fortinet ecosystem overview
TRANSCRIPT
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 1/68
© Copyright Fortinet Inc. All rights reserved.
Security for a New WorldPeter Smetny, Bill Park, Derek Holmes, Mike Bailey
May 5th, 2016
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 2/68
Agenda
Fortinet Overview
Fortinet EcoSystem Overview
Fortinet Advanced Threat Prevention
Fortinet SDN Framework
FortiGuard Threat Intelligence
Questions
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 3/68
Fortinet Facts
#1In Network Se
$1.17BCASH
FOUNDED
2000
OVE
2 MIDEVICE
40%GROWTH
EMPLOYEES3,900+
255,000+CUSTOMERS
MARKE
TECH257 PAT228 PE280+ 0-
D
100+OFFICESWORLDWIDE
SUNNYVALE, CA
HQ
IPO
2009
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 4/68
SECURITY HAS CHANGE
3.2 BILLIONINTERNETUSERS 1.3
BILLIONSMARTPHONESSHIPPEDWORLDWIDE
INCREASE IN CYBER THREATS
10,000xPUBLIC CLOUD MARKET IS E
$191B
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 5/68
TODAY’S STANDARD APPROACHES
NO LONGER WORK
TOO MUCH FOCUSON COMPLIANCE
Enterprises spend too much on checking
boxes down a list.
TOO RISK BASED
Taking a reactive approach only
addresses known threats, not the new
unknowns.
TOO MASOLUTIO
Too many differen
products do not co
another.
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 6/68
AdvancedSecurity
NetworkPerformance
Our customers can have both
SECURITY FOR A NEW WORLD ISSECURITY WITHOUT COMPROMISE
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 7/68
SEAMLESS
Consistent threat posture
end
-
to
-
end, across the
expanding attack surface
Security Without CompromiseSeamless Security Across the Entire Attack Surface
PO
Unriv
performan
the pow
INTELLIGENT
Threat intelligence and advanced threat
protection from the inside out for full
visibility and control
Secure Access
Network Security ApplicationSecurity
FortiGuard Threat Intelligence & Services
FortiGate
ClientSecurity
CloudSecurity
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 8/68
Global Intelligence & Control
FortiGuardLabs
FortiGuaSensor
FortiGuardServices
Global Threat Intelligence
Full Visibility
Single Pane of Glass
2M+
200+
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 9/68
Global Intelligence & Control
Global Threat Intelligence
Full Visibil ity
Single Pane of Glass
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 10/68
Global Threat Intelligence
Full Visibility
Single Pane of Glass
Global Intelligence & Control
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 11/68
Agenda
Fortinet Overview
Fortinet EcoSystem Overview
Fortinet Advanced Threat Prevention
Fortinet SDN Framework
FortiGuard Threat Intelligence
Questions
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 12/68
Broad Complementary Solution PortfolioFurther Simplify Your Network
FortiDBDatabaseProtection
FortiClientEndpoint Protection, VPN
FortiTokTwo Facto Authentica
FortiSandbox Advanced ThreatProtection
FortiClientEndpoint Protection
FortiGateNGFW
Forti Auth enti cator User Identity Management
FortiManager Centralized Management
Forti Analy zer Logging, Analysis,Reporting
Forti ADC ApplicationDeliveryController FortiWeb
Web ApplicationFirewall
FortiGateDCFW FortiGate
Internal NGFW
FortiDDoSDDoS Protection
FortiMailEmail Secu
FortiGateVMXSDN, VirtualFirewall
Forti APSecure AccessPoint
DATA CENTER
BRANCHOFFICE
CAMPUS
FortiGateCloud
FortiWiFiUTM
FortiGateTop-of-Rack
FortiCameraIP Video Security
FortiVoiceIP PBX Phone System
FortiGateNext GenIPS
FortiExtender LTE Extension
FortiSwitchSwitching
Product List
Fo rt iADC App li cat io n Del iver y Co ntr ol ler
Fo rt iAn al yzer Lo g An al ysi s
FortiAP Secure Wireless
For t iAuthent icator Authent icat ion
Fo rt iCamer a IP Vi deo Secu ri ty
FortiClient Endpoint S ecurity
Fo rt iCl oud Cl ou d Lo gg ing an d Pr ovi si on in g
FortiDB Database Security
FortiDDoS DDoS Protection
F or ti Ex tender Ce ll ul ar LTE E xt ensi on
FortiGate Core Firewall Platform
FortiMail Email Security
F or ti Manage r Cent ra li zed M anagem en t
F or ti Sandbox A dv anced T hr ea t P ro tect ion
Fo rt iSw itch Access & Dat a Swi tch in g
FortiToken 2FA Token
FortiVoice IP PBX Phone Systems
FortiWeb Web Application Firewall
FortiWiFi UTM with Wireless Access
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 13/68
Solution-Based Ecosystem
Appl ication & Access Secur ity
Data Center SECURITY ATP FRAMEWORK
CLOUD SECURITYSECURE ACCESS ARCHITECTURE
EnterpriseFirewall
CONNECTED UTM
ENTERPRISENextGen FIREWALL
Secur ity Rese
App
I
WFilt
MobileSecurity
Anti-Botnet
Reputation
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 14/68
ENTERPRISE FIREWALL
SDN
VF
IPS
SWG
5.4
FortiOSFortiGuardFortiASIC
FortiAuthenticator
FortiManager
FortiAnalyzer FortiGate
Rugged
Cloud
Virtual
Physical
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 15/68
CONNECTED UTM (Branch)
FortiCloudFortiManager
5.4
FortiOSFortiGuardFortiASIC
FortiPrivateCloud
FortiMail
Cloud
Physical
FortiWiFi
FortiGate
FortiClientFortiAP
FortiWAN
FortiSwitch
FortiExtender
FortiVoice
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 16/68
FORTIGATE UTM, HIGH-END DATA CENTER FIREWALLS AND NEXT-GENERATION SECURITY APPLIANCES
FortiGate1000-2000 SERIES
Data Center Firewall andNext-Generation Security
• Ultra-high 1/10 GE port density enablesbroad connectivity and visibility closer toassets.
• Multi-gigabit throughput (up to 80 Gbps)inspects traffic while keeping up withhigher internal network speeds.
HighFire
• High-speed 4future-proofinnetwork fabric
• Up to Terabit tinspects traffichigher interna
• ASIC-based Optimal Path Processing (OPP) ensures high-security and high-performance• FortiOS 5.4 provides feature rich Networking, Security and Management functions• IPv6 hardware acceleration provides IPv4-to-IPv6 performance parity.• Extensible management platform enables automation and orchestration with cloud management and
• Features also include compact, power-efficient appliance form factors.• Ensures continuous protection from the latest threats with dynamic updates from FortiGua
• Simplifies config and troubleshooting via single-pane-of-glass management.
FortiGate
50-900 SERIESUNIFIED THREATMANAGEMENT
• Multiple form-factors and port optionsincluding wifi, PoE & rugged for variedoptions.
• Manages wireless APs, switches & 4GLTE wireless WAN extenders directly.
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 17/68
SECURITY MANAGEMENT
FortiManager CENTRALIZED DEVICE
MANAGEMENT
• Combines analytics, reporting andlogging functions.
• Supports a high number ofmanaged devices (up to 10,000).
• Optimizes policy pushes for largeenterprises/MSPs.
• Multiple concurrency and lockingoptions.
• Manages the security policyapprovals process with WorkflowMode.
• Full API support for orchestrationintegration, as well as scripting
support using CLI or TCL.
FortiAnalyzer CENTRALIZED LOGGING
AND REPORTING
• Delivers high-performance logrates for large enterprises/MSSPs.
• Provides interoperability with third-party devices using Syslog.
• Enables forensics for post-breachdiscovery and future risk
prevention.
• Offers more application, user andWeb insights with new reporttemplates.
• Provides Forensics with centralFortiviews.
• Fully customizeable using SQL
queries, charts and macros
HYPEENTER
• Ability to cFortiManamass scale
• Immediateproblematimanageme
• Holistic viepolicy packresiding on
• Enables minstantanedevices/domanageme
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 18/68
FIREWALL CONVERSION
FortiConverter CONFIGURATION AND
MIGRATION TOOL
• Provides a single tool for multipleinstallations allowing for cross vendorinstallation conversion.
• Supports automated configurationconversion.
• Significantly reduces the possibility ofhuman error in the conversion process.
• Identifies and eliminates errors in existingconfigurations.
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 19/68
DATA CENTER SECURITY
V i r t u al
P h y s i c a l
FortiGuard (IP Rep, WAF, AV)
FortiADC
V i r t u al
P h y s i c a l
FortiWeb
V i r t u al
P h y s i c a l
FortiMail
FortiDB
P h y s i c a l
FortiDDoS
P h y s i c a l
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 20/68
APPLICATION SECURITY AND DELIVERY PRODUCTS
FortiWebWEB APPLICATION
FIREWALLS
• Protect custom and commercialapplications with automatic usageprofiling and anomaly scanning.
• Meet PCI Compliance (5.5 and6.6) with behavior-based attackdetection and mitigation.
• Identify Web application security
weaknesses with vulnerabilityscanning.
• Publish websites with Single SignOn/Authentication.
FortiADC APPLICATION DELIVERY
CONTROLLERS
• Scale applications with ServerLoad Balancing.
• Improve secure application/serverperformance with SSL Offloading / Acceleration.
• Reduce bandwidth needs withHTTP Compression.
• Provide disaster recovery thatspans multiple data centers withincluded Global Server LoadBalancing.
MIT
• Detect DD100% ASICdetection a
• Protect agawith 100% detection.
• Get compl
with 100%
• Delivers thdetection r Attack Ree
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 21/68
FortiWeb – Web Application Firewall
Protects web-based applications fromcode-based attacks
» SQL Injection or other injection types
» Cross Site Scripting and Request Forgery» Layer 7 DoS/DDoS attacks
» Cookie poisoning
Protects against applicationvulnerabilities in custom codeand commercial platforms
Understands/learns “normal”behaviors and stops anomalies
» URL parameters, HTTP methods,session IDs, cookies, etc.
Dynamic and adaptive to adjustto new threats
FortiASIC= High performance and low
TCO compared to competition
Can’t a Firewall or IPS do this? Firewalls look for network-based attacks
IPS Signatures detect only known proble
Firewall has no understand of applicatio
FortiWeb has rich feature-set for web-re Vulnerability Scanner (with 3rd party support)
Robust Load-Balancing
Authentication, Site Publishing, SSO
Out-of-Box profiles for common apps – Sharepoint,
FortiWeb WA
Web ApplicationServers
SQL Injectio n, XSS, Defac
INTERNET
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 22/68
FortiWeb – Web Application Firewalls
5 models from 25 Mbps to 20 Gbps HTTP throughput
4 Virtual Models for virtual and cloud deployments (AWS, Azure)
Up to 8x GE and models with 4x 10GE SFP+ ports
Included vulnerability scanning and antivirus
Hardware and VM options
FortiGate and FortiSandbox Integration
Automatic beha
Auto setup/lear
Layer 7 DDoS
FortiGuard anti
signatures Transparent, re
deployment op
Central Manag
REST API
Virtual Patching
Advanced Fals
Advanced real-
SSL offloading
SSO/Authentic
Layer 7 load ba
User Threat Sc
Fastest Web Application Firewall in the Indu
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 23/68
FortiWeb Protection at all Layers
ATTACKS/THREATS
APPLICATION
IP REPUTATIONBOTNETS, MALICIOUS HOSTS,
ANONYMOUS PROXIES, DDOS SOURCES
DDOS PROTECTION APPLICATION LEVEL
DDOS ATTACKS
PROTOCOL VALIDATIONIMPROPERHTTP RFC
ATTACK SIGNATURESKNOWN APPLICATION
ATTACK TYPES
ANTIVIRUS/DLPVIRUSES, MALWARE,
LOSS OF DATA
BEHAVIORAL VALIDATIONUNKNOWN APPLICATION
ATTACKS
ADVANCED PROTECTIONSCANNERS, CRAWLERS,
SCRAPERS
INTEGRATIONFORTIGATE AND FORTISANDBOX
APT DETECTION
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 24/68
FortiWeb Recommended by NSS Labs
Test Categories» Security: URL Parameter manipulation, form/hidden field
manipulation, cookie/session poisoning, cross-site scripting,directory traversal, SQL injection and padding Oracle attacks
» Evasions: packet fragmentation reassembly, streamsegmentation, URL obfuscation
» Performance: stability, reliability andconnections per second
Fortinet FortiWeb-1000D earned a Recommendedrating
Strong performance with 99.85% block rate and15,865 connections/second
Passed all tests for evasion techniques and forstability and reliability
0.366% false positive detection rate
SVM Published on Se
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 25/68
FortiAnalyzer FortiManager
FortiCore FortiGate VMX
FortiGate
DATA CENTER SECURITY
VMX
VirtualPhysical VirtualPhysical
VirtualPhysical
5.4
FortiOSFortiGuardFortiASIC
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 26/68
FortiAnalyzer FortiManager
FortiSandbox FortiWeb
FortiGate
VirtualCloud VirtualCloud
VirtualCloud
5.4
FortiOSFortiGuard
CLOUD SECURITY
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 27/68
FortiGuard FortiOS
FortiClient FortiManager
FortiWeb FortiAnalyzer
FortiMail FortiMonitor
FortiGateFortiSandbox
ADVANCED THREATPROTECTION FRAMEWORK
5.4
CloudVirtualPhysical
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 28/68
A Picture of the ATP Framework in Action
Internet
Known threats on web/messaging trafficblocked on the NGFW, WAF and SEG.
Unkown URLs and Filessubmission to FortiSandbox
FortiSandbox AV DB updatesuspicious de
EPinfeFor
FortiSandbox
FortiGateNGFW
FortiWeb
FortiMail
FortiClient
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 29/68
ATP Integration
FortiGate FortiSandbox Int
Status Reporting, Signatures, U
DetailedStatus Report
Analysis reportFortiView FortiSandbox viewer
By Source (with Threat Scoring) , by File
Signatures,URL lists
Status Summary on dashboard
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 30/68
ICSA Labs Advanced Threat Defense – Report-at-a-GlanceFortinet, Inc.
ATD-FORTINET-2016-0330-01
Executive Summar y
• Ran by ICSA Labs for 33 days, with close to 600 runs.• Periodic launch of innocuous apps and constant valid
of logs and alerts• Fortinet ATP framework obtained great results.
Test Length 33 days
597
Malicious Samples
% Detected
279
99.6%
Innocuous Apps
% False Positives
318
1.6%Test Runs
Fig.2 – Detected278of 279 New & Little-Known Malicious SamplesFig. 3 – Few Aler
ICSA Labs AdvancedThreat Defense
Certified
Test Period:
Certified Since:
Q1 2016
12/ 2015
Advanced ThreatProtection Framework
Fig1 – High Detection Effectiveness & Few False Positives
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 31/68
Main Offices
Sample Stand Alone FireEye Sandboxing- Conceptual Level30 Dedicated Sandbox Appliances, $5.7m
Datacenters
FireEye(NX2400)
FireEye(AX5400)
Branch Offices
Satellite Offices
FireEye(NX900)
FireEye
(NX4400)
FireEye(CM9400)
FireEye(NX10000)
FireEye(CM9400)
FireEye(EX8400)
FireEye(AX5400)
FireEye(FX8400)
En? 30
Sandboxing - Integrated vs. Standalone
Mobile UsersInternet
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 32/68
Main Offices
Advanced
Threat Protection(ATP)
Sample Integrated Fortinet NGFW + ATP Full Coverage Detail44 NGFWs, $3.2m + 12 Sandboxes, $1.5M
Mobile Users
Datacenters
NGFW & ATP (Opt .)
Aut henti cati on,Management &
Reporting
NGFW & ATP (op t.)
Branch Offices
Remote AccessFirewalls
Partner AccessFirewalls
Perimeter
Firewalls
Core Firewalls
Satellite Offices
Next Generation
Firewall(NGFW)
Sandboxing - Integrated vs. Standalone
Secure MailGateways
Web Appl icat ionFirewalls
Internet
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 33/68
Fort iPresence Fort iAuthent icator
FortiManager FortiWLM
FortiClient FortiWiFi
FortiWLC
FortiAP
FortiGate Controller
FortiSwitch (POE)
SECURE ACCESS ARCHITECTURE
N
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 34/68
InfrastructureInfrastructure WLAN solution to provide scale and flexibility
Why Infrastructure? Mobile: Fit for highly mobile and scalable deployments where low latency and Channel Flexibility: Channel planning flexibility to shorten site survey and dep Stand-alone: Able to separate access infrastructure purchase decision from se
Security
Mobilit y / Roaming / Scale• Supports highly mobile environments• Lowest latencies for video and voice
traffic
• “Network in control” optimizes access
Channel Planning Flexibility• Reduce site survey planning• Reduce deployment times
Stand-alon• Security • Ability to
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 35/68
IntegratedIntegrated WLAN solution to provide security and wireless control in one box
Why Integrated? Integrated: Industry’s most integrated secure access offering Unified Management: Single pane of glass to manage both security and acces Scalable: Scalable to support enterprises of all different sizes
Branch Office
Central Location
FortiCloud
Remote
Fully Security Integrated• Full integration of FortiGuard and FortiOS
threat intelligences and securty• Includes Wireless Security: WIDS, Rogues
Single Pane Management/Report ing• Integrates into FMG & FAZ• Can be managed directly for FGT• Leverage central authentication &
identity management
Sizing Sca• From 5 A• Managem
Security AccessControl
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 36/68
Integrated Wireless Deployment Diagram
FortiGateNGFW/UTM
Security
FortiSwitchPOE
AccessPoints
AccessPoints
WLANController
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 37/68
CloudCloud WLAN solution to provide simplified management
Why Cloud? Secure: Industry’s only UTM + AP solution Cloud: Roll out remote sites in minutes - not hours and days Controller-less: Wi-Fi without the complexity of on premise controllers
CloudManagement
Fortinet UTM Built -In Contr
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 38/68
Agenda
Fortinet Overview
Fortinet EcoSystem Overview
Fortinet Central Management
Fortinet SDN Framework
FortiGuard Threat Intelligence
Questions
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 39/68
Single Pane-of-Glass Management
Consistent Policies and Posture Across the Hybrid Cloud
Public Cloud Physical Networks Virtualization
Centralized Management and Polic y
VM VM VM
VMware
VM
Management & Policy Logging & Analysis SaaS-Based Portal
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 40/68
Fortinet Security Management Lineup
FortiMoMHyperscale security management(manager of managers) for FMG/FAZ
Fortinet Developer NetworkSubscription-based web portal fordevelopers using management APIs
FortiCloudSubscription-based provisioning,
management & analytics in the cloud
FortiPrivateCloudCloud-based security management thatMSSPs can whitelabel for their clientele
FortiDeployCloud-based device provisioning and
bootstrapping from the cloud
FortiMonitor Unified risk management , big datalogging and event correlation
C o r e M a n a g e m e n t
P r o d u c t s FortiAnalyzer
Aggregated logging, event management,reporting and analytics
FortiManager Centralized management of security
policies, firmware and content updates
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 41/68
FortiManager Enterprise central management
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 42/68
FortiManager Enterprise central management
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 43/68
Key Features of FortiManager
Centralized management / Configuration revision contro
Firmware management / local FortiGuard service provis
Administrative domains & Global Policies
Scripting & APIs for integration with external tools
Logging and reporting / Alert management
F tiM F t
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 44/68
FortiManager Features
Traditional“FortiManager”
Functions
Tr“For
F
No
F tiM D i M
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 45/68
FortiManager Device Manager
Total Devices
DeviceConnections Device Config
Changes
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 46/68
FortiAnalyzer is an integrated network
logging, analysis, alerting and reporting platform
FortiAnalyzer Overview
FortiClient
FortiGate
FortiCarrier
FortiMail
FortiWeb
FortiCache
FortiSandbox
Syslog
K F t f F tiA l
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 47/68
Key Features of FortiAnalyzer
Device Logs Aggregation and Management
Security Log Analysis / Forensics
Breach Detection & Network Analysis Content Archiving / Quarantine
Alerts Management
Admin Partitions (ADOMS)
Graphical Reporting
F tiA l D ill D D hb d
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 48/68
FortiAnalyzer – Drill-Down Dashboards
Drillable Views• Threat Map
• Top Countries
• Policy Hits
• Top Browsing Users
• Author ized APs
• Author ized SSIDs
• WiFi Clients
• Storage Statistics
• Failed Auth Attempts
• Al l Endpoints
•Etc.
F tiA l D ill D A l ti
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 49/68
FortiAnalyzer – Drill-Down Analytics
FortiAnalyzer Event Management
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 50/68
FortiAnalyzer – Event Management
FortiAnalyzer Threat Detection Service
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 51/68
FortiAnalyzer – Threat Detection Service
FortiAnalyzer historically has reliedon the ratings and static/point-in-time FortiGuard analytics from theFortiGate devices to generateFortiView and Reports .
Breach detection brings freshcorrelation and IOC (indicator ofcompromise) data daily to theFortiAnalyzer itself, and allows it to
re-analyze webfilter logs and real-time events applying today’s newFortiGuard intelligence tounderstand yesterday’s events.
FortiAnalyzer Threat Detection Service
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 52/68
FortiAnalyzer – Threat Detection ServiceReal-Time and Retroactive Log Correlation
New Menu Item “ Breach Detection” in FortiView Threats Section!
FortiAnalyzer Threat Detection Service
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 53/68
What is FortiAnalyzer Breach Detection?
• Threat Analytics/Intelligence from Fortiguard Labs Threat Detection Service• FortiGate detects and logs threats using FortiGuard services as usual (point-in-t• FortiAnalyzer will do further analytics and correlation against WebFilter logs us
Detection data and present the info in FortiView for up to 7 days prior.• Breach Detection Comprehensive Reports may be generated for earlier time pe
FortiAnalyzer – Threat Detection ServiceReal-Time and Retroactive Log Correlation
Scalable Architecture Options
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 54/68
Scalable Architecture Options
Analyt ics Logs(SQL Insertion)
Archived Logs(Compressed 8:1)
F o r t i G
a t e s , e t c .
FortiAnalyzer (Analyzer Mode)
D A T A &
C O M P L I A N C E
P O L I C Y
90 DAYS 365 DAYS
FortiAnalyzers
(Collector Mode)
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 55/68
Scaling beyond single FortiManager: FortiMoM
What is it?
A Manager of Managers (MoM)
Horizontally scalable architecture
Hierarchical add-on to existing Fortinet Products
Multi “Forti-” product management console
FortiManager FortiDDoSFortiAnalyzer
FortiMoM
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 56/68
FortiMoM Features
Manager of Managers
Central policy editor and objects DB
Domain (ADOMS) Manager – ADOM Grouping, Clone, Migrate
Manages multiple products
FMGR FAZ FDOS
FortiManager 1 FortiManager 2 FortiAnalyzer 1
Agenda
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 57/68
Agenda
Fortinet Overview
Fortinet EcoSystem Overview
Fortinet Advanced Threat Prevention
Fortinet SDN Framework
FortiGuard Threat Intelligence
Questions
Fortinet Solutions for Software Defined Network Se
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 58/68
FortiCloud FortiPrivateCloud
Utility Pricing AWS & AzureMarketplace Integration
VNF Support NFV MANOIntegration
Service Delivery Extensions
SDNS Framework
FortiGate VM FortiGate Cloud VDOM
FortiGate VMX (NSX) Cisco ACI Connector OpenStack Connector FortiCore
FortiManager FortiAnalyzer Splunk Connector
Data Plane Control Plane Mgmt Plane
Fortinet Solutions for Software-Defined Network Se
P l a t f o r m E x t e n s i b i l i t y
Virtual Appliances/
Services
PlatformOrchestration& Automation
SinglePane-of-GlassManagement
ClouEcos
XML
JSON
Other Interfaces
Logging/Event
SCon
PrograSw
C
Mana
CentPo
Ana
OrchePlat
Mgmt API’s
CLI/Scripting
Data Plane Control Plane Management
PlaneSaaS
Multi-TenancyOn-DemandSelf-Service
NetworkFunction
Virtualization
Service Delivery Extensions
Software Defined Network Security Partner Ecosys
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 59/68
Software-Defined Network Security Partner Ecosys
ORCHESTRATION PLATFORMS
PROGRAMMABLE SWITCHING
CENTRALIZED POLICY & ANALY
P l a t f o r m E x t e n s i b i l i t y
S o f t w a r e - D
e f i n e d S e c u r i t y F r a m e w
o r k
SDN / NETWORK VIRTUALIZATION CONTROLLERS
API’s
Platform Orchestration & Automation
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 60/68
Platform Orchestration & Automation
Auto-ScalingFirewall & Rule
Provisioning
SDN FlowVisibility (dynamic
flow control,overlay/
underlay traffic)
Dynamic Policies(follow logical port,
IP, MAC)
Benefits
VM VM VM
VMware
Control Plane
Fortinet Service VM
Control Plane Orchestration
Network Visibility
Elastic provisi oning
Distributed
Object-based policy
Agility Through Control Plane Integration
FortiGate-VMX Solution Interaction / Workflow
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 61/68
FortiGate-VMX Solution Interaction / Workflow
VMware Kernel VMware Kernel
vDistributed Switch
1. Register Fortinet as security service with NSX Manager
2 .
A u t o - d e p l o y
F o r t i G a t e - V M X t o
a l l h o s t s i n s e c u r i t y c l u s t e r
3 .
F o r
t i G a t e - V M X c o n n e c t s w i t h
F o r t i G
a t e - V M X S e r v i c e M a n a g e r
4. License verification and configurationsynchronization with FortiGate-VMX
5 .
R e d i r e c t i o n p o l i c y r u l e s u p d a t e d f o r
e n a b l e m e n t o f F o r t i G a t e - V M X s e c u r i t y
s e r v i c e
6. Real-time updates of object database
FortiGate-VMXManage
FGT-VMX and VMWARE NSX Filter Driver Interac
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 62/68
VMware KerneldvSwitch
FGT-VMX and VMWARE NSX Filter Driver Interac
1 Define NGFW Firewall Poli cies
2FGT-VMX
NetX NSX Filter Driver int
ext
Packet F1. From VM to NSX Filt2. NSX Filter Driver For
party Solution (FGT-3. FGT-VMX applies Sepacket back to NSX
4. NSX Filter Driver canchaining or send pac
FortiGate-VMService Man
Leverages TSO for High Throughput
Integrated FortiGate Solution for Cisco ACI
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 63/68
Integrated FortiGate Solution for Cisco ACI
Spine nodes
Leaf nodes
APIC
VM VM VM
E x t e r n a l
I n t e r n a l
N E T - a
N E T - b
Cisco ACI
Nexus 9000 Leaf/Spine Switches
APIC Controller
Fortinet SDN S
FortiGate Physical or V
Appliances FortiGate Connector fo
Integrated FortiGate Solution for Cisco ACI
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 64/68
Integrated FortiGate Solution for Cisco ACI
Cisco ACI Integration Details
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 65/68
Cisco ACI Integration Details
ACI enables third-party L4-L7 service insertion
» “Application Centric Infrastructure” - Endpoint/Workload-centric policy
FortiGate Connector for Cisco ACI enables Fortinet orchestration in APIC cons
» FortiGate device package contains XML metadata describing Fortinet’s device andsecurity services
» Admininstrator assigns Fortinet security policies to traffic (“Contracts”) betweenapplications (Endpoint Groups)
Use Cases
» Auto-provisioning workload security
» Micro-segmentation
» Secure multi-tenancy» Tenant function segmentation
FortiCore SDN Security Platform
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 66/68
FortiCore – SDN Security Platform
Hype
Scaling NSFs to meet architecture
• Transparent link transection
• Leaf-Spine
Pipeline Security• FortiGuard security intelligence
• Augments partner/open SDN/NFVarchitectures
High Flow-Capacitance for SecurityEnabled SDN
• >1 Tbps switch fabric
• ~200K Flows – REGX (Single-Table)
• ~2M Flows – EXACT MATCH (Multi-Table)
• vs Trident 2+ = 32K flows
Agenda
7/25/2019 Fortinet Ecosystem Overview
http://slidepdf.com/reader/full/fortinet-ecosystem-overview 67/68
Agenda
Fortinet Overview
Fortinet EcoSystem Overview
Fortinet Advanced Threat Prevention
Fortinet SDN Framework
Questions