Security Without Compromise Stan Easparro Channel SE Copyright Fortinet Inc. All rights reserved. 1
Infrastructure. Constant Change. Green Google s 13 data centers use 0.01% of global power SaaS On average, companies have 10+ applications running via the Cloud IoT 35B devices, mostly headless attaching to the network 5G Wireless SDN/NFV Software-defined everything. SD WAN IaaS Security still the No.1 inhibitor Analytics Big Data FUTURE Virtualization 80% of data center apps are virtualized Social Bandwidth ever increasing Mobile No control of endpoints (BYOD) 100G Bandwidth Wi-Fi speeds rival LANs. 100G networks here Internet 2 100 Gbps and UHDTV 2
The Attack Surface Has Increased Dramatically Today s Security is Borderless Network Applications Data People Endpoint Data Center Mobile Campus NGFW Branch Office UTM DCFW PoS IoT Internal External 3
End to End Segmentation Critical Endpoint Mobile Data Center SDN Orchestration Data Center Campus NGFW Branch Office PoS UTM DCFW Cloud On Demand IoT Internal External 4
Segmentation Inhibitors Communication» Too Many point solutions that do not talk to each other (SIEM)» Platform s use central Management to coordinate which is too slow to stop Advanced Threats Operations» Adding Internal Firewalls requires Automation of Security Policies» Need Visualization of end to end Network to architect the Segmentation model Performance» Internal Performance much Higher than Edge/Perimeter» Still big Gap between Firewall and NGFW Performance Segmentation Sprawl 5
Fortinet Security Fabric Protecting from IoT to Cloud Scalable Aware Secure Actionable Open IoT Client Security Global Intelligence Alliance Partners Cloud Security Fortinet Security Fabric Secure LAN Access Application Security Local Intelligence Secure WLAN Access Network Security 6
Key Fabric Attributes From IoT to Cloud Scalability Security Awareness Actionable Open 7
Scalable from IoT to Cloud Single Pane of Glass (Management) Single point of Security Updates Single Network Operating System Single point of Authentication and SSO Device Access Network Cloud Endpoint WLAN / LAN Rugged Distributed Enterprise Edge Segmentation Branch Data Center North-South Carrier Class SDN Provisioned Private Cloud IaaS/SaaS Device >1G Appliance >5G Appliance >30G Appliance >300G Chassis >Terabit Distributed NSF Virtual Machine SDN/NFV Virtual Machine On Demand Client Embedded System on a Chips Packet and Content Processor ASIC Flow Based Hardware Dependent ASIC 8
Security for the Network Slow is Broken CPU Only Parallel Path Processing (PPP) More Performance Policy Management Packet Processing Policy Management Content Inspection Optimised Less Latency Packet Processing CPU SoC Deep Inspection Less Space Less Power 9
Security for the Cloud Virtualization Hypervisor Port Private Cloud SDN - Orchestration Integration Hybrid Public Cloud On-Demand East-West North-South IaaS Cloud Hypervisor NGFW WAF Management Reporting APT Connector API Flow SaaS Cloud Proxy CASI Broker API 10
LAN WLAN Security for Access - Secure Access Architecture 1 2 3 Infrastructure On Premise Management Integrated On Premise Management Cloud Cloud Management Access Application Portfolio Authentication/SSO Infrastructure Integrated Cloud FortiGate Fabric FortiSwitch Universal Access Point and Switch 11
Key Fabric Attributes From IoT to Cloud Scalability Security Awareness Actionable Open 12
Key Fabric Attributes From IoT to Cloud Scalability Security Awareness Actionable Open 13
Global and Local Security Threat Intelligence Exchange Threat Researchers App Control Antivirus Anti-spam Vulnerability Management Web Filtering Cloud Sandbox IPS Web App Database Botnet Deep App Control Mobile Security Advanced Threat Protection FortiClient FortiGate FortiMail FortiWeb Partner 14
Key Fabric Attributes From IoT to Cloud Scalability Security Awareness Actionable Open 16
Actionable Threat Intelligence Support Services Single Pane of Glass Migration to Cloud Based Systems FortiCare FortiManager FortiCloud FortiGuard Cloud FortiSandbox Cloud Based Management of NGFW + Access Point Cloud Based Management of NGFW + Access Point Cloud Based Management of NGFW + Access Point Threat Intelligence Advanced Threat Protection IoT Mobile Access WAN Data Center PoS Windows 17
Key Fabric Attributes From IoT to Cloud Scalability Security Awareness Actionable Open 18
Open: Multiple Levels of Fabric API s for Partner Integration Ecosystem Alliance Partners SIEM Management Endpoint Fortinet Security Fabric SDN Virtual Cloud 19
Ecosystem Integration Points Cloud SDN Sandbox Test/SSO System Integrator SIEM Management 20
Thank You! Copyright Fortinet Inc. All rights reserved. 21