Security Virtualization and Value Added Services

David Maman, Fortinet

IDC IT Security Roadshow, June 03, 2008 Securing Your Business: Technology Meets People

What is Virtualization?

The act of abstracting the (physical and logical)

boundaries of a technology.

Fortinet Confidential

Many ways to VirtualizationServersDesktopsApplicationsNetworksStorage

Fortinet Confidential

Consolidate Physical Resources• Logical resources may remain the same!

Reduce Power ConsumptionStreamline System RecoveryControl and Provide GrowthSimplify system maintenanceOptimize Resource UtilizationMaintain OS Versions and updatesTesting and DevelopmentTraining

The Economist, May 22nd 2008

Why Virtualize?

Consolidated security

MSSP - Managed Security Service Provider

Fortinet

Centralized (Virtualized) Security(Consolidated security)

Fortinet Confidential

Information Security Over head.High availability solutions

Separated management Interfaces

Troubleshooting madness

Training period

Updates and upgrades

Support ?! Who and for what?

Logging a reporting

Hardware coasts

Fortinet Confidential

Virtualized Security must feel with, Without.

Performance

Management

Flexibility

Content Security

Reliability / Density

Logging / Reporting

Of course it’s not

running in a Virtual…..

Of course it’s not

running in a Virtual…..

Centralized Internal Security Consolidation

Back BoneSwitching

Centralized Logging and Reporting

Out of Band

Management

Department AHA security solution with Virtual Solutions

Department B

Department C

Project A

Project BProject C

Server Farm

Internet Access

INTERNET

= Virtual Security Entity

Consolidated security

MSSP - Managed Security Service Provider

Fortinet

Managed Security Solutions

MSSP SolutionManaged Security Service Provider

Fortinet Confidential

Managed Security Services

• Customer PremisesProvider independentAffordable quality of securityLow cost of entry & operationsEnforcing Internal information security

• Centralized ‘In the cloud’Provider dependentHigh availability & Controlled environmentSimple logistics“Clean Pipe” to the customerCentralized upgrade

Centralized services

INTERNET Customer NetworkMPLS, Frame, Leased Line

Customer A Customer B

Customer C Customer D

Centralized Management

Centralized Logging and Reporting

NOC/ SOC

Customer Portal

Fortinet Confidential

Customer PremisesCOMPANY B

COMPANY D

COMPANY A

INTERNET II

COMPANY C

COMPANY E

Centralized Management

Centralized Logging and Reporting

NOC

Customer Portal

INTERNET I

Fortinet Confidential

Managed Security Services

• Customer PremisesProvider independentAffordable quality of securityLow cost of entry & operationsEnforcing Internal information security

• Centralized ‘In the cloud’Provider dependentHigh availability & Controlled environmentSimple logistics“Clean Pipe” to the customerCentralized upgrade

Fortinet Confidential

• Central Logging• Event Correlation• Network data statistics • Per customer Reporting • Report scheduler• Automated report distribution by

Central Management• Centralizes functions for:

Product DeploymentsReal-time MonitoringDevice/Policy MaintenanceDevice/Security Updates

Central Logging / Reporting

About Fortinet

Consolidated security

MSSP - Managed Security Service Provider

Fortinet Confidential

Company Overview• First Multi-Layered Security Platform provider that leverages ASIC technology • Largest private network security company

~ 1100 employees / > 650 R&D320,000 + FortiGate devices WWFounded in 2000Largest Privately Held Security CompanyGlobal Operations in U.S., EMEA & Asia Pac

• Independent certifications8 ICSA certifications (only vendor)Government Certifications (FIPS-2, C C EAL4+)60+ industry awards11 patents; 80+ pendingVirus Bulletin 100 approved (2005, 06,07) and NSS Certifications

Fortinet products are used by:

• 7500 + Installations

• MSSP: Bezeqinternational, Netvision, 012 Smile, BEZEQ

• Strongest ever Market penetration in Israel 5000 + Customers < 4 years

• Major penetration: Enterprise, Finance, IDF, government, Telecom, etc

Israel Customer Base

Flexible Multi-Layered Security Platform

10/100 Mbps 10 Gbps1 Gbps

ROBO/SOHOPerimeter Core Data Center Future

FortiGate-50B – FortiGate-100A

SMB & Remote OfficeSMB & Remote Office

EnterpriseEnterprise

Carrier, MSSP &Carrier, MSSP &Large EnterpriseLarge Enterprise

Secure ESecure E--Mail & Client SoftwareMail & Client Software

Powerful Centralized Powerful Centralized Management & ReportingManagement & Reporting

The FortiASIC™ FamilyNetwork ASIC (NP)

Firewall accelerationVPN (IPSEC and SSL)IPS anomaly

Application ASIC (CP)Antivirus (+Antispyware) AccelerationWeb Filtering and Antispam Advantage from Accelerated AV scanningTraffic Shaping

Multiple Threat TypesVarious Application Entry PointsDifferent FunctionsThreat Payload Intent VariesBroad Range of Propagation Techniques

Application Threat VectorViruses & SpywareSpam & Directory Harvest AttacksWeb PhishingIM and P2P file transfers

Network Threat VectorNetwork WormsDDOS/DOSIP Packet Capture Spoofing & Man-In-The-Middle

Fortinet is the Only:• Only complete solution with custom ASICs• Only complete solution from remote office to core and

service providers with consistent code/hardware base.• Only complete solution that can do deep packet inspection • Only company with internal research on WCF, AS, AV, IPS• Only complete solution that does layer three routing • Only True virtualized solution for MSSP and enterprise• Only Security solution with Virtual solutions in Route and

Transparent over the same Hardware!!!• Only solution with complete layer two switching• Only solution with real centralized Management interface• Only solution with real reporting and logging interface

Fortinet Confidential

Fortinet MSSP Customers Success

…rely on protection from Fortinet

Thank You!

For more information please visithttp://www.fortinet.com