Download - Apresentação fortinet
Fortinet Confidential
Strategic Security
Fortinet Confidential
Fortinet Corporate Overview
• Founded in 2000
• Global presence with 30+ offices worldwide & 1,200+ employees
– 5,000+ channel partners
– 125,000+ customers
– Majority of the Fortune Global 100
• IPO Nov 2009
• NASDAQ: FTNT
• 2009 revenue of $252 Million
– 19% YoY growth
• World class management team
2
$434$434
$39$39
$80$80
$123$123
$155$155
$212$212
$252$252
$325$325
RECEITA FORTINET ($MM)
55% CAGRRECEITA FORTINET ($MM)
55% CAGR
$13$13
03 04 05 06 07 08 09 10 1103 04 05 06 07 08 09 10 11
Fortinet Confidential
21 19 69 113 141
624
1,656
2002 2003 2004 2005 2006 2007 2008
The Threats You Face Continue to Grow
3
Exponential Growth in Malware Threats (000)
Broad New Hacking Attack Detected (2/8/2010)“Hackers in Europe and China successfully broke into computers at nearly 2,500 companies and government agencies over the last 18 months in a coordinated global attack that exposed vast amounts of personal and corporate secrets to theft..”.
“Hackers in Europe and China successfully broke into computers at nearly 2,500 companies and government agencies over the last 18 months in a coordinated global attack that exposed vast amounts of personal and corporate secrets to theft..”.
Google Hack Attack Was Ultra Sophisticated, New Details Show (1/14/2010)“Hackers seeking source code from Google, Adobe and dozens of other high-profile companies used unprecedented tactics that combined encryption, stealth programming and an unknown hole in Internet Explorer, according to new details..”
“Hackers seeking source code from Google, Adobe and dozens of other high-profile companies used unprecedented tactics that combined encryption, stealth programming and an unknown hole in Internet Explorer, according to new details..”
In Number In severity Coordinated and blended attacks
are now a common practice
Increased processing power required
In Complexity Motive and intent has moved
from notoriety to financial gain
Cyber security is critical
3.7 4.49.9
16.123
30.2
1,656
54.6
87.6
2001 2003 2005 2007 2009
U.S. DoD Reported Incidents of Malicious Cyber Activity (000)
Fortinet Confidential
We Pioneered a New Approach
4
The Fortinet SolutionTraditional Network Security Solutions
• Real-time, integrated security intelligence• ASIC-accelerated performance• Lower total cost of ownership• Easy to deploy / manage / use
• Stand-alone, non-integrated security • Mix of off the shelf systems and applications• Higher total cost of ownership• Difficult to deploy / manage / use
Fortinet Confidential
Integrated Protection Against Today’s Threats
5
• Overlapping, complementary layers of protection• Comprehensive, integrated inspection• Allow but don’t trust any application• Examine all application content
Fortinet Confidential
Customers Worldwide
Seven of Top 10 Fortune 500
Eight of Top 10 Global 500 in EMEA
Eight of Top 10 Global 500 in APAC
Nine of Top 10 Global 500 Commercial & Savings Banks
Seven of Top 10 Global 500 Aerospace & Defense
Two of Top 5 Global 500 Telecommunications
Fortinet Confidential
A Reliable Partner
• Proven Industry Leadership• Since 2000, Fortinet has received more than 100 product & company awards.
• IDC: Overall leader in UTM factory revenue for all of 2009• Gartner: Leader in Multi-Function Firewall Magic Quadrant• Frost & Sullivan: 2010 "Fortinet is the established and undisputed leader" of worldwide UTM market• SC Magazine: 2009 Readers' Trust Award for "Best Integrated Security Solution"
• Certified security• Five ICSA certifications (Firewall, AV, IPS, IPSec VPN, SSL VPN, Anti-Spam)• Government Certifications (FIPS-2, Common Criteria EAL4+, JITC IPv6, SCAP) • ISO 9001 certification
Fortinet Confidential
Summary
• Comprehensive solution • Integrated, strategic security
• Lower TCO• Less complexity, faster deployment,
easier management• Real-time security
• 24/7 global updates deliver security expertise
• Unmatched flexibility • Deploy the technology you need, where
and when you need it
Fortinet Confidential
Fortinet Product Overview
April 10, 2023
Fortinet Confidential
Product Portfolio
Application Security
FortiGateNetwork SecurityPlatform
Security Services
FortiGuardReal time Security Services
FortiMailEmail Security
FortiWebXML & Web Application Security
Host Security
FortiClientHost Security Solution
FortiScanAsset Vulnerability Mgmt
FortiDBDatabase Security
FortiManagerCentralized Mgmt
FortiAnalyzerLogging & Reporting
UTM Security Data SecurityManagement
Fortinet Confidential
FortiGate Product Lineup
Application Security
FortiGateNetwork SecurityPlatform
FortiMailEmail Security
FortiWebXML & Web Application Security
FortiDBDatabase Security
FortiManagerCentralized Mgmt
FortiAnalyzerLogging & Reporting
Security Services
FortiGuardReal time Security Services
Host Security
FortiClientHost Security Solution
FortiScanAsset Vulnerability Mgmt
UTM Security Data SecurityManagement
Fortinet Confidential
O ResultadoLíder de Mercado
(1) IDC Worldwide Security Appliances Tracker, March, 2012 market share based on factory revenue)(2) Gartner, Inc., “Magic Quadrant for Unified Threat Management”, March 2012
Quadrante Mágico paraUnified Threat Management2
Quadrante Mágico paraUnified Threat Management2
Market Share de UTM MundialQ4 20111
Market Share de UTM MundialQ4 20111
Rank Empresa Market Share (%)
1 17.8
2 Check Point 15.1
3 SonicWALL 8.2
4 Juniper 8.0
5 Cisco 7.5
6 WatchGuard 5.0
7 McAfee 4.4
8 Astaro 2.3
9 Others 31.7
Total 100%
Market Size $2.2B
Fortinet Confidential
FortiGate
• Integrated security appliance• Network threat detection• Application-aware screening
• Accelerated performance• Custom ASIC
• Platforms for every market segment• Non-user licensing • Performance-based models
13
ASIC
FIREWALL
APPLICATIONCONTROL
WIRELESS DATABASE
ANTISPAM VPN
FORTIOS FORTIASIC
WEB FILTERING
DLP ROUTING
WANOPTIMIZATION
ANTIVIRUS
IPS
Fortinet Confidential
FortiGate UTM Lineup
• ASIC-based multi-threat security platform• Common OS across all platforms• Single management interface• FortiGuard Services
• Antivirus, IPS, Antispam, Web content filtering,Application control
14
Enterprise Service Provider & Large EnterpriseSMB & Remote Office
Fortinet Confidential
15
Purpose-Built Hardware
Specialized OS
FirewallFlexible Capabilities
Hardened Platform
High Performance
Real-Time Protection
Traffic ShapingVPN
AV IPS AntispamWeb Filter
SSL InspDLP WAN Opt
App Ctrl
FortiGate Multi-Threat Security Platform
FortiGuard Updates
• Purpose-built to deliver overlapping, complementary security
• Provides both flexibility & defense-in-depth capabilities
Anatomia da Solução FortiGate
FortiOS é o sistema operacional seguro e blindado que integra todos os FortiGate multi-threat security systems.
Introduzindo o FortiOS 4.0
Principais benefícios: Acesso a inovadora tecnologia de segurança, antes
disponivel somente em produtos independentes. Melhora a segurança através da integração das
tecnologias de segurança. Consolidação simplifica gerenciamento, economiza
tempo e dinheiro.
Com o lançamento do FortiOS 4.0, a Fortinet está redefinindo novamente a segurança de rede através da estensão do escopo das capacidades da segurança consolidada com o Fortigate multi-threat security system
Novo no FortiOS
FortiOS 4.0 introduz quatro principais novas tecnologias na segurança de rede atualmente oferecida:
Otimização de WAN Acelera aplicações sobre conexões de WAN e ao mesmo tempo
garante segurança multi-threat Controle de Applicação
Reconhece trafego baseado na aplicação que está gerando o mesmo ao invés de se basear em port ou protocol.
Inspeção de SSL Aumenta o controle de segurança e politica nos trafegos
criptografados.
Prevenção contra vazamento de dados (DLP) Para identificar e prevenir comunicação de informação sensitiva para
fora das fronteiras da rede
Otimização de WAN
Aumenta o desempenho da rede Reduz dados transmitidos atraves da WAN Reduz exigencias de banda e recurso de servidores Melhora a produtividade dos usiários Reduz custos de rede
Aumenta a performance da rede reduzindo a quantidade de comunicação de dados transmitido entre aplicações e servidores na WAN
Otimização de WAN em ação
Caching Integrado Bi-direcional Integrado com VDOMs
Aplicações comuns Compartilhamento de
Arquivo (CIFS, FTP) Email (MAPI with MS
Exchange / MS Outlook) Web (HTTP / HTTPS) Genérico (TCP)
Integração com FortiClient Usuários Remotos /
móveis sem FortiGate local
Controle de Aplicação
Facilita a inspeção de aplicações usando portas não-padrões, port-hopping, ou tuneis com aplicações seguras
Controle de politica mais flexivel and bem-granuladas Aumenta a segurança Visibilidade mais aprofundada do trafego de rede
Reforça a política de segurança para mais de 1000 aplicações, independente da porta ou protocolo usado para a comunicação.
Lista de Controle de Aplicações
Multiple Applications can be defined with different actions and logging options
Multiple Applications can be defined with different actions and logging options
Categorias e Aplicações
Thousands of Applications Supported
Thousands of Applications Supported
Inspeção de Tráfego SSL
Inspeciona comunicação oculta Melhora proteção para servidores
web/app seguros Melhora a visibilidade no trafego de
rede Suporta os protocolos HTTPS, POP3S,
SMTPS, e IMAPS
Faz proxy do trafego SSL criptografado, inspecionando ameaças e aplicando politica para trafego que é invisivel para outros dispositivos de segurança.
Aplica a politica tradicional de filtro WEB ao tráfego HTTPS
Filtrando o tráfego HTTPS
Corporate LAN
Cliente inicia a conexão HTTPS ao servidor
Interceptada pelo FortiGate
FGT estabelece conexão ao servidor e faz proxy da comunicação
Filtro WEB é aplicado no trafego criptografado
Corporate LAN
(POP3S, IMAPS, SMTPS)
Web
(HTTPS)
Client
Protegendo o servidor SSLFiltra o trafego SSL-encrypted para prevenir contra intrusos / ataques
Utiliza o mesmo mecanismo para interceptar & descriptografar o trafego SSL
Aplica perfil de proteção padrão no tráfego criptografado.
Prevenção de Vazamento de Dados (DLP)
Sensor DLP Usado para definir a detecção de
conjunto de regras Sensor aplicado no perfil de proteção
Ações DLP Logar, bloquear, arquivar (FortiAnalyzer) Banir ou quarenternar o usuário
Tipos de arquivos suportados Texto, PDF, MS Word (até a versão
2007, incluindo) Tipos adicionais inclusos futuramente
Features adicionais do FortiOS 4.0
Politica baseada em Indentidade FortiOS 4.0 permite aos administradores a capacidade de definir politica
de seguranca para usuários individuais, grupos, endereço IP, rede, ou protocolo.
Melhorias na Prevenção de Intrusos Com a detecção passiva de intrusos, suporte ao IPv6, ações de
bloqueios multiplos, e opção de logging para tráfego de ameacas, a Fortinet levou esta função para um nivel ainda mais efetivo.
Controle e Conformidade de Endpoint FortiOS 4.0 permite o FortiGate checar a instalação dos agentes de
segurança de endpoint ForitClient. Integridade do HOST (atualizacao de AV, firewall habilitado, etc.) Pode ser verficado antes de permiter o dispositivo na rede.
Fortinet Confidential
Application Security
FortiGateNetwork SecurityPlatform
FortiMailEmail Security
FortiWebXML & Web Application Security
FortiDBDatabase Security
FortiManagerCentralized Mgmt
FortiAnalyzerLogging & Reporting
Product Portfolio
Security Services
FortiGuardReal time Security Services
Host Security
FortiClientHost Security Solution
FortiScanAsset Vulnerability Mgmt
UTM Security Data SecurityManagement
Fortinet Confidential
FortiAnalyzer and FortiManager
• Tightly integrates together to provide core of centralized security services• FortiAnalyzer
• Log Analysis• Reporting• Content Archiving / Data Mining• Network Analyzer• Log Browser / Real-Time Log
Viewer• Central File Quarantine• Vulnerability Assessment
Scanner• Forensic Analysis
• FortiManager• Policy / Device Management• Update Manager
(Firmware / Security Content)
• VPN Manager• Script Manager
Fortinet Confidential
FortiGuard Management and Analysis Architecture
31
FortiGuard Distribution Network
Customer FortiGate Infrastructure
FortiGuardAnalysis &
ManagementPortal
Secure SSL tunnels
FortiGate
FortiGate
FortiGate
FortiGate
FortiGate
FortiGate
Hosted Support for:Hosted Support for:• ManagementManagement• ConfigurationConfiguration• Logging and ReportingLogging and Reporting• Analysis and ForensicsAnalysis and Forensics
Fortinet Confidential
Application Security
FortiMailEmail Security
FortiWebXML & Web Application Security
Product Portfolio
FortiGateNetwork SecurityPlatform
FortiManagerCentralized Mgmt
FortiAnalyzerLogging & Reporting
Security Services
FortiGuardReal time Security Services
Host Security
FortiClientHost Security Solution
FortiScanAsset Vulnerability Mgmt
UTM Security Management Data Security
FortiDBDatabase Security
Fortinet Confidential
FortiDB
Comprehensive Database Security • Database discovery and classification • Vulnerability assessment with remediation advice • Database activity monitoring (DAM)• Data loss prevention • Automation of auditing and compliance • Change control for metadata changes (DDL) and user privilege
changes (DCL)• Support for heterogeneous, virtualized environments
Fortinet Confidential
Product Portfolio
Application Security
FortiGateNetwork SecurityPlatform
FortiMailEmail Security
FortiWebXML & Web Application Security
FortiDBDatabase Security
FortiManagerCentralized Mgmt
FortiAnalyzerLogging & Reporting
Security Services
FortiGuardReal time Security Services
Host Security
FortiClientHost Security Solution
FortiScanAsset Vulnerability Mgmt
UTM Security Data SecurityManagement
Fortinet Confidential
FortiMail
• Dedicated antispam appliance• High-performance mail processing with antispam detection• Complements antispam/antivirus features in FortiGate
• Flexible deployments• Transparent, Gateway, or Server modes
• Integrated multi-threat detection• Antispam, Antivirus, Antispyware, Antimalware• Preserves productivity, ensures policy compliance, and protects
domain reputation
• Email quarantining and archiving• User-based quarantine capabilities • Archiving for analysis and compliance support
• ,
Fortinet Confidential
FortiWeb – Web Application Firewall
• Web application firewall• Secures web-based applications with web application and XML firewalls• Accelerates web applications through XML/SSL acceleration, session
offloading, and load balancing• Simplifies deployment and management of web applications with a central
security appliance• Assists in compliance with industry or government mandates, such as PCI
DSS
Fortinet Confidential
FortiWeb
• Three deployment modes to easily integrate FortiWeb• Transparent inline• Reverse proxy• Non-inline
• Web application scanner for PCI DSS 6.5 and 6.6• Additional layers of protection:
• Protocol enforcement• Anti web defacement• Brute force login robot protection
• Authentication offload to accelerate applications• Advanced URL rewriting capabilities
37
Fortinet Confidential
Secure Web applications
Protect Web Services
Ensure Application Availability
Web Application Platform Web Application Firewall – secures web applications to help customers
meet compliance requirements XML Firewall – Secures and prevents exploits against XML based web
services Application Acceleration – Accelerates and ensures timely delivery of web
based content utilizing Fortinet’s ASIC technology
38
FortiWeb – Web Application Firewall
Fortinet Confidential
Product Portfolio
Application Security
FortiGateNetwork SecurityPlatform
FortiMailEmail Security
FortiWebXML & Web Application Security
Host Security
FortiClientHost Security Solution
FortiScanAsset Vulnerability Mgmt
FortiDBDatabase Security
FortiManagerCentralized Mgmt
FortiAnalyzerLogging & Reporting
Security Services
FortiGuardReal time Security Services FortiScan
Asset Vulnerability Mgmt
UTM Security Data SecurityManagement
Fortinet Confidential
FortiClient
• Host-based security• Antivirus / antimalware client• Personal firewall• Web content filter• Antispam filtering
• FortiGate integration• WAN optimization• IPSec VPN • Data loss prevention
40
AntivirusWeb
Filtering Antispam
FortiGuard Services
Fortinet Confidential
FortiScan-1000B
• Endpoint Vulnerability Assessment and Remediation• Identifies security vulnerabilities and finds compliance exposures on hosts
and servers• Audits and monitors across heterogeneous systems• Delivers patch management with ready to deploy remediation and
enforcement actions• Aides compliance for regulatory mandates with compliance reports
Fortinet Confidential
Product Portfolio
UTM Security Data Security
Application Security
FortiGateNetwork SecurityPlatform
Security ServicesFortiGuard
Real time Security ServicesFortiMailEmail Security
FortiWebXML & Web Application Security
FortiDBDatabase Security
FortiManagerCentralized Mgmt
FortiAnalyzerLogging & Reporting
Host Security
FortiClientHost Security Solution
FortiScanAsset Vulnerability Mgmt
Management
Fortinet Confidential
FortiGuard Services Network
• Real-time updates• “Push” / “pull” updates for Fortinet customers• Tied to FortiCare registration system
• Distributed infrastructure• Multiple servers deployed globally• Approximately 16 data center locations• Hierarchical deployment strategy
• Main server update pushes secondary updates
• Gather feedback from worldwide installed base
43
Fortinet Confidential
FortiCare Support Services
• FortiCare Knowledge Center• Around the clock self-service portal• Technical articles & documentation• Firmware/software updates
• Technical Support • 8x5 – Business Hours Support Local Time• 24x7 – Around the clock coverage for
Priority 1 events• Online Tracking/Management of Tickets• Premium Support
• Hardware Repair• Return to Factory (Return & replace services)• Advanced Replacement (24 hr return)• Premium-RMA (4-Hour and Next Day)
Available in Key Geographic Areas
Fortinet Confidential
New Products
Fortinet Confidential
FortiGate Voice Overview
• Integrated Multi Service Business Gateway• Combines multiple services into a single, integrated business gateway
device, managed by a single console:• Multi-threat UTM security gateway• IP Router• Ethernet Switch • IP PBX• Wireless LAN• VPN with strong encryption
Fortinet Confidential
Fortinet Confidential
Introducing FortiAP™ Secure Thin Access Points
Secure Wireless Networks Rogue Access Point (AP) Detection and
Remediation (for PCI compliance) Granular Endpoint Control
Speedy 802.11n Performance 300 Mbps-600Mbps throughput
Simplify Your Administration Use existing FortiGate devices for WLAN Control Turnkey Audit Reports make compliance easier
Save Over Competitive Solutions Lower Total Cost of Ownership (TCO)
48
Integrated wireless security and access solution
Fortinet Confidential
49
FortiAP™ Secure Access Points are
Small-to-Medium Enterprise (SME)
Small-to-Medium Retail Financial Services Government Agencies Hospitality Professional Services Offices
(i.e. Law, Accounting) Education (K-12, Higher Ed)
Targeted market
Fortinet Confidential
50
Fortified Wireless Space
High-Performance
Wireless Networking
Advanced Network-Based
Security
Fortinet Confidential
51
Building a Secured Wireless LAN Solution
Secure Wireless Access Points
Multi-Threat Security with Integrated
Wireless Controller
Fortified Wireless Space
Fortinet Confidential
Floor
Wiring Closet
Aggregation
FortiGate Controller
Data Center
ThinAP tunnels all traffic to FortiGate Controller
Thin AP architecture tunnels all traffic to the FortiGate Controller for added security and ease of management
52
Fortinet Confidential
FortiGate Scalability Matrix
Note *: calculated
FortiGate Platform Number of ThinAP’s supported
FortiWiFi-xx 0
FortiGate- 60B/C 4
FortiGate-80C 16
FortiGate -110C
32FortiGate-200B
FortiGate-310
FortiGate -800 64
FortiGate -620B 128
FortiGate-1240
FortiGate- 3600A 256
FortiGate-3810 512
FortiGate-5140 6144*
Note2: there is no software limit on this value.
Fortinet Confidential
Competitive Summary
Fortinet Confidential
Industry Leadership
55
Antivirus
IPS
Application Control
WAN Optimization
Data Loss Prevention
Firewall / VPN
Partner Supplied Internally Developed Not available
Fortinet Confidential
Additional Technology Comparison
56
Wireless Controller
Web Application Firewall
Email Security
Content/ Web Filtering
Vulnerability Assessment
Database Security
Partner Supplied Internally Developed Not available
Fortinet Confidential
Fortinet’s Comprehensive Solutions
57
Fortinet Confidential
Appendix
Fortinet Confidential
UTM Surpassing Traditional Network Security
59
2008 2009 2010 2011 2012 2013
Firewall & VPNFirewall & VPN
UTMUTM
(-0.5%) CAGR
$2.2
$2.1
$ in billions
13.8% CAGR
$1.7
$3.2
Source: IDC “Worldwide Network Security 2008-2012 Forecast Vendor Shares: Transitions – Appliances Are More Than Meets the Eye”