Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Kanwal Sohal – SE Manager UK&I [email_address] Richard Holmes – Technical Director [email_address] WEB 2.0 & APPLICATION S...
Agenda Application Security Fortinet Protection Visibility  and Control Summary & Proof of Concept
Application Security Challenge <ul><li>Freedom of choice – who’s in control.  </li></ul>
Web 2.0 & Application Security Challenge . . . . . .  <ul><li>Shrinking DEFENCE budgets </li></ul><ul><li>Viruses, Worms, ...
Challenges facing Organisations <ul><li>Social networking sites and the blogosphere have become an integral part of many p...
Applications, Applications & Applications <ul><li>Evasive applications using non-standard ports, port-hopping, or tunnelin...
Fortinet FortiGuard Threat Analysis <ul><li>User activity exposes internal network to threat/s.  Infection vectors: </li><...
Web 2.0 - Secret Crush <ul><li>Malicious Facebook Widget - prompts users to install the infamous &quot;Zango&quot; adware/...
Web Browsing – How Safe is it? <ul><li>There is always a way into your network. </li></ul><ul><li>Even when at first glanc...
Layers of protection  <ul><li>Requires an integrated security strategy </li></ul><ul><li>Allow but don’t trust any applica...
Agenda Application Security Fortinet Protection Visibility  and Control Summary & Proof of Concept
FortiGate - Application Aware Firewall <ul><li>Industry first Tier 1 “Application Aware Firewall” identifying 1,000+ appli...
FortiGate Application Management <ul><li>Create granular policies for authorised applications. </li></ul><ul><li>Identify/...
FortiAnalyzer - Seeing is Believing
SSL Traffic Inspection <ul><li>SSL content scanning and inspection. </li></ul><ul><li>Apply antivirus scanning, web filter...
DLP Control – HTTP, EMAIL & Instant Messaging  <ul><li>DLP Sensor </li></ul><ul><ul><li>Used to define data detection rule...
Agenda Application Security Fortinet Protection Visibility  and Control Summary & Proof of Concept
Today’s Budget - Financial “Belt Tightening” <ul><li>Shrinking IT budgets driving higher demands for ROI. </li></ul><ul><u...
Impact on today's Security <ul><li>Multiple ‘pain' products. </li></ul><ul><li>Tactical purchases have led to reactive env...
Fortinet Security Simplification Industry Evolution Towards Security Simplification Cost =£+£+£+£+£+£ Budget =£+£+£ FortiG...
Getting More for Less $ <ul><li>Security Consolidation </li></ul><ul><ul><li>Reducing costs. </li></ul></ul><ul><ul><li>Im...
Fortinet End-2-End Security Network Security Host Security Data Security Application Security Management FortiGate Network...
Agenda Application Security Fortinet Protection Visibility  and Control Summary & Proof of Concept
Fortinet EMEA:  Success in All Verticals Telco/MSSP Industry Public Sector Finance Oxford University
Making Security Scalable <ul><li>Lowering the cost of security & consolidation of hardware. </li></ul><ul><li>200 User Net...
Fortinet Positioned In The Leaders Quadrant – Magic Quadrant for Multifunction Firewalls Source: Gartner, Inc., “Magic Qua...
Proof of Concept - seeing is believing …  <ul><li>All evals to date have proved  30 – 50% of HTTP traffic escapes inspecti...
Thank You
Upcoming SlideShare
Loading in …5
×

Partner Zymbian & Fortinet webinar on Web2.0 security

1,833 views

Published on

Web 2.0 communications are outstripping the use of email on corporate networks, and user 'dependence' is growing so that personal lifestyles and professional duties are becoming completely intertwined.

Published in: Technology
  • Be the first to comment

Partner Zymbian & Fortinet webinar on Web2.0 security

  1. 1. Kanwal Sohal – SE Manager UK&I [email_address] Richard Holmes – Technical Director [email_address] WEB 2.0 & APPLICATION SECURITY CHALLENGE
  2. 2. Agenda Application Security Fortinet Protection Visibility and Control Summary & Proof of Concept
  3. 3. Application Security Challenge <ul><li>Freedom of choice – who’s in control. </li></ul>
  4. 4. Web 2.0 & Application Security Challenge . . . . . . <ul><li>Shrinking DEFENCE budgets </li></ul><ul><li>Viruses, Worms, Identity theft . . . . </li></ul><ul><li>Expanding attack and threat surfaces </li></ul>
  5. 5. Challenges facing Organisations <ul><li>Social networking sites and the blogosphere have become an integral part of many peoples lives (FortiGuard) * </li></ul><ul><li>Companies increasingly realise that their people, while their greatest asset, can be their greatest vulnerability, and so need to be educated on security risks. (BERR)* </li></ul><ul><li>HTTP traffic now is not just web browsing but an “application tunnel” </li></ul><ul><li>Majority of this traffic bypasses traditional security controls or uses inefficient proxies that slow down infrastructures & still misses content </li></ul><ul><li>30% of companies are using Voice over IP telephony (BERR)* </li></ul><ul><li>Web 2.0 targeted by spam. Throughout the 12 months we witnessed a barrage of attacks on these sites: malicious social applications, Spam 2.0, worms such as Koobface, Secret Crush, and various phishing campaigns (FortiGuard ) * </li></ul>*BERR: Department for Business Enterprise & Regulatory Reform * FortiGuard: Fortinet Global Security Research Team
  6. 6. Applications, Applications & Applications <ul><li>Evasive applications using non-standard ports, port-hopping, or tunneling within trusted applications </li></ul><ul><li>Drive by infections on the increase – personal use vs. business use. </li></ul><ul><li>Security posture needs to be enhanced – business enablement. </li></ul><ul><li>Intelligent firewall with “ Application control ” a must – regain control of your network. </li></ul>
  7. 7. Fortinet FortiGuard Threat Analysis <ul><li>User activity exposes internal network to threat/s. Infection vectors: </li></ul><ul><ul><li>Instant Messaging </li></ul></ul><ul><ul><li>P2P networks </li></ul></ul><ul><ul><li>Web Browsing </li></ul></ul><ul><ul><li>Web 2.0 </li></ul></ul><ul><ul><li>Social Networking Sites </li></ul></ul><ul><ul><li>Email </li></ul></ul>This month only Severity Number of Vulnerabilities Active Exploitation Critical 15 7 High 15 7 Medium 6 3 Low 2 - Info - n/a Total 38 17 Application Name Apple ITunes, QuickTime Microsoft AD, Direct show, Excel, IE, Office, Publisher, Office, PowerPoint Citrix Presentation Server Adobe Flash Player Oracle Secure Backup, BEA Weblogic RIM Blackberry Enterprise Server EMC Alpha Store Mozilla Memory Corruption Sun Java Runtime
  8. 8. Web 2.0 - Secret Crush <ul><li>Malicious Facebook Widget - prompts users to install the infamous &quot;Zango&quot; adware/spyware. * </li></ul>Propagates by requesting other users to be added. URL = http://static.zangocash.com/Setup/46/Zango/Setup.exe Installs Exe * Source: FortiGuard (Fortinet Global Security Research Team)
  9. 9. Web Browsing – How Safe is it? <ul><li>There is always a way into your network. </li></ul><ul><li>Even when at first glance all looks safe. * </li></ul>Obfuscated script that embeds links to malicious PDF file and malicious FLASH file. * Source: FortiGuard (Fortinet Global Security Research Team)
  10. 10. Layers of protection <ul><li>Requires an integrated security strategy </li></ul><ul><li>Allow but don’t trust any application </li></ul><ul><li>Examine all application content </li></ul><ul><ul><li>Comprehensive, integrated inspection </li></ul></ul><ul><ul><li>Overlapping, complementary layers of protection </li></ul></ul>
  11. 11. Agenda Application Security Fortinet Protection Visibility and Control Summary & Proof of Concept
  12. 12. FortiGate - Application Aware Firewall <ul><li>Industry first Tier 1 “Application Aware Firewall” identifying 1,000+ applications. </li></ul><ul><li>Instant Messaging </li></ul><ul><li>Peer-to-peer </li></ul><ul><li>Voice over IP </li></ul><ul><li>File Transfer </li></ul><ul><li>Video/Audio Streaming </li></ul><ul><li>Internet Proxy </li></ul><ul><li>Remote Access Connection </li></ul><ul><li>Games </li></ul><ul><li>Web Browser Toolbar </li></ul><ul><li>Database </li></ul><ul><li>Web-based email </li></ul><ul><li>Web </li></ul><ul><li>Protocol Command </li></ul><ul><li>Internet Protocol </li></ul><ul><li>Network Services </li></ul><ul><li>Enterprise Applications </li></ul><ul><li>System Update </li></ul><ul><li>Network Backup </li></ul>
  13. 13. FortiGate Application Management <ul><li>Create granular policies for authorised applications. </li></ul><ul><li>Identify/control rogue application – allow or block </li></ul><ul><li>Add new applications. </li></ul>
  14. 14. FortiAnalyzer - Seeing is Believing
  15. 15. SSL Traffic Inspection <ul><li>SSL content scanning and inspection. </li></ul><ul><li>Apply antivirus scanning, web filtering, spam filtering & data leak prevention (DLP). </li></ul><ul><li>Re-encrypts the sessions and forwards them to their destinations. </li></ul>
  16. 16. DLP Control – HTTP, EMAIL & Instant Messaging <ul><li>DLP Sensor </li></ul><ul><ul><li>Used to define data detection rule sets. </li></ul></ul><ul><ul><li>Sensor applied in protection profile. </li></ul></ul><ul><li>DLP Actions </li></ul><ul><ul><li>Log, block, archive (to FortiAnalyzer) </li></ul></ul><ul><ul><li>Ban or quarantine user. </li></ul></ul>
  17. 17. Agenda Application Security Fortinet Protection Visibility and Control Summary & Proof of Concept
  18. 18. Today’s Budget - Financial “Belt Tightening” <ul><li>Shrinking IT budgets driving higher demands for ROI. </li></ul><ul><ul><li>Rising complexity and cost of managing and maintaining multiple security solutions. </li></ul></ul><ul><ul><li>Increased pressure to improve security service while reducing TCO. </li></ul></ul>ROI = Return on Investment TCO = Total Cost of Ownership
  19. 19. Impact on today's Security <ul><li>Multiple ‘pain' products. </li></ul><ul><li>Tactical purchases have led to reactive environments. </li></ul><ul><li>Costly implementations/renewals. </li></ul><ul><li>Lack of innovative expenditure due to reactive spending. </li></ul><ul><li>Too many suppliers, too many vendors. </li></ul><ul><li>Threat Landscape has changed. </li></ul><ul><li>Bandwidth congestion. </li></ul><ul><li>Compliance & Risk </li></ul><ul><li>Greater risk of breach/infection. </li></ul>
  20. 20. Fortinet Security Simplification Industry Evolution Towards Security Simplification Cost =£+£+£+£+£+£ Budget =£+£+£ FortiGate Appliance Technologies <ul><li>Benefits of Multi-Layered Security Platforms </li></ul><ul><li>Complements legacy point products. </li></ul><ul><li>Lower Cap Ex and Op Ex. </li></ul><ul><li>Ease of management. </li></ul><ul><li>Better risk mitigation capabilities against blended threats </li></ul>
  21. 21. Getting More for Less $ <ul><li>Security Consolidation </li></ul><ul><ul><li>Reducing costs. </li></ul></ul><ul><ul><li>Improving security posture & hardware consolidation. </li></ul></ul>$ Reducing Cost Improving Security Posture & Consolidation + FW, VPN, SSL Inspection URL,IPS,AV,AS Current Deployment
  22. 22. Fortinet End-2-End Security Network Security Host Security Data Security Application Security Management FortiGate Network Security Platform FortiManager Centralized Mgmt FortiAnalyzer Log & Reporting FortiMail Email Security FortiClient Host Security Solution FortiDB Database Security Security Services FortiGuard Real time Security Services FortiWeb XML and Web Application Security FortiScan Asset Vulnerability Mgmt
  23. 23. Agenda Application Security Fortinet Protection Visibility and Control Summary & Proof of Concept
  24. 24. Fortinet EMEA: Success in All Verticals Telco/MSSP Industry Public Sector Finance Oxford University
  25. 25. Making Security Scalable <ul><li>Lowering the cost of security & consolidation of hardware. </li></ul><ul><li>200 User Network </li></ul><ul><li>Savings over Standalone Products - $28,562 </li></ul>Security Service Fortinet Competitor App Aware Firewall / VPN $14,495 $10,899 Intrusion Prevention Included $16,569 Antivirus Included $7,736 Web Filtering Included $7,853 Totals $14,495 $43,057
  26. 26. Fortinet Positioned In The Leaders Quadrant – Magic Quadrant for Multifunction Firewalls Source: Gartner, Inc., “Magic Quadrant for SMB Multifunction Firewalls” by G. Young and A. Hils, July 10, 2009.
  27. 27. Proof of Concept - seeing is believing … <ul><li>All evals to date have proved 30 – 50% of HTTP traffic escapes inspection. </li></ul><ul><li>One eval demonstrated over 2 terabytes of unaccountable traffic on the network (downloading films etc). </li></ul><ul><li>85,000 IM connections in a week when the client said all IM was banned. </li></ul><ul><li>QQ – the Chinese ‘IM’ service rife in a secure & partitioned off hedge fund environment. </li></ul><ul><li>DLP – customer identified 800 Meg customer database file leaving network . </li></ul><ul><li>To book a POC contact Richard Holmes(richard.holmes@zymbian.co.uk) </li></ul>
  28. 28. Thank You

×