forticloud overview
TRANSCRIPT
© Copyright Fortinet Inc. All rights reserved.
FortiCloud OverviewHosted Wireless & Cloud-based Provisioning, Management & Analytics
5/3/2016
Emeka Mgbeahuru – Inside System Engineer
Agenda
Fortinet Fabric Teaser
FortiCloud Overview
Cloud-based Provisioning – FortiDeploy
Cloud-based Management
Network Visibility and Cloud Sandboxing
FortiCloud Indicator Of Compromise
3
Advanced Threat
Intelligence
Client Cloud
Partner API
NOC/SOC
Network
ApplicationAccess
Broad
Powerful
Automated
4
CoverageVisibility
Application Security
Cloud Security
Client/IoT Security
Access Security
Network Security
BROAD – The Fabric Gives Customers Complete Visibility, Coverage And Flexibility Across The Entire Dynamic Attack Surface
5
Drivers for Cloud-Based Management
SIZE OF BUSINESS
NE
ED
FO
R C
LO
UD
MA
NA
GE
ME
NT
SMALL MID-SIZED ENTERPRISE LARGE ENTERPRISE
Limited Budgets
Automated Provisioning
BYOD
Shift from CAPEX to OPEX
Acceptance of “Everything as a Service”
Easier to Manage Remotely
Linear Cost Scalability
6
Challenges with Managing Security + Wireless Infrastructure
Costs
Operations
Security
• Control over applications, web
usage, devices and users
• Upfront investment required
for CPE-based solutions
• WiFi guest user access
and device configuration
• Provisioning devices
remotely and in bulk
• Ongoing expenses due to
recurring AP/user licensing
• Multiple management consoles
for individual WiFi access points
• Preventing unauthorized access
from rogue WiFi access points
• Consolidated visibility into
illicit or actionable activity
• Security & wireless
vendor interoperability
7
What’s FortiCloud Turnkey Provisioning
Cloud-based provisioning of FortiAP, FortiWiFi, and
FortiGate products includes FortiCloud registration functionality allowing devices to provision themselves
with little expertise needed.
Total Scalability
Cloud-based model grows with your business.
Easy Management
Single pane of glass management provides control,
visibility, and reporting at the same time.
8
Introducing FortiCloud
FortiCloud
New York(Branch Office)
Las Vegas(Branch Office)
s e c u r i t y p o l i c i e s
f i r m w a r e u p d a t e s
w i r e l e s s s e t t i n g s
z e r o t o u c h p r o v i s i o n i n g
San Jose(Headquarters)
H o s t e d F o r t i C l o u d M a n a g e me n t
Cloud-based Provisioning
10
FortiCloud: How It Works
Logging enabled by
default
(no user traffic – logs
only)
All devices managed
directly
AP networks can be
grouped
Challenge: Setting up a cost-effective, highly available
logging and management infrastructure for security and
wireless devices
FortiWiFis(Firew alls with Wireless)
FortiAPs can be grouped and
configured as logical units
and locations
Device settings can be managed
directly from the FortiCloud
hosted management console
FortiGates(Firew alls)
FortiCloud
FortiAPs(Access Points)
LO
GS
Application and security logs
are sent to FortiCloud
11
Introducing FortiDeploy: The Challenge
Firewalls/APs must be deployed at Branch Office but managed at HQ
Data Center
Field Technician does not have specialized training
Security admin must provision and install policies centrally
Branch
Office
Network
Field TechnicianBootstrap setup only
Branch EdgeFortiGate/
FortiWiFi
FortiAP
FortiCloud
FortiManager
HQ Data
Center
Network
Edge FirewallFortiGate
Security admin
12
Devices Call home to
FortiCloud
FortiCloudpushes the config to all
devices
Customer
Internal Order; FortiDeploy SKU
Introducing FortiDeploy: What is it?
One-touch deployment
Devices are plugged-in and they are automatically assigned an IP address (via DHCP)
Devices automatically ‘call home’ to FortiCloud
FortiCloud pushes basic config into FortiManager
Devices can be monitored & managed remotely
1
2
3
4
13
Provisioning with FortiCloud
Enterprise HQ
Branch Offices
(or Retail Stores)
FortiManager
FGT-111
FGT-222
FWF-333
FWF-444
IT admin logs into
FortiCloud, enters
bulk FortiCloud key and
configures FortiManager IP to
assign as devices come online
Deployed devices
“phone home” to
FortiCloud and are
assigned the specified
FortiManager IP
IT admin
FortiCloud
Now that devices are being
managed, IT admin can
push firewall policies and
configurations down to
FortiGates/FortiAPs directly
Challenge: Deploying security/wireless infrastructure
at remote locations (with limited on-site expertise) while
centrally managing configuration/reporting functions
14
Use Bulk FortiCloud Key in FortiCloud
Customer visits FortiCloud site, and
enters Bulk FortiCloud Key.
Customer sees a list of Serial numbers
from the order that had FDP SKU.
15
Use Bulk FortiCloud Key in FortiCloud
Deploy AP into a Cloud AP network
Deploy a FortiGate to be Cloud Managed
Can also push a FortiManager IP to each
FGT
16
Deploy a FortiGate
• You can select all devices
• Devices belonging to specific bulk keys
• Devices by Serial number
17
Deployed Time
FortiCloud Device Management
19
Hosted Management with FortiCloud
Minimize your capital investment: FortiCloud
hosted management takes the worry out of
deployment, log storage and on-site expertise
without compromising security or ease of use
Control your wired OR wireless network simply:
Single pane of glass management utilizing a SaaS model
makes it painless to manage devices of any type whether
they’re firewalls, access points or somewhere in between
Challenge: Upfront investments in
management solutions can be costly and
may only manage specific devices
20
Device Management
21
Managed Wireless with FortiCloud
Wireless at your fingertips: Quickly determine
wireless health, discover access point locations and
modify AP device settings with a hosted FortiCloud
cloud-based interface – all with no additional fees
Challenge: Cloud managed wireless
typically invokes a limited feature set for an
exorbitant subscription fee per device
22
23
24
25
Wireless PCI Compliance with FortiCloud
Challenge: All point of sale and credit card transactions
mandate strict security standards (especially using wireless),
but ensuring all of the infrastructure pieces deliver on this
objective can be trying
Out of the box PCI compliance: FortiCloud with
FortiAP provides rogue AP detection, WIDS and
scheduled reporting – all key tenets of PCI
26
FortiCloud Multi-Tenancy Support
Network Visibility and Cloud Sandboxing
28
Network Visibility with FortiCloud
Immediate network analysis: Utilizing a
dashboard interface, IT administrators can get an
instantaneous snapshot of the health and activity
of their overall network usage
Incident management made easy: Inspect
risks to your network with FortiView to assist
with threat prevention and oversight of
application usage
Challenge: Advanced analytics and risk
analysis are typically features out of reach
for smaller businesses and can be costly
add-ons for larger enterprises
29
FortiView – Traffic Analysis
30
Detailed Log Analysis
31
Threat Management Log
32
Detailed Threat Management Log
33
System Event Log
34
System Activity Update
35
Cloud-based Sandboxing with FortiCloud
Challenge: Detecting unknown malware and/or zero-day
attacks & preventing them from compromising your
network (ultimately culminating in data exfiltration)
FortiCloud
Enterprise HQIT admin
FortiGuard
Labs
FortiGate detects a suspicious
file with an unknown payload
Copy of file is sent to
FortiCloud for further
inspection and is executed in a
sandboxed environment
Branch Office
Firewall If further analysis is required,
file is sent to FortiGuard Labs
for deconstruction and
signature creation
Any new FortiGate protection
updates are now available to
FortiGuard subscribers
worldwide
IT administrator can view
FortiCloud management UI
at any time for an updated
determination status
36
Cloud-based File Analysis
37
Detail Forensic analysis
38
Notification/Alert configuration
FortiCloud Indicator Of Compromise
40
How It Works
FortiCloud Indicators of
Compromise automatically finds infected
devices within your network allowing you
to respond and recover quickly from
breaches
» FortiCloud IoC performs forensic analysis on your FortiCloud UTM network logs and activity,
the service can provide a comprehensive
overview of threats to the network.
41
42
43