Partner Zymbian & Fortinet webinar on Web2.0 security

Fortinet Confidential

Kanwal Sohal – SE Manager UK&[email protected]

Richard Holmes – Technical [email protected]

WEB 2.0 & APPLICATION SECURITY CHALLENGE

Fortinet Confidential2

Agenda

Application Security

Fortinet Protection

Summary & Proof of Concept

Visibility and Control


Application Security Challenge

• Freedom of choice – who’s in control.

3


Web 2.0 & Application Security Challenge . . . . . .

• Shrinking DEFENCE budgets

• Viruses, Worms, Identity theft . . . .

• Expanding attack and threat surfaces

4


Challenges facing Organisations

• Social networking sites and the blogosphere have become an integral part of many peoples lives (FortiGuard)*

• Companies increasingly realise that their people, while their greatest asset, can be their greatest vulnerability, and so need to be educated on security risks. (BERR)*

• HTTP traffic now is not just web browsing but an “application tunnel”

• Majority of this traffic bypasses traditional security controls or uses inefficient proxies that slow down infrastructures & still misses content

• 30% of companies are using Voice over IP telephony (BERR)*

• Web 2.0 targeted by spam. Throughout the 12 months we witnessed a barrage of attacks on these sites: malicious social applications, Spam 2.0, worms such as Koobface, Secret Crush, and various phishing campaigns (FortiGuard)*

*BERR: Department for Business Enterprise & Regulatory Reform*FortiGuard: Fortinet Global Security Research Team


Applications, Applications & Applications

• Evasive applications using non-standard ports, port-hopping, or tunneling within trusted applications

• Drive by infections on the increase – personal use vs. business use.

• Security posture needs to be enhanced – business enablement.

• Intelligent firewall with “Application control” a must – regain control of your network.


Fortinet FortiGuard Threat Analysis

• User activity exposes internal network to threat/s. Infection vectors:• Instant Messaging

• P2P networks

• Web Browsing

• Web 2.0

• Social Networking Sites

• Email

7

Severity Number ofVulnerabiliti

es

ActiveExploitation

Critical 15 7High 15 7

Medium 6 3Low 2 -Info - n/aTotal 38 17

This month only

Application NameApple ITunes, QuickTime Microsoft AD, Direct

show, Excel, IE, Office, Publisher, Office, PowerPoint

Citrix Presentation Server

Adobe Flash Player Oracle Secure Backup, BEA Weblogic

RIM Blackberry Enterprise Server

EMC Alpha Store Mozilla Memory Corruption

Sun Java Runtime


Web 2.0 - Secret Crush•Malicious Facebook Widget - prompts users to install the infamous "Zango" adware/spyware.*

Propagates by requesting other users to be added.

URL = http://static.zangocash.com/Setup/46/Zango/Setup.exe

Installs Exe

*Source: FortiGuard (Fortinet Global Security Research Team)


Web Browsing – How Safe is it?• There is always a way into your network.

• Even when at first glance all looks safe.*

Obfuscated script that embeds links to malicious PDF file and malicious FLASH file.

*Source: FortiGuard (Fortinet Global Security Research Team)


Layers of protection

• Requires an integrated security strategy• Allow but don’t trust any application• Examine all application content• Comprehensive, integrated

inspection• Overlapping, complementary

layers of protection

10


Agenda


Fortinet Protection




FortiGate - Application Aware Firewall

Industry first Tier 1 “Application Aware Firewall” identifying 1,000+ applications.

•Instant Messaging•Peer-to-peer•Voice over IP•File Transfer •Video/Audio Streaming•Internet Proxy•Remote Access Connection•Games•Web Browser Toolbar•Database•Web-based email•Web•Protocol Command•Internet Protocol•Network Services•Enterprise Applications•System Update•Network Backup


FortiGate Application Management

• Create granular policies for authorised applications.• Identify/control rogue

application – allow or block• Add new applications.

13


FortiAnalyzer - Seeing is Believing


SSL Traffic Inspection

• SSL content scanning and inspection.• Apply antivirus

scanning, web filtering, spam filtering & data leak prevention (DLP).• Re-encrypts the

sessions and forwards them to their destinations.


DLP Control – HTTP, EMAIL & Instant Messaging • DLP Sensor

• Used to define data detection rule sets.

• Sensor applied in protection profile.

DLP Actions• Log, block, archive (to FortiAnalyzer)

• Ban or quarantine user.

16


Agenda


Fortinet Protection




Today’s Budget - Financial “Belt Tightening”Shrinking IT budgets driving higher demands for ROI.• Rising complexity and cost of

managing and maintaining multiple security solutions.

• Increased pressure to improve security service while reducing TCO.

ROI = Return on InvestmentTCO = Total Cost of Ownership


Impact on today's Security

• Multiple ‘pain' products.• Tactical purchases have led to reactive environments.• Costly implementations/renewals.• Lack of innovative expenditure due to reactive

spending.• Too many suppliers, too many vendors.• Threat Landscape has changed.• Bandwidth congestion.• Compliance & Risk• Greater risk of breach/infection.


Fortinet Security Simplification

Industry Evolution Towards Security SimplificationIndustry Evolution Towards Security Simplification

IPSEC VPN

SSL VPN

IPS

Firewall

Antivirus

Antispam

URL Filters

AntispywareWAN OPT

SSL Inspection

DLP

Technologies

Cost=£+£+£+£+£+£Budget=£+£+£

Benefits of Multi-Layered Security Platforms

Complements legacy point products.

Lower Cap Ex and Op Ex.

Ease of management.

Better risk mitigation capabilities against blended threats

FortiGate Appliance


Getting More for Less $

• Security Consolidation• Reducing costs.

• Improving security posture & hardware consolidation.

IPSEC VPN

SSL VPN

IPS

Firewall

Antivirus

Antispam

URL Filters

AntispywareWAN OPT

SSL Inspection

DLP

Current Deployment

$

Reducing CostImproving Security Posture

& Consolidation

+

FW, VPN, SSL Inspection

URL,IPS,AV,AS


Fortinet End-2-End Security

Network Security

Host Security

Data Security


Management

FortiGateNetwork SecurityPlatform

FortiManagerCentralized Mgmt

FortiAnalyzerLog & Reporting

FortiMailEmail Security

FortiClientHost Security Solution

FortiDBDatabase Security

Security Services

FortiGuardReal time Security Services

FortiWebXML and Web Application Security

FortiScanAsset Vulnerability Mgmt


Agenda


Fortinet Protection




Fortinet EMEA: Success in All Verticals

Telco/MSSP Industry

Public Sector Finance

Oxford University


Making Security Scalable

Security Service Fortinet CompetitorApp Aware Firewall / VPN

$14,495 $10,899

Intrusion Prevention Included $16,569

Antivirus Included $7,736

Web Filtering Included $7,853

Totals $14,495 $43,057

Lowering the cost of security & consolidation of hardware.

• 200 User Network• Savings over Standalone Products - $28,562


Fortinet Positioned In The Leaders Quadrant –Magic Quadrant for Multifunction Firewalls

Source: Gartner, Inc., “Magic Quadrant for SMB Multifunction Firewalls” by G. Young and A. Hils, July 10, 2009.


Proof of Concept - seeing is believing …

• All evals to date have proved 30 – 50% of HTTP traffic escapes inspection.

• One eval demonstrated over 2 terabytes of unaccountable traffic on the network (downloading films etc).

• 85,000 IM connections in a week when the client said all IM was banned.

• QQ – the Chinese ‘IM’ service rife in a secure & partitioned off hedge fund environment.

• DLP – customer identified 800 Meg customer database file leaving network .

• To book a POC contact Richard Holmes([email protected])

27


Thank You

Technology

Partner Zymbian & Fortinet webinar on Web2.0 security