need for Speed

10

Stopping Advanced Threats require rapid communication of Security elements

1980s

Hardware Theft

Perfo

rman

ce D

egra

datio

n

Viruses& Spyware

Intrusion& Worms

MaliciousApps

AdvancedTargeted Attacks

Spam

Today

MaliciousSites

Machine to Machine Attacks

Anti-malware

Firewall

Exploits Vulnerability Management

Intrusion Prevention

Secure Email Gateway

Botnets

Network Segmentation

Application Control

IP Reputation

URL Filtering

Advanced Threat Protection

Point ProductsCONTENT BASED SECUTY

Rapid Communication & ActionINFRASTRUCTURE

CONNECTION SECURITY

11

Digital Attack Surface Requires an Adaptive Security Framework

RAPID RESPONSE INTEGRATED DETECTION OF UNKNOWN THREATS

PROTECT AGAINST KNOWN THREATS

IDENTIFY THE BROAD ATTACK SURFACE

AUTOMATED TRUST ASSESSMENT

NOC

SOC

12

2018 Fortinet Security FabricA Security Architecture that provides:

BROAD Visibility & Protection of the Digital Attack Surface

INTEGRATED Detection of Advanced Threats

AUTOMATED Response & Continuous Trust Assessment

Delivered as:

Appliance Virtual Machine

Hosted Cloud

NETWORK

MULTI-CLOUDPARTNER API

EMAILUNIFIED ACCESS

IOT-ENDPOINT WEB APPS

ADVANCED THREAT PROTECTION

MANAGEMENT-ANALYTICS

Software

13

2018 Fortinet SolutionsNetworkSecurity

Multi-Cloud Security

Endpoint Security

Email Security

Web Application Security

SecureUnified Access

Advanced Threat Protection

Management- Analytics

FortiGateEnterprise Firewall

FortiGateCloud Firewall

Network Security

FortiClientEPP

FortiWebWeb Application

Firewall

FortiMailSecure Email

Gateway

FortiSandboxAdvanced Threat

Protection

FortiAnalyzerCentral Logging /Reporting

FortiManagerCentral Security Management

FortiSIEMSecurity Information &

Event Management

FortiGateVirtual FirewallNetwork Security

FortiAPWireless

Infrastructure

FortiSwitchSwitching

InfrastructureSWG

SD-WAN

IPS

THE FORTINET SECURITY FABRIC SOME EXAMPLES

15

Flexible/Open

Broad – The Fabric Gives You Complete Visibility, Coverage and Flexibility Across The Entire Dynamic Attack Surface

CoverageVisibility

Application Security

Cloud Security

Client/IoT Security

Access Security

Network Security

16

Fortinet Security Fabric Topology View Fabric Integration

Internet

NGFW

ISFW.2

ISFW.1

SD-WANNGFW

NGFW

Cloud NGFWSaaS / CASB

Virtual FW Switch.1

Switch.2 WiFi.3

WiFi.2

WiFi.1

Switch.3

HOSTS (APPS)

CLIENTS (DEVICES)

Email WAF

Advanced ThreatProtection

32

3

3

13

4

1

1

Manager Analyzer

5 2 1 11733 111

17

18

Broad – The Fabric Allows Flexible, Open Integration of Other Security Partners

19

Multi-Cloud Security Connectors

Networking

Servers

Virtualization

O/S

Applications

API

Data

SaaS

SaaSCloud

CASB CONNECTORS

Networking

Servers

Virtualization

O/S

Applications

Virtual Security

Data

Private

PrivateCloud

SDN CONNECTORS

Networking

Servers

Virtualization

O/S

Applications

Cloud Security

Data

Public

PublicCloud

CLOUD CONNECTORS

Single Console

Connectors

20

Powerful – Increasing Performance Reduces The Burden on Infrastructure

Comprehensive Range

Parallel Path Processing

Security Processors (SPU’s)

AcceleratesContent Inspection

Optimized Performance for Entry Level

AcceleratesNetwork Traffic

High End

Mid Range

EntryLevel

1 Tbps

21

Less Latency

Less Power

Less Space

More Performance

FortiGate 3980E > 1Tbps FW FortiGate 7060E > 100bps NGFW

Powerful – The Fastest Network Security Appliance’s on the market

22

Automated to Provide a Fast, Coordinated Response to Threats

CoordinatedAudit & RecommendGlobal & Local

Known ThreatsFortiGuard

Unknown ThreatsFortiSandbox

ISFW-PRI

Demo_ISFW-Sales

Demo_ISFW-Finance

Demo_ISFW-ENG

FP320C3X15002440

2.62 GB

23

Automated Security Audit and Recommendations

24

Workflow Automation

Automated workflows using triggers to deliver appropriate actions

AUTOMATED WORKFLOW

Notification Reports Quarantine Adjust Configuration

ACTIONSTRIGGERS

SystemEvents

ThreatAlerts

User & DeviceStatus

ExternalInputs

Automation