High Performance NGFW Extended

Similar documents
Internal Network Firewall (INFW) Protecting your network from the inside out

Advanced Threat Protection Framework: What it is, why it s important and what to do with it

Securing The Enterprise

Securing your IOT journey and beyond. Alvin Rodrigues Market Development Director South East Asia and Hong Kong. What is the internet of things?

CLOUD & Managed Security Services

Overview. Where other. Fortinet protects against the fullspectrum. content- and. without sacrificing performance.

Advantages of Consolidating Network Security with Wireless for Small & Mid-Size Businesses

FortiGuard Security Services

The Evolution of the Enterprise And Enterprise Security

The Fortinet Secure Health Architecture

The Fortinet Secure Health Architecture

BUSINESS OPPORTUNITY 4 CONNECTED UTM FOR SMALL OFFICES 6 SECURE COMMUNICATIONS FOR SMALL OFFICES 10 COMPETITIVE COMPARISONS 15

Next-Generation Firewalls: CEO, Miercom

Networking for Caribbean Development

MSSP Advanced Threat Protection Service

Next Generation Enterprise Network Security Platform

WHITE PAPER. Empowering the MSSP. Part 2: End To End Security Services Ecosystem

Fortinet Advanced Threat Protection- Part 3

Data Center security trends

Last Order Date (LOD) End of Order (EOO) ASM-ET4 Module 06/19/ /19/ /19/2016 ASM-FB4 ASM-FB4-G

Fortigate Features & Demo

How To Get A Fortinet Security System For Free

Next Generation Firewalls and Sandboxing

Network Security Solution. Arktos Lam

SSL Performance Problems

Unified Threat Management, Managed Security, and the Cloud Services Model

Achieve Deeper Network Security and Application Control

Achieve Deeper Network Security

What s Next for Network Security - Visibility is king! Gøran Tømte March 2013

WHITE PAPER SECURING DISTRIBUTED ENTERPRISE NETWORKS FOR PCI DSS 3.0 COMPLIANCE

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

FortiGate 200D Series

Move over, TMG! Replacing TMG with Sophos UTM

Security Services. 30 years of experience in IT business

Cisco Small Business ISA500 Series Integrated Security Appliances

Veranderende bedreigingen Security in het virtuele datacenter

How To Ensure Security In Pc Ds 3.0

Enabling Secure BYOD How Fortinet Provides a Secure Environment for BYOD

Cybercrime: evoluzione del malware e degli attacchi. Cesare Radaelli Regional Sales Manager, Italy cradaelli@paloaltonetworks.com

Microsoft TMG Replacement. How FORTINET integrated secuity platforms Help Protect the Perimeter in a Microsoft Infrastructure Environment

Fortinet Product Life Cycle Information Publication Date: August 26, 2015

Fortinet Secure Wireless LAN

Why it's time to upgrade to a Next Generation Firewall. Dickens Lee Technical Manager

SourceFireNext-Generation IPS

Stallion SIA Seminar PREVENTION FIRST. Introducing the Enterprise Security Platform. Sami Walle Regional Sales Manager

Planning a Successful NGFW Migration

Naujos kartos ugniasienės Next Generation Firewalls (NGFW) Mindaugas Kubilius, Fortinet sprendimų inžinierius

Next-Generation Firewalls: Critical to SMB Network Security

Next-Generation Firewalls: Fact and Fiction Frequently Asked Questions FAQ

Secure Cloud-Ready Data Centers Juniper Networks

NGFWs will be most effective when working in conjunction with other layers of security controls.

5 ½ Things That Make a Firewall Next Gen WHITE PAPER

Integrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Network Firewall (INFW)

White Paper. ZyWALL USG Trade-In Program

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

The Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud

Network protection and UTM Buyers Guide

The Cisco ASA 5500 as a Superior Firewall Solution

Guest Speaker. Michael Sutton Chief Information Security Officer Zscaler, Inc.

FortiGate 100D Series

Transforming Your WiFi Network Into A Secure Wireless LAN A FORTINET WHITE PAPER. Fortinet White Paper

Fortinet Product Quick Guide

Product Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET

Simple security is better security Or: How complexity became the biggest security threat

WHITE PAPER. Empowering the MSSP. Part 1: Real World Customer Needs

Is the Security Industry Ready for SSL Decryption?

Astaro Gateway Software Applications

Gateway Security at Stateful Inspection/Application Proxy

聚 碩 科 技 主 題 : 如 何 幫 企 業 行 動 商 務 建 立 安 全 機 制 職 稱 : 技 術 顧 問

Unified Threat Management Throughput Performance

FROM PRODUCT TO PLATFORM

How to choose the right NGFW for your organization: Independent 3 rd Party Testing

Cisco ASA and Cloud Web Security: Best-in-Class Network Security Combined with Best-in-Class Web Security

Blind as a Bat? Supporting Packet Decryption for Security Scanning

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

Global Reputation Monitoring The FortiGuard Security Intelligence Database WHITE PAPER

On and off premises technologies Which is best for you?

Threat-Centric Security for Service Providers

One Minute in Cyber Security

Content-ID. Content-ID URLS THREATS DATA

How To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)

Next Gen Firewall and UTM Buyers Guide

Fortinet Overview Real Time Network Protection. Stefano Chiccarelli Consultant Engineer EMEA

Connect and Secure Retail

Transcription:

High Performance NGFW Extended Enrique Millán Country Manager Colombia emillan@fortinet.com 1 Copyright 2013 Fortinet Inc. All rights reserved.

D I S C L A I M E R This document contains confidential material proprietary to Fortinet, Inc. This document and information and ideas herein may not be disclosed, copied, reproduced or distributed to anyone outside Fortinet, Inc. without prior written consent of Fortinet, Inc. This information is pre-release and forward looking and therefore is subject to change without notice. The purpose of this document is to provide a statement of the current direction of Fortinet s product strategy and product marketing efforts. Please note that this Product Roadmap is neither intended to bind Fortinet to any particular course of product marketing and development nor to constitute a part of the license agreement or any contractual agreement with Fortinet or its subsidiaries or affiliates. 2

Agenda Market High Performance Competence FortiGuard 3

Global Success with Diversified Products Billings by Region Revenue by Segment Nine of Top 10 Global 100 Nine of Top 10 Global 100 Aerospace & Defense Seven of Top 10 Global 100 Computer Services Seven of Top 10 Global 100 Major Banks 4

Global Customers Top 5 Global Carriers Top 10 Fortune 500 Top 10 Global 500 Banks 5

Network Security Market - $11B Opportunity IDC Market Forecasts (except Advanced Threat Protection, which is a Fortinet estimate) 2012 $11 Billion $1B WOC $1.2B SWG $1.9B IPS 2016 $13 Billion ATP $750M WOC $1B SWG $1B IPS $2.1B $2.7B UTM/NGFW UTM/NGFW $5.3B $725M VPN VPN $786M $2.6B FW FW $2.4B 6 Fortinet - Confidential

Analyst Perspectives No Consensus around Security Appliances Naming or Functionality - Segmentation Gateways - UTM for SMBs - NGFW for Enterprises - Enterprise Firewalls (NGFW) - SMB Firewalls (UTM) - Branch Office Firewalls - Data Center Firewalls - Integrated Security Appliance - UTM 7

Gartner Definitions UTM Standard network stateful firewall functions Remote access and site-to-site virtual private network (VPN) support Web security gateway functionality (anti-malware, URL and content filtering) Network intrusion prevention focused on blocking attacks against unpatched Windows PCs and servers All UTM products contain other security capabilities, such as email security, Web application firewalls or data loss prevention. NGFW The firewall market has evolved from simple stateful firewalls to NGFWs, incorporating full-stack inspection to support intrusion prevention, application-level inspection and granular policy control. 8

NGFW Market Drivers 1. More and more reports point to infected web sites or web applications as the primary source of infection (Application Control) 2. APTs require a new response mechanism ( Sandboxing Web Filtering) Source: Competitive Landscape: NGFW Appliance Market, WW, 2013. Gartner, 4/13.) 3. Advancements in processing power and inspection engines now offer converged security to larger enterprises (Consolidation). 9

NGFW Security Capabilities Features/Presets NGFW NGFW+ SWG NGFW+ ATP NGFW (Extend) Security FW/VPN IPS App Control Explicit Proxy Web Filter AntiVirus Sandbox Authentication* Email Filter DLP Endpoint Control Vulnerability Scan 10

Additional Consideration Initiate a multi-year plan to improve your organizations coverage of encrypted traffic and start with inbound and outbound web traffic decrypting SSL traffic on a firewall implies a loss of 74% for throughput. Source: Security Leaders Must Address Threats from Rising SSL Traffic, Gartner, 12/13.) 11

12 Focus Areas

SSL Performance Faster IPS Engine 3.0 Harnesses the power of the FortiASIC-CP8 10Gbps CP8 2Gbps FortiOS 5.0 FortiOS 5.2 13 Figures shown apply to FortiGate-3600C

FortiSandbox Deep AV Scan & Real Time 96% RAP before Sandbox No need to Sandbox if caught Cloud Check Real time check on latest malware rating Full Sandbox Catch anything not caught by signature detection Downloaded & Dropped Files Recursively Scanned Forensics Behavior Report Register FortiGate linked to FortiSandbox Integrated ATP Evolution 14 Derek Manky

FortiSandbox Deep AV Scan & Real Time 96% RAP before Sandbox No need to Sandbox if caught Cloud Check Real time check on latest malware rating Full Sandbox Catch anything not caught by signature detection Downloaded & Dropped Files Recursively Scanned Forensics Behavior Report Register FortiGate linked to FortiSandbox Integrated ATP Evolution 15 Derek Manky

Single Policy Multiple Source decision process Merges IP, User and Device Policies Single Policy to Answer Where, Who and What BYOD Specific access based on device type (limit, block) Captive Portal Single Sign On AND AND Nework Access for Users, Devices and Apps 16 Robin Liao

Building a bigger FortiGate Extended Management For remote device management wired access point Manage Only Connection Scalability, increases the number of FortiSwitches that can be managed Encrypted FortiLink Allows for wide area network connectivity for remotely sited switches Internet FortiLink 17

NSS Labs Third Party Validation FortiGate 800C FortiGate 3240C FortiGate 3600C 100% Overall Protection» Stability & Reliability» Firewall Enforcement» Security Effectiveness Lowest TCO» $2 / Protected Mbps Lowest Latency» 5 μs latency 64 byte packets Top 2 vendors 96% Overall Protection Passed 100% Evasion Tests 6.25 Gbps IPS performance Ultra low latency 96% Overall Protection Passed 100% Evasion Tests Fortinet Earned Triple Recommend Rating in the Latest NSS Labs Tests 18 https://cms.myfortinet.com/share/page/site/productportal/documentlibra ry#path=%252fcompetitive%252f0- Fortinet%252fNSS%2520Labs%2520Reports

19 NSS Labs Third Party Validation

Fortinet Advantage: Performance Mbps Firewall VPN Gbps NGFW UTM Policy Security 20 Fortinet - Confidential

Fortinet Advantage: Simplified Point Products Consolidated Solution Internet Router Web Filtering Internet Firewall AV VPN Switch FortiGate IPS/App Advanced Threat Protection (Sandbox) Data Center Firewall Next Generation Firewall Unified Threat Management 21 Fortinet - Confidential

Firewall Solutions Edge or Core Firewall (NGFW) Enterprise Campus Carrier Firewall Platform Cloud/Carrier Data Center Firewall (Core, Perimeter, VM) Data Center INTERNET Branch Firewall (NGFW) Branch Office Client Firewall (VPN) Remote End Points Distributed Enterprise Unified Threat Management (UTM) 22 Fortinet - Confidential

Two Types of Competitors Software Based Network Based Limited multifunction Performance Not Scalable for SMB or Telco Missing New Functions (NGFW) Old, Slow & No Focus 23

Deployment Scenarios FortiGate 5000 MSSP/ Carrier Data Center PA 7050 FortiGate 1000/ 3000 Enterprise Core PA 4000/ 5000 FortiGate 200-800 FortiGate 20-100 Distributed Enterprise SMB PA 2000/ 3000 PA 200/ 500 24

FortiGate 3700D vs. PA 5060 Fortinet has 8X FW Performance Price Firewall Packet Per Second (Mpps) Sessions 160Gbps $100K 100Mpps $168.5K $130K 30M 20Gbps 110Gbps 15Mpps 60Mpps 4Mbps 13M FortiGate 3700D PA 5060 40G Ports 26

Products have Poor Performance FGT 5000 MSSP/ Carrier Check Point 61000 FGT 3000 FGT 1000 FGT 200-800 FGT/FW 20-100 Data Center Enterprise Core Distributed Enterprise SMB Check Point 21000 Check Point 13500 Check Point 12000 Check Point 4000 Check Point 600 2200 30

FortiGate 3700D vs. Checkpoint 21700 Twice the Performance Half the Price Price Firewall Packet Per Second (Mpps) Sessions 160Gbps $168.5K $100K 100Mpps 110Gbps 60Mpps 30M 13M FortiGate 3700D Check Point 21700 w/ SAM 40G Ports 31

Products are Confusing & Lack Features FGT 5000 MSSP/ Carrier FGT 3000 Data Center FGT 1000 FGT 200-800 Enterprise Core Cisco ASA 5585-X Sourcefire 3D8000 Distributed Enterprise FGT/FW 20-100 Cisco ASA 5500-X SMB Cisco ASA 5505 33

FortiGate 3700D vs Cisco ASA 5585-X SSP20 Fortinet has 16X Performance 160Gbps Price Firewall Sessions Connection Per Second IPS $100K $115K 44M 300K 23 Gbps 10Gbps 1M 50K 2 Gbps FortiGate 3700D Cisco ASA 5585-SSP20 (FW/IPS) 40G Ports 34

Products are Falling Way Behind FGT 5000 MSSP/ Carrier SRX 5000 FGT 3000 FGT 1000 FGT 200-800 FGT/FW 20-100 Data Center Enterprise Core Distributed Enterprise SMB SRX 3000 SRX 1000 SRX 100-650 35

FortiGate 3700D vs. Juniper SRX 3400 Twice the Performance Half the Price Price Firewall Packet Per Second (Mpps) Sessions 160Gbps $168.5K $100K 100Mpps 30M 110Gbps 60Mpps 13M FortiGate 3700D Juniper SRX 3400 40G Ports 36

Packet Per Second Session Capacity Performance Rack Space & Performance vs. Competitors Fortinet FortiGate-5140B Juniper SRX 5800 150 Gbps firewall 15 Mpps 20M sessions Check Point 61000 200 Gbps firewall 50 Mpps 70M sessions Cisco Catalyst 6500 w/ ASA SM 80 Gbps firewall 20 Mpps 40M sessions Palo Alto PA 7050 120 Gbps firewall 105 Mpps 24M sessions 5 x $1.4M = $7M 3 x $1.267M = $3.8M 7 x $550K = $3.8M 5 x $1.253M = $6.3M VS. 7 x $1.4M = $9.8M 2 x $1.267M = $2.5M 3 x $550K = $1.6M 6 x $1.253 = $7.5M 560 Gbps firewall 630 Mpps 280M sessions Price $900K 42 x $1.4M = $58.8M 13 x $1.267M = $16.4M 32 x $550K = $17.6 M 12 x $1.253 = $15M 38 Source: Competitors US/North America Price Lists 2013

Feature & Certification Comparison No One Comes Close 39 Fortinet - Confidential

Threat Landscape Update & Strategy What is FortiGuard? FORTIGUARD ANTIVIRUS SERVICE FORTIGUARD APPLICATION CONTROL SERVICE FORTIGUARD ANTISPAM SECURITY SERVICE FORTIGUARD INTRUSION PREVENTION SERVICE FORTIGUARD WEB SECURITY SERVICE FORTIGUARD WEB FILTERING SERVICE FORTIGUARD DATABASE SECURITY SERVICE FORTIGUARD VULNERABILITY MANAGEMENT SERVICE FORTIGUARD IP REPUTATION SERVICE FortiGuard Services 40

Threat Intelligence and Response 3,100 Application control signatures 75 Terabytes Of Threat Samples 12,500 Vulnerability management signatures Spam e-mails intercepted Attempts to access malicious websites blocked 250 Million Rated websites in 78 categories 1000 Web application firewall attack signatures Network intrusion attempts resisted Website categorization requests Botnet command and control attempts thwarted Malware programs neutralized 70 Intrusion prevention signatures 8,000 Hours of research in labs around the globe 235,000 New and updated antivirus definitions 66 Million New and updated antispam signatures 725,000 URL ratings for web filtering 41

End-to-End Security Solutions FortiBalancer FortiADC Coyote Point FortiVoice FortiManager FortiAnalyzer FortiBridge FortiCamera High End FortiGate-5000 & 3000 Mid Range FortiGate-1000 to 100 Desktop FortiGate/FortiWiFi-90 to 20 FortiDNS FortiScan FortiAP FortiSandbox FortiCloud FortiSwitch FortiDDoS FortiClient FortiAuthenticator FortiToken FortiMail FortiCache 42 FortiWeb FortiDB

43

44 Let s Grow your Businesses Together!

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information