Presentation fortinet securing the cloud

  • View

  • Download

Embed Size (px)

Text of Presentation fortinet securing the cloud

  • 1. Securing the CloudOndej hlavskTerritory Manager CEEFortinet Confidential

2. Agenda1 Introduction2 Features and Virtualization3 FortiGate 3950 Series4 FortiGate VM Fortinet Confidential 3. Fortinet Corporate OverviewFortinet Revenue ($MM) Founded in 2000 Global presence with 30+ officesworldwide & 1,200+ employees$252 5,000+ channel partners $212 100,000+ customers $155 Majority of the Fortune Global 100 $123 IPO Nov 2009$80 NASDAQ: FTNT $39$13 2009 revenue of $252 Million 19% YoY growth200320052007 World class management team 2009Fortinet Confidential 4. A Reliable Partner Proven Industry Leadership Since 2000, Fortinet has received more than 100 product & company awards. IDC: Overall leader in UTM factory revenue for all of 2009 Gartner: Leader in Multi-Function Firewall Magic Quadrant Frost & Sullivan: 2010 "Fortinet is the established and undisputed leader" of worldwide UTM market SC Magazine: 2009 Readers Trust Award for "Best Integrated Security Solution" Certified security Seven ICSA certifications (Firewall, AV, IPS, IPSec VPN, SSL VPN, Anti-Spam, WAF) Government Certifications (FIPS-2, Common Criteria EAL4+, JITC IPv6, SCAP) ISO 9001 certification Fortinet Confidential 5. The Need for CompleteContent Protection Overlapping, complementary layers of protection Comprehensive, integrated inspection Allow but dont trust any application Examine all application content & behaviorFortinet Confidential 6. We Pioneered a New ApproachTraditional Network Security Solutions The Fortinet Solution Stand-alone, non-integrated security Real-time, integrated security intelligence Mix of off the shelf systems and applications ASIC-accelerated performance Higher total cost of ownership Lower total cost of ownership Difficult to deploy / manage / use Easy to deploy / manage / use Fortinet Confidential 7. UTM Surpassing Traditional Network Security $ in billions $3.2Firewall & VPN $2.2 $2.1 UTM$1.72008 2009 201020112012 2013 Source: IDC Worldwide Network Security 2008-2012 Forecast and 2007 Vendor Shares: Transitions Appliances Are More Than Meets the EyeFortinet Confidential 8. Market Leadership Across the Board Worldwide UTM Market ShareMagic Quadrant for UTM Market Competitive Q2 2010 (1)Multi-Function Firewalls (3)Landscape, 2009(4)MarketRank CompanyShare (%) (2)1 16.4High 2Cisco9.8 Ability3 Juniper9.0 to Deliver 4SonicWALL8.15 Check Point7.2 6WatchGuard 4.9Low7 McAfee 5.5 LowMarket PenetrationHigh8 Crossbeam2.69 Other 41.4ContenderMarket LeaderTotal100.0Niche ParticipantSpecialistChallengerNotes(1) IDC Worldwide Security Appliances Tracker, September 2010 (market share based on factory revenue)(2)(3) Fortinet ConfidentialGartner, Inc., Magic Quadrant for SMB Multifunction Firewalls, June 2009Frost & Sullivan, World Unified Threat Management, Products Market 2009, 20108 9. Fortinet Leader in Enterprise UTM Enterprise UTM RevenueVendorQ2 2010Market Share Fortinet$42.0237% Juniper $16.3614% Check Point $10.9210% Cisco $28.7325% McAfee$15.3314%IDC Worldwide Security Appliances Tracker, September 2010. Data based on $6-$9.9K, $10-$24.K, $25-$49.9K and $50-$99.9K UTM price bands.9Fortinet Confidential 10. Agenda 1 Introduction 2 Features and Virtualization 3 FortiGate 3950 Series 4 FortiGate VMFortinet Confidential 11. Evolution of Firewall SecurityComplete Protection AntispamWANOptimizationAntivirus/ Evolution of Firewall Security AntispywarData Loss SSL VPNePrevention ICSAICSA VPN(IPSEC Web ) Filtering ICSACIPAFirewallIPS App ICSAICSAControl LoadWirelessBalancing LAN SSL IPv6,Inspection Vulnerability Dynamic&EndpointMgmt Multicast NACRoutingFortinet Confidential 12. Virtual Domains VDOM 1VDOM 2 VDOM 3 VDOM X Divide FortiGate unit to operate as multiple separate units One FortiGate unit servicing up to 250 separate domains Each VDOM has separate administration interface, routing policies, firewall policies Fortinet Confidential 13. Virtual DomainsRouted/NAT Transparent VDOMs can be in routed or transparent mode Transparent VDOMs lack IPSEC and SSL VPN, Load Balancing, Wireless Controller androuting capabilitiesFortinet Confidential 14. VDOM Resource Limits Resource limits configurable globally and per-VDOM (each VDOM has its own guarantied system resources) Fortinet Confidential 15. Inter-VDOM LinksVDOM 1VDOM 2 VDOM 3 Only Routed/NAT VDOMs can be interconnected VDOMs communicate internally (Free up physical interfaces for external traffic) Inter VDOM traffic controlled by complete UTM inspection on both sides of the linkFortinet Confidential 16. Independent VDOM ConfigurationInternetExternal interfacesVDOM 1VDOM 2VDOM 3Internal interfacesNetwork 1 Network 2 Network 3 Multiple VDOMs, completely separate from each other No communication between VDOMs(Treated as if on separate physical device)Fortinet Confidential 17. Management VDOM ConfigurationInternet External interfaceManagement VDOMVDOM 1 VDOM 2 VDOM 3Internal interfacesNetwork 1 Network 2 Network 3 Root VDOM is management VDOM(Other VDOMS connected with inter-VDOM links) All external traffic routed though management VDOMFortinet Confidential 18. Meshed VDOM Configuration InternetExternal interfaceManagement VDOM VDOM 1 VDOM 2 Internal interfaces Network 1Network 2 VDOMs interconnected - mesh configuration(Full access between VDOMS, but handle traffic differently depending on origin)Fortinet Confidential 19. Agenda1 Introduction2 Features and Virtualization3 FortiGate 3950 Series4 FortiGate VM Fortinet Confidential 20. FortiGate-3950B Series Dedicated Performance FW : Up to 120 Gbps IPS: Over 12 Gbps FortiGate-3950B Modular Appliance Base model: FW: 20 Gbps IPS: 4 Gbps Fortinet Mezzanine Cards (FMC) FortiGate-3951B 20 Gbps FW (both FMC cards) 4 Gbps IPS (FMC-XG2 / targeted) 64 GB SSD internal storage (FG-3951B) Fortinet Storage Module (FSM) Expandable to 256 GB (4 x FSM-064) FMC-XD2FMC-XG2 Fortinet Confidential 21. Enterprise-Class Benefits Build the performance your customers need- Scalable performance with the ability to grow from 20 Gbps up to 120 Gbps Customize the appliance to meet performance requirements Gateway, Datacenter Pure Firewall / UTM Exceed limited features/functions of next generation devices Highest performing firewall appliance at 120 GB Seamless integration of FW, IPS, VPN, Web Filtering, and other FortiOS services Complete content protection: Application control + application security More than application identification Integration of content-based security technologies into the firewall to identify threats within trusted application contentFortinet Confidential 22. Specialized Processors withinFMC Modules FortiASIC-NP4 Accelerates security services at the interface level Packet size independent , very low latency, wire speed performance for millions of sessions with dynamic address translation IPSec ESP encryption and decryption processing Packet anomaly detection, checksum offload and packet defragmentation Traffic Shaping and priority queuing FortiASIC-SP2 Multi-core multi-threaded security processing complex Builds on the capabilities of the FortiASIC-NP4 to provide additional services, including Application control IPv6 IPS Signature analysis DOS protection Multicast accelerationFortinet Confidential 23. Integrated Switch Fabric insideFG-3950 Series NP/SP NP/SPNP/SP NP/SP NP/SPNPIFMCFMC FMC FMC FMC On S 01 2 3 4 BoardFPHYPHY PHY PHYPHY PHY 4x1G Uniquely scalable approach to forwarding and security processing Utilizes specialized FortiASIC-NP4 and SP2 processors to achieve breakthrough acceleration Fortinet Mezzanine Card (FMC) delivers additional processing power that can be distributed across the entire appliance via the ISF Fully meshed connectivity between all FMC slots and associated processing modulesFortinet Confidential 24. Agenda1 Introduction2 Features and Virtualization3 FortiGate 3950 Series4 FortiGate VM Fortinet Confidential 25. FortiGate VM SpecificationsFeatureFortiGate-VMHypervisors SupportedVMware ESXi/ESX 3.5/4.0/4.1, others that can run *.ovf formatHardened PlatformYes (Using VMware HW versionOpen Virtualization Format (OVF) 7)# of vCPUs supported2/4/8/UBuilt in VDOMS (upgradeable) 10Memory and CPU Uses Hypervisor10/100/1000 Interfaces 10 Max (Uses Hypervisor)Storage Capacity Uses HypervisorHigh AvailabilityYesFortiGate version (Firmware) 4.2 Fortinet Confidential 26. Fortinet Confidential