Virtualization Fortinet
Transcript of Virtualization Fortinet
-
8/6/2019 Virtualization Fortinet
1/11
Understanding VirtualizationProviding UTM Security Virtualization
,Saul Rosales, LatAm Channel Account Manager
Fortinet Confidential
-
8/6/2019 Virtualization Fortinet
2/11
Better Support
u ower
Consumption
Get a Better Return
TodaysIT Dept.
AddressTechnological
ComplexityMake IT
More Secure
ReduceOperating Costs
Fortinet Confidential
How do I optimally manage and utilize my IT infrastructure?
-
8/6/2019 Virtualization Fortinet
3/11
Virtualization decouples software from hardware.
Virtualization software or h ervisor is an
abstract layer between applications / operatingsystems and physical hardware.
machine.
Create shared pools of resources to optimize your n ras ruc ure.
-
8/6/2019 Virtualization Fortinet
4/11
Virtualization provides multiple instances of a software
.Allows server hardware to be shared by different applicationsProvides separate management of individual application access
Reduces network hardware and switch portsImproves utilization of under-used hardware resources
Data Centers / Enter rise use virtual servers to saverack space, electricity, cooling, cabling, and reduce ITstaffing requirements.Virtual Securit S stems
Optimize the use of security and networking hardwaresystems in data centersProvide custom levels of securit for each virtual server
Fortinet Confidential
-
8/6/2019 Virtualization Fortinet
5/11
-All Fortune 100 use virtualization solutions
c eve pos ve n o monAchieve TCO savings of 35%-75%Increase hardware utilization to 60%-80%Consolidation ratios:
10-15 : 1 in production15-20 : 1 in development & testing
Provisioning time cut from hours to minuteSave 40% by powering down underutilized physical serversDesktop management reduces power usage by 35% per year10:1 consolidation = 80%-90% less energy costsZero-downtime hardware maintenance
Fortinet Confidential
applications across physical hardware
-
8/6/2019 Virtualization Fortinet
6/11
Driving the benefits of virtualization across IT
3000 Desktops
1650 Desktops
% of x86 InfrastructureVirtualized
DataCenter
Desktop andRemote PCs
50%
50%
67%
Dev &Test
75%
IT InfrastructureHundreds
Hundreds
Dozens
4
4
15
sers es
Optimize network infrastructure
Manage and secure desktops
Maximize continuity and uptime
Optimize and automate lab infrastructure
-
8/6/2019 Virtualization Fortinet
7/11
Potential decrease in fault tolerance
ng e po n o a ure
Server management challengesPatching/rebooting physical host serversIncreased backup data and complexityVirtual server provisioning automation in heterogeneousenvironments (multiple virtualization platforms)New security risks: VM cross-infection, single point of attackMonitor both physical and virtual servers
Increased hardware re uirements for h sicalservers (memory / multi-port network adapters)Increased power consumption and cooling needs
Fortinet Confidential
-
8/6/2019 Virtualization Fortinet
8/11
Virtual Domains (VDOMs) are containers for virtualized
securit devices
Allows physical security hardware to be shared by differentdepartments or customersProvides se arate mana ement of individual VDOMs
Customer A has their own management interfaceCustomer B has their own management interface
Allows a lobal admin to control rivile es of VDOM administratorsAbility to log and report on a per-VDOM basisProvides separate security zones, FW objects, routing tables, usergroups, VPN configurations, logging to local disk, etc.
Benefits MSSP/Service providers use VDOMs to separate customers traffic Enter rises use VDOMs to se arate business units or de artments VDOMs reduce the overall cost of security infrastructure
-
8/6/2019 Virtualization Fortinet
9/11
.
omp ete networ segregat on at ot 2 & 3 ayerAbility to assign high-granular administrative privileges (vs.role-based administration)Ability to manage and enable overlapping subnetsAbility to mix transparent and NAT/route virtual securitysystems to protect VMsAbility to prevent vulnerabilities associated with sharedrouting/MAC tablesAbilit to centrall re ort on a er-VDOM basisAbility to offer truly 100% virtualized security systemsAbility to separate into isolated administrative domains
Fortinet Confidential
-
8/6/2019 Virtualization Fortinet
10/11
Enterprise Deployment (Partner Solutions)
RIVERBEDSTEELHEAD
MOBILE CLIENT
Phase 2 Deployment
RIVERBEDSTEELHEAD
BRANCH OFFICE CORPORATEOFFICE
a es ng neer ng
GenericFirewall/VPN
RIVERBEDSTEELHEAD Applications
FortiClientWinOS
Virtual Domain 1
Virtual Domain 2
Application-1X
-
DATACENTER
VMwareESX
Server
ApplicationsFortiClient
WinOS
Applications
Virtual Domain 3
Virtual Domain 4
-
Application-1X
A lication-1X
IEEE 802.1Q VLANTransparent, NAT,
Route Modes
Phase 1Deployment
FortiClientWinOS Virtual Domain 5
Application-1X Administrative
Domains(ADOMs)
FortiManager / Fort iAnalyzer
-
8/6/2019 Virtualization Fortinet
11/11
Fortinet Confidential