james cabe – principal engineer - evangelist · 2018-05-07 · gartner magic quadrant for...

© Copyright Fortinet Inc. All rights reserved.

Mid-Enterprise Summit – SpringJames Cabe – Principal Engineer - Evangelist

Q2 2018

2

Investment in Innovation

FortiOS is the Most Widely Deployed Network Security Operating System

3.4M+ Total DeviceShipments(As of Q4 2017)

340,000+Global

Customers(As of Q4 2017)

28%Market Share

Unit Shipments(Q4 IDC Tracker)

3

A Leader in Network Security

Gartner Magic Quadrant for Enterprise Network Firewalls, Adam Hills, Jeremy D'Hoinne, Rajpreet Kaur, 10 July 2017Disclaimer: This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose

Gartner Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls), Jeremy D'Hoinne, RajpreetKaur, Adam Hils, June 2017Disclaimer: This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

4

Enforcement Auth Telemetry(Flow\Logs)

ThreatIntelligence

John

Jane

Forti

Forti

5

FORTINETSECURITYFABRIC

Signature

Behavior

Adaptive

AntiVirus

Code Emulation

Pattern Matching

IPS

Big Data

MachineLearning

ContentFilter

ThreatSharing

App Ctrl

User &Device

UEBA

Sandbox

Detonation

NeuralNetworks

Logging SIEM Intent

Auth

Encryption

Threat ScoreAPI

Integration

Automation

ProactiveAdvancedDefense(PADing)

IP Reputation

6

Unequalled Third-Party Certifications

11Cisco 4

Check Point 4

Palo Alto Networks 2

DCIPSAEP WAF NGFW NGFW BDS NGIPS BPS DCSG DCSG DCIPS

#1 Certified Security Vendor

2017 & 2018 Results

7

AcceleratesNetwork

Traffic

AcceleratesContent Inspection

FlexiblePolicy

Optimized for entry-level form factors

CPU

More Performance Less Latency

Less SpaceLess Power

Core Fabric Technologies

Intrusion Prevention

Antivirus

FortiSandboxCloud

Web Filtering

Application Control

IP Reputation

FABRIC

CONNECTORS

AUTOMATION

API

USE CASES

CASB ORCHESTRATION

FABRIC AGENT

Security Rating Threat Intelligence

FORTIGUARD PARALLEL PROCESSINGFORTIOSSPU

8

FortiOS Roadmap – FOS 6.0 200+ New Features

March 30 2018

Fabric Evolution

March 30 2017April 21 2016June 12 2014Oct 31 2012

FortiOS 6.0FortiOS 5.6FortiOS 5.4FortiOS 5.2FortiOS 5.0

Fabric Introduction

Sandbox Integration

Fabric Expansion

Zero TrustSegmentation

9

FORTIOS 6.0

EndpointProtection

Automation

Fabric Integration

SD-WANTagging

FortiGuardThreatIntelligence

FabricConnectors

FabricReady

PartnersCASB

MultiCloud

ManagementReporting

FortiLink

10

Fabric Integration Checklist

TELEMETRYDEVICE LEVEL API Can Instances communicate with each other?

FORTIVIEWTOPOLOGY MAP Can you see instances on the Topology Map?

FORTIMANAGER Can you centrally apply policy to instances?

FORTIANALYZER Can you centrally apply reporting and analytics to instances?SECURITY RATINGAUDIT Can you apply updated best practices to instances?AUTOMATIONSTITCHES Can you automate workflows across instances?VULNERABILITY SCAN Can you scan for vulnerabilities across instances?ADVANCED THREAT PROTECTIONSANDBOX

Can you call upon advanced detection across instances?

FORTISIEM Can you see and apply analytics beyond the Fabric?

Fabric Integration

Fabr

ic A

ttrib

utes

11

Fabric Integration Checklist

NETWORK ENDPOINT UNIFIED ACCESS EMAIL WEB APPS MULTICLOUD

FORTIGATE FORTICLIENT FORTISWITCH FORTIAP FORTIMAIL FORTIWEB FORTICASB

TELEMETRYDEVICE LEVEL API 5.4 5.4 5.4 5.4 5.4 6.0 6.0

FORTIVIEWTOPOLOGY MAP 5.4 5.4 5.4 5.4 6.0 6.0

FORTIMANAGER 5.0 5.2 5.0 5.0 5.0 6.0 6.0

FORTIANALYZER 5.0 5.2 5.4 5.4 5.0 5.4 6.0

SECURITY RATING 5.6 5.6 5.6 5.6

AUTOMATIONSTITCHES 6.0 6.0 6.0 6.0 6.0

VULNERABILITY SCAN 5.6

ADVANCED THREAT PROTECTIONSANDBOX

5.0 5.4 5.2 5.6 6.0

FORTISIEM 5.0 5.4 5.6 5.6

Fabric Integration

Fabr

ic A

ttrib

utes

Attack Surface

12

Fabric Topology View

13

New Features For All Network Security Use Cases - FortiGate

Application Group

Integration Policy

One Click VPN

Business Aware

Tagging

FabricPrivate CloudConnectors

FabricPublic CloudConnectors

On-Network +

Off -Network

AutomatedAP

Quarantine

IPv6NAT

ApplicationSLA

Automation

External WebFilter

Blacklist

AutomatedSwitch

Quarantine

SoCWorkflowIntegration

CarrierGradeNAT

EthernetMAC

(EMAC)Support

14

Secure SD-WAN is a MustFeatures SD-WAN Vendors Security Vendors Combinations Fortinet

SD-WAN

Security

Single Console

Cost

SD-WAN

15

SD-WAN Improvements

SD-WAN integration with application control allows customer to choose from 3700+applications

First packet classification allows customer to send business critical applications to specific WAN link

APPLICATION AWARENESS

New UI addition to measure SLA using application transactions

Simplified rules to assign application transactions to multi-path WAN links

MULTI-PATH INTELLIGENCE

SD-WANAPPLICATION AUTOMATION

Automatic Fail-over to second best WAN link when application transactions go beyond expected values

Allow applications to fail-back to original WAN ink when application transactions stabilized

SD-WAN

16

Allows multiple sites of FortiGate to configure hub-and-spoke VPN with the help of FortiCloud on the backend

Can be implemented with FortiManager backup mode as another option

CLOUD-ASSISTED ONE-CLICK VPN

VPN Configuration Improvements SD-WAN

17

Multi-cloud Security Connectors

Networking

Servers

Virtualization

O/S

Applications

API

Data

SaaS

SaaSCloud

CASB API’S

Networking

Servers

Virtualization

O/S

Applications

Virtual Security

Data

Private

PrivateCloud

FABRIC CONNECTOR

Networking

Servers

Virtualization

O/S

Applications

Cloud Security

Data

Public

PublicCloud

FABRIC CONNECTOR

SingleConsole

Connectors

18

CASB as a Feature Of Network Security FORTICASB 1.2

APIs

FORTIGATE

FORTICASB

FORTIMANAGER FORTIANALYZERFORTISANDBOX

Internet

19

FortiGuard Threat Intelligence Service

Web Filtering

InternetServices

DB

Business Aware

Tagging

IndustrialControl

SecurityRating

VirusOutbreakService

ApplicationControl

FortiGuardTIS

Antivirus& MobileSecurity

IP Reputation

Sandboxing

FortiGuardThreatIntelligence

ContentDisarm &

Reconstruction

20

Security Rating Service⁞ BEST PRACTICES BY INDUSTRY

FortiGuardThreatIntelligence

FortiGuardUpdates

• Collected best practices from customers • Examples

• Password security • Login attempt thresholds• Logging to FortiAnalyzer• Encourage two-factor authentication

• The system checks against these best practices

• Prioritizes discoveries from critical to low importance

• Preset fixes are available

354 25 65 31 22Passed Low Medium High Critical

21

FORTIGUARDSERVICE

Rating DB provided as a update service»OS independent»Timely updates»New best practices

EXPAND RATING RULES

Adding more security best practices items to rating such as

»Business-oriented»Verticals»Compliance

AUTOMATEDREPORTS

Automated – runs on the background periodically, in addition to on-demand

Receive daily / on-demand reports

Security Rating Service 6.0 Improvements FortiGuardThreatIntelligence

22

Security Ranking Allows Benchmarking

JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC

28%

55%

89%Aerospace

SMB: 1 - 256 Endpoints

89%

VulnerabilityManagement

SecurityHardening

Benchmark against peers»Rank against similar organizations in

terms of size and industry by percentile

Present trending graph»By retrieving historical data from

FortiAnalyzer

23

FortiGuard Security Services Available (FortiGate)Service O/S

SupportThreat Protection

(TP)Unified Protection

(UTM)Enterprise Protection

StandaloneProtection

Threat Intelligence Services ✔Virus Outbreak Service (VOS) ✔Content Disarm and Reconstruct ✔Industrial Control Services ✔Security Rating ✔CASB ✔Sandboxing ✔ ✔Web Filtering ✔ ✔ ✔Antivirus ✔ ✔ ✔ ✔IPS ✔ ✔ ✔ ✔Internet DB ✔ ✔ ✔ ✔IP Reputation ✔ ✔ ✔ ✔Application Control ✔ ✔ ✔ ✔

New

New

New

24

WorkFlow Automation

AUTOMATED RESPONSE

Notification Reports Quarantine Adjust Configuration

ACTIONSTRIGGERS

SystemEvents

ThreatAlerts

User & DeviceStatus

ExternalInputs

Automation

Automated workflows (stitches) using triggers to deliver appropriate actions » Easy creation using wizards» Covers components within a security fabric

25

Automated Workflow

26

Fabric Ready Partners

IOT/OT/NAC

MANAGEMENTSDN ENDPOINT

Security/SIEM TECHNOLOGY

CLOUD

IDENTITY

FabricReady

Partners

27

Deep Integration with Fabric Connectors

Threat Feeds

Dynamic CloudPolicy

Dynamic SDN

Policy

Automation

Cloud Visibility

SSO/Identity

ITSM

Fabric Connectors provide a deeper integration

There are different types of Fabric Connectors

These are available with a simple click on the GUI

28

Intent-based Network Security⁞ BUSINESS-AWARE TAGGING

NGFWUNSECUREMOBILE

SECURELAPTOP

INTELLECTUALPROPERTY

INTERNALDATA

PUBLICINFORMATION

SECURE LAPTOP

UNSECURE MOBILE

PUBLIC INFORMATION

INTERNAL DATA

INTELLECTUAL PROPERTY

GLOBAL POLICYTAGGING (DEVICES, INTERFACES, OBJECTS)

X