The Evolution of the Enterprise And Enterprise Security



Similar documents
High Performance NGFW Extended

Enabling Secure BYOD How Fortinet Provides a Secure Environment for BYOD

Next-Generation Firewalls: Critical to SMB Network Security

MSSP Advanced Threat Protection Service

WHITE PAPER SECURING DISTRIBUTED ENTERPRISE NETWORKS FOR PCI DSS 3.0 COMPLIANCE

How To Ensure Security In Pc Ds 3.0

Stop advanced targeted attacks, identify high risk users and control Insider Threats

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

The Hillstone and Trend Micro Joint Solution

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

Content-ID. Content-ID URLS THREATS DATA

Top 10 Reasons Enterprises are Moving Security to the Cloud

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

Securing your IOT journey and beyond. Alvin Rodrigues Market Development Director South East Asia and Hong Kong. What is the internet of things?

Networking for Caribbean Development

Data Center security trends

Fighting Advanced Threats

Next Generation Firewalls and Sandboxing

Advantages of Consolidating Network Security with Wireless for Small & Mid-Size Businesses

CLOUD & Managed Security Services

Requirements When Considering a Next- Generation Firewall

Achieve Deeper Network Security

Internal Network Firewall (INFW) Protecting your network from the inside out

Advanced Threat Protection Framework: What it is, why it s important and what to do with it

Next Generation Enterprise Network Security Platform

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

5 ½ Things That Make a Firewall Next Gen WHITE PAPER

REVOLUTIONIZING ADVANCED THREAT PROTECTION

Transforming Your WiFi Network Into A Secure Wireless LAN A FORTINET WHITE PAPER. Fortinet White Paper

Achieve Deeper Network Security and Application Control

A Websense White Paper Implementing Best Practices for Web 2.0 Security with the Websense Web Security Gateway

Securing the Intelligent Network

SourceFireNext-Generation IPS

Network Security Solution. Arktos Lam

How To Secure Your Store Data With Fortinet

Simple security is better security Or: How complexity became the biggest security threat

Huawei Eudemon200E-N Next-Generation Firewall

WildFire. Preparing for Modern Network Attacks

Accelerating UTM with Specialized Hardware WHITE PAPER

The Cloud App Visibility Blindspot

Network Intrusion Prevention Systems (IPS) Frequently Asked Questions FAQ

Enabling Business Beyond the Corporate Network. Secure solutions for mobility, cloud and social media

Scott Lucas: I m Scott Lucas. I m the Director of Product Marketing for the Branch Solutions Business Unit.

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Network Firewall (INFW)

WHITE PAPER. FortiGate DoS Protection Block Malicious Traffic Before It Affects Critical Applications and Systems

Providing Secure IT Management & Partnering Solution for Bendigo South East College

Using Palo Alto Networks to Protect the Datacenter

NGFWs will be most effective when working in conjunction with other layers of security controls.

Fortinet Advanced Threat Protection- Part 3

On-Premises DDoS Mitigation for the Enterprise

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

Jort Kollerie SonicWALL

How To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)

Types of cyber-attacks. And how to prevent them

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

Clean VPN Approach to Secure Remote Access for the SMB

TRITON APX. Websense TRITON APX

WHITE PAPER. Understanding How File Size Affects Malware Detection

Endpoint protection for physical and virtual desktops

Moving Beyond Proxies

High performance security for low-latency networks

Introducing IBM s Advanced Threat Protection Platform

EXTENDING THREAT PROTECTION AND CONTROL TO MOBILE WORKERS

Clean VPN Approach to Secure Remote Access

10 Strategies to Optimize IT Spending in an Economic Downturn. Wong Kang Yeong, CISA, CISM, CISSP Regional Security Architect, ASEAN

Sophistication of attacks will keep improving, especially APT and zero-day exploits

Fortigate Features & Demo

Security Services. 30 years of experience in IT business

OVERVIEW. Enterprise Security Solutions

Enabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments

The Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud

The Fortinet Secure Health Architecture

Deploying Firewalls Throughout Your Organization

Driving Success in 2013: Enabling a Smart Protection Strategy in the age of Consumerization, Cloud and new Cyber Threats. Eva Chen CEO and Co-Founder

Breach Found. Did It Hurt?

Fortinet s Data Center Solution

Emerging Trends in the Network Security Market in India, CY 2013

McAfee Network Security Platform

A Modern Framework for Network Security in the Federal Government

Product Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET

overview Enterprise Security Solutions

The Fortinet Advanced Threat Protection Framework

Controlling Web 2.0 Applications in the Enterprise SOLUTION GUIDE

FIREWALL. Features SECURITY OF INFORMATION TECHNOLOGIES

Symantec Endpoint Security Management Solutions Presentation and Demo for:

Total Cost of Ownership: Benefits of Comprehensive, Real-Time Gateway Security

Cisco RSA Announcement Update

Fortinet Secure Wireless LAN

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

Transcription:

The Evolution of the Enterprise And Enterprise Security Introduction Today's enterprise is evolving rapidly, with new technologies such as consumer-grade mobile devices, internet-based applications and cloud services supplementing or replacing the traditional corporate standard IT infrastructure and assets. These have a fundamental impact on enterprise security requirements specifically related to employees and data. Especially, in light of a corresponding evolution in the role of IT, as well as changes in the threat landscape. This paper discusses each of these technology, role and threat trends, plus emerging enterprise security requirements. Fundamental Technology Shift Mobility and BYOD According to IDC, tablet shipments have overtaken those of mobile PCs in 2013, and are predicted to surpass those of mobile and desktop PCs together in 2015. Adding in the 1 billion smartphones shipped, or simply looking around our office or home, it is clear that the way employees get work done is much different today than in the past. While this increased mobility undoubtedly has increased productivity and convenience, it also raises new challenges for IT and IT security. Attempting to manage and support such a large number and wide range of devices can be daunting. So too is the provision and control of enterprise applications and data. In the past, a single company issued Windows-based PC, with a corporate standard configuration and device-based security and authentication, was the single method for ensuring secure access to company systems and information. Today, that is no longer feasible with demands from employees and executives to use their ios and Android devices. In response, organizations are embracing (in full or in part) bring your own device (BYOD) policies. And as a result, necessary security controls are increasingly moving away from endpoints (which may no longer be seen, let alone controlled, by IT) to network checkpoints, and similarly based on users rather than devices. Takeaways Mobility and BYOD Greater network visibility and control User-rather than device-authentication FortiAuthenticator

Internet-based applications This greater mobility is driving (or is enabled by, depending on your view of things) internet-based applications and cloud services which are inherently available anytime, anywhere as opposed to the previous client-server based models of the enterprise. There is a dramatic rise in the enterprise use of social media (Facebook, LinkedIn) and cloud storage (Dropbox, Google Drive), not to mention public cloud services (SaaS, PaaS, IaaS). While this increased accessibility is a productivity driver, it also raises new security challenges. No longer are all applications provided by IT, ensuring that the content delivered is safe and the enterprise data within them secure. Instead employees are at increased risk that content delivered from 3rd party internet-based applications may be malicious and/or that data may be compromised within 3rd party, multi-tenant services or infrastructure. If nothing else, such external applications and services raise compliance and reporting challenges. In response, enterprises are looking to strike a balance between the use of such applications with security of the enterprise and its data. This starts with simply gaining visibility into what applications and services are used by employees, followed by establishing and enforcing granular policies. This is doubly challenging given such applications and services increasingly use encrypted communications as well as the fact that 1 in 3 respondents to a recent Fortinet survey indicated that they would contravene an employer policy preventing use of public loud services. Takeaways Cloud applications and services Greater application and service visibility Granular policies and enforcement Content and data security Changing Threat Landscape Advanced Persistent Threats Even as enterprises are relinquishing control over applications, services and devices and relying more heavily on network-based control points, the risk of cyber attack is higher than ever before. And the cyber threats themselves are more sophisticated- targeted, tailored, socially-engineered and even multi-staged. A simple search on "data breach" this past year will return countless headlines that make this abundantly clear. Cyber criminals are often: singling out individual organizations (or a small group of similar organizations in an industry); targeting employees with attacks crafted to fool even the wary; leveraging malware modified (and often tested) to bypass traditional security controls; moving stealthily within the organization in search of data exfiltrating that data over a period of time While established security technologies that leverage signatures, patterns, heuristics and reputations are a necessary baseline (and should be deployed for deeper Inspection at more segmentation points), PriceWaterhouse Cooper reported that 20% of large organizations had detected that they were successfully penetrated.

infrastructure. While this is a natural change, it does raise new demands and workload at a time that the group is also burdened with the complexity of a more diverse IT environment in a more dangerous threat environment as described earlier. And a respected analyst firm recently recommended that "all organizations should now assume that they are in a state of continuous compromise." As a result, organizations are examining new technologies- network and endpoint behavior analysis and forensics as well as "sandboxing"- specifically designed to address these new attacks and establish an "advanced threat defense." Takeaways APTs Deeper (IPS, AV, DLP) inspection Advanced threat protection technologies (anomaly detection, forensics and/or sandboxing) FortiSandbox The Changing Role of IT A service provider and business enabler Even as the role of IT, including IT Security, is becoming more complex as a result of the technology and threat landscape evolution, it too is transforming. In response, IT organizations are looking to reduce the complexity of managing security by consolidating mature security functions and, as much as possible, obtaining new technologies from existing vendors as features of in-place security products. Takeaways Changing Role of IT Consolidated security Integrated security capabilities FortiSandbox FortiAuthenticator Enterprise Security Requirements How security at the Enterprise Edge is changing So, how do enterprises tackle these challenges and succeed? 1. In response to the internet-based applications and cloud services increasingly used in the workplace, enterprises need fine-grained visibility and control to establish and enforce balanced policies that empower employees yet manage the risk to the enterprise. 2. As threats increase in sophistication (with an emphasis on beating established security techniques), new inspection methods that focus on activity rather than attributes are needed to complement what's already available. 3. With more business-enabling technologies being supported and advanced security technologies added at a same time that IT needs to transform into a strategic business contributor, consolidation of security functions becomes essential. More and more, such groups (staring with the CIO), are being asked to become strategic contributors to the business rather than simple caretakers of the

Solution for the Enterprise Campus Fortinet consistently offers the highest performance appliances in a price band, with flexible software platforms that enables them to be deployed in many different personalities (combinations of functions). Next Generation Firewall The foundation of the enterprise campus offering is a high performance next generation firewall (NGFW) that adds intrusion prevention, application control and antimalware to the traditional firewall/vpn combination. In particular, Fortinet NGFWs: Provide fine-grained, user or device-based visibility and control over more than 3000 discrete applications to establish/enforce appropriate policies Include powerful intrusion prevention, looking beyond port and protocol to actual content of your network traffic to identify and stop threats Leverage top rated antimalware to proactively detect malicious code seeking entry to the network Deliver actionable application and risk dashboards/reports for real-time views into network activity Run on purpose-built appliances with Custom ASICs for superior, multi-function performance, even over encrypted traffic While upgrading to a next generation firewall will certainly improve enterprise security, there is a growing recognition that there is an evolving class of highly targeted, highly tailored attacks that are specifically designed (and often tested) to bypass established defenses. In addition to the core Fortinet NGFW features described above, the following Advanced Threat Protection capabilities can be added to a FortiGate deployment: Unique dual-level sandboxing to examine code activity in simulated and virtual environments detect previously unknown threats Rich reporting on system, process, file and network behavior, including a risk rating Web filtering, botnet and call back detection to prevent communication with malicious sites and IPs Option of sharing threat information with FortiGuard labs to receive updated in-line protections Option of integrating with FortiGate and FortiMail products for simpler deployment FortiSandbox is a natural extension to your Fortinet next generation firewall. NGFW + Authentication With many organizations relinquishing control over the end user device, either supporting smartphones and tablets or moving to full BYOD, authentication of the user, becomes essential. Further, in given the sophistication of threats and increase of data breach noted earlier, there is growing need for two-factor or strong authentication. And in light of the complexity and desire for consolidation, many organizations are looking to extend their network security visibility with the control over user access. NGFW + Advanced Threat Protection

In addition to the core NGFW capabilities noted earlier, the following strong authentication functions can be easily enabled: Hardware, software, email and SMS tokens Integration with LDAP, Active Directory and radius systems End user self-service Certificate Authority Single sign on throughout the network NGFW + Secure Web Gateway The Fortinet Difference Custom ASICs, Unmatched Performance At the heart of the FortiGate next generation firewalls are purpose-built FortiASIC processors that enable high performance required for the deeper level of next generation inspection as well as the consolidation of multiple security functions onto a single appliance. Further, our integrated architecture provides extremely high throughput and exceptionally low latency, minimizing packet processing while accurately scanning the data for threats. Traditional Security Appliances that use multipurpose CPU based architectures becomes an infrastructure bottleneck. Even when using multiple multi-core general purpose processors, network security devices cannot deliver the high performance and low latency required. The only way for a Network Security Platform to scale is via purpose-built ASICs to accelerate specific parts of the packet processing and content scanning functions. FortiGate technology utilizes optimum path processing (OPP) to optimize the different resources available in packet flow. Given the transformation of IT supporting more devices, applications and services- as well as evolution of the threat landscape requiring the addition of new security technologies, organizations with relatively constrained staff and budgets are looking to consolidate mature functions in order to free up resources for newer ones. The most common consolidation for enterprises is adding Web Filtering along with the IPS, Application Control and Antimalware of the NGFW in order to replace existing Secure Web Gateways, remove unnecessary appliances and avoid expensive renewals. In addition to the core Fortinet NGFW features mentioned earlier, organizations looking to consolidate Secure Web Gateway functions can take advantage of: Dynamic web filtering covering over 56 million rated sites across 79 categories Flexible policy engine including support for Usage Quotas, User Override and more Central management and reporting to simplify administration The FortiASIC utilized by the latest FortiGate Next Generation Firewall models are: Content Processor (FortiASIC CP8) Accelerated content security such as Antimalware, VPN encryption/ decryption and Authentication processing Network Processor (FortiASIC NP6) Accelerated network security tasks such as Firewall, VPN and IPv6 translation As a result, organizations can deliver low latency end while still improving security and consolidating functions. A win for everyone.

Summary Today s enterprise is undergoing a significant transformation, with increasingly tech-savvy employees taking advantage of the latest consumergrade technologies to become more agile, efficient and more productive. However, these technologies represent a business risk as well as opportunity, especially given an evolving threat landscape and the rise of highly targeted and tailored attacks. In response, enterprises are upgrading from traditional to next generation firewalls for the visibility and control required to allow the use of these new technologies in a secure manner. Furthermore, many organizations are looking to add Advanced Threat Protection and Authentication technologies as an extension of their NGFW and/or consolidate other network security appliances like Secure Web Gateways for more manageable and cost- effective IT security that facilitates the transformation of IT in a true strategic contributor to the business. For more information on the FortiGate Network Security Platforms, please go to http:///solutions/enterprise.html.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information