James Cabe – Principal Engineer - Evangelist · 2018-05-07 · Gartner Magic Quadrant for...
Transcript of James Cabe – Principal Engineer - Evangelist · 2018-05-07 · Gartner Magic Quadrant for...
© Copyright Fortinet Inc. All rights reserved.
Mid-Enterprise Summit – SpringJames Cabe – Principal Engineer - Evangelist
Q2 2018
2
Investment in Innovation
FortiOS is the Most Widely Deployed Network Security Operating System
3.4M+ Total DeviceShipments(As of Q4 2017)
340,000+Global
Customers(As of Q4 2017)
28%Market Share
Unit Shipments(Q4 IDC Tracker)
3
A Leader in Network Security
Gartner Magic Quadrant for Enterprise Network Firewalls, Adam Hills, Jeremy D'Hoinne, Rajpreet Kaur, 10 July 2017Disclaimer: This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose
Gartner Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls), Jeremy D'Hoinne, RajpreetKaur, Adam Hils, June 2017Disclaimer: This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
4
Enforcement Auth Telemetry(Flow\Logs)
ThreatIntelligence
John
Jane
Forti
Forti
5
FORTINETSECURITYFABRIC
Signature
Behavior
Adaptive
AntiVirus
Code Emulation
Pattern Matching
IPS
Big Data
MachineLearning
ContentFilter
ThreatSharing
App Ctrl
User &Device
UEBA
Sandbox
Detonation
NeuralNetworks
Logging SIEM Intent
Auth
Encryption
Threat ScoreAPI
Integration
Automation
ProactiveAdvancedDefense(PADing)
IP Reputation
6
Unequalled Third-Party Certifications
11Cisco 4
Check Point 4
Palo Alto Networks 2
DCIPSAEP WAF NGFW NGFW BDS NGIPS BPS DCSG DCSG DCIPS
#1 Certified Security Vendor
2017 & 2018 Results
7
AcceleratesNetwork
Traffic
AcceleratesContent Inspection
FlexiblePolicy
Optimized for entry-level form factors
CPU
More Performance Less Latency
Less SpaceLess Power
Core Fabric Technologies
Intrusion Prevention
Antivirus
FortiSandboxCloud
Web Filtering
Application Control
IP Reputation
FABRIC
CONNECTORS
AUTOMATION
API
USE CASES
CASB ORCHESTRATION
FABRIC AGENT
Security Rating Threat Intelligence
FORTIGUARD PARALLEL PROCESSINGFORTIOSSPU
8
FortiOS Roadmap – FOS 6.0 200+ New Features
March 30 2018
Fabric Evolution
March 30 2017April 21 2016June 12 2014Oct 31 2012
FortiOS 6.0FortiOS 5.6FortiOS 5.4FortiOS 5.2FortiOS 5.0
Fabric Introduction
Sandbox Integration
Fabric Expansion
Zero TrustSegmentation
9
FORTIOS 6.0
EndpointProtection
Automation
Fabric Integration
SD-WANTagging
FortiGuardThreatIntelligence
FabricConnectors
FabricReady
PartnersCASB
MultiCloud
ManagementReporting
FortiLink
10
Fabric Integration Checklist
TELEMETRYDEVICE LEVEL API Can Instances communicate with each other?
FORTIVIEWTOPOLOGY MAP Can you see instances on the Topology Map?
FORTIMANAGER Can you centrally apply policy to instances?
FORTIANALYZER Can you centrally apply reporting and analytics to instances?SECURITY RATINGAUDIT Can you apply updated best practices to instances?AUTOMATIONSTITCHES Can you automate workflows across instances?VULNERABILITY SCAN Can you scan for vulnerabilities across instances?ADVANCED THREAT PROTECTIONSANDBOX
Can you call upon advanced detection across instances?
FORTISIEM Can you see and apply analytics beyond the Fabric?
Fabric Integration
Fabr
ic A
ttrib
utes
11
Fabric Integration Checklist
NETWORK ENDPOINT UNIFIED ACCESS EMAIL WEB APPS MULTICLOUD
FORTIGATE FORTICLIENT FORTISWITCH FORTIAP FORTIMAIL FORTIWEB FORTICASB
TELEMETRYDEVICE LEVEL API 5.4 5.4 5.4 5.4 5.4 6.0 6.0
FORTIVIEWTOPOLOGY MAP 5.4 5.4 5.4 5.4 6.0 6.0
FORTIMANAGER 5.0 5.2 5.0 5.0 5.0 6.0 6.0
FORTIANALYZER 5.0 5.2 5.4 5.4 5.0 5.4 6.0
SECURITY RATING 5.6 5.6 5.6 5.6
AUTOMATIONSTITCHES 6.0 6.0 6.0 6.0 6.0
VULNERABILITY SCAN 5.6
ADVANCED THREAT PROTECTIONSANDBOX
5.0 5.4 5.2 5.6 6.0
FORTISIEM 5.0 5.4 5.6 5.6
Fabric Integration
Fabr
ic A
ttrib
utes
Attack Surface
12
Fabric Topology View
13
New Features For All Network Security Use Cases - FortiGate
Application Group
Integration Policy
One Click VPN
Business Aware
Tagging
FabricPrivate CloudConnectors
FabricPublic CloudConnectors
On-Network +
Off -Network
AutomatedAP
Quarantine
IPv6NAT
ApplicationSLA
Automation
External WebFilter
Blacklist
AutomatedSwitch
Quarantine
SoCWorkflowIntegration
CarrierGradeNAT
EthernetMAC
(EMAC)Support
14
Secure SD-WAN is a MustFeatures SD-WAN Vendors Security Vendors Combinations Fortinet
SD-WAN
Security
Single Console
Cost
SD-WAN
15
SD-WAN Improvements
SD-WAN integration with application control allows customer to choose from 3700+applications
First packet classification allows customer to send business critical applications to specific WAN link
APPLICATION AWARENESS
New UI addition to measure SLA using application transactions
Simplified rules to assign application transactions to multi-path WAN links
MULTI-PATH INTELLIGENCE
SD-WANAPPLICATION AUTOMATION
Automatic Fail-over to second best WAN link when application transactions go beyond expected values
Allow applications to fail-back to original WAN ink when application transactions stabilized
SD-WAN
16
Allows multiple sites of FortiGate to configure hub-and-spoke VPN with the help of FortiCloud on the backend
Can be implemented with FortiManager backup mode as another option
CLOUD-ASSISTED ONE-CLICK VPN
VPN Configuration Improvements SD-WAN
17
Multi-cloud Security Connectors
Networking
Servers
Virtualization
O/S
Applications
API
Data
SaaS
SaaSCloud
CASB API’S
Networking
Servers
Virtualization
O/S
Applications
Virtual Security
Data
Private
PrivateCloud
FABRIC CONNECTOR
Networking
Servers
Virtualization
O/S
Applications
Cloud Security
Data
Public
PublicCloud
FABRIC CONNECTOR
SingleConsole
Connectors
18
CASB as a Feature Of Network Security FORTICASB 1.2
APIs
FORTIGATE
FORTICASB
FORTIMANAGER FORTIANALYZERFORTISANDBOX
Internet
19
FortiGuard Threat Intelligence Service
Web Filtering
InternetServices
DB
Business Aware
Tagging
IndustrialControl
SecurityRating
VirusOutbreakService
ApplicationControl
FortiGuardTIS
Antivirus& MobileSecurity
IP Reputation
Sandboxing
FortiGuardThreatIntelligence
ContentDisarm &
Reconstruction
20
Security Rating Service⁞ BEST PRACTICES BY INDUSTRY
FortiGuardThreatIntelligence
FortiGuardUpdates
• Collected best practices from customers • Examples
• Password security • Login attempt thresholds• Logging to FortiAnalyzer• Encourage two-factor authentication
• The system checks against these best practices
• Prioritizes discoveries from critical to low importance
• Preset fixes are available
354 25 65 31 22Passed Low Medium High Critical
21
FORTIGUARDSERVICE
Rating DB provided as a update service»OS independent»Timely updates»New best practices
EXPAND RATING RULES
Adding more security best practices items to rating such as
»Business-oriented»Verticals»Compliance
AUTOMATEDREPORTS
Automated – runs on the background periodically, in addition to on-demand
Receive daily / on-demand reports
Security Rating Service 6.0 Improvements FortiGuardThreatIntelligence
22
Security Ranking Allows Benchmarking
JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC
28%
55%
89%Aerospace
SMB: 1 - 256 Endpoints
89%
VulnerabilityManagement
SecurityHardening
Benchmark against peers»Rank against similar organizations in
terms of size and industry by percentile
Present trending graph»By retrieving historical data from
FortiAnalyzer
23
FortiGuard Security Services Available (FortiGate)Service O/S
SupportThreat Protection
(TP)Unified Protection
(UTM)Enterprise Protection
StandaloneProtection
Threat Intelligence Services ✔Virus Outbreak Service (VOS) ✔Content Disarm and Reconstruct ✔Industrial Control Services ✔Security Rating ✔CASB ✔Sandboxing ✔ ✔Web Filtering ✔ ✔ ✔Antivirus ✔ ✔ ✔ ✔IPS ✔ ✔ ✔ ✔Internet DB ✔ ✔ ✔ ✔IP Reputation ✔ ✔ ✔ ✔Application Control ✔ ✔ ✔ ✔
New
New
New
24
WorkFlow Automation
AUTOMATED RESPONSE
Notification Reports Quarantine Adjust Configuration
ACTIONSTRIGGERS
SystemEvents
ThreatAlerts
User & DeviceStatus
ExternalInputs
Automation
Automated workflows (stitches) using triggers to deliver appropriate actions » Easy creation using wizards» Covers components within a security fabric
25
Automated Workflow
26
Fabric Ready Partners
IOT/OT/NAC
MANAGEMENTSDN ENDPOINT
Security/SIEM TECHNOLOGY
CLOUD
IDENTITY
FabricReady
Partners
27
Deep Integration with Fabric Connectors
Threat Feeds
Dynamic CloudPolicy
Dynamic SDN
Policy
Automation
Cloud Visibility
SSO/Identity
ITSM
Fabric Connectors provide a deeper integration
There are different types of Fabric Connectors
These are available with a simple click on the GUI
28
Intent-based Network Security⁞ BUSINESS-AWARE TAGGING
NGFWUNSECUREMOBILE
SECURELAPTOP
INTELLECTUALPROPERTY
INTERNALDATA
PUBLICINFORMATION
SECURE LAPTOP
UNSECURE MOBILE
PUBLIC INFORMATION
INTERNAL DATA
INTELLECTUAL PROPERTY
GLOBAL POLICYTAGGING (DEVICES, INTERFACES, OBJECTS)
X