SlideShare a Scribd company logo

Software defined security-framework_final

Download as PPTX, PDF
Lan & Wan Solutions
Lan & Wan Solutions

cloud

Software
1 of 27
© Copyright Fortinet Inc. All rights reserved. Software-Defined Security Framework Agile Cloud & SDN Lan & Wan Solutions – Soluzioni Informatiche per Reti Locali & Geografiche
2 Industry Validation for Fortinet’s Data Center Strategy “Fortinet moves into second due to its strong position and price/ performance, and [should] gain some ground at the very high end of the market.” Data Center Security Products, Biannnual Market Share, Size & Forecast, Oct 2014 Data Center Security Appliance Market Share 2015 Enterprise Firewall MQ – Fortinet Strengths: “-In addition to enterprise NGFW deployments, Fortinet is well-suited to deployments in carriers, data centers, service providers and distributed enterprises (for example, retail and franchises). -Fortinet has a well-articulated strategy regarding virtualization, public cloud and SDN, and has a promising partnership with VMware NSX.”
3 Data Center Trends BYOD, Mobility & SaaS  Anytime, anywhere access  User-centric apps & services  Customer/client responsiveness Big Data & Internet of Things  Billions of connected devices  Continuous data aggregation  Warehousing of petabytes of confidential data Network Impact  Higher core throughput & scalability  Higher port density  Increased small/mixed packet traffic  Low user latency  IPv4 to IPv6 migration  Increased east-west traffic Data Center Transformation  Server & network virtualization  Multi-tenant public clouds  Elasticity & agility
4 Data Center Consolidation and SDN Evolution Data Center Firewalls Deployments  Data center edge  Top of rack  Virtual machine protection  SDN orchestration Drivers  Data center consolidation  Migration 10G to 100G  Network segmentation  Securing East West traffic virtualization and SDN EAST WEST NORTH SOUTH Data Center/SDN VM & SDN Solution FortiGate VM Series  VMware (NSX)  Cisco ACI  OpenStack  AWS  Azure  KVM  Hyper V DC FW Solution FortiGate High End Series with 100G+ throughput in an Appliance
5 Software-Defined Security Vision Physical & Virtual Security Appliances FortiGate FortiManagerFortiSandbox FortiAnalyzer FortiWeb FortiADC Virtualization SDN Cloud (IaaS) Cloud (SaaS) vSphere XenServer Hyper-V NSX FortiMail          1. Security must integrate with & support underlying SDx Infrastructure, i.e. cloud & SDN IaaS platforms 2. Security is itself fundamental infrastructure that can and should become agile and elastic, i.e. Software-Defined, independent of other SDx transformation 
6 Fortinet’s Software-Defined Security Framework Virtual x86 Containers Hardware-Based Platforms Virtual Appliances/ Services Platform Orchestration & Automation Single Pane-of-Glass Management Software-Defined Security Framework Data Plane Control Plane Management Plane PlatformExtensibility
7 Virtual Appliances/Services Virtual Appliances & VDOM’s Provide Scale-Out Elasticity Scale-Out Performance Boundary Benefits Scale-Up Elastic Firewall Capacity East-West Traffic Visibility Deployable in Public Clouds vSphere XenServer Hyper-V
8 Platform Orchestration & Automation Auto-Scaling Firewall & Rule Provisioning SDN Flow Visibility (dynamic flow control, overlay/ underlay traffic) Dynamic Policies (follow logical port, IP, MAC) Benefits VM VM VM VMware Control Plane Fortinet Service VM Control Plane Orchestration  Network Visibility  Elastic provisioning  Distributed  Object-based policy Agility Through Control Plane Integration NSX ACI
9 Single Pane-of-Glass Management Consistent Policies and Posture Across the Hybrid Cloud Public Cloud Physical Networks Virtualization Centralized Management and Policy VM VM VM VMware VM Management & Policy Logging & Analysis SaaS-Based Portal
10 Software-Defined Security Use Cases Auto-Scale/Auto-Provision Protection for Elastic Workloads Hypervisor Hypervisor Requirements Solution Auto-scale virtual firewall capacity to new virtualization hosts FortiGate-VMX Auto-provision firewall rules to new workload VM instances FortiGate-VMX, FortiGate for Cisco ACI Orchestrate firewall service insertion, service chaining (via SDN flow control) FortiGate-VMX, FortiGate for Cisco ACI Orchestrate physical and virtual firewalls FortiGate for Cisco ACI Distributed firewall rules across cluster or data center FortiGate-VMX, FortiGate for Cisco ACI Scale web apps and social media to connect virally with customers, partners, users at cloud speed, while transparently ensuring data privacy & compliance IaaS
11 Centralized Policy and Logging/Reporting Software-Defined Security Use Cases Secure Inter-VM Traffic in Virtual Environments FortiAnalyzer North-South Data Center Edge East-West Hypervisor Hypervisor FortiManager Requirements Solution Inter-VM traffic visibility FortiGate-VM or FortiGate-VMX Stateful firewall session during live VM migration (e.g. vMotion) FortiGate-VMX Distributed firewall across cluster (policies follow VM independent of logical IP/MAC) FortiGate-VMX Distributed firewall rules across distributed virtual switch FortiGate-VMX Inspect VXLAN encapsulated traffic FortiGate-VMX Centralized management across physical and virtual firewalls FortiManager, FortiAnalyzer Virtual Machine Firewall (East  West) Data Center Firewall (North  South) Overcome visibility and enforcement challenges with inter-VM traffic and logical networks
12 Software-Defined Security Micro-Segmentation in Consolidated Data Centers Mitigate increasing concentration of data and risk in consolidated and multi-tenant data centers  Declarative, whitelist-based policy model  Fine-grained honeycomb based on users, roles, other metadata  Deploy into flat, open networks without disrupting network and infrastructure Leaf nodes Cisco APIC Spine nodes
13 Platform Extensibility & Ecosystem Integration Virtual x86 Containers Hardware-Based Platforms Virtual Appliances/ Services Platform Orchestration & Automation Single Pane-of-Glass Management Software-Defined Security Framework Data Plane Control Plane Management Plane PlatformExtensibility Cloud/SDN Ecosystem XML JSO N Other Interfaces Logging/ Event SDN Controllers Programmable Switches Cloud Management Centralized Policy & Analytics Orchestration Platforms Mgmt API’s CLI/ Scripting
14 Fortinet Programmable Networking Partnership Ecosystem ORCHESTRATION PLATFORMS PROGRAMMABLE SWITCHING • ACI announced • vCNS certified • NSX program CENTRALIZED POLICY & ANALYTICS PlatformExtensibility Software-DefinedSecurityFramework SDN CONTROLLERS API’s
Fortinet Solutions Lan & Wan Solutions Innovare la tua Azienda. La nostra sfida
16 Fortinet Virtual Appliance Platform Support VMware Citrix Open Source Amazon Microsoft Virtual Appliance vSphere v4.0/v4.1 vSphere v5.0 vSphere v5.1 vSphere v5.5 Xen Server v5.6 SP2 Xen Server v6.0+ Xen KVM AWS Hyper-V 2008 R2 Hyper-V 2012 FortiGate-VM ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔* ✔ ✔ FortiManager-VM ✔ ✔ ✔ ✔ ✔ ✔ ✔ FortiAnalyzer-VM ✔ ✔ ✔ ✔ ✔ ✔ ✔ FortiWeb-VM ✔ ✔ ✔ ✔ ✔ ✔ ✔* ✔ FortiMail-VM ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ FortiSandbox-VM ✔ ✔ FortiAuthenticator-VM ✔ ✔ ✔ ✔ ✔ ✔ FortiADC-VM ✔ ✔ ✔ FortiCache-VM ✔ ✔ ✔ ✔ FortiVoice-VM ✔ ✔ ✔ ✔ ✔ ✔ FortiRecorder-VM ✔ ✔ ✔ ✔ ✔ ✔ FortiGate-VMX ✔
17 Fortinet FortiGate-VMX • The Challenge » Tight integration with virtualization/network platform • VMware Network Extensibility APIs (NetX) » Shared object database for easy creation of security policies » Automated deployment of security services and policy enforcement » Easily support live migration(s) of applications within clustered environments » Dynamic security policy updates for newly created services without normal time lag paper trail requests Q4 2014Q3 2014January 2014 2015
18 VMware Kernel VMware Kernel vDistributed Switch 1. Initiate communication with vCenter Server 2. Register Fortinet as security service with vCNS Manager 3.Auto-deployFortiGate-VMXtoallhostsinsecuritycluster 4.FortiGate-VMXconnectswithFortiGate- VMXServiceManager 5. License verification and configuration synchronization with FortiGate-VMX 6.Kernelagentcreationanddefaultre-directionrulesforeach hostincluster 7. Real-time updates of object database 8.PushpolicysynchronizationtoallFortiGate- VMXdeployedincluster Fortinet FortiGate-VMX
19 Cisco ACI Partnership Source: Infonetics Technology collaboration with Cisco to bring Fortinet’s data center security to #1 SDN platform sought by enterprise customers  Joint PR and demo at RSA Conference »Integration of FortiGate into Cisco ACI deployment  Joint demo at Interop (April 2015)  Product launch targeted late Q2 2015
20 Cisco ACI (Application Centric Infrastructure) Overview Spine nodes Leaf nodes ACI Fabric in Datacenter APIC VM VM VMVM VM VM External Internal NET-a NET-b  PoC shows FortiGate service insertion and orchestration in Cisco APIC » APIC (Application Policy Infrastructure Controller) is SDN controller » FortiGate device package contains XML metadata » Customer benefits vary with use case, e.g. auto-provision new workloads in multi-tenant clouds
21 OpenStack Integration Efforts  Service Providers – Open Source OpenStack » With open source through extensible mgmt API » In production in NEC and other provider clouds  Enterprise – Supportable OpenStack distro » HP Helion OpenStack emerging as frontrunner – need out- of-box integration » Fortinet announced HP AllianceOne partnership » FG-VM certified HP Helion Ready VM VM VM Hypervisor
Software-Defined Security for Service Providers Lan & Wan Solutions Innovare la tua Azienda. La nostra sfida
23 Software-Defined Security Framework Extensions for Service Providers Virtual x86 Containers Hardware-Based Platforms PlatformExtensibility Virtual Appliances/ Services Platform Orchestration & Automation Single Pane-of-Glass Management Software-Defined Security Framework Cloud/SDN Ecosystem XML JSON Other Interfaces Logging/ Event SDN Controllers Programmable Switches Cloud Management Centralized Policy & Analytics Orchestration Platforms Mgmt API’s CLI/ Scripting Data Plane Control Plane Management Plane SaaS Multi-Tenancy On-Demand Self-Service Network Function Virtualization Service Provider Extensions
24 Network Function Virtualization Firewall VNF Service Chaining – Modular, Interoperable, Scalable  ETSI Multi-Vendor PoC on D-NFV (CPE)  D-NFV Alliance – Commercialized Offering on RAD Hardware
25 Orchestration  Deployment and instantation  Service Insertion into virtual network On-Demand Self-Service – Utility-Based Pricing/Metering Benefits Pricing Options  Hourly/Annual (per-instance)  Five different instance sizes  Bundled support subscription Utility-based Consumption  Licensing  Provisioning  Metering  Billing Protection On-Demand Pay-as-you-Go User/Tenant Self-Service
26 SaaS Multi-Tenancy - FortiPrivateCloud
Lan & Wan Solutions Innovare la tua Azienda. La nostra sfida

Recommended

TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecRobb Boyd
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint OverviewLeonardo Antichi
 
Data center webinar_v2_1
Data center webinar_v2_1Data center webinar_v2_1
Data center webinar_v2_1Lancope, Inc.
 
Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Sean Xie
 
Next Generation Firewall and IPS
Next Generation Firewall and IPSNext Generation Firewall and IPS
Next Generation Firewall and IPSData#3 Limited
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeCisco Enterprise Networks
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
F5's IP Intelligence Service
F5's IP Intelligence ServiceF5's IP Intelligence Service
F5's IP Intelligence ServiceF5 Networks
 

Recommended

TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecRobb Boyd
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint OverviewLeonardo Antichi
 
Data center webinar_v2_1
Data center webinar_v2_1Data center webinar_v2_1
Data center webinar_v2_1Lancope, Inc.
 
Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Sean Xie
 
Next Generation Firewall and IPS
Next Generation Firewall and IPSNext Generation Firewall and IPS
Next Generation Firewall and IPSData#3 Limited
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeCisco Enterprise Networks
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
F5's IP Intelligence Service
F5's IP Intelligence ServiceF5's IP Intelligence Service
F5's IP Intelligence ServiceF5 Networks
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
My Final Year Project
My Final Year ProjectMy Final Year Project
My Final Year ProjectMOHAMMEDELALAM1
 
checkpoint
checkpointcheckpoint
checkpointMayank Dhingra
 
Solving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective SecuritySolving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective SecurityLancope, Inc.
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 
Forti web
Forti webForti web
Forti webLan & Wan Solutions
 
Securing your Windows Network with the Microsoft Security Baselines
Securing your Windows Network with the Microsoft Security BaselinesSecuring your Windows Network with the Microsoft Security Baselines
Securing your Windows Network with the Microsoft Security BaselinesFrank Lesniak
 
SDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_NetworksSDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_NetworksSrinivasa Addepalli
 
TechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISETechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISERobb Boyd
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Micro-Segmentation for Data Centers - Without Using Internal Firewalls
Micro-Segmentation for Data Centers - Without Using Internal FirewallsMicro-Segmentation for Data Centers - Without Using Internal Firewalls
Micro-Segmentation for Data Centers - Without Using Internal FirewallsColorTokens Inc
 
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallAli Kapucu
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introductionJimmy Saigon
 
Remote Access Security
Remote Access SecurityRemote Access Security
Remote Access Securitysyrinxtech
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsIncheon Park
 
Integration of pola alto and v mware nsx to protect virtual and cloud environ...
Integration of pola alto and v mware nsx to protect virtual and cloud environ...Integration of pola alto and v mware nsx to protect virtual and cloud environ...
Integration of pola alto and v mware nsx to protect virtual and cloud environ...David kankam
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...Amazon Web Services
 
Windows server hardening 1
Windows server hardening 1Windows server hardening 1
Windows server hardening 1Frank Avila Zapata
 
Security of software defined networking (sdn) and cognitive radio network (crn)
Security of software defined networking (sdn) and cognitive radio network (crn)Security of software defined networking (sdn) and cognitive radio network (crn)
Security of software defined networking (sdn) and cognitive radio network (crn)Ameer Sameer
 
Towards a Reliable SDN Firewall
Towards a Reliable SDN FirewallTowards a Reliable SDN Firewall
Towards a Reliable SDN FirewallOpen Networking Summits
 

More Related Content

What's hot

Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Solving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective SecuritySolving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective SecurityLancope, Inc.
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 
Securing your Windows Network with the Microsoft Security Baselines
Securing your Windows Network with the Microsoft Security BaselinesSecuring your Windows Network with the Microsoft Security Baselines
Securing your Windows Network with the Microsoft Security BaselinesFrank Lesniak
 
SDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_NetworksSDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_NetworksSrinivasa Addepalli
 
TechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISETechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISERobb Boyd
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Micro-Segmentation for Data Centers - Without Using Internal Firewalls
Micro-Segmentation for Data Centers - Without Using Internal FirewallsMicro-Segmentation for Data Centers - Without Using Internal Firewalls
Micro-Segmentation for Data Centers - Without Using Internal FirewallsColorTokens Inc
 
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallAli Kapucu
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introductionJimmy Saigon
 
Remote Access Security
Remote Access SecurityRemote Access Security
Remote Access Securitysyrinxtech
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsIncheon Park
 
Integration of pola alto and v mware nsx to protect virtual and cloud environ...
Integration of pola alto and v mware nsx to protect virtual and cloud environ...Integration of pola alto and v mware nsx to protect virtual and cloud environ...
Integration of pola alto and v mware nsx to protect virtual and cloud environ...David kankam
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...Amazon Web Services
 

What's hot (20)

Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
 
My Final Year Project
My Final Year ProjectMy Final Year Project
My Final Year Project
 
checkpoint
checkpointcheckpoint
checkpoint
 
Solving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective SecuritySolving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective Security
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPS
 
Forti web
Forti webForti web
Forti web
 
Securing your Windows Network with the Microsoft Security Baselines
Securing your Windows Network with the Microsoft Security BaselinesSecuring your Windows Network with the Microsoft Security Baselines
Securing your Windows Network with the Microsoft Security Baselines
 
SDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_NetworksSDN_and_NFV_technologies_in_IoT_Networks
SDN_and_NFV_technologies_in_IoT_Networks
 
TechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISETechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISE
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overview
 
Micro-Segmentation for Data Centers - Without Using Internal Firewalls
Micro-Segmentation for Data Centers - Without Using Internal FirewallsMicro-Segmentation for Data Centers - Without Using Internal Firewalls
Micro-Segmentation for Data Centers - Without Using Internal Firewalls
 
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation Firewall
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introduction
 
Remote Access Security
Remote Access SecurityRemote Access Security
Remote Access Security
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT Professionals
 
Integration of pola alto and v mware nsx to protect virtual and cloud environ...
Integration of pola alto and v mware nsx to protect virtual and cloud environ...Integration of pola alto and v mware nsx to protect virtual and cloud environ...
Integration of pola alto and v mware nsx to protect virtual and cloud environ...
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
 
Windows server hardening 1
Windows server hardening 1Windows server hardening 1
Windows server hardening 1
 

Viewers also liked

Security of software defined networking (sdn) and cognitive radio network (crn)
Security of software defined networking (sdn) and cognitive radio network (crn)Security of software defined networking (sdn) and cognitive radio network (crn)
Security of software defined networking (sdn) and cognitive radio network (crn)Ameer Sameer
 
Security Advantages of Software-Defined Networking
Security Advantages of Software-Defined NetworkingSecurity Advantages of Software-Defined Networking
Security Advantages of Software-Defined NetworkingPriyanka Aash
 
Software defined network based firewall technique
Software defined network based firewall techniqueSoftware defined network based firewall technique
Software defined network based firewall techniqueIAEME Publication
 
Linux Based Advanced Routing with Firewall and Traffic Control
Linux Based Advanced Routing with Firewall and Traffic ControlLinux Based Advanced Routing with Firewall and Traffic Control
Linux Based Advanced Routing with Firewall and Traffic Controlsandy_vasan
 
SDN and Mininet: Some Basic Concepts
SDN and Mininet: Some Basic ConceptsSDN and Mininet: Some Basic Concepts
SDN and Mininet: Some Basic ConceptsEswar Publications
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Ben Rothke
 
Introduction to OpenFlow
Introduction to OpenFlowIntroduction to OpenFlow
Introduction to OpenFlowrjain51
 
Lab 5: Interconnecting a Datacenter using Mininet
Lab 5: Interconnecting a Datacenter using MininetLab 5: Interconnecting a Datacenter using Mininet
Lab 5: Interconnecting a Datacenter using MininetZubair Nabi
 
SD-WAN: Why should you care?
SD-WAN: Why should you care?SD-WAN: Why should you care?
SD-WAN: Why should you care?CloudSyntrix
 
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloudMaximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloudVeloCloud Networks, Inc.
 
Enterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WANEnterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WANToshal Dudhwala
 
Software Defined Network - SDN
Software Defined Network - SDNSoftware Defined Network - SDN
Software Defined Network - SDNVenkata Naga Ravi
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...IBM Security
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityIBM Security
 

Viewers also liked (20)

Security of software defined networking (sdn) and cognitive radio network (crn)
Security of software defined networking (sdn) and cognitive radio network (crn)Security of software defined networking (sdn) and cognitive radio network (crn)
Security of software defined networking (sdn) and cognitive radio network (crn)
 
Towards a Reliable SDN Firewall
Towards a Reliable SDN FirewallTowards a Reliable SDN Firewall
Towards a Reliable SDN Firewall
 
Security Advantages of Software-Defined Networking
Security Advantages of Software-Defined NetworkingSecurity Advantages of Software-Defined Networking
Security Advantages of Software-Defined Networking
 
Software defined network based firewall technique
Software defined network based firewall techniqueSoftware defined network based firewall technique
Software defined network based firewall technique
 
Linux Based Advanced Routing with Firewall and Traffic Control
Linux Based Advanced Routing with Firewall and Traffic ControlLinux Based Advanced Routing with Firewall and Traffic Control
Linux Based Advanced Routing with Firewall and Traffic Control
 
Sdn command line controller lab
Sdn command line controller labSdn command line controller lab
Sdn command line controller lab
 
How to use miniedit
How to use minieditHow to use miniedit
How to use miniedit
 
SDN and Mininet: Some Basic Concepts
SDN and Mininet: Some Basic ConceptsSDN and Mininet: Some Basic Concepts
SDN and Mininet: Some Basic Concepts
 
SD WAN
SD WANSD WAN
SD WAN
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
 
Introduction to OpenFlow
Introduction to OpenFlowIntroduction to OpenFlow
Introduction to OpenFlow
 
Lab 5: Interconnecting a Datacenter using Mininet
Lab 5: Interconnecting a Datacenter using MininetLab 5: Interconnecting a Datacenter using Mininet
Lab 5: Interconnecting a Datacenter using Mininet
 
SD-WAN: Why should you care?
SD-WAN: Why should you care?SD-WAN: Why should you care?
SD-WAN: Why should you care?
 
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloudMaximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
 
Verizon Managed SD-WAN with Cisco IWAN
Verizon Managed SD-WAN with Cisco IWAN Verizon Managed SD-WAN with Cisco IWAN
Verizon Managed SD-WAN with Cisco IWAN
 
Enterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WANEnterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WAN
 
Software Defined Network - SDN
Software Defined Network - SDNSoftware Defined Network - SDN
Software Defined Network - SDN
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
 

Similar to Software defined security-framework_final

fortigate-600f-series pdf manual routeur
fortigate-600f-series pdf manual routeurfortigate-600f-series pdf manual routeur
fortigate-600f-series pdf manual routeurrezkellahhichem
 
07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet
07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet
07 - VMUGIT - Lecce 2018 - Antonio Gentile, FortinetVMUG IT
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesAngel Villar Garea
 
Gigamon Pervasive Visibility into SDDC/NSX Deployments
Gigamon Pervasive Visibility into SDDC/NSX DeploymentsGigamon Pervasive Visibility into SDDC/NSX Deployments
Gigamon Pervasive Visibility into SDDC/NSX DeploymentsAngel Villar Garea
 
Secure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptxSecure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptxYitao Cen
 
Fortinet & VMware integration
Fortinet & VMware integrationFortinet & VMware integration
Fortinet & VMware integrationVMUG IT
 
Solution Guide Secure Access Architecture
Solution Guide Secure Access ArchitectureSolution Guide Secure Access Architecture
Solution Guide Secure Access ArchitectureExclusive Networks ME
 
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersNew Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersIben Rodriguez
 
Transform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wanTransform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wanDATA SECURITY SOLUTIONS
 
Fortinet - Hk Product Overview Short V 1 6
Fortinet - Hk Product Overview Short V 1 6Fortinet - Hk Product Overview Short V 1 6
Fortinet - Hk Product Overview Short V 1 6Haris Khan
 
Why century link and savvis
Why century link and savvisWhy century link and savvis
Why century link and savvisdickcraigson
 
FortiProxy sales presentation-02022020_Vee.pptx
FortiProxy sales presentation-02022020_Vee.pptxFortiProxy sales presentation-02022020_Vee.pptx
FortiProxy sales presentation-02022020_Vee.pptxNuttapolMix
 
Why CenturyLink Savvis Cloud Leader
Why CenturyLink Savvis Cloud LeaderWhy CenturyLink Savvis Cloud Leader
Why CenturyLink Savvis Cloud LeaderErik Ginalick
 
vmware-linxdatacenter-13q3-en-case-study
vmware-linxdatacenter-13q3-en-case-studyvmware-linxdatacenter-13q3-en-case-study
vmware-linxdatacenter-13q3-en-case-studyArno Coster CM
 
FedRAMP Compliant FlexPod architecture from NetApp, Cisco, HyTrust and Coalfire
FedRAMP Compliant FlexPod architecture from NetApp, Cisco, HyTrust and CoalfireFedRAMP Compliant FlexPod architecture from NetApp, Cisco, HyTrust and Coalfire
FedRAMP Compliant FlexPod architecture from NetApp, Cisco, HyTrust and CoalfireEric Chiu
 

Similar to Software defined security-framework_final (20)

Forti os ngfw
Forti os ngfwForti os ngfw
Forti os ngfw
 
fortigate-600f-series pdf manual routeur
fortigate-600f-series pdf manual routeurfortigate-600f-series pdf manual routeur
fortigate-600f-series pdf manual routeur
 
07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet
07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet
07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use cases
 
Gigamon Pervasive Visibility into SDDC/NSX Deployments
Gigamon Pervasive Visibility into SDDC/NSX DeploymentsGigamon Pervasive Visibility into SDDC/NSX Deployments
Gigamon Pervasive Visibility into SDDC/NSX Deployments
 
Secure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptxSecure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptx
 
Fortinet & VMware integration
Fortinet & VMware integrationFortinet & VMware integration
Fortinet & VMware integration
 
Fortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-seriesFortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-series
 
Solution Guide Secure Access Architecture
Solution Guide Secure Access ArchitectureSolution Guide Secure Access Architecture
Solution Guide Secure Access Architecture
 
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data CentersNew Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
 
Transform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wanTransform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wan
 
Fortigate Modelo 90d
Fortigate Modelo 90dFortigate Modelo 90d
Fortigate Modelo 90d
 
Fortinet - Hk Product Overview Short V 1 6
Fortinet - Hk Product Overview Short V 1 6Fortinet - Hk Product Overview Short V 1 6
Fortinet - Hk Product Overview Short V 1 6
 
Why century link and savvis
Why century link and savvisWhy century link and savvis
Why century link and savvis
 
Síťová virtualizace s VMware
Síťová virtualizace s VMwareSíťová virtualizace s VMware
Síťová virtualizace s VMware
 
FortiGate_600E(2).pdf
FortiGate_600E(2).pdfFortiGate_600E(2).pdf
FortiGate_600E(2).pdf
 
FortiProxy sales presentation-02022020_Vee.pptx
FortiProxy sales presentation-02022020_Vee.pptxFortiProxy sales presentation-02022020_Vee.pptx
FortiProxy sales presentation-02022020_Vee.pptx
 
Why CenturyLink Savvis Cloud Leader
Why CenturyLink Savvis Cloud LeaderWhy CenturyLink Savvis Cloud Leader
Why CenturyLink Savvis Cloud Leader
 
vmware-linxdatacenter-13q3-en-case-study
vmware-linxdatacenter-13q3-en-case-studyvmware-linxdatacenter-13q3-en-case-study
vmware-linxdatacenter-13q3-en-case-study
 
FedRAMP Compliant FlexPod architecture from NetApp, Cisco, HyTrust and Coalfire
FedRAMP Compliant FlexPod architecture from NetApp, Cisco, HyTrust and CoalfireFedRAMP Compliant FlexPod architecture from NetApp, Cisco, HyTrust and Coalfire
FedRAMP Compliant FlexPod architecture from NetApp, Cisco, HyTrust and Coalfire
 

More from Lan & Wan Solutions

Nuova presentazione Lan & Wan Solutions Fortinet Partner
Nuova presentazione Lan & Wan Solutions Fortinet PartnerNuova presentazione Lan & Wan Solutions Fortinet Partner
Nuova presentazione Lan & Wan Solutions Fortinet PartnerLan & Wan Solutions
 
Nuova presentazione Lan & Wan Solutions
Nuova presentazione Lan & Wan SolutionsNuova presentazione Lan & Wan Solutions
Nuova presentazione Lan & Wan SolutionsLan & Wan Solutions
 
160415 lan and-wan-secure-access-architecture
160415 lan and-wan-secure-access-architecture160415 lan and-wan-secure-access-architecture
160415 lan and-wan-secure-access-architectureLan & Wan Solutions
 
scheda tecnica smartphone zona 1.21 e zona 2.22
scheda tecnica smartphone zona 1.21 e zona 2.22scheda tecnica smartphone zona 1.21 e zona 2.22
scheda tecnica smartphone zona 1.21 e zona 2.22Lan & Wan Solutions
 
scheda tecnica smartphone zona 1.21 e zona 2.22
scheda tecnica smartphone zona 1.21 e zona 2.22scheda tecnica smartphone zona 1.21 e zona 2.22
scheda tecnica smartphone zona 1.21 e zona 2.22Lan & Wan Solutions
 

More from Lan & Wan Solutions (20)

CYBER THREAT ASSESSMENT
CYBER THREAT ASSESSMENTCYBER THREAT ASSESSMENT
CYBER THREAT ASSESSMENT
 
Nuova presentazione Lan & Wan Solutions Fortinet Partner
Nuova presentazione Lan & Wan Solutions Fortinet PartnerNuova presentazione Lan & Wan Solutions Fortinet Partner
Nuova presentazione Lan & Wan Solutions Fortinet Partner
 
Nuova presentazione Lan & Wan Solutions
Nuova presentazione Lan & Wan SolutionsNuova presentazione Lan & Wan Solutions
Nuova presentazione Lan & Wan Solutions
 
CTAP
CTAPCTAP
CTAP
 
Mc business solutions set
Mc business solutions setMc business solutions set
Mc business solutions set
 
Mc partner playbook
Mc partner playbookMc partner playbook
Mc partner playbook
 
160415 lan and-wan-secure-access-architecture
160415 lan and-wan-secure-access-architecture160415 lan and-wan-secure-access-architecture
160415 lan and-wan-secure-access-architecture
 
160415 lan and-wan-ctap
160415 lan and-wan-ctap160415 lan and-wan-ctap
160415 lan and-wan-ctap
 
Lan & Wan
Lan & WanLan & Wan
Lan & Wan
 
Lan & Wan
Lan & WanLan & Wan
Lan & Wan
 
Evento 15 aprile
Evento 15 aprileEvento 15 aprile
Evento 15 aprile
 
Secure Access Architecture
Secure Access ArchitectureSecure Access Architecture
Secure Access Architecture
 
CTAP
CTAPCTAP
CTAP
 
ATP
ATPATP
ATP
 
Advanced Threat Protection
Advanced Threat ProtectionAdvanced Threat Protection
Advanced Threat Protection
 
scheda tecnica smartphone zona 1.21 e zona 2.22
scheda tecnica smartphone zona 1.21 e zona 2.22scheda tecnica smartphone zona 1.21 e zona 2.22
scheda tecnica smartphone zona 1.21 e zona 2.22
 
scheda tecnica smartphone zona 1.21 e zona 2.22
scheda tecnica smartphone zona 1.21 e zona 2.22scheda tecnica smartphone zona 1.21 e zona 2.22
scheda tecnica smartphone zona 1.21 e zona 2.22
 
Scheda tecnica hspa 08
Scheda tecnica hspa 08Scheda tecnica hspa 08
Scheda tecnica hspa 08
 
Vmware
VmwareVmware
Vmware
 
Antenne filari
Antenne filariAntenne filari
Antenne filari
 

Recently uploaded

HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...kalichargn70th171
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024Mind IT Systems
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech studentsHimanshiGarg82
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfVishalKumarJha10
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesVictorSzoltysek
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 

Recently uploaded (20)

HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 

Software defined security-framework_final

  • 1. © Copyright Fortinet Inc. All rights reserved. Software-Defined Security Framework Agile Cloud & SDN Lan & Wan Solutions – Soluzioni Informatiche per Reti Locali & Geografiche
  • 2. 2 Industry Validation for Fortinet’s Data Center Strategy “Fortinet moves into second due to its strong position and price/ performance, and [should] gain some ground at the very high end of the market.” Data Center Security Products, Biannnual Market Share, Size & Forecast, Oct 2014 Data Center Security Appliance Market Share 2015 Enterprise Firewall MQ – Fortinet Strengths: “-In addition to enterprise NGFW deployments, Fortinet is well-suited to deployments in carriers, data centers, service providers and distributed enterprises (for example, retail and franchises). -Fortinet has a well-articulated strategy regarding virtualization, public cloud and SDN, and has a promising partnership with VMware NSX.”
  • 3. 3 Data Center Trends BYOD, Mobility & SaaS  Anytime, anywhere access  User-centric apps & services  Customer/client responsiveness Big Data & Internet of Things  Billions of connected devices  Continuous data aggregation  Warehousing of petabytes of confidential data Network Impact  Higher core throughput & scalability  Higher port density  Increased small/mixed packet traffic  Low user latency  IPv4 to IPv6 migration  Increased east-west traffic Data Center Transformation  Server & network virtualization  Multi-tenant public clouds  Elasticity & agility
  • 4. 4 Data Center Consolidation and SDN Evolution Data Center Firewalls Deployments  Data center edge  Top of rack  Virtual machine protection  SDN orchestration Drivers  Data center consolidation  Migration 10G to 100G  Network segmentation  Securing East West traffic virtualization and SDN EAST WEST NORTH SOUTH Data Center/SDN VM & SDN Solution FortiGate VM Series  VMware (NSX)  Cisco ACI  OpenStack  AWS  Azure  KVM  Hyper V DC FW Solution FortiGate High End Series with 100G+ throughput in an Appliance
  • 5. 5 Software-Defined Security Vision Physical & Virtual Security Appliances FortiGate FortiManagerFortiSandbox FortiAnalyzer FortiWeb FortiADC Virtualization SDN Cloud (IaaS) Cloud (SaaS) vSphere XenServer Hyper-V NSX FortiMail          1. Security must integrate with & support underlying SDx Infrastructure, i.e. cloud & SDN IaaS platforms 2. Security is itself fundamental infrastructure that can and should become agile and elastic, i.e. Software-Defined, independent of other SDx transformation 
  • 6. 6 Fortinet’s Software-Defined Security Framework Virtual x86 Containers Hardware-Based Platforms Virtual Appliances/ Services Platform Orchestration & Automation Single Pane-of-Glass Management Software-Defined Security Framework Data Plane Control Plane Management Plane PlatformExtensibility
  • 7. 7 Virtual Appliances/Services Virtual Appliances & VDOM’s Provide Scale-Out Elasticity Scale-Out Performance Boundary Benefits Scale-Up Elastic Firewall Capacity East-West Traffic Visibility Deployable in Public Clouds vSphere XenServer Hyper-V
  • 8. 8 Platform Orchestration & Automation Auto-Scaling Firewall & Rule Provisioning SDN Flow Visibility (dynamic flow control, overlay/ underlay traffic) Dynamic Policies (follow logical port, IP, MAC) Benefits VM VM VM VMware Control Plane Fortinet Service VM Control Plane Orchestration  Network Visibility  Elastic provisioning  Distributed  Object-based policy Agility Through Control Plane Integration NSX ACI
  • 9. 9 Single Pane-of-Glass Management Consistent Policies and Posture Across the Hybrid Cloud Public Cloud Physical Networks Virtualization Centralized Management and Policy VM VM VM VMware VM Management & Policy Logging & Analysis SaaS-Based Portal
  • 10. 10 Software-Defined Security Use Cases Auto-Scale/Auto-Provision Protection for Elastic Workloads Hypervisor Hypervisor Requirements Solution Auto-scale virtual firewall capacity to new virtualization hosts FortiGate-VMX Auto-provision firewall rules to new workload VM instances FortiGate-VMX, FortiGate for Cisco ACI Orchestrate firewall service insertion, service chaining (via SDN flow control) FortiGate-VMX, FortiGate for Cisco ACI Orchestrate physical and virtual firewalls FortiGate for Cisco ACI Distributed firewall rules across cluster or data center FortiGate-VMX, FortiGate for Cisco ACI Scale web apps and social media to connect virally with customers, partners, users at cloud speed, while transparently ensuring data privacy & compliance IaaS
  • 11. 11 Centralized Policy and Logging/Reporting Software-Defined Security Use Cases Secure Inter-VM Traffic in Virtual Environments FortiAnalyzer North-South Data Center Edge East-West Hypervisor Hypervisor FortiManager Requirements Solution Inter-VM traffic visibility FortiGate-VM or FortiGate-VMX Stateful firewall session during live VM migration (e.g. vMotion) FortiGate-VMX Distributed firewall across cluster (policies follow VM independent of logical IP/MAC) FortiGate-VMX Distributed firewall rules across distributed virtual switch FortiGate-VMX Inspect VXLAN encapsulated traffic FortiGate-VMX Centralized management across physical and virtual firewalls FortiManager, FortiAnalyzer Virtual Machine Firewall (East  West) Data Center Firewall (North  South) Overcome visibility and enforcement challenges with inter-VM traffic and logical networks
  • 12. 12 Software-Defined Security Micro-Segmentation in Consolidated Data Centers Mitigate increasing concentration of data and risk in consolidated and multi-tenant data centers  Declarative, whitelist-based policy model  Fine-grained honeycomb based on users, roles, other metadata  Deploy into flat, open networks without disrupting network and infrastructure Leaf nodes Cisco APIC Spine nodes
  • 13. 13 Platform Extensibility & Ecosystem Integration Virtual x86 Containers Hardware-Based Platforms Virtual Appliances/ Services Platform Orchestration & Automation Single Pane-of-Glass Management Software-Defined Security Framework Data Plane Control Plane Management Plane PlatformExtensibility Cloud/SDN Ecosystem XML JSO N Other Interfaces Logging/ Event SDN Controllers Programmable Switches Cloud Management Centralized Policy & Analytics Orchestration Platforms Mgmt API’s CLI/ Scripting
  • 14. 14 Fortinet Programmable Networking Partnership Ecosystem ORCHESTRATION PLATFORMS PROGRAMMABLE SWITCHING • ACI announced • vCNS certified • NSX program CENTRALIZED POLICY & ANALYTICS PlatformExtensibility Software-DefinedSecurityFramework SDN CONTROLLERS API’s
  • 15. Fortinet Solutions Lan & Wan Solutions Innovare la tua Azienda. La nostra sfida
  • 16. 16 Fortinet Virtual Appliance Platform Support VMware Citrix Open Source Amazon Microsoft Virtual Appliance vSphere v4.0/v4.1 vSphere v5.0 vSphere v5.1 vSphere v5.5 Xen Server v5.6 SP2 Xen Server v6.0+ Xen KVM AWS Hyper-V 2008 R2 Hyper-V 2012 FortiGate-VM ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔* ✔ ✔ FortiManager-VM ✔ ✔ ✔ ✔ ✔ ✔ ✔ FortiAnalyzer-VM ✔ ✔ ✔ ✔ ✔ ✔ ✔ FortiWeb-VM ✔ ✔ ✔ ✔ ✔ ✔ ✔* ✔ FortiMail-VM ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ FortiSandbox-VM ✔ ✔ FortiAuthenticator-VM ✔ ✔ ✔ ✔ ✔ ✔ FortiADC-VM ✔ ✔ ✔ FortiCache-VM ✔ ✔ ✔ ✔ FortiVoice-VM ✔ ✔ ✔ ✔ ✔ ✔ FortiRecorder-VM ✔ ✔ ✔ ✔ ✔ ✔ FortiGate-VMX ✔
  • 17. 17 Fortinet FortiGate-VMX • The Challenge » Tight integration with virtualization/network platform • VMware Network Extensibility APIs (NetX) » Shared object database for easy creation of security policies » Automated deployment of security services and policy enforcement » Easily support live migration(s) of applications within clustered environments » Dynamic security policy updates for newly created services without normal time lag paper trail requests Q4 2014Q3 2014January 2014 2015
  • 18. 18 VMware Kernel VMware Kernel vDistributed Switch 1. Initiate communication with vCenter Server 2. Register Fortinet as security service with vCNS Manager 3.Auto-deployFortiGate-VMXtoallhostsinsecuritycluster 4.FortiGate-VMXconnectswithFortiGate- VMXServiceManager 5. License verification and configuration synchronization with FortiGate-VMX 6.Kernelagentcreationanddefaultre-directionrulesforeach hostincluster 7. Real-time updates of object database 8.PushpolicysynchronizationtoallFortiGate- VMXdeployedincluster Fortinet FortiGate-VMX
  • 19. 19 Cisco ACI Partnership Source: Infonetics Technology collaboration with Cisco to bring Fortinet’s data center security to #1 SDN platform sought by enterprise customers  Joint PR and demo at RSA Conference »Integration of FortiGate into Cisco ACI deployment  Joint demo at Interop (April 2015)  Product launch targeted late Q2 2015
  • 20. 20 Cisco ACI (Application Centric Infrastructure) Overview Spine nodes Leaf nodes ACI Fabric in Datacenter APIC VM VM VMVM VM VM External Internal NET-a NET-b  PoC shows FortiGate service insertion and orchestration in Cisco APIC » APIC (Application Policy Infrastructure Controller) is SDN controller » FortiGate device package contains XML metadata » Customer benefits vary with use case, e.g. auto-provision new workloads in multi-tenant clouds
  • 21. 21 OpenStack Integration Efforts  Service Providers – Open Source OpenStack » With open source through extensible mgmt API » In production in NEC and other provider clouds  Enterprise – Supportable OpenStack distro » HP Helion OpenStack emerging as frontrunner – need out- of-box integration » Fortinet announced HP AllianceOne partnership » FG-VM certified HP Helion Ready VM VM VM Hypervisor
  • 22. Software-Defined Security for Service Providers Lan & Wan Solutions Innovare la tua Azienda. La nostra sfida
  • 23. 23 Software-Defined Security Framework Extensions for Service Providers Virtual x86 Containers Hardware-Based Platforms PlatformExtensibility Virtual Appliances/ Services Platform Orchestration & Automation Single Pane-of-Glass Management Software-Defined Security Framework Cloud/SDN Ecosystem XML JSON Other Interfaces Logging/ Event SDN Controllers Programmable Switches Cloud Management Centralized Policy & Analytics Orchestration Platforms Mgmt API’s CLI/ Scripting Data Plane Control Plane Management Plane SaaS Multi-Tenancy On-Demand Self-Service Network Function Virtualization Service Provider Extensions
  • 24. 24 Network Function Virtualization Firewall VNF Service Chaining – Modular, Interoperable, Scalable  ETSI Multi-Vendor PoC on D-NFV (CPE)  D-NFV Alliance – Commercialized Offering on RAD Hardware
  • 25. 25 Orchestration  Deployment and instantation  Service Insertion into virtual network On-Demand Self-Service – Utility-Based Pricing/Metering Benefits Pricing Options  Hourly/Annual (per-instance)  Five different instance sizes  Bundled support subscription Utility-based Consumption  Licensing  Provisioning  Metering  Billing Protection On-Demand Pay-as-you-Go User/Tenant Self-Service
  • 26. 26 SaaS Multi-Tenancy - FortiPrivateCloud
  • 27. Lan & Wan Solutions Innovare la tua Azienda. La nostra sfida

Editor's Notes

  1. -Encapsulate firewall, other network security in VM -Can handle both east-west and north-south traffic -Bridged on the virtual switch to get inline -Deployable in public clouds where HW not allowed
  2. New FortiGate-VM for VMware’s Software-Defined Data Center (Networking, Compute, Storage) Phase I (2014) – Interoperates with vSphere, vCloud and NSX Visibility and enforcement of all virtual network traffic – Transparent to network topology Orchestration - Auto deployment and provisioning of FortiGate virtual appliances and software-defined network configuration Automation - Instant-on protection of new VM instances Distributed firewall - Object-based rules follow VM’s across data center VM-based rules follow IP address, port changes (e.g. due to failover or site recovery) Session state maintained across vMotion (live migration) events Phase II (2015 planning) – Direct NSX integration enhancements (only works with NSX) Potentially higher L2/L3 firewall performance Service-based – SLA-driven orchestration, policies Richer event-based workflows
  3. Customer are not for products and Security Appliances, they are looking for Security Alliances to their specific Network. FortiGate the widest range of Security Appliances from the 30D all the way to a Blade FortiOS is the most flexible Network Operating systems allowing different personalities such as Firewall, VPN, SWG, NGFW, ATP and UTM with This makes FortiGate suitable for deployment in the Enterprise Campus (Edge) Branch Office Data Center Distributed Enterprise Cloud Access
  4. Customer are not for products and Security Appliances, they are looking for Security Alliances to their specific Network. FortiGate the widest range of Security Appliances from the 30D all the way to a Blade FortiOS is the most flexible Network Operating systems allowing different personalities such as Firewall, VPN, SWG, NGFW, ATP and UTM with This makes FortiGate suitable for deployment in the Enterprise Campus (Edge) Branch Office Data Center Distributed Enterprise Cloud Access
  5. Hardware appliances can lose visibility to East-West virtual swtich traffic SDN/SDDC network virtualization can exacerbate challenges (e.g. VXLAN overlays) Logical ports, IP’s, MAC can break static policy rules