Professional Documents
Culture Documents
$252
$212
$80 $39
2005
2007
2009
Agenda
1. 2. 3. 4. 5.
Evolution of the Firewall Market Market Analysts View Enterprise Unified Threat Management Security Consolidation WLAN Security
End-to-end protection
Policy compliance for all devices, including mobile
Virtualization
Virtual appliances Multi-tenant environments
Growth of WLANs
Mobile enterprise
VPN
Connection-Based
Firewall Hardware Theft 1980s 7 1990s 2000s
Physical
Today
Spyware
Anti-Spyware
Worms
Spam Banned Content Trojans
Antivirus Antispam
Web Filter
Viruses Intrusions
IPS
Content-Based
VPN
Connection-Based
Firewall Hardware Theft 1980s 8 1990s 2000s
Physical
Today
Consolidation
Factors driving consolidation
Threats
Blended threats, multi-vector attacks exploiting blind spots
User behavior
Growth of remote workforce
Applications behavior
Webification
Costs
10
11
IDCs View
Unified Threat Management
The evolution of the traditional firewall into an all-inclusive security product:
Network firewalling Network intrusion prevention Gateway antivirus (AV)/antispam (AS) VPN Content filtering Optional technologies, such as Load balancing On-appliance reporting
VPN Firewall IPS
Web Filtering
AV/AS
Gartners View
Next Generation Firewall
Standard firewall features
Network address translation, stateful inspection, and VPN and suited for the large enterprise
IPS is "truly integrated" with the firewall. "Application-awareness" capability to recognize/control applications Extra-firewall" intelligence
Reputation analysis, integration with Active Directory, or useful blocking or vulnerability lists
VPN Firewall IPS
Web Filtering App Control
Strong Authentication
15
Deliver comprehensive solutions for the largest global networks and organizations
Improve performance Increase protection Reduce complexity
Continually raising the performance bar with purpose-built hardware and software
Rely on custom processors and latest generation general purpose processors
17
Antivirus: All malicious code Documents, macros, scripts, executables Delivered via Web, Email, USB, Instant messaging, social networks, etc
18
Error message: Drops copy of itself on system and attempts to propagate Out of date Flash player error: Download malware file
Solution:
Integrated Web Filtering Blocks access to malicious Website Network Antivirus Blocks download of virus Intrusion Protection Blocks the spread of the worm
19
End user accesses phishing site, enters credentials, and criminals now have their details
..
WEB FILTER
Phishing site sends BOT infection to user disguised as Security Update application
Content scanning prevents malicious content from being downloaded
ANTIVIRUS
End user executes BOT application, is infected and now all their data is compromised
Botnet command channel is blocked, no compromised data can be sent. Security administrator is alerted to existed of an infected system.
INTRUSION DETECTION
20
End-to-end protection
Policy compliance for all devices, including mobile
Growth of WLANs
Mobile enterprise
Virtualization
Virtual appliances Multi-tenant environments
Security Consolidation
Consolidation
Gateway features unification Integrated security appliance
Block network & content threats
Accelerated performance
10 GbE Up to 160 Gbps
23
Security Consolidation
Consolidation
Virtual Security Domains, Virtual Management & Reporting
Virtual Domains (VDOMs) Enable a single Firewall, Management and Reporting system to function as multiple independent virtual systems
24
Security Consolidation
Consolidation
Choice of form factor: run it all on physical appliances or as virtual software
DMZ/Private Zone
Public Zone
Server
Hardware Appliances
Virtual Appliances
25
End-to-end protection
Policy compliance for all devices, including mobile
Growth of WLANs
Mobile enterprise
Virtualization
Virtual appliances Multi-tenant environments
FortiGate WLAN
Ready for Prime Time
Revenue Opportunity
Enterprise Wireless LAN Market Size Forecast
$3,500.00 $3,180 $3,000.00 $2,707 $2,500.00 $2,415 $2,098 $1,801 $1,500.00 $1,706 North America EMEA Asia/Pacific Latin America Worldwide $1,000.00 $2,975
$2,000.00
$500.00
29
Encryption
Antivirus IPS UTM
Security
Scalability
Application Priority
VoWLAN
FortiOS
FortiOS
FortiOS 4.3
FortiOS 4.4
Application Control/Prioritization
WLAN is a Shared Medium Cloud means all applications
FortiGate
are HTTP
L7 Identification Required Unique to Fortinet
FortiOS
FortiOS 4.3
Rogue AP Detection
PCI Compliance requires Rogue Access Point detection and Wireless IPS at Retail locations FortiGate Rogue AP Detection and Suppression
Simultaneous Rogue Detection and background scan Simultaneous Rogue Detection and full-time scan
Wireless IPS
FortiOS
FortiOS 4.3
Guest Access
Receptionist can create a single account for visitor Following fields are customizable. Admin can force certain fields to be mandatory Expiration time can be edited by receptionist if Admin allows
FortiOS
Email accounts can be printed out or sent to visitors smart phone via SMS or Email
FortiOS 4.4
FortiPlanner - Planning/Deployment
Create floor plan
Shape, walls, windows, doors etc
Place APs
Automatic or manual
Propagation Prediction
FortiOS
FortiOS 4.3
FortiAnalyzer
Central logging/reporting Wireless PCI compliance reports
FortiOS
FortiOS 4.4
Summary
Consolidate Gateway features
Layered security Simplification
37
Thank You
Franck Bernard fbernard@fortinet.com
Centralized Management
FortiManager Centralized Device Management FortiAnalyzer
Centralized Logging and Reporting
Application Security
FortiMail
Messaging Security
FortiWeb
Web Application Firewall
Security Services
FortiGuard Real time
Security Services
Endpoint Security
FortiClient
Endpoint Security
FortiAuthenticator
Remote Access Management
FortiScan
Vulnerability Management
Web Caching
FortiCache
ISP & EnterpriseClass Content Caching
Ethernet Switches
FortiSwitch
Gigabit Ethernet Switches
FortiVoice
IP PBX & Phones
FortiGate
FortiGate
FortiAuthenticator
Standard Customer
Advanced Customer
Web
FortiWeb
FortiWeb
Web
FortiAuthenticator
FortiAuthenticator FortiGate
FortiMail
FortiGate
Email Servers
FortiGuard
FortiGate
FortiClient
FortiManager