1 © Copyright Fortinet Inc. All rights reserved.
Security Without Compromise Per Lundberg – Major Account Manager – Fortinet Inc.
2
Infrastructure. Constant Change.
Green Google’s 13 data centers use 0.01% of global power
SDN/NFV Software-defined everything. SD WAN
SaaS On average, companies have 10+ applications running via the Cloud
IaaS Security still the No.1 inhibitor
IoT 35B devices, mostly headless attaching to the network
Virtualization 80% of data center apps are virtualized
Mobile No control of endpoints (BYOD)
Social Bandwidth ever increasing
Bandwidth Wi-Fi speeds rival LANs. 100G networks here
Analytics Big Data
Internet 2 100 Gbps and
UHDTV
5G Wireless
FUTURE
100G
3
Sell most Firewalls in the World by far – 500 000 yearly
4
Magic Quadrant Figure 2. Magic Quadrant for Unified Threat Protection
Firewall Technology
5
Global Intelligence & Control with the Cyber Threat Alliance
FortiGuard Labs
FortiGuard Sensors
FortiGuard Services
Full Visibility
Single Pane of Glass
Exchange of Threat Intelligence Info with other Manufacturers
Cyber Threat Alliance founded by Fortinet 2014. Companies we
exchange threats with.
The world's largest security cooperation of telemetry data in Security!
Four of the world's largest FW manufacturers Fortinet, PAN, Checkpoint and Cisco, as well as three of the world's largest client protection manufacturers, are changing telemetry data and Threat Intelligence, giving our customers unique protection because we together see more.
6
The Attack Surface Has Increased Dramatically Today’s Security is Borderless
Internal External
Mobile
Endpoint
Branch Office
NGFW
Campus
Data Center
DCFW UTM
IoT
PoS
Network Applications Data People
7
End to End Segmentation Critical
Internal External
Cloud On Demand
Data Center SDN Orchestration
Mobile
Endpoint
Branch Office
NGFW
Campus
Data Center
DCFW UTM
IoT
PoS
9
Fortinet Security Fabric – Protecting from IoT to Cloud
Scalable Aware Secure Actionable Open
Client Security
Network Security
Application Security
Cloud Security
Secure WLAN Access
Alliance Partners
Secure LAN Access
IoT
Fortinet Security Fabric
Global Intelligence
Local Intelligence
10
Key Fabric Attributes From IoT to Cloud
Actionable Security Scalability Awareness Scalability Open
11
Device Access Network Cloud
Distributed Enterprise
Edge Segmentation Branch
Data Center North-South
Carrier Class Private Cloud IaaS/SaaS WLAN / LAN
Rugged
Embedded System on a Chips Packet and Content Processor ASIC Hardware Dependent
Device >1G
Appliance >5G
Appliance >30G
Appliance >300G
Chassis >Terabit
Virtual Machine SDN/NFV
Virtual Machine On Demand
Client
Endpoint SDN Provisioned
Distributed NSF
Flow Based ASIC
Single Pane of Glass (Management)
Single point of Security Updates
Single Network Operating System
Scalable from IoT to Cloud
Single point of Authentication and SSO
12
Actionable Awareness Scalability Open
Key Fabric Attributes From IoT to Cloud
Security
13
Quote
”People who are really serious about software should make their own hardware.” -Alan Kay
Volvo XC90 A Cluster of Fortigates with FortiOS
HARDWARE OPTIMIZED FOR FORTI OS - NGFW, VPN, URL, NGIPS, ISFW, DC FW
Multirollstridsflyg Saab JAS Gripen
14
Parallel Path Processing (PPP)
Packet Processing
Content Inspection
Policy Management
Security for the Network Slow is Broken
CPU Only
Policy Management
Packet Processing
Deep Inspection
More Performance
Less Latency
Less Power
Less Space
CPU
Optimised
SoC
15
Security for the Cloud
Virtualization Hypervisor Port
Hypervisor
Private Cloud SDN - Orchestration Integration
Public Cloud On-Demand
IaaS Cloud
Connector API
East-West North-South
Flow
NGFW WAF Management Reporting APT
SaaS Cloud
Proxy CASI
Broker API
Hybrid
16
Security for Access - Secure Access Architecture W
LAN
Infrastructure On Premise Management
Integrated On Premise Management
Cloud Cloud Management
3 2 1
Infrastructure Integrated Cloud
FortiGate
FortiSwitch LAN
“Universal Access Point and Switch
Access Application Portfolio
Authentication/SSO
Fabric
17
Key Fabric Attributes
Actionable Security Open Scalability Awareness
From IoT to Cloud
18
Global and Local Security
App Control Antivirus Anti-spam
IPS Web App Database
Web Filtering
Vulnerability Management
Botnet Mobile Security
Cloud Sandbox
Deep App Control
Partner FortiWeb FortiMail FortiClient FortiGate
Threat Researchers
Threat Intelligence Exchange
Advanced Threat
Protection
19
Fabric Awareness Critical
Secure Access
Network Security
Application Security
USERS
Client Security Cloud Security
DATA
Topology and Data Flow
Edge Firewall
IaaS Firewall Seg FW
Seg FW
Seg FW
Sandbox
192.1.2.08 Port 442 Cloud App 1 Domain
Policy Logs
Cooperative Security Fabric
FSA 3500D
FGT 100D
FGT 1500D
FGT 3700D
FGT VM
FGT API
FGT 100D Partner
IoT
Access Point
20
Awareness Scalability Open Security
Key Fabric Attributes From IoT to Cloud
Actionable Security
21
Support Services Single Pane of Glass Migration to Cloud Based Systems
FortiCare FortiCloud FortiGuard Cloud FortiSandbox
Cloud Based Management of NGFW + Access Point
Cloud Based Management of NGFW + Access Point
Cloud Based Management of NGFW + Access Point
Threat Intelligence Advanced Threat Protection
Actionable Threat Intelligence
WAN Data Center Access
IoT Mobile
PoS Windows
FortiManager
22
Large Networks Scales well – Bubble Chart is one way to show
Bubble Chart
23
Awareness Scalability Security Actionable Security
Key Fabric Attributes From IoT to Cloud
Open
24
Open: Multiple Levels of Fabric API’s for Partner Integration
Fortinet Security Fabric
SIEM
SDN Endpoint
Cloud Virtual
Management
Ecosystem Alliance Partners
25
Cloud SDN Sandbox
Test/SSO System Integrator SIEM Management
Ecosystem Integration Points
26
Quote
”People who are really serious about software should make their own hardware.” -Alan Kay
Volvo XC90 A Cluster of Fortigates with FortiOS
HARDWARE OPTIMIZED FOR FORTI OS - NGFW, VPN, URL, NGIPS, ISFW, DC FW
Multirollstridsflyg Saab JAS Gripen