Fortinet k

© Copyright Fortinet Inc. All rights reserved.
La sécurité Globale de votre SI
du Poste de Travail au Cloud
BOULEIMEN Kamel
Manager System Engineer

3Fortinet - Confidential
2015: Another Record Year of Security Breaches
V-Tech
4.3 M exposedUS Federal
Government
OPM
21.5M +
IRS
100,000 + Taxpayer
personal information
T-Mobile
15M customers at
risk for personal and
social security data
Anthem
One-thirAmricans
affected
Hacking
Team
Ashley Madison
37M Innocent
Cheaters
Carphone
Warehouse
2.4M Users - 4% of
UK Population
UCLA Health
Twitter
Scottrade
4.6M customers
Excellus
BlueCross BlueShield
10M Patient Records
Talk Talk
157,000
customers,
21,000 bank
details stolen
British Gas
2,000
customer data
Hello Kitty
Personal information
for 3.3 million
accounts
Source: DataBreaches.net

Economic Crimes in the World
TOP FOUR
Cybercrime is Now One of the

COMPOUNDED CYBERCRIME
CRIMEWARE PRODUCERS
Source
Code
Junior
Developers
Copy & paste
Senior
Developers
Exploits Packers Special
Platforms
Mobile
CRIME SERVICES ENABLERS
Quality Assurance
Crypters / Packers
Scanners
Hosting
Infections / Drop
Zones
Management
Botnet Rentals
Installs / Spam /
SEO / DDoS
Money Mules
Accounts Receivable
Consulting
Affiliates
Criminal
Organizations
Sales, Licensing,
Maintenance
Partnerships
Affiliate Programs
FakeAV / Ransomware / Botnets
Victims
Bank
Accounts
Credential
s & Data
Digital
Real
Estate
Cybercriminal Ecosystem

Infrastructure. Constant Change.
Green
Google’s 13 data
centers use 0.01%
of global power
SDN/NFV
Software-defined
everything. SD WAN
SaaS
On average, companies
have 10+ applications
running via the Cloud
IaaS
Security still the
No.1 inhibitor
IoT
35B devices, mostly
headless attaching
to the network
Virtualization
80% of data center
apps are virtualized
Mobile
No control of
endpoints (BYOD)
Social
Bandwidth ever
increasing
Bandwidth
Wi-Fi speeds rival LANs.
100G networks here
Analytics
Big Data
Internet 2
100 Gbps and
UHDTV
5GWireless
FUTURE
100G

CLOUD SPEEDIoT
Infrastructure. Constant Change.
20 Billion
IoT devices
connected
by 2020
82%
of Enterprises
have a
multi-cloud
strategy
4X
Growth
in
100G ports

VOLUME COMMERCIALADVANCED
Security. Moving Landscape.
500,000
IPS
Attacks
Per
Minute
Item Cost
Zero Day $5K - $50K
Exploit Kit $1K - $20K
Botnet Rental 10 cents
Spam 100,000 $120
Kill Chain
Reconnaissance
Further Exploitation
Host Infection
Malware Action
1
Infiltration Vector
Exfiltration Vector
2 3
456

Per Minute
35,000 Threat events
21,000 Spam emails intercepted
545,000 Network intrusions resisted
95,000
Malware programs
neutralized
170,000 Malicious websites blocked
310,000
Botnet C&C attempts
thwarted
43M
Website categorization
requests
Per Week
46M
New & updated
spam rules
100
Intrusion prevention rules
generated
1.8M New & updated AV definitions
1.4M New URL ratings
8,000
Hours of threat research
globally
Total Database
290
Terabytes of threat
samples
18,000 Intrusion prevention rules
5,800 Application control rules
250M
Rated websites in
78 categories
312 Zero-day threats discovered
Threats. Huge Volumes.

REGULATORY CERTFICATIONGOVERNMENT
Regulatory Compliance. Evolving Requirements

Accidental Architecture
Routers
Switches
Wireless Access
NETWORK
TEAM
MESSAGING
TEAM
SECURITY
TEAM
OS
TEAM
Firewall
IPS
Web Application
Desktop OS
Antivirus
Mobile Device Mgmt
Email
Instant Messaging
Voice
Unified
Communication
Many Isolated Point Solutions

The attack surface has increased dramatically, everywhere,
inside and out.
PoS
IoT
UTM
NGFW
Campus
Mobile
Endpoint
Data Center
DCFW
Branch
Office
Internal External

End-to-End Segmentation
Branch
Office
PoS
IoT
UTM
Data Center
Cloud
SDN Orchestration
NGFW
Campus
Mobile
Endpoint
Data Center
DCFW
Internal
External

Fortinet Security Fabric – Protecting from IoT to Cloud
Client Security
Network Security
Application
Security
Cloud Security
Secure WLAN Access
Alliance Partners
Secure LAN Access
IoT
Fortinet
Security Fabric
Global Intelligence
Local
Intelligence

Fortinet Security Fabric
AccessEndpoint Application Cloud
NOC/SOC
Advanced
Threat Intelligence
Network
Fabric Ready
• Scalable
• Aware
• Secure
• Actionable
• Open

Parallel Path Processing (PPP)
Packet
Processing
Content
Inspection
Policy
Management
Scalable - The Fabric covers the entire network attack
surface (From IoT to Cloud)
Slow is Broken
CPU Only
Policy Management
Packet Processing
Deep Inspection
More Performance
Less Latency
Less Power
Less Space
CPU
Optimized
SoC
CP 9 SoC 3

Scalable - The Fabric scales from IoT to Cloud
Access
PointEndpoint
Distributed
Firewall
NGFW
Data Center
Firewall
Carrier Class
Firewall
Email & Web
Security
Private & Public
Cloud Security
Switch
1 Tbit/s
1 Gbit/s

Aware - The Fabric gives you complete visibility enabling
network segmentation
Visibility Segmentation
Automated
Operation
Fabric wide policy control
Synchronized configuration
Discovery
Data Flow
All Elements
Connectivity

Aware – Visualization of the Security Architecture
Internal Segmentation FW
NGFW
Data Center FW
Distributed
Firewall
Cloud
Firewall
Access Point
Switch
Access Point
Endpoint
Endpoint
Endpoint
Global
Management
Real-Time Network Topology and Interaction (Physical/Functional)

Aware - The Fabric gives you complete visibility

Secure – The Fabric shares Global and Local Threat
Intelligence and Mitigation Information
Global
Threat Intelligence
Cooperation
Rapid CommunicationUnknown ThreatsKnown Threats
Local
Threat Intelligence

Secure - Rapid Cooperation to Stop Threats across the
Entire Attack Surface
Global
Intelligence
Local
Intelligence
FortiMail
(Email Security)
FortiWeb
(Web Application)
FortiGate
(Firewall)
FortiClient
(Endpoint Security)

Device Access Network Cloud
Distributed
Enterprise
Edge Segmentation
Branch
Data Center
North-South
Carrier Class
SDN/NFV Private Cloud IaaS/SaaS
WLAN / LAN
Rugged
Embedded System on a Chip Packet and Content Processor ASIC Hardware Dependent
Device
>1G
Appliance
>5G
Appliance
>30G
Appliance
>300G
Chassis
>Terabit
Virtual Machine
SDN/NFV
Virtual Machine
On Demand
Client
Endpoint/IoT
Applicatio
n
Security
FLOW
Appliance
Virtual
Cloud
Secure – The Fabric cover all the possible attack vectors such
as Network, Endpoint Access, Web, Email and Cloud
Security
Updates
IPS AVAPPFW VPN

Actionable – The Fabric provides real time Security
Alerts, Recommendations and Audit Reports
5
Fabric
Element
Alert
Audit
Report
Critical5
Critical4
Critical3
Rank Severity Recommendation
Zero Day Vulnerability
Not connected to Fabric
Logging Disabled Regulatory
Template

FortiMail
FortiClient
FortiGate
Advanced
Threat
Protection
Appliance Virtual Cloud
App Control Antivirus Anti-spam
IPS Web App Database
Web
Filtering
Vulnerability
Management
Botnet
Mobile
Security
Cloud
Sandbox
Deep
App Control
Partner
FortiWeb
Actionable – The Fabric cuts Time to Protect from hours
to seconds

Continuous Monitoring and Analytics
Prepare
Segmentation
Processes
Training
Prevent
Harden
Isolate
Network
Application
Endpoint
Detect
ATP
SIEM
TIS
Respond
Contain
Remediate
Clean
1
2
3
4

End-to-End Security Operations
Sandbox to SIEM
Automation
Custom Feed
Security Analysts
Sandbox IOC
Extraction
Samples Sent for
Automated Extraction
Restful
API
Telemetry Flow
2M+ Sensors
50B+ Daily
Events
FortiGuard Global CTI
FP Reduction
Global Context
Global CTI
Database
Value-
Added
Services
Customers
QA
CTI
Platform
SIEM
SOC /
MSS
001001
101100
100011
Respond

Actionable – The Fabric provides real time Security
Audits and Recommendations
Security
Audit
Recommendations based
 on security posture
 Policy Audit
 Vulnerability awareness

Open – The Fabric allows integration of existing security
solutions
SIEM
Private
Cloud
(SDN)Endpoint
Public
Cloud
Vulnerability
Management

Open– The Fabric allows integration of other security
technologies
SDN/NFV Cloud Endpoint
Management Systems Integrator SIEM
Alliances Partners

THE FORTINET SECURITY FABRIC
REALIZED

FORTINET SECURITY FABRIC
DDoS Protection
Database
Protection
Web Application
Firewall
Application
Delivery
Controller
Top-of-Rack
BRANCH
OFFICE
Distributed Ent FW
LTE Extension
Endpoint
Protection NGFWSecure Access
Point
IP Video
Security
Email
Server
Web Servers
SDN, Virtual
Firewall
DCFW/
NGFW
Sandbox
Internal
Segmentation
FW
Sandbox
Switching
Internal
Segmentation FW
Email
Security
Internal
Segmentation
FW
CAMPUS
Internal
Segmentation FW
DATA CENTER/PRIVATE CLOUD
Virtual
Firewall
FortiCloud
Client Devices
Client Devices
PUBLIC CLOUD
OPERATIONS CENTER

DDoS Protection
Database
Protection
Web Application
Firewall
Application
Delivery
Controller
Top-of-Rack
BRANCH
OFFICE
LTE Extension
Endpoint
Protection
FortiGate
NGFW
Secure Access
Point
IP Video
Security
Email
Server
SDN, Virtual
Firewall
FortiGate
DCFW/
NGFW
Sandbox
FortiGate Internal
Segmentation FW
Sandbox
Switching
FortiGate Internal
Segmentation FW
Email
Security
FortiGate Internal
Segmentation FW
FortiGate Internal
Segmentation FW
CAMPUS
Client Devices
Web Servers
ENTERPRISE
FIREWALL
FortiGate/FortiWiFi
Distributed Ent FW
Client Devices
FortiManager
FortiAnalyzer
FortiSIEM
OPERATIONS CENTER
Virtual
Firewall
FortiCloud
PUBLIC CLOUD

DDoS Protection
Database
Protection
Web Application
Firewall
Application
Delivery
Controller
Top-of-Rack
BRANCH
OFFICE
LTE Extension
CAMPUS
Secure Access
Point
IP Video
Security
Switching
FortiGate
NGFW
FortiGate
DCFW/
NGFW
FortiGate Internal
Segmentation FW
FortiGate Internal
Segmentation FW
FortiGate Internal
Segmentation FW
FortiGate Internal
Segmentation FW
FortiGate VMX
SDN, Virtual
Firewall
Web Servers
ENTERPRISE
FIREWALL
Client Devices
CLOUD SECURITY
Client Devices
Endpoint
Protection
Email
Server
Sandbox
Sandbox
Email
Security
OPERATIONS CENTER
Fortinet
Virtual Firewall
FortiManager
FortiAnalyzer
FortiSIEM
FortiCloud
PUBLIC CLOUD
FortiGate/FortiWiFi
Distributed Ent FW

DDoS Protection
Database
Protection
Application
Delivery
Controller
Top-of-Rack
BRANCH
OFFICE
LTE Extension
CAMPUS
FortiClient
Secure Access
Point
IP Video
Security
Switching
FortiGate
NGFW
FortiGate
DCFW/
NGFW
FortiGate Internal
Segmentation FW
FortiGate Internal
Segmentation FW
FortiGate Internal
Segmentation FW
FortiGate Internal
Segmentation FW
FortiGate VMX
SDN, Virtual
Firewall
Web Servers
CLOUD SECURITYADVANCED THREAT
PROTECTION
ENTERPRISE
FIREWALL
FortiClient
FortiSandbox
FortiClient
FortiSandbox
FortiMail
Email Security
Email
Server
FortiWeb
Web Application
Firewall
OPERATIONS CENTER
FortiManager
FortiAnalyzer
FortiSIEM
Fortinet
Virtual Firewall
FortiCloud
PUBLIC CLOUD
FortiCloud Sandboxing
FortiGate/FortiWiFi
Distributed Ent FW

Top-of-Rack
BRANCH
OFFICE
LTE Extension
CAMPUS
FortiClient
Secure Access
Point
IP Video
Security
Switching
FortiGate
NGFW
FortiGate
DCFW/
NGFW
FortiGate Internal
Segmentation FW
FortiGate Internal
Segmentation FW
FortiGate Internal
Segmentation FW
FortiGate VMX
SDN, Virtual
Firewall
FortiDDoS Protection
FortiWeb
Web Application
Firewall
FortiADC
Application
Delivery
Controller
Web Servers
FortiGate Internal
Segmentation FW
APPLICATION
SECURITY
ENTERPRISE
FIREWALL
FortiClient
FortiSandbox
FortiClient
FortiSandbox
FortiMail
Email Security
FortiDB
Database
Protection
PROTECTION
Email
Server
OPERATIONS CENTER
FortiManager
FortiAnalyzer
FortiSIEM
Fortinet
Virtual Firewall
FortiCloud
PUBLIC CLOUD
FortiGate/FortiWiFi
Distributed Ent FW

FortiWeb
Web Application
Firewall
FortiADC
Application
Delivery
Controller
Top-of-Rack
BRANCH
OFFICE
FortiExtender
LTE Extension
CAMPUS
FortiClient
Secure Access
Point
IP Video
Security
FortiGate
NGFW
FortiGate
DCFW/
NGFW
FortiGate Internal
Segmentation FW
FortiGate Internal
Segmentation FW
FortiGate Internal
Segmentation FW
FortiGate VMX
SDN, Virtual
Firewall
FortiDDoS Protection
FortiGate Internal
Segmentation FW
Web Servers
SECURE ACCESS APPLICATION
SECURITY
ENTERPRISE
FIREWALL
FortiClient
FortiSandbox
FortiClient
FortiSandbox
FortiMail
Email Security
FortiSwitch
Switching
PROTECTION
FortiSwitch
Switching
Email
Server
FortiDB
Database
Protection
OPERATIONS CENTER
FortiManager
FortiAnalyzer
FortiSIEM
Fortinet
Virtual Firewall
FortiCloud
PUBLIC CLOUD
FortiCloud AP Management
FortiGate/FortiWiFi
Distributed Ent FW

Fortinet k

More Related Content

What's hot

Similar to Fortinet k

Recently uploaded

Fortinet k