take control of end user security

1 CONFIDENTIAL – INTERNAL ONLY

603.766.5924www.daystarinc.com

TAKE CONTROL OF END USER SECURITY!How to minimize the risks end users inflict on your network.

Presented by:

Keith BamfordCEO, Daystar, Inc.

James CabeSystems Engineer II,Advanced Technology



Serving ME, NH, & MA since 2000

Long-term, partnership approach

Hardware and service offerings:• Procurement• Project-based IT services• Outsourced/Augmented IT

support Onsite Remote

DAYSTAR: Your Technology Partner



DAYSTAR provides Consultation

Infrastructure Design

Network Implementation & Administration

Network Maintenance

Security

Cloud Integration

Network Monitoring

Data Backup

E-mail Solutions

Hosting

Mobile Integration

Hardware Procurement

Application Development



End user threats to your network security

Mobile device access / BYOD

Spyware / Malware

Bandwidth and data access

Unauthorized access

Unauthorized downloads



More control…simplified. Powerful security coupled with enhanced

user access

Increase awareness / knowledge

Micro-control access and users

Manageable, easy, simplified

The solution? security solutions

featuring FortiOS 5.

6 CONFIDENTIAL – INTERNAL ONLY 6 Fortinet ConfidentialApril 10, 2023

Fortinet for the future:More Security, More Control, More Intelligence


Fortinet Corporate Overview

• Founded in 2000

• Global presence with 30+ offices worldwide & 1,900+ employees– 5,000+ channel partners– 100,000+ customers

– Majority of the Fortune Global 100

• IPO Nov 2009 • NASDAQ: FTNT

• 2011 revenue of $423 Million – 34% YoY growth

• World class management team

7

2004 2006 2008 2010

$13$39

$80$123

$155

$212$252

$325

Fortinet Revenue ($MM)

58.4

% C

AGR


Clear, Continuous Focus Since 2000

• Proven Leadership»Technology consolidation» Industry-leading performance»Simplified security

• Vision That Drives Us Today»Anticipate & innovate»Push the performance envelope»Make the competition follow our lead

8


• Real-time, integrated security intelligence• ASIC-accelerated performance• Lower total cost of ownership• Easy to deploy / manage / use

9

• Stand-alone, non-integrated security • Mix of off the shelf systems and applications• Higher total cost of ownership• Difficult to deploy / manage / use

The Fortinet SolutionTraditional Network Security Solutions

We Pioneered a New Approach


Fortinet’s Growth Strategy

UTM

Firewall / VPN

IDP

VPN

2010 2014

FortiGate

UTM

Firewall / VPN

IDP

APPLICATION CONTROL

VPN

DLPWAN ACCELERATION

WiFi

$7.5 Billion

$9.5 BillionGROWTH STRATEGY

1. Extend UTM leadership with new technology

2. Continue our security focus in the broader network security market


Consolidated Security

11

Fortinet Delivers Complete Protection

Antispam/Antivirus

Data Loss Prevention

SSL Inspection

WAN Optimization

/ Traffic Shaping

Endpoint Protection/

NAC

Firewall

VPN

IPS

Web Filtering

Application Control

Real-Time Threat

Updates

Wireless Controller/Wireless LAN

IPv6, Dynamic Routing

SSL Inspection

VoIP

Virtual Appliance/

Virtual Domains

Vulnerability Mgmt

The Evolution of the Firewall


Market Leadership Across the Board

Worldwide UTM Market ShareQ4 2010 (1)

UTM Market Competitive Landscape, 2009(3)

Low Market Penetration High

Niche ParticipantSpecialist

Contender

Challenger

Market Leader

Low

High

Abilityto

Deliver

12

(1) IDC Worldwide Security Appliances Tracker, March 2011 (market share based on factory revenue)(2) Gartner, Inc., “Magic Quadrant for Unified Threat Management”, October 2010(3) Frost & Sullivan, “World Unified Threat Management, Products Market 2009”, 2010

Notes

Magic Quadrant for Unified Threat Management (2)

Rank Company Market Share (%)

1 16.2

2 Check Point 11.8

3 Juniper 8.4

4 Cisco 6.6

5 SonicWALL 7.8

6 McAfee 6.3

7 WatchGuard 5.2

8 Crossbeam 2.6

9 Other 35.1

Total 100.0

http://www.gartner.com/silentlocalechooser.jsp?locale=wcw


Results of Singular Focus

• Delivering Effective, Consolidated Security»Best in class protection in a single device»Complete content protection

• Leading the Market»Performance»Depth of services

• Ensuring Flexibility» Integrated technologies»Simple pricing model

• Protecting All Segments»From carrier to SOHO

13


Do More with Less

• Increase access to data and systems• Decrease risk of unauthorized access• Increase effectiveness of existing resources and investments• Reduce complexity of security infrastructure• Lower operating and capital costs

14


Network TrendsWired Connectivity Moving Beyond 10G

Ubiquitous Wireless Connectivity

Mobile Devices Everywhere

Video and Audio Content

IPv6 a Reality

Background


Security TrendsVisibility of Traffic

Accuracy of Detection

Policy Explosion

Log Explosion

Threats Scale

Background


No ChangeBudget

Department Size

Background

18 CONFIDENTIAL – INTERNAL ONLY 18 Fortinet Confidential

FortiOS 5

19 CONFIDENTIAL – INTERNAL ONLY 19 F O R T I N E T C O N F I D E N T I A L

FortiOS 5

More Security

More Control

More Intelligence


Over 150 New Features & Enhancements

Fighting Advanced Threats-------------------------------------- Client Reputation Advanced Anti-malware

Protection

More Security

Securing Mobile Devices------------------------------------ Device Identification Device Based Policy Endpoint Control

More Control

Making Smart Policies-------------------------------------- Identity Centric Enforcement Secured Guest Access Visibility & reporting

More Intelligence

FortiOS 5 Highlights


Fighting Advanced ThreatsClient Reputation

Advanced Anti-malware Protection

More Security


Ranking

Client Reputation

Identification

Policy Enforceme

nt

Multiple Scoring Vectors

Reputation by Activity Threat StatusReal Time, Relative,

Drill-down, Correlated

Identify potential … zero-day attacks

Score Computati

on

Zero Day Attack Detection


Multi-pass Filters

In-box Enhanced AV Engine Cloud Based AV Service

Hardware Accelerated& Code optimized

Real time updated, 3rd party validated Signature DB

Local LightweightSandboxing

Behavior / Attribute Based Heuristic Detection

Application Control – Botnet Category

FortiGuard Botnet IP Reputation DB

Cloud BasedSandboxing

Improves threat …. … detection

Advanced Anti-Malware Protection


Client Reputation Threat profiling to quickly identify most suspicious clients Effective zero-day attacks detection

!

Advanced Anti-malware Protection Mutilayered: Combines best-in class local AV Engine with

additional cloud based detection system Detects and block Botnet clients and activities Improves malware detection capabilities

More Security


Securing Mobile DevicesDevice Identification

Device Based Policy

Endpoint Control

More Control


See It… Control IT

Seamless integration!

BYOD – Device Identity & Policies

Device Based

Identity Policies

Agentless

Agent based

Device Identification

Access ControlSecurity

Application

UTM Profiles

Awareness


Authorized Device

Device Based Policy Securely adopt BYOD Setup different security and network usage policies based on device

types

Personal Device

✔ DMZ ✔ INTERNET

✗DMZ ✔ INTERNET

More Control


“Off-Net” Protection

Endpoint Control: FortiClient 5

INTERNET

LAN

OFF

ON

• Client enrolls into the FortiGate and then receives its end point policy. It will receive any updates when connected again.

• Client uses last known security policies and VPN configurations.

11

22


Securing Remote Devices Protect mobile hosts against malicious external threats Enforce consistent end point security policies, anywhere all the time Simplified host security and remote VPN management

Endpoint Control: FortiClient 5


Making Smart PoliciesIdentity Centric Enforcement

Secured Guest Access

Visibility & Reporting

More Intelligence


Identity = Policy

External Radius ServiceExternal Radius Service

Windows ADWindows AD

Citrix EnvironmentCitrix Environment

= M.Jones =

= S.Lim =

= V.Baker =

= J.Jackson =

Captive PortalCaptive Portal

802.1x802.1x

Users identified without additional logins

FortiClientFortiClient

DMZ

DMZ

Users assigned to their policies

Identity-Centric Enforcement

FSSOFSSO Identity based PoliciesIdentity based Policies


Single Sign-On and Role Based Policies Authorized network access based on user credentials secure network

right at entry point Reuse captured information for security policies unifies security

configurations and offers better user experience. Reduce administrative tasks & configuration errors

Marketing, Management

Operation, Staff

✔ CMS ✔ INTERNET

✗CMS ✔ INTERNET

M.Jones

S.Lim

SSID: STAFF

SSID: MGMT

Identity-Centric Enforcement


Temporary Network Access Guest Administration Portal

Credential Generation & Delivery

Time Quota

Ad hoc access without compromising security

Integrated Guest Access

Identify and track guest activities Time limits prevent unnecessary exposure to exploits


Network & Threat StatusKnowledge is Power !

Drill-Down Statistics

Filter & Sorting

Object Details

Contextual Information



Deep InsightsNew PDF Formatting

Drill-downs

Per User Summary

FortiManager

FortiCloud

Comprehensive reports



Visibility Widgets & Reports Gain real time knowledge of current network & threat for appropriate

actions Identify network usage trends to optimize infrastructure and

resources

URLURL{Visibility & Reporting


Q & A



DAYSTARYOUR TECHNOLOGY PARTNER

121 Shattuck Way, Suite 10 [email protected], NH 03801

www.daystarinc.comP. 603.766.5924Q. 603.766.5925

take control of end user security

Documents

confidential e internal

powerful security

consolidated security

control ofend user security

increase access

market leadership

products market

market rank companyshare