david maman security virtualization idc
DESCRIPTION
A lecture I gave at the IDC IT Security Road show, last June, 2008. Talked about Information Security virtualization, I was still at Fortinet at the time.TRANSCRIPT
Security Virtualization and Value Added Services
David Maman, Fortinet
IDC IT Security Roadshow, June 03, 2008 Securing Your Business: Technology Meets People
What is Virtualization?
The act of abstracting the (physical and logical)
boundaries of a technology.
Fortinet Confidential
Many ways to VirtualizationServersDesktopsApplicationsNetworksStorage
Fortinet Confidential
Consolidate Physical Resources• Logical resources may remain the same!
Reduce Power ConsumptionStreamline System RecoveryControl and Provide GrowthSimplify system maintenanceOptimize Resource UtilizationMaintain OS Versions and updatesTesting and DevelopmentTraining
The Economist, May 22nd 2008
Why Virtualize?
Consolidated security
MSSP - Managed Security Service Provider
Fortinet
Centralized (Virtualized) Security(Consolidated security)
Fortinet Confidential
Information Security Over head.High availability solutions
Separated management Interfaces
Troubleshooting madness
Training period
Updates and upgrades
Support ?! Who and for what?
Logging a reporting
Hardware coasts
Fortinet Confidential
Virtualized Security must feel with, Without.
Performance
Management
Flexibility
Content Security
Reliability / Density
Logging / Reporting
Of course it’s not
running in a Virtual…..
Of course it’s not
running in a Virtual…..
Centralized Internal Security Consolidation
Back BoneSwitching
Centralized Logging and Reporting
Out of Band
Management
Department AHA security solution with Virtual Solutions
Department B
Department C
Project A
Project BProject C
Server Farm
Internet Access
INTERNET
= Virtual Security Entity
Consolidated security
MSSP - Managed Security Service Provider
Fortinet
Managed Security Solutions
MSSP SolutionManaged Security Service Provider
Fortinet Confidential
Managed Security Services
• Customer PremisesProvider independentAffordable quality of securityLow cost of entry & operationsEnforcing Internal information security
• Centralized ‘In the cloud’Provider dependentHigh availability & Controlled environmentSimple logistics“Clean Pipe” to the customerCentralized upgrade
Centralized services
INTERNET Customer NetworkMPLS, Frame, Leased Line
Customer A Customer B
Customer C Customer D
Centralized Management
Centralized Logging and Reporting
NOC/ SOC
Customer Portal
Fortinet Confidential
Customer PremisesCOMPANY B
COMPANY D
COMPANY A
INTERNET II
COMPANY C
COMPANY E
Centralized Management
Centralized Logging and Reporting
NOC
Customer Portal
INTERNET I
Fortinet Confidential
Managed Security Services
• Customer PremisesProvider independentAffordable quality of securityLow cost of entry & operationsEnforcing Internal information security
• Centralized ‘In the cloud’Provider dependentHigh availability & Controlled environmentSimple logistics“Clean Pipe” to the customerCentralized upgrade
Fortinet Confidential
• Central Logging• Event Correlation• Network data statistics • Per customer Reporting • Report scheduler• Automated report distribution by
Central Management• Centralizes functions for:
Product DeploymentsReal-time MonitoringDevice/Policy MaintenanceDevice/Security Updates
Central Logging / Reporting
About Fortinet
Consolidated security
MSSP - Managed Security Service Provider
Fortinet Confidential
Company Overview• First Multi-Layered Security Platform provider that leverages ASIC technology • Largest private network security company
~ 1100 employees / > 650 R&D320,000 + FortiGate devices WWFounded in 2000Largest Privately Held Security CompanyGlobal Operations in U.S., EMEA & Asia Pac
• Independent certifications8 ICSA certifications (only vendor)Government Certifications (FIPS-2, C C EAL4+)60+ industry awards11 patents; 80+ pendingVirus Bulletin 100 approved (2005, 06,07) and NSS Certifications
Fortinet products are used by:
• 7500 + Installations
• MSSP: Bezeqinternational, Netvision, 012 Smile, BEZEQ
• Strongest ever Market penetration in Israel 5000 + Customers < 4 years
• Major penetration: Enterprise, Finance, IDF, government, Telecom, etc
Israel Customer Base
Flexible Multi-Layered Security Platform
10/100 Mbps 10 Gbps1 Gbps
ROBO/SOHOPerimeter Core Data Center Future
FortiGate-50B – FortiGate-100A
SMB & Remote OfficeSMB & Remote Office
EnterpriseEnterprise
Carrier, MSSP &Carrier, MSSP &Large EnterpriseLarge Enterprise
Secure ESecure E--Mail & Client SoftwareMail & Client Software
Powerful Centralized Powerful Centralized Management & ReportingManagement & Reporting
The FortiASIC™ FamilyNetwork ASIC (NP)
Firewall accelerationVPN (IPSEC and SSL)IPS anomaly
Application ASIC (CP)Antivirus (+Antispyware) AccelerationWeb Filtering and Antispam Advantage from Accelerated AV scanningTraffic Shaping
Multiple Threat TypesVarious Application Entry PointsDifferent FunctionsThreat Payload Intent VariesBroad Range of Propagation Techniques
Application Threat VectorViruses & SpywareSpam & Directory Harvest AttacksWeb PhishingIM and P2P file transfers
Network Threat VectorNetwork WormsDDOS/DOSIP Packet Capture Spoofing & Man-In-The-Middle
Fortinet is the Only:• Only complete solution with custom ASICs• Only complete solution from remote office to core and
service providers with consistent code/hardware base.• Only complete solution that can do deep packet inspection • Only company with internal research on WCF, AS, AV, IPS• Only complete solution that does layer three routing • Only True virtualized solution for MSSP and enterprise• Only Security solution with Virtual solutions in Route and
Transparent over the same Hardware!!!• Only solution with complete layer two switching• Only solution with real centralized Management interface• Only solution with real reporting and logging interface
Fortinet Confidential
Fortinet MSSP Customers Success
…rely on protection from Fortinet