© Copyright Fortinet Inc. All rights reserved.

Fortinet Security Fabric

Innovative Solutions Security SummitMay 7th 2018

2

Fortinet: Global Network Security LeaderHighlights: 2000 - present

4,900+

EMPLOYEES WORLDWIDE

100+OFFICESACROSSTHE GLOBE

439PATENTS

291 INPROCESS

ISSUED

3.4mSHIPPEDSECURITYDEVICES

330KCUSTOMERS

$1bnREVENUE

IN EXCESS OF

$1.5bnIN CASH

24%YEAR ON YEARGROWTH

2000BY KEN XIE

FOUNDED IN

HEADQUARTERED IN

SUNNYVALECALIFORNIA

3

A Leader in Network Security

Gartner Magic Quadrant for Enterprise Network Firewalls, Adam Hills, Jeremy D'Hoinne, Rajpreet Kaur, 10 July 2017

Disclaimer: This graphic was published by Gartner, Inc. as part of a larger research document and should be

evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise

technology users to select only those vendors with the highest ratings or other designation. Gartner research

publications consist of the opinions of Gartner's research organization and should not be construed as statements of

fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of

merchantability or fitness for a particular purpose

Gartner Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls), Jeremy D'Hoinne, Rajpreet

Kaur, Adam Hils, June 2017

Disclaimer: This graphic was published by Gartner, Inc. as part of a larger research document and should be

evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise

technology users to select only those vendors with the highest ratings or other designation. Gartner research

publications consist of the opinions of Gartner's research organization and should not be construed as statements

of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any

warranties of merchantability or fitness for a particular purpose.

4

Minutes Hours Days

15%

50%

27%

5%

2%2%

Minutes Hours Days

Dealing With Today’s Issues

3BILLIONNEW DEVICES

PER YEAR

THROUGH 2020

OF EMEA ENTERPRISES

BREACHED IN THE LAST 12

MONTHS*

51%TIME TO DETECT BREACH*

More than 1 hour for

85%

AREAS OF GREATEST CONCERN FOR SECURITY

Cloud

Vulnerability inIT systems

Inside Threats

BYOD

IoT

1

2

3

4

5

5

And Those of Tomorrow

INFRASTRUCTURE

EVOLUTION

EVOLVING THREAT

LANDSCAPE

REGULATION, COMPLIANCE

AND CERTIFICATION

6

The State of the Enterprise Network

Today’s Network is

BORDERLESS

Today’s Network is

FASTER Than Ever

Today’s Network is More

COMPLEX Than Ever

7

Branch

OfficeCampus

Data

Center

Remote

Office

Mobile

PoS

IoT

More Ways to Get In

More Ways to Get Data Out

8

Containing the Borderless

Internal External

Perimeter and internal security in equal doses

» Segmentation Strategies

Security extending outward from the core to the access

layer

Integration between the elements of the broader network

security solution

Branch

Office

PoS

IoT

Campus

Mobile

Endpoint

Data

Center

9

Business

Security

Which Compromise Do You Make?

Infrastructure

Speed

10

Powering the Solution

Integration into the underlying network, not resting on top

Scalability

» In terms of size and function

» Current and projected performance requirements

» Of the security model – the 3 P’s

SOLUTION

11

Branch

Office Campus

Data

Center

Remote Office

Vendor A

Vendor B

Vendor C

Vendor C

Vendor D

Complexity Decreases Security Effectiveness

Each product is “Silo’d”

No interaction

No integration

12

Eliminating Complexity

Individual elements that work together, automatically

Pervasive threat intelligence

Single pane of glass management

THREAT

INTELLIGENCE

Endpoint Clients

Application Security

Email Gateways

Firewalls

13

Addressing Today’s Security Challenges

Security Objective:

Automated

Security Objective:

Broad

Security Objective:

Powerful

Today’s Network is

BORDERLESS

Today’s Network is

FASTER Than Ever

Today’s Network is More

COMPLEX Than Ever

14

Flexible/Open

Broad – The Fabric Gives You Complete Visibility, Coverage and Flexibility Across The Entire Dynamic Attack Surface

CoverageVisibility

Application Security

Cloud Security

Client/IoT Security

Access Security

Network Security

15

NetworkSecurity

Multi-Cloud Security

Endpoint Security

Email Security

Web Application Security

SecureUnified Access

Advanced Threat Protection

Management& Analytics

FortiOS 6.0

FortiClient 6.0FortiWeb 6.0

FortiMail

Secure Email

Gateway

FortiSandbox 3.0 FortiAnalyzer 6.0

FortiManager 6.0

FortiSIEM 5.0

FortiOS 6.0 FortiAP 6.0

FortiSwitch 6.0

Endpoint

IoTMulti

Cloud Applications

Web Unified

AccessEmail Threat

Protection

Advanced Management

Analytics

FortiCASB 1.2

The Broadest Security Portfolio in the Industry Built from the ground up to deliver true integration end-to-end

16

Powerful – Increasing Performance Reduces The Burden on Infrastructure

Comprehensive

Range

Parallel Path

Processing

Security Processors

(SPU’s)

Accelerates

Content Inspection

Optimized

Performance for

Entry Level

Accelerates

Network Traffic

High End

Mid Range

Entry

Level

1 Tbps

17

Automated to Provide a Fast, Coordinated Response to Threats

CoordinatedAudit & RecommendGlobal & Local

Known Threats

FortiGuard

Unknown Threats

FortiSandbox

ISFW-PRI

Demo_ISFW-Sales

Demo_ISFW-Finance

Demo_ISFW-ENG

FP320C3X15002440

2.62 GB

18

Rapid Sharing of Global and Local Threat Intelligence

Web Mail

Local Threat Intelligence

FirewallClient

Firewall

Security Fabric

Global Threat

Intelligence

Traffic Analysis

Clustered Local Intelligence distributed

throughout the Security Fabric speeds mitigation

Correlation of Global IoCs and networking

logs pinpoints new threats

IoCsIoCs

19

Threat Intelligence Sharing and IOCs

Asset

Threat

Identity

Activity

Risk

Data

Location

DDoS Protection

Database

Protection

Web Application

Firewall

Application

Delivery

Controller

Top-of-Rack

Email

Server

Web Servers

SDN, Virtual

Firewall

DCFW/ NGFW

Sandbox

Internal Segmentation

FW

Email

Security

Internal

Segmentation FW

Internal Segmentation

FW

20

DDoS Protection

Database

Protection

Web Application

Firewall

Application

Delivery

Controller

Top-of-Rack

Email

Server

Web

Servers

SDN, Virtual

Firewall

DCF

W/

NGF

W

Sandbox

Internal

Segmentati

on FW

Email

Security

Internal

Segment

ation FW

Internal

Segmentati

on FW

Threat Intelligence Sharing and IOCs

- Attack telemetry from clients

- Malware samples

- Public & private information sources

- Website monitoring

- Attack signatures

- Domain names

- Host names

- IP addresses

- - File names

• - Registry data

• - Vulnerabilities

• - Catalogued malware

21

Takeout Menu

More efficient operations

with a Security Fabric

audit/recommendations,

intelligence sharing, and

NOC views

Multivendor integration for

maximum ROI

AutomatedPowerful

Accelerated cloud-scale

and security processor-

based appliances with

coordinated logging to

enable maximum threat

protection without

affecting performance

Broad

Deeper visibility and

control throughout a

Security Fabric to reduce

the attack surface from

IoT to cloud

© Copyright Fortinet Inc. All rights reserved.

Security Fabric in Practice

23

Fortinet Security Fabric Topology View Fabric Integration

Internet

NGFW

ISFW.2

ISFW.1

SD-WANNGFW

NGFW

Cloud NGFWSaaS / CASB

Virtual FW Switch.1

Switch.2 WiFi.3

WiFi.2

WiFi.1

Switch.3

HOSTS (APPS)

CLIENTS (DEVICES)

Email WAF

Advanced ThreatProtection

32

3

3

13

4

1

1

Manager Analyzer

5 2 1 11733 111

24

More Security Device Visibility Leads to Improved SEGMENTATION

NGFW.1 ISFW.1

ISFW.2 Switch.2

Switch.1

Sandbox Analytics

Private Cloud

Public Cloud

New Downstream Device Quarantine

New Devices and Status Visibility

New Aggregate FortiGate View

AWSFW.1

ACI.1

Internet

Now 5 M 1H 24H 7D

500MB

300MB

50MB

Physical Logical

New Historic Trending

WAFEmail

25

Aggregated Data

Available on upstream FortiGate in the Security Fabric» Display consolidated info gathered from all participating downstream FortiGates

Upstream FortiGate is able to end session or quarantine endpoints belonging to downstream FortiGates» By send instructions to downstream FortiGates

Expanded Visibility

26

Better Endpoint Control via the Network for Increased Security

No Agent IoT0

Fabric AgentFabric Telemetry

Endpoint ComplianceVulnerability Scan/Remediation

1

Advanced Persistent

Threats

Zero-day, Advanced

Malware Detection and

Remediation3

Preventive Security

Controls

Anti-malware

App FW, Web Filtering

Single Sign-on4

Secure Remote AccessSSL & IPSec VPN

Two-factor Authentication2

Registered Vulnerability Score (Points)

Device Type MAC FGT Identity Traffic

27

Topology Views

New visual elements added» FortiGates in HA setup

» FortiAPs

» FortiAnalyzer and FortiSandbox

Improved endpoint contextual info

Ability to remote login to downstream FortiGates

Adds ‘Threat’ and ‘Vulnerability’ filters

Search bar

Expanded Visibility

28

Endpoint Vulnerability View

Endpoints covered in the Security Fabric are ranked by their FortiClient

Vulnerability score

» Visible on ‘Endpoint Vulnerability’ and Topology views

» Score is calculated using weights on severity

» Supports drill-in for details

Expanded Visibility

29

Fortinet Fabric-Ready Technology Alliance Partnerships

SDN/NFV & VIRTUALIZATION CLOUD ENDPOINT

MANAGEMENT IoT & OTSIEM IDENTITY MGMT.

Snapshot in Q3 2017; new partners added continuously.

30

Scaling Performance from IoT to Cloud

Measurement

Firewall

Firewall + App Control

IPS (HTTP)

App Control (HTTP)

NGFW (IPS + App Ctrl)

Threat Protection (IPS + App Ctrl + AV)

SSL (IPS Enabled)

Reporting On (Degradation)

Chassis

High-End

Mid-Range

Virtual/Cloud

Entry-Level

EmbeddedIoT

31

Scaling Security Application into the Private and CSP Cloud

Applications

NGFW WAF Email MNGR Reports Sandbox

Applications

Performance Platforms

1-32+ vCPU

Non VDOM Version

On-Demand Orchestration

Performance Platforms

Non VDOM Version

On-Demand Orchestration

Single Pane of Management Glass

Volume & Resource MeteringPublic Cloud Only

CSP

Cloud

Private

Cloud

NGFW WAF Email MNGR Reports Sandbox

1-32+ vCPU

NSX ACI

vSphere Hyper-V XenServer

32

Scaling Security Application into the Public Cloud

Applications

NGFW WAF Email MNGR Reports Sandbox

Applications

NGFW WAF Email MNGR Reports

Performance Certifications

1-32+ vCPU

Non VDOM Version

On-Demand Orchestration

Auto-scaling

Performance Certifications

Non VDOM Version

On-Demand Orchestration

Auto-scaling

2-16 vCPU

Security Center

Single Pane of Management Glass

Security Competency

Auto-scalingSecurity Competency

33

NSS Labs Certification

Product 2012 2013 2014 2015 2016 Q1 2017 Q2 2017 Q3 2017 Q4 2017

Breach Detection Recommended Recommended Recommended Target

Breach Prevention Target

Data Center IPS Neutral Recommended Retired

Data Center Security Gateway Target

Data Center Firewall RecommendedPassed

(No SVM)

vFW Target

vSG Target

NGFW Neutral Recommended Recommended Recommended Target

IPS Recommended Neutral Retired

WAF Recommended Recommended

NGIPS Recommended Target

Endpoint Protection Recommended Recommended

Wireless Target

SSL QTR QTR QTR QTR

CAWS Real Time

34

Audit Risk Level Prioritizes the Network and Vulnerability Score of the Endpoint

NGFW.1 ISFW.1

ISFW.2 Switch.2

Switch.1

Private Cloud

Public Cloud

AWSFW.1

ACI.1

Internet

Now 5 M 1H 24H 7D

500MB

300MB

50MB

Physical Logical

11

1

11 26

11

Network Audit Risk Level

Endpoint Vulnerability Score Critical

100 Points

High

50 Points

Medium

5 Points

Low

2 Points

Info

1 Point

Critical High Medium Low Passed

Sandbox AnalyticsWAFEmail

35

New Security Fabric Audit for Automated Compliances and Best Practices

Visual Audit Indicator

1

Run Fabric Audit(Priority-based)

Apply Recommendations

Security Best Practices

Strong administrative access

Current firmware &

subscriptions

Logging Working Correctly

…....

Reporting

Regulatory Templates

Firewall Identity

Severity

Number ISFW.2

Low

1.

2.

3.

4.

Critical

Priority

ISFW.1

7High

1

NGFW.1

Low 1

1

AWSFW.1

Element Severity No.

2

1

6

1

36

Rapid Sharing of Global and Local Threat Intelligence

FortiWeb FortiMail

FortiSandbox

(Local)

FortiGateFortiClient

FortiGate

Security Fabric

FortiGuard

(Global)

FortiAnalyzer

Clustered Local Intelligence distributed

throughout the Security Fabric speeds mitigation

Correlation of Global IoCs and networking

logs pinpoints new threats

IoCsIoCs

37

Single Pane of Glass with New NOC Functionality

FortiAnalyzerFortiManager

FortiAP

Manager

FortiClient

Manager

FortiSwitch

Manager

VPN Manager

Unified Management &

Analytics/Reporting in Appliance,

Virtual Machine and Cloud format

Management of Endpoint, Access

Points and Switching added

Upgrades to VPN Manager (Topology

View), FortiView, Event Management

and Reporting

Device

Manager

FortiGuard

FortiView Log View Event Management Reports

© Copyright Fortinet Inc. All rights reserved.

Summary

39

Summary

More efficient operations

with new Security Fabric

audit/recommendations,

intelligence sharing, and

NOC views

AutomatedPowerful

Accelerated cloud-scale

and security processor-

based appliances with

coordinated logging to

enable maximum threat

protection without

affecting performance

Broad

Deeper visibility and

control throughout the

Security Fabric to reduce

the attack surface from

IoT to cloud