managed security services by fortinet
TRANSCRIPT
Fortinet Confidential
Managed Security Servicespowered by Fortinet
Fortinet Confidential 22
Agenda
Fortinet Introduction
MSSP Requirements
1
2
Fortinet Solution3
Summary4
Fortinet Confidential 333
Company Overview• Leading provider of
ASIC-accelerated ‘Unified Threat Management’ (UTM) Security Solutions
• FW, VPN, SSL, AV, IPS, AS, URL & Content filtering
Database Security : Vulnerability Assessment + Monitoring & Auditing
• Company Stats Founded in 2000
Silicon Valley based with offices worldwide
Seasoned executive management team
1,050+ employees / 550+ engineers
350,000+ FortiGate devices shipped worldwide
• Strong, validated technologies and products 18 patents; 80+ pending
Seven ICSA certifications (first and only security vendor)
Government Certifications (FIPS-2, Common Criteria EAL4+)
Virus Bulletin 100 approved (2005, 2006, 2008)
Fortinet Confidential 44
Fortinet Leads Across UTM Market
“Fortinet is the leading vendor in the UTM security appliance market”
“Fortinet’s UTM product portfolio is seeing success across all price bands, including the high end, which has been the hardest sell for many vendors”
Fortinet Confidential 55
Backed by Global Services Offerings
Security updates via global update servers & engineering team …
… and customer support centers located throughout the world
Fortinet support centersFortiGuard update server locations
Fortinet Confidential 6Fortinet Confidental 6
FortiGuard™ Security Subscriptions
Source: FortiGuard™ Subscription Service
3 hr response Premier SLA Available 24 x 7 Global Threat Research Lab
Antivirus (AV)Antivirus (AV)
21%
9%
9%
7%7%2%2%2%2%1%
38%
1 W32/Bagle.DW-mm 2 W32/Netsky!similar 3 W32/Grew.A!wm 4 HTML/Iframe_CID!exploit 5 W32/Bagle.DY-mm 6 W32/Bagle.DX-mm 7 W32/MyTob.fam-mm 8 W32/MyDoom.M-mm 9 W32/Mytob!similar 10 W32/MyTob.BH.fam-mm . [Non Top 10]
(Includes Anti-Spyware)
Intrusion PreventionSystem (IPS)
Intrusion PreventionSystem (IPS)
edonkeybit_torrentgnutellaMicrosoft.IE.CreateTextRange.Remote.Code.Executionoverlong_uri Slammer MS.Windows.ASN.1.Bitstring.Heap.Overflow.HTTP.BMS.Exchange.XLINK2STATE.CHUNK.OverflowCyberKit.2.2 Apache.CGI.Byterange.Request.DoS
Web Content Filtering (WCF)
Web Content Filtering (WCF)
82+ offensive and dangerous categories
Best Accuracy and Coverage in the Industry!
Anti-Spam(AS)
Anti-Spam(AS)
Greater than 94% spam catch rate
Less than 0.01% false positive rate
FortiGuard Security Subscription enables customers to realize the full potential of the FortiGate product Family
Fortinet Confidential 77
Agenda
Fortinet Introduction
MSSP Requirements
1
2
Fortinet Solution3
Summary4
Fortinet Confidential 8
SOC
Centralization & Consolidation
Centralized management of decentralized devices
Fortinet Confidential 9
Security Operations Center
INTERNETCustomer Network
MPLS, Frame, Leased Line
Virtual security devices
BelgacomPortugal Telecom9UF TelecomSFR…
Centralization & Consolidation
Centralize everythingIn-the-cloud services
Fortinet Confidential 10
Security Requirements
• Firewall• IPSec/SSL• Anti-Virus• Anti-Spam• IPS• URL filtering• Content filtering• Application Control
(P2P, IM,…)• Authentication &
Authorization• Reporting
• Traffic Shaping• Routing capabilities• DDoS resistance• High Availability• Ease of administration• Ease of provisioning• Integration in existing
environments• Compliancy (archive, best
practices,…)
Fortinet offers complete solution for all these requirements
Fortinet Confidential 1111
Agenda
Fortinet Introduction
MSSP Requirements
1
2
Fortinet Solution3
Summary4
Fortinet Confidential 12
Fortinet Key Components
• Enterprise level UTM• Unique virtualization concept for all security features• Powerfull centralized Management• Extensive centralized Logging and Reporting• Comprehensive Anti-Spam & mail compliancy
solution
Fortinet Confidential 13
Enterprise level UTM
• ASIC based performance AV + IPS acceleration Firewall + IPSec/SSL
acceleration
• Carrier grade HW• High Availability• Connectivity
Fortinet Confidential 14
FortiManager
Unique virtualization concept: VDOMsEach VDOM contains its own virtual interfaces, route table, state table, application proxies, protection profiles...
Fortinet Confidential 1515
Virtualized Network Security
Each VDOM can be configured with custom:
Virtual Routing features (Static, PBR, OSPF, BGP, RIP, Multicast)
Virtual Firewall (All Firewall features)
Virtual VPN (IPSec VPN, SSL VPN, PPTP)
Virtual IPS (Signature/Anomaly based, Protocol decoding)
Virtual Web filtering (84 Web Filter categories)
Virtual Antivirus (HTTP, FTP, SMTP, IMAP, POP3, NNT, ICQ, MSN, Yahoo, AIM)
Virtual Antispam (SMTP, POP3, IMAP)
Virtual IM/P2P security
Fortinet Confidential 1616
Multiple Administrative domains• Administrative Domain (ADOM)• Per customer/device group policy management• Per customer/device report generation• Supports VDOM groups and device groups or
combinations of them
Fortimanager
Admin 2 Device Group 2
Device Group 1
FortiAnalyzer
Admin 1
Customer 1
Customer 2
Powerfull centralized Management
Fortinet Confidential 1717
Extensive centralized Logging and Reporting
Customizable with Customer/Private Branding
Per customer reporting Per customer log access
Fortinet Confidential 18
Anti-Spam & mail compliancy solution
• Email is a mission critical communication tool for corporation and business of all sizes
• Security implications associated with Email has brought new challenges to business
• A comprehensive email security strategy must be able to meet all these new business challenges
Fortinet Confidential 19
Email Security Challenges
Solution is needed to provide full protection on both inbound and outbound mails
Easy to deploy and manage with minimum impact on current infrastructure
Fortinet Confidential 20
Introducing FortiMail
• FortiMail sits at a different place in the network
• FortiMail provides a different type of AS/AV inspection for email traffic only
• FortiGate’s perimeter location means it is latency sensitive, unlike email traffic which can be delayed without notice
• FortiMail devices contain large amounts of disk space for mail quarantine and storage
• Email archiving and routing should not be performed from the network perimeter
• FortiMail and FortiGate combined offer an improved level of layered email security for the network
Fortinet Confidential 21
FortiMail Secure Email Messaging Platforms
FortiMail-400 Recommended for 500-5,000 usersSME Deployments
2 x 250GB HDD Up to154,800 emails/hour (Full-Inspection)
RAID Support
FortiMail-100 Recommended for 1-1,000 users Small Business Deployments
250GB HDD Up to 54,000 emails/hour (Full-Inspection)
FortiMail-2000ARecommended for 1,000-20,000 users
Large Enterprise & Service Provider Deployments6 x 250GB HDD
Over 280,800 emails/hour (Full-Inspection) RAID Support
Redundant/Hot-Swappable Power Supplies & Fans
Inbound/Outbound inspection with a single device No per user license, no user or mailbox restrictions All models support High Availability (HA) configurations
FortiMail-4000ARecommended for 8,000-35,000 users
Large Enterprise/ Service Provider Deployments12 x 250GB HDD
Over 295,200 emails/hour (Full-Inspection)RAID Support
Redundant/Hot-Swappable Power Supplies & Fans
Fortinet Confidential 22
FortiMail Overview
Flexible Deployment Options The only email security solution that can be deployed in transparent, gateway or email server mode
Maximum detection accuracy of Email-based threats
Integrated Multi-Threat/Blended-Threat detection including: Antispam, antivirus, antispyware and antimalware detection, all powered by the FortiGuard™ subscription service
Integrated Message Transfer Agent (MTA)
Specialized MTA engine for peak capacity, intelligent routing, QoS, virtualization, inbound and outbound SMTP routing
Inbound & Outbound Email Messaging Security
Unlike other messaging security products, FortiMail secures inbound and outbound mail with only one system
Email Archiving On-box archiving, facilitates regulatory compliance for content archiving
Logging and Reporting Integrated Logging and Reporting engine, provides visibility into email usage, quarantine statistics and others
Fortinet Confidential 23
Powered by FortiGuard Security Services
FortiGuard AntiSpam Security ServiceFortiGuard AntiSpam Security Service• Real-time updates block spam, phishing, and
ID theft• 15.3 Million new AS signatures in 2007
FortiGuard Antivirus Security ServiceFortiGuard Antivirus Security Service• Real-time updates block viruses, malware,
and spyware• 1.07 Million new AV signatures in 2007
Fortinet Global Malware Research Teams
•All AS and AV signatures developed by Fortinet, not 3rd parties
•Combined research of viruses, spam, and vulnerabilities creates synergy
•Security intelligence will not be acquired or impacted by competitive forces
•FortiMail integrates FortiClient’s certified engine/signatures
•Increasing communication between FortiGuard and FortiMail
•These are strong competitive differentiators
FortiMail Appliances FortiClient engine used in FortiMail Appliances
Fortinet Confidential 24
FortiMail Inbound Multi-Layered Security
SMTP
InboundRisks
FortiGuard™Security Services
FortiMail OS™
DOS/DDOSPrevention
DHAPrevention
Spam&
PhishingPrevention
Virus, Prevention
SpywarePrevention
Malware*Prevention
Inbound MTA Engine
EmailContentPolicy
Compliance
EmailArchiving
Fortinet Confidential 25
FortiMail Outbound Multi-Layered Security
FortiGuard™Security Services
FortiMail OS™
RBLPrevention
EmailContentPolicyDLP
Compliance
Spam&
PhishingPrevention
Virus, Prevention
SpywarePrevention
Malware*Prevention
Outbound MTA Engine
EmailArchiving
SpamZombieOr Bot
Detection
SMTP
Outbound Risks
Fortinet Confidential 26
FortiMail Operating Modes
• Transparent Mode (bridge mode) Requires no IP address changes Seamless integration into existing network environments FortiMail is placed in front of the existing email server
• Gateway Mode (relay mode) Proxy MTA services for existing email gateways DNS MX record change redirects email to FortiMail
• Server Mode Full email server functionality Full antivirus and antispam functionality Ideal for small to medium sized companies and remote branch
office locations (Models FE-100/400) Ideal for medium to large companies
(Models FE-2000)
Transparent
Gateway
Server
Fortinet Confidential 27
FortiMail in the MSSP environment
Transparent carrier deployment protecting against spam zombies …
Fortinet Confidential 28
MSSP, ISP & Telco References
• Belgacom (B) MSSP• ATOS (FR) MSSP• Magic Online (FR) Mail
service provider• Colt Telecom (D) Mail
service provider• SFR (FR) Both Mail & MSSP• Vodaphone EMEA wide for
Mail & Mobile (Ice, Ire, UK, Italy)
• Bezeq International (ISR) MSSP
• WM Data (Ice) Managed mail services
• Telenor (Nor) Telco• 3 (UK) 3G mobile operator• Portugal Telecom MSSP• Orange Poland• Orange Slovakia• Orange Israel• HEAnet (Ire) Managed
filtering
Fortinet Confidential 2929
Agenda
Fortinet Introduction
MSSP Requirements
1
2
Fortinet Solution3
Summary4
Fortinet Confidential 30
Fortinet as market leader & innovator
• Invented the consolidated security principle (UTM)• ASIC based inspection• Virtualization in complete productline• Most certifications of any UTM vendor• Most complete solution from single vendor• Strong world wide market position in enterprise, telco,
MSSP and ISP• No user based licensing• MSSP technology applicable to the SMB as well!
Fortinet Confidential 3131
Comprehensive Product Portfolio
Powerful Centralized Powerful Centralized Management & ReportingManagement & Reporting
Secure E-Mail & Client SoftwareSecure E-Mail & Client SoftwareFortiGate-50B – FortiGate-100A
SMB & Remote OfficeSMB & Remote Office
FortiGate-200A – FortiGate-800F
EnterpriseEnterprise
FortiGate-1000A – FortiGate-5000
Carrier, MSSP &Carrier, MSSP &Large EnterpriseLarge Enterprise
Fortinet Confidential 32
FortiGate-310B
• Hardware FortiASIC CP for UTM acceleration 8 FortiASIC Network Processor (NP)
accelerated ports 2 Copper non-NP accelerated ports 1 Single-width front AMC slot 1 GB System Memory 2 USB ports Backup DC connector (for future use) 1 RU height rack mount unit
• Throughput FG-310B Base Model
• 8 Gbps firewall throughput• 6 Gbps IPSec VPN throughput
With Optional AMC (as shown)• 12 Gbps firewall• 9 Gbps IPSec VPN • 14 x GigE ports
• Firmware FortiOS Multi-Threat Engine Supported by FortiManager Supported by FortiAnalyzer Supported by FortiGuard A&M Svc.
Fortinet Confidential 33
Corporate LAN
Finance
Sales
Application Servers
Internal Network Security Segmentation
More Granular Policy
Security Events Isolated
Increased Security
Previously unattainable due to performance and port count
Alternative was single security zone with no protection between LAN segments
Engineering
DMZ
FG-310B
Switch
Switch
Switch
Switch
Switch
Port 1
Port 2
Port
3 Port 4
Port 5
Fortinet Confidential 34
Next-generation Enterprise Security – Perimeter SecurityFirewall + Antivirus + IPS + Web Content Filtering
Secure Web AccessAllows network devices secure access to the Internet while blocking blended threats with the ICSA-certified multi-layered security protection platform
Fortinet Confidential 35
Next-generation Enterprise Security – Remote AccessFirewall + IPSec & SSL VPN + Antivirus + IPS
Secure Perimeter AccessEnterprise-class Firewall and VPN technologies, combined with next-generation Antivirus and Intrusion Prevention technologies ensure that remote users can easily access the corporate network while also ensuring that remote users are not introducing security risks
Fortinet Confidential 36
VDOMs in combination with VMware
Fortinet Confidential 37