forticloud overview

© Copyright Fortinet Inc. All rights reserved.

FortiCloud OverviewHosted Wireless & Cloud-based Provisioning, Management & Analytics

5/3/2016

Emeka Mgbeahuru – Inside System Engineer

Agenda

Fortinet Fabric Teaser

FortiCloud Overview

Cloud-based Provisioning – FortiDeploy

Cloud-based Management

Network Visibility and Cloud Sandboxing

FortiCloud Indicator Of Compromise

3

Advanced Threat

Intelligence

Client Cloud

Partner API

NOC/SOC

Network

ApplicationAccess

Broad

Powerful

Automated

4

CoverageVisibility

Application Security

Cloud Security

Client/IoT Security

Access Security

Network Security

BROAD – The Fabric Gives Customers Complete Visibility, Coverage And Flexibility Across The Entire Dynamic Attack Surface

5

Drivers for Cloud-Based Management

SIZE OF BUSINESS

NE

ED

FO

R C

LO

UD

MA

NA

GE

ME

NT

SMALL MID-SIZED ENTERPRISE LARGE ENTERPRISE

Limited Budgets

Automated Provisioning

BYOD

Shift from CAPEX to OPEX

Acceptance of “Everything as a Service”

Easier to Manage Remotely

Linear Cost Scalability

6

Challenges with Managing Security + Wireless Infrastructure

Costs

Operations

Security

• Control over applications, web

usage, devices and users

• Upfront investment required

for CPE-based solutions

• WiFi guest user access

and device configuration

• Provisioning devices

remotely and in bulk

• Ongoing expenses due to

recurring AP/user licensing

• Multiple management consoles

for individual WiFi access points

• Preventing unauthorized access

from rogue WiFi access points

• Consolidated visibility into

illicit or actionable activity

• Security & wireless

vendor interoperability

7

What’s FortiCloud Turnkey Provisioning

Cloud-based provisioning of FortiAP, FortiWiFi, and

FortiGate products includes FortiCloud registration functionality allowing devices to provision themselves

with little expertise needed.

Total Scalability

Cloud-based model grows with your business.

Easy Management

Single pane of glass management provides control,

visibility, and reporting at the same time.

8

Introducing FortiCloud

FortiCloud

New York(Branch Office)

Las Vegas(Branch Office)

s e c u r i t y p o l i c i e s

f i r m w a r e u p d a t e s

w i r e l e s s s e t t i n g s

z e r o t o u c h p r o v i s i o n i n g

San Jose(Headquarters)

H o s t e d F o r t i C l o u d M a n a g e me n t

Cloud-based Provisioning

10

FortiCloud: How It Works

Logging enabled by

default

(no user traffic – logs

only)

All devices managed

directly

AP networks can be

grouped

Challenge: Setting up a cost-effective, highly available

logging and management infrastructure for security and

wireless devices

FortiWiFis(Firew alls with Wireless)

FortiAPs can be grouped and

configured as logical units

and locations

Device settings can be managed

directly from the FortiCloud

hosted management console

FortiGates(Firew alls)

FortiCloud

FortiAPs(Access Points)

LO

GS

Application and security logs

are sent to FortiCloud

11

Introducing FortiDeploy: The Challenge

Firewalls/APs must be deployed at Branch Office but managed at HQ

Data Center

Field Technician does not have specialized training

Security admin must provision and install policies centrally

Branch

Office

Network

Field TechnicianBootstrap setup only

Branch EdgeFortiGate/

FortiWiFi

FortiAP

FortiCloud

FortiManager

HQ Data

Center

Network

Edge FirewallFortiGate

Security admin

12

Devices Call home to

FortiCloud

FortiCloudpushes the config to all

devices

Customer

Internal Order; FortiDeploy SKU

Introducing FortiDeploy: What is it?

One-touch deployment

Devices are plugged-in and they are automatically assigned an IP address (via DHCP)

Devices automatically ‘call home’ to FortiCloud

FortiCloud pushes basic config into FortiManager

Devices can be monitored & managed remotely

1

2

3

4

13

Provisioning with FortiCloud

Enterprise HQ

Branch Offices

(or Retail Stores)

FortiManager

FGT-111

FGT-222

FWF-333

FWF-444

IT admin logs into

FortiCloud, enters

bulk FortiCloud key and

configures FortiManager IP to

assign as devices come online

Deployed devices

“phone home” to

FortiCloud and are

assigned the specified

FortiManager IP

IT admin

FortiCloud

Now that devices are being

managed, IT admin can

push firewall policies and

configurations down to

FortiGates/FortiAPs directly

Challenge: Deploying security/wireless infrastructure

at remote locations (with limited on-site expertise) while

centrally managing configuration/reporting functions

14

Use Bulk FortiCloud Key in FortiCloud

Customer visits FortiCloud site, and

enters Bulk FortiCloud Key.

Customer sees a list of Serial numbers

from the order that had FDP SKU.

15

Use Bulk FortiCloud Key in FortiCloud

Deploy AP into a Cloud AP network

Deploy a FortiGate to be Cloud Managed

Can also push a FortiManager IP to each

FGT

16

Deploy a FortiGate

• You can select all devices

• Devices belonging to specific bulk keys

• Devices by Serial number

17

Deployed Time

FortiCloud Device Management

19

Hosted Management with FortiCloud

Minimize your capital investment: FortiCloud

hosted management takes the worry out of

deployment, log storage and on-site expertise

without compromising security or ease of use

Control your wired OR wireless network simply:

Single pane of glass management utilizing a SaaS model

makes it painless to manage devices of any type whether

they’re firewalls, access points or somewhere in between

Challenge: Upfront investments in

management solutions can be costly and

may only manage specific devices

20

Device Management

21

Managed Wireless with FortiCloud

Wireless at your fingertips: Quickly determine

wireless health, discover access point locations and

modify AP device settings with a hosted FortiCloud

cloud-based interface – all with no additional fees

Challenge: Cloud managed wireless

typically invokes a limited feature set for an

exorbitant subscription fee per device

22

23

24

25

Wireless PCI Compliance with FortiCloud

Challenge: All point of sale and credit card transactions

mandate strict security standards (especially using wireless),

but ensuring all of the infrastructure pieces deliver on this

objective can be trying

Out of the box PCI compliance: FortiCloud with

FortiAP provides rogue AP detection, WIDS and

scheduled reporting – all key tenets of PCI

26

FortiCloud Multi-Tenancy Support

Network Visibility and Cloud Sandboxing

28

Network Visibility with FortiCloud

Immediate network analysis: Utilizing a

dashboard interface, IT administrators can get an

instantaneous snapshot of the health and activity

of their overall network usage

Incident management made easy: Inspect

risks to your network with FortiView to assist

with threat prevention and oversight of

application usage

Challenge: Advanced analytics and risk

analysis are typically features out of reach

for smaller businesses and can be costly

add-ons for larger enterprises

29

FortiView – Traffic Analysis

30

Detailed Log Analysis

31

Threat Management Log

32

Detailed Threat Management Log

33

System Event Log

34

System Activity Update

35

Cloud-based Sandboxing with FortiCloud

Challenge: Detecting unknown malware and/or zero-day

attacks & preventing them from compromising your

network (ultimately culminating in data exfiltration)

FortiCloud

Enterprise HQIT admin

FortiGuard

Labs

FortiGate detects a suspicious

file with an unknown payload

Copy of file is sent to

FortiCloud for further

inspection and is executed in a

sandboxed environment

Branch Office

Firewall If further analysis is required,

file is sent to FortiGuard Labs

for deconstruction and

signature creation

Any new FortiGate protection

updates are now available to

FortiGuard subscribers

worldwide

IT administrator can view

FortiCloud management UI

at any time for an updated

determination status

36

Cloud-based File Analysis

37

Detail Forensic analysis

38

Notification/Alert configuration

FortiCloud Indicator Of Compromise

40

How It Works

FortiCloud Indicators of

Compromise automatically finds infected

devices within your network allowing you

to respond and recover quickly from

breaches

» FortiCloud IoC performs forensic analysis on your FortiCloud UTM network logs and activity,

the service can provide a comprehensive

overview of threats to the network.

41

42

43