Kanwal Sohal – SE Manager UK&I [email_address] Richard Holmes – Technical Director [email_address] WEB 2.0 & APPLICATION S...
Agenda Application Security Fortinet Protection Visibility  and Control Summary & Proof of Concept
Application Security Challenge <ul><li>Freedom of choice – who’s in control.  </li></ul>
Web 2.0 & Application Security Challenge . . . . . .  <ul><li>Shrinking DEFENCE budgets </li></ul><ul><li>Viruses, Worms, ...
Challenges facing Organisations <ul><li>Social networking sites and the blogosphere have become an integral part of many p...
Applications, Applications & Applications <ul><li>Evasive applications using non-standard ports, port-hopping, or tunnelin...
Fortinet FortiGuard Threat Analysis <ul><li>User activity exposes internal network to threat/s.  Infection vectors: </li><...
Web 2.0 - Secret Crush <ul><li>Malicious Facebook Widget - prompts users to install the infamous &quot;Zango&quot; adware/...
Web Browsing – How Safe is it? <ul><li>There is always a way into your network. </li></ul><ul><li>Even when at first glanc...
Layers of protection  <ul><li>Requires an integrated security strategy </li></ul><ul><li>Allow but don’t trust any applica...
Agenda Application Security Fortinet Protection Visibility  and Control Summary & Proof of Concept
FortiGate - Application Aware Firewall <ul><li>Industry first Tier 1 “Application Aware Firewall” identifying 1,000+ appli...
FortiGate Application Management <ul><li>Create granular policies for authorised applications. </li></ul><ul><li>Identify/...
FortiAnalyzer - Seeing is Believing
SSL Traffic Inspection <ul><li>SSL content scanning and inspection. </li></ul><ul><li>Apply antivirus scanning, web filter...
DLP Control – HTTP, EMAIL & Instant Messaging  <ul><li>DLP Sensor </li></ul><ul><ul><li>Used to define data detection rule...
Agenda Application Security Fortinet Protection Visibility  and Control Summary & Proof of Concept
Today’s Budget - Financial “Belt Tightening” <ul><li>Shrinking IT budgets driving higher demands for ROI. </li></ul><ul><u...
Impact on today's Security <ul><li>Multiple ‘pain' products. </li></ul><ul><li>Tactical purchases have led to reactive env...
Fortinet Security Simplification Industry Evolution Towards Security Simplification Cost =£+£+£+£+£+£ Budget =£+£+£ FortiG...
Getting More for Less $ <ul><li>Security Consolidation </li></ul><ul><ul><li>Reducing costs. </li></ul></ul><ul><ul><li>Im...
Fortinet End-2-End Security Network Security Host Security Data Security Application Security Management FortiGate Network...
Agenda Application Security Fortinet Protection Visibility  and Control Summary & Proof of Concept
Fortinet EMEA:  Success in All Verticals Telco/MSSP Industry Public Sector Finance Oxford University
Making Security Scalable <ul><li>Lowering the cost of security & consolidation of hardware. </li></ul><ul><li>200 User Net...
Fortinet Positioned In The Leaders Quadrant – Magic Quadrant for Multifunction Firewalls Source: Gartner, Inc., “Magic Qua...
Proof of Concept - seeing is believing …  <ul><li>All evals to date have proved  30 – 50% of HTTP traffic escapes inspecti...
Thank You
Upcoming SlideShare
Loading in …5
×

Partner Zymbian & Fortinet webinar on Web2.0 security

1,629 views
1,515 views

Published on

Web 2.0 communications are outstripping the use of email on corporate networks, and user 'dependence' is growing so that personal lifestyles and professional duties are becoming completely intertwined.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,629
On SlideShare
0
From Embeds
0
Number of Embeds
14
Actions
Shares
0
Downloads
46
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • meetMOI: Location Based Mobile Dating Messmo: Lets you send messages to/from anyone’s mobile number for Free. Heap CRM: Heap is a simple CRM designed for small business with a specialized interface for the iPhone Hi Task: free web-based task management application suitable for keeping personal to-do lists, and managing your team or project. SopCast – internet p2p TV FreeCap/WideCAp – client proxy
  • Here is an example, we used a 200-user network as a basis. We obtained pricing for commonly used standalone products that would used in the environment, totaling over forty-three thousand dollars for Firewall/VPN, Intrusion Prevention, Antivirus and Web Filtering solutions. As you can see, the comparable Fortinet FortiGate solution sells for less than fifteen-thousand dollars, a difference of over twenty eight thousand dollars over the standalone products. Without even computing the savings of operational costs, you being to see why consolidation of network security makes so much sense.
  • Partner Zymbian & Fortinet webinar on Web2.0 security

    1. 1. Kanwal Sohal – SE Manager UK&I [email_address] Richard Holmes – Technical Director [email_address] WEB 2.0 & APPLICATION SECURITY CHALLENGE
    2. 2. Agenda Application Security Fortinet Protection Visibility and Control Summary & Proof of Concept
    3. 3. Application Security Challenge <ul><li>Freedom of choice – who’s in control. </li></ul>
    4. 4. Web 2.0 & Application Security Challenge . . . . . . <ul><li>Shrinking DEFENCE budgets </li></ul><ul><li>Viruses, Worms, Identity theft . . . . </li></ul><ul><li>Expanding attack and threat surfaces </li></ul>
    5. 5. Challenges facing Organisations <ul><li>Social networking sites and the blogosphere have become an integral part of many peoples lives (FortiGuard) * </li></ul><ul><li>Companies increasingly realise that their people, while their greatest asset, can be their greatest vulnerability, and so need to be educated on security risks. (BERR)* </li></ul><ul><li>HTTP traffic now is not just web browsing but an “application tunnel” </li></ul><ul><li>Majority of this traffic bypasses traditional security controls or uses inefficient proxies that slow down infrastructures & still misses content </li></ul><ul><li>30% of companies are using Voice over IP telephony (BERR)* </li></ul><ul><li>Web 2.0 targeted by spam. Throughout the 12 months we witnessed a barrage of attacks on these sites: malicious social applications, Spam 2.0, worms such as Koobface, Secret Crush, and various phishing campaigns (FortiGuard ) * </li></ul>*BERR: Department for Business Enterprise & Regulatory Reform * FortiGuard: Fortinet Global Security Research Team
    6. 6. Applications, Applications & Applications <ul><li>Evasive applications using non-standard ports, port-hopping, or tunneling within trusted applications </li></ul><ul><li>Drive by infections on the increase – personal use vs. business use. </li></ul><ul><li>Security posture needs to be enhanced – business enablement. </li></ul><ul><li>Intelligent firewall with “ Application control ” a must – regain control of your network. </li></ul>
    7. 7. Fortinet FortiGuard Threat Analysis <ul><li>User activity exposes internal network to threat/s. Infection vectors: </li></ul><ul><ul><li>Instant Messaging </li></ul></ul><ul><ul><li>P2P networks </li></ul></ul><ul><ul><li>Web Browsing </li></ul></ul><ul><ul><li>Web 2.0 </li></ul></ul><ul><ul><li>Social Networking Sites </li></ul></ul><ul><ul><li>Email </li></ul></ul>This month only Severity Number of Vulnerabilities Active Exploitation Critical 15 7 High 15 7 Medium 6 3 Low 2 - Info - n/a Total 38 17 Application Name Apple ITunes, QuickTime Microsoft AD, Direct show, Excel, IE, Office, Publisher, Office, PowerPoint Citrix Presentation Server Adobe Flash Player Oracle Secure Backup, BEA Weblogic RIM Blackberry Enterprise Server EMC Alpha Store Mozilla Memory Corruption Sun Java Runtime
    8. 8. Web 2.0 - Secret Crush <ul><li>Malicious Facebook Widget - prompts users to install the infamous &quot;Zango&quot; adware/spyware. * </li></ul>Propagates by requesting other users to be added. URL = http://static.zangocash.com/Setup/46/Zango/Setup.exe Installs Exe * Source: FortiGuard (Fortinet Global Security Research Team)
    9. 9. Web Browsing – How Safe is it? <ul><li>There is always a way into your network. </li></ul><ul><li>Even when at first glance all looks safe. * </li></ul>Obfuscated script that embeds links to malicious PDF file and malicious FLASH file. * Source: FortiGuard (Fortinet Global Security Research Team)
    10. 10. Layers of protection <ul><li>Requires an integrated security strategy </li></ul><ul><li>Allow but don’t trust any application </li></ul><ul><li>Examine all application content </li></ul><ul><ul><li>Comprehensive, integrated inspection </li></ul></ul><ul><ul><li>Overlapping, complementary layers of protection </li></ul></ul>
    11. 11. Agenda Application Security Fortinet Protection Visibility and Control Summary & Proof of Concept
    12. 12. FortiGate - Application Aware Firewall <ul><li>Industry first Tier 1 “Application Aware Firewall” identifying 1,000+ applications. </li></ul><ul><li>Instant Messaging </li></ul><ul><li>Peer-to-peer </li></ul><ul><li>Voice over IP </li></ul><ul><li>File Transfer </li></ul><ul><li>Video/Audio Streaming </li></ul><ul><li>Internet Proxy </li></ul><ul><li>Remote Access Connection </li></ul><ul><li>Games </li></ul><ul><li>Web Browser Toolbar </li></ul><ul><li>Database </li></ul><ul><li>Web-based email </li></ul><ul><li>Web </li></ul><ul><li>Protocol Command </li></ul><ul><li>Internet Protocol </li></ul><ul><li>Network Services </li></ul><ul><li>Enterprise Applications </li></ul><ul><li>System Update </li></ul><ul><li>Network Backup </li></ul>
    13. 13. FortiGate Application Management <ul><li>Create granular policies for authorised applications. </li></ul><ul><li>Identify/control rogue application – allow or block </li></ul><ul><li>Add new applications. </li></ul>
    14. 14. FortiAnalyzer - Seeing is Believing
    15. 15. SSL Traffic Inspection <ul><li>SSL content scanning and inspection. </li></ul><ul><li>Apply antivirus scanning, web filtering, spam filtering & data leak prevention (DLP). </li></ul><ul><li>Re-encrypts the sessions and forwards them to their destinations. </li></ul>
    16. 16. DLP Control – HTTP, EMAIL & Instant Messaging <ul><li>DLP Sensor </li></ul><ul><ul><li>Used to define data detection rule sets. </li></ul></ul><ul><ul><li>Sensor applied in protection profile. </li></ul></ul><ul><li>DLP Actions </li></ul><ul><ul><li>Log, block, archive (to FortiAnalyzer) </li></ul></ul><ul><ul><li>Ban or quarantine user. </li></ul></ul>
    17. 17. Agenda Application Security Fortinet Protection Visibility and Control Summary & Proof of Concept
    18. 18. Today’s Budget - Financial “Belt Tightening” <ul><li>Shrinking IT budgets driving higher demands for ROI. </li></ul><ul><ul><li>Rising complexity and cost of managing and maintaining multiple security solutions. </li></ul></ul><ul><ul><li>Increased pressure to improve security service while reducing TCO. </li></ul></ul>ROI = Return on Investment TCO = Total Cost of Ownership
    19. 19. Impact on today's Security <ul><li>Multiple ‘pain' products. </li></ul><ul><li>Tactical purchases have led to reactive environments. </li></ul><ul><li>Costly implementations/renewals. </li></ul><ul><li>Lack of innovative expenditure due to reactive spending. </li></ul><ul><li>Too many suppliers, too many vendors. </li></ul><ul><li>Threat Landscape has changed. </li></ul><ul><li>Bandwidth congestion. </li></ul><ul><li>Compliance & Risk </li></ul><ul><li>Greater risk of breach/infection. </li></ul>
    20. 20. Fortinet Security Simplification Industry Evolution Towards Security Simplification Cost =£+£+£+£+£+£ Budget =£+£+£ FortiGate Appliance Technologies <ul><li>Benefits of Multi-Layered Security Platforms </li></ul><ul><li>Complements legacy point products. </li></ul><ul><li>Lower Cap Ex and Op Ex. </li></ul><ul><li>Ease of management. </li></ul><ul><li>Better risk mitigation capabilities against blended threats </li></ul>
    21. 21. Getting More for Less $ <ul><li>Security Consolidation </li></ul><ul><ul><li>Reducing costs. </li></ul></ul><ul><ul><li>Improving security posture & hardware consolidation. </li></ul></ul>$ Reducing Cost Improving Security Posture & Consolidation + FW, VPN, SSL Inspection URL,IPS,AV,AS Current Deployment
    22. 22. Fortinet End-2-End Security Network Security Host Security Data Security Application Security Management FortiGate Network Security Platform FortiManager Centralized Mgmt FortiAnalyzer Log & Reporting FortiMail Email Security FortiClient Host Security Solution FortiDB Database Security Security Services FortiGuard Real time Security Services FortiWeb XML and Web Application Security FortiScan Asset Vulnerability Mgmt
    23. 23. Agenda Application Security Fortinet Protection Visibility and Control Summary & Proof of Concept
    24. 24. Fortinet EMEA: Success in All Verticals Telco/MSSP Industry Public Sector Finance Oxford University
    25. 25. Making Security Scalable <ul><li>Lowering the cost of security & consolidation of hardware. </li></ul><ul><li>200 User Network </li></ul><ul><li>Savings over Standalone Products - $28,562 </li></ul>Security Service Fortinet Competitor App Aware Firewall / VPN $14,495 $10,899 Intrusion Prevention Included $16,569 Antivirus Included $7,736 Web Filtering Included $7,853 Totals $14,495 $43,057
    26. 26. Fortinet Positioned In The Leaders Quadrant – Magic Quadrant for Multifunction Firewalls Source: Gartner, Inc., “Magic Quadrant for SMB Multifunction Firewalls” by G. Young and A. Hils, July 10, 2009.
    27. 27. Proof of Concept - seeing is believing … <ul><li>All evals to date have proved 30 – 50% of HTTP traffic escapes inspection. </li></ul><ul><li>One eval demonstrated over 2 terabytes of unaccountable traffic on the network (downloading films etc). </li></ul><ul><li>85,000 IM connections in a week when the client said all IM was banned. </li></ul><ul><li>QQ – the Chinese ‘IM’ service rife in a secure & partitioned off hedge fund environment. </li></ul><ul><li>DLP – customer identified 800 Meg customer database file leaving network . </li></ul><ul><li>To book a POC contact Richard Holmes(richard.holmes@zymbian.co.uk) </li></ul>
    28. 28. Thank You

    ×