1 © Copyright Fortinet Inc. All rights reserved.

Security Without Compromise

Stan Easparro – Channel SE

2

Infrastructure. Constant Change.

Green Google’s 13 data

centers use 0.01%

of global power

SDN/NFV Software-defined

everything. SD WAN

SaaS On average, companies

have 10+ applications

running via the Cloud

IaaS Security still the

No.1 inhibitor

IoT 35B devices, mostly

headless attaching

to the network

Virtualization 80% of data center

apps are virtualized

Mobile No control of

endpoints (BYOD)

Social Bandwidth ever

increasing

Bandwidth Wi-Fi speeds rival LANs.

100G networks here

Analytics Big Data

Internet 2 100 Gbps and

UHDTV

5G Wireless

FUTURE

100G

3

The Attack Surface Has Increased Dramatically

Today’s Security is Borderless

Internal External

Mobile

Endpoint

Branch

Office

NGFW

Campus

Data Center

DCFW

UTM

IoT

PoS

Network

Applications

Data

People

4

End to End Segmentation Critical

Internal External

Cloud

On Demand

Data Center

SDN Orchestration

Mobile

Endpoint

Branch

Office

NGFW

Campus

Data Center

DCFW

UTM

IoT

PoS

5

Segmentation Inhibitors

Communication

» Too Many point solutions that do not talk to each other (SIEM)

» Platform’s use central Management to coordinate which is too slow to stop

Advanced Threats

Operations

» Adding Internal Firewalls requires Automation of Security Policies

» Need Visualization of end to end Network to architect the Segmentation

model

Performance

» Internal Performance much Higher than Edge/Perimeter

» Still big Gap between Firewall and NGFW Performance

Segmentation Sprawl

6

Fortinet Security Fabric – Protecting from IoT to Cloud

Scalable

Aware

Secure

Actionable

Open

Client Security

Network Security

Application

Security

Cloud Security

Secure WLAN Access

Alliance Partners

Secure LAN Access

IoT

Fortinet

Security Fabric

Global Intelligence

Local

Intelligence

7

Key Fabric Attributes

From IoT to Cloud

Actionable Security Scalability Awareness Scalability Open

8

Device Access Network Cloud

Distributed

Enterprise

Edge Segmentation

Branch

Data Center

North-South

Carrier

Class Private Cloud IaaS/SaaS

WLAN / LAN

Rugged

Embedded System on a Chips Packet and Content Processor ASIC Hardware Dependent

Device

>1G

Appliance

>5G

Appliance

>30G

Appliance

>300G

Chassis

>Terabit

Virtual Machine

SDN/NFV

Virtual Machine

On Demand

Client

Endpoint SDN

Provisioned

Distributed

NSF

Flow Based

ASIC

Single Pane of Glass

(Management)

Single point of

Security Updates

Single Network

Operating System

Scalable from IoT to Cloud

Single point of

Authentication

and SSO

9

Parallel Path Processing (PPP)

Packet

Processing

Content

Inspection

Policy

Management

Security for the Network

Slow is Broken

CPU Only

Policy Management

Packet Processing

Deep Inspection

More Performance

Less Latency

Less Power

Less Space

CPU

Optimised

SoC

10

Security for the Cloud

Virtualization Hypervisor Port

Hypervisor

Private Cloud SDN - Orchestration Integration

Public Cloud On-Demand

IaaS Cloud

Connector API

East-West North-South

Flow

NGFW WAF Management Reporting APT

SaaS Cloud

Proxy

CASI

Broker

API

Hybrid

11

Security for Access - Secure Access Architecture W

LA

N Infrastructure

On Premise Management

Integrated On Premise Management

Cloud Cloud Management

3 2 1

Infrastructure Integrated Cloud

FortiGate

FortiSwitch LA

N

“Universal Access Point and Switch

Access

Application

Portfolio

Authentication/SSO

Fabric

12

Actionable Awareness Scalability Open

Key Fabric Attributes

From IoT to Cloud

Security

13

Key Fabric Attributes

Actionable Security Open Scalability Awareness

From IoT to Cloud

14

Global and Local Security

App Control Antivirus Anti-spam

IPS Web App Database

Web Filtering

Vulnerability Management

Botnet Mobile

Security

Cloud Sandbox

Deep App Control

Partner FortiWeb FortiMail FortiClient FortiGate

Threat

Researchers

Threat Intelligence

Exchange

Advanced

Threat

Protection

16

Awareness Scalability Open Security

Key Fabric Attributes

From IoT to Cloud

Actionable Security

17

Support Services Single Pane of Glass Migration to Cloud Based Systems

FortiCare FortiCloud FortiGuard Cloud FortiSandbox

Cloud Based Management of

NGFW + Access Point

Cloud Based Management of

NGFW + Access Point

Cloud Based

Management of

NGFW + Access Point

Threat Intelligence Advanced Threat

Protection

Actionable Threat Intelligence

WAN Data Center Access

IoT Mobile

PoS Windows

FortiManager

18

Awareness Scalability Security Actionable Security

Key Fabric Attributes

From IoT to Cloud

Open

19

Open: Multiple Levels of Fabric API’s for Partner Integration

Fortinet Security Fabric

SIEM

SDN Endpoint

Cloud Virtual

Management

Ecosystem Alliance Partners

20

Cloud SDN Sandbox

Test/SSO System Integrator SIEM Management

Ecosystem Integration Points

21 © Copyright Fortinet Inc. All rights reserved.

Thank You!