Scribd
Upload
46 views25 pages

Filippo Cassini - FOS - 6.0

Uploaded by

habib kamaie
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
46 views25 pages

Filippo Cassini - FOS - 6.0

Uploaded by

habib kamaie
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 25

FortiOS – The foundation for Security

Transformation
Filippo Cassini SVP WW CSE

© Copyright Fortinet Inc. All rights reserved.


BUSINESS GROUP

Disclaimer

This document contains confidential material proprietary to Fortinet, Inc.

This document and information and ideas herein may not be disclosed, copied, reproduced or distributed
to anyone outside Fortinet, Inc. without prior written consent of Fortinet, Inc.

This information is pre-release and forward looking and therefore is subject to change
without notice.

The purpose of this document is to provide a statement of the current direction of


Fortinet’s product strategy and product marketing efforts.

Please note that this Product Roadmap is neither intended to bind Fortinet to any particular course of
product marketing and development nor to constitute a part of the license agreement or any contractual
agreement with Fortinet or its subsidiaries or affiliates.

2
Evolution of network security

FIREWALL

Connectivity

1990 2000 2010 2020

SOFTWARE

3
Evolution of network security
▪ CONTINUED GROWTH IN THE SECOND GENERATION

NGFW
FIREWALL UTM

Connectivity Content

1990 2000 2010 2020

SECURITY
SOFTWARE
PROCESSORS

4
Evolution of network security
▪ WE ARE IN THE EARLY STAGES OF THE THIRD GENERATION

NGFW
FIREWALL UTM FABRIC

Connectivity Content Infrastructure

1990 2000 2010 2020

SECURITY
SOFTWARE SECURITY FABRIC
PROCESSORS

5
Only fortinet can reach
the HIGHEST LEVELS of security
▪ SIGNIFICANT ENGINEERING INVESTMENT REQUIRED FOR PERFORMANCE AND VALUE

Prevention & Performance


Detection Remediation Integration & Value

1,000+ <50 <5 1

6
Hey, look at I’ll ask
this news IT
alert…

Board / C-Suite NOC / SOC

7
• Expansion Roadblocks
Expand (IAAS, SAAS)
• Replicated Operations Scalable
• Disjointed Systems Expansion

How Secure Am I?
• Business Disconnect
• Communication Business
CISO
• Frustration
Alignment
Too many UIs
• Inefficient Operations
• Maintenance
Too much data
• Security Operations Streamlined
• Incident Response
Operations
Not enough resources

8
A CLOSER
LOOK AT
SECURITY
FABRIC …
9
SECURITY FABRIC

Automation

System Threat IOC Config API


Status Events Detection Change Notification Quarantine
Call
TRIGGERS ACTIONS
AUTOMATION
ENGINE

AUTOMATED WORKFLOWS
Easy creation using wizards
(STITCHES) USING
TRIGGERS TO DELIVER
Covers components within a security fabric
APPROPRIATE ACTIONS

10
SECURITY FABRIC

Automation

STITCHES

Wizard that assist admin to easily setup


automation via predefined components

11
SECURITY FABRIC

Automation

QUARANTINE

▪ Automatically quarantine
compromised hosts via Stitch
▪ Option to do so using FortiClient via
EMS or connection via FortiSwitch
and FortiAP

12
SECURITY FABRIC

Automation

NOTIFICATIONS

▪ New iOS Push notification via


FortiExplorer

13
SECURITY FABRIC

New Solution and Service Integration

IOC SERVICE INTEGRATION

▪ Presenting IOC data from FAZ on


FortiView and topology maps
» Retrieve data and show affected
hosts on FortiGate
» Allow admin to quarantine
affected hosts

14
FortiCloud – Fortinet SaaS Cloud
▪ Easy to use Interface
▪ FortiCloud Key
▪ Multi-Tenancy
▪ FortiDeploy
▪ Deploy Templates and Scripts
▪ Assign to FortiCloud or FortiManager
▪ Role Privilege Assignment

ZERO TOUCH DEPLOYMENT MANAGEMENT

1 Year ▪ Indicators of Compromise


FortiCloud Sandbox inspection ▪ FortiView & Reporting

SANDBOX SECURITY ANALYTICS


▪ Free 100 Files a day submission 7 Day
▪ On Demand Upload Service free log retention & analysis

1 Year
Log Retention & Analysis Subscription
(unlimited Log volume)

15
FortiCloud Security Analytics

GLOBAL THREAT LOCAL THREAT COOPERATION/


INTELLIGENCE INTELLIGENCE ACTION
Rank Severity Recommendation
Detect and mitigate all Discover and mitigate
known threats unknown threats using 5 CRITICAL Zero-Day Vulnerability

including post infection FortiCloud FortiView and


with IoC Sandbox 4 MEDIUM Not Connected to Fabric

3 ADVISORY Logging Disabled

16
FortiCloud FortiDeploy
Retail Use Case

FortiDeploy

Zero – touch deployment

Includes FMG onboarding FortiManager


automation

Scales to 10K’s devices in


different countries
Shop Shop Shop

17
A CLOSER
LOOK AT
SOC FUNCTIONS
18
BUILT IN CORRELATION (IOC)

19
20
A CLOSER
LOOK AT
NETWORKING…
21
NETWORKING

SD-WAN Improvements

PATH SELECTION STRATEGY BEST QUALITY MIN. QUALITY (SLA)


Administrators who prefer simplistic path Administrators who desire granular threshold
Recommended Use Case
selection, relying on preferred quality criteria configurations per applications

22
NETWORKING

SD-WAN Improvements

APPLICATION AWARENESS

▪ WAN Path Controller is able to route


traffic using Application Control DB
(with over 3,000 signatures), in
addition to ISDB
▪ Once identified via application
control, subsequent matching
sessions are identified when seen
next time on first packet

23
NETWORKING

VPN Configuration Enhancements

CLOUD-ASSISTED ONE-CLICK VPN

▪ Allows multiple sites of Fortigate to


configure hub-and-spoke VPN with the
help of FortiCloud on the backend.
▪ Can be implemented with FortiManager
backup mode as another option

24

You might also like