© Copyright Fortinet Inc. All rights reserved. © Copyright Fortinet Inc. All rights reserved.
Fortinet Security Fabric
Tomislav Tucibat
Regional Accounts Manager Adriatics
2
A Global Leader and Innovator in Network Security Fortinet Quick Facts
Platform Advantage built on key innovations
• FortiGuard: industry-leading threat research
• FortiOS: tightly integrated network + security OS
• FortiASIC: custom ASIC-based architecture
• Market-leading technology: 395 patents, 316 pending
Founded November 2000, 1st product shipped 2002, IPO 2009
HQ: Sunnyvale, California
Employees: 4800+ worldwide
Consistent growth, gaining market share
Strong positive cash flow, profitable
$13M
$1.28B
$16M
~$1.31B
Cash
Revenue
2003 2016
2003 2017
Global presence and customer base
• Customers: 320,000+
• Units shipped: 3.3+ Million
• Offices: 80+ worldwide
3
Unparalleled Independent 3rd Party Certification
Description Fortinet Check Point Cisco Palo Alto
Networks Juniper FireEye
NSS - Firewall NGFW Recommended Recommended Recommended
& Neutral Caution Caution x
NSS - Firewall DC Recommended x x x x x
NSS - Breach Detection Recommended x Recommended x x Caution
NSS - IPS (DC) ✔ ✔ x x Caution x
NSS - IPS (Enterprise) ✔ x Recommended x Caution x
NSS - WAF Recommended x x x x x
BreakingPoint Resiliency Record High - 95 x x Poor - 53 x x
ICSA Firewall ✔ ✔ x ✔ ✔ x
ICSA IPS ✔ ✔ x x x x
ICSA Antivirus ✔ x x x x x
ICSA WAF ✔ x x x x x
VB 100 ✔ Caution x x x x
AV Comparative ✔ x x x x x
Common Criteria ✔ ✔ ✔ ✔ ✔ ✔
FIPS ✔ ✔ ✔ ✔ ✔ ✔
Contains results from the latest published NSS Labs reports as of Sept. 30 2014 X = did not participate, not certified
4
Continued Execution – Taking Market Share
0
100,000
200,000
300,000
400,000
500,000
600,000
700,000
2009 2010 2011 2012 2013 2014 2015 2016
Network Security Appliance Shipments
Fortinet Palo Alto Networks Cisco Check Point
5
Fortinet Positioned as a Leader in Gartner Magic Quadrant for UTM for the 8th consecutive time
Gartner [Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls),
[Adam Hills, Jeremy D’Hoinne], [June 20 2017]
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner
research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research,
including any warranties of merchantability or fitness for a particular purpose.
6
Fortinet Positioned as a
Leader in Gartner Magic
Quadrant for Enterprise
Network Firewalls
Gartner Magic Quadrant for Enterprise Network Firewalls, Adam Hills, Jeremy D’Hoinne, Rajpreet Kaur, July 10 2017]
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
© Copyright Fortinet Inc. All rights reserved. © Copyright Fortinet Inc. All rights reserved.
Fortinet Security Fabric
9 9
Enterprise SMB Telco
Slow Is Broken Today’s Network Is Borderless Complexity Is The Enemy of Security
Enterprise Firewall Cloud Security ATP Application Security Security Operations Secure Access
Emerging Security Challenges
Fortinet’s mission is to deliver the most innovative, highest performing
network security fabric to secure and simplify your IT infrastructure
10
Advanced
Threat
Intelligence
Access
Client Cloud
Partner API
NOC/SOC
Network
Application
BROAD
POWERFUL
AUTOMATED
11
Flexible/Open
Broad – The Fabric Gives You Complete Visibility, Coverage and Flexibility Across The Entire Dynamic Attack Surface
Coverage Visibility
Application Security
Cloud Security
Client/IoT Security
Access Security
Network Security
12
Broad – The Fabric Allows Flexible, Open Integration of Other Security Partners
Virtualization & SDN/NFV CLOUD ENDPOINT & IoT
MANAGEMENT SYSTEMS INTEGRATOR SIEM
13
Powerful – Increasing Performance Reduces The Burden on Infrastructure
Comprehensive
Range
Parallel Path
Processing
Security Processors
(SPU’s)
Accelerates
Content Inspection
Optimized
Performance for
Entry Level
Accelerates
Network Traffic
High End
Mid Range
Entry
Level
1 Tbps
14
Automated to Provide a Fast, Coordinated Response to Threats
Coordinated Audit & Recommend Global & Local
Known Threats
FortiGuard
Unknown Threats
FortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
2.62 GB
© Copyright Fortinet Inc. All rights reserved. © Copyright Fortinet Inc. All rights reserved.
Fortinet Security Fabric Realized
16
SECURITY
Complete Network Security Solution
USERS ENDPOINTS ACCESS SEGMENTATION NETWORK APPLICATION DATA
SECURITY
MANAGEMENT
PLATFORM
THREAT INTELLIGENCE
18
ENTERPRISE FIREWALL
FortiOS FortiGuard SPU
Enterprise Bundle
Services
FortiManager
FortiAnalyzer FortiGate
Rugged
Cloud
Virtual
Physical
5.6
Covering All Enterprise Use cases
19
CONNECTED UTM (SMB)
FortiCloud FortiManager FortiPrivateCloud
FortiMail FortiWeb
Cloud
Physical
FortiWiFi
FortiGate
FortiClient FortiAP
FortiWAN
FortiSwitch
FortiExtender
FortiVoice
FortiOS FortiGuard FortiASIC
5.4
20
FortiGate 100 – 900 Series FortiGate 7000 Series
Industry-leading Range of Security Processor Powered Network Security Appliances
FortiGate 30 – 90 Series
System
on a Chip
Entry-level - Branch Office & SD-WAN
Content
Processor
Network
Processor
CPU
FortiGate 1000, 2000 and 3000 Series
High-end Datacenter
…
…
CPU
CPU
FortiGate 7040E FortiGate 7040E
Mid-range - NGFW at the Campus Chassis-based - Core NGFW Segmentation
22
Out of Bounds Drive to ER Call Ambulance
Play Safe! APT
S T A N D A L O N E S A N D B O X
L I M I T E D I N T E G R A T I O N
Time to Protect: ?
F O R T I N E T A N T I - V I R U S
Time to Protect: 4 Hours.
5 . 4 : F O R T I G A T E / W E B / M A I L
+ F O R T I S A N D B O X
Time to Protect: 2-3 minutes.
5 . 4 : E N D P O I N T +
F O R T I S A N D B O X
Time to Protect: 0
23
APT Submission
I N T E G R AT I O N S
File Interception
• Extracts in-line samples (clear or SSL encrypted)
• Uses AV Profile – Flow and Proxy Mode
File submission
• Intelligently only send supported file types
• File tying is done of FGT AV engine
• Auto-updated with AV services
• Manual file types whitelisting to conserve bandwidth
Appliance or Cloud – same technology !
F I L E
S U B M I S S I O N
?
24
APT Retrieving Results
• Summary Results
• FortiView Visibility
• Detailed Malware Report
• Directly in the UI
S T A T U S S U M M A R Y
O N D A S H B O A R D
A N A L Y S I S R E P O R T V I A
F O R T I V I E W D R I L L - I N
F O R T I V I E W
F O R T I S A N D B O X V I E W E R By Source (with Threat Scoring), by File
25
APT Dynamic Protection Ecosystem
File Submission File Submission
Detailed Status Report
FSA Dynamic
Threat DB Update
Control Host Quarantine
F O R T I S A N D B O X
F O R T I C L I E N T F O R T I G A T E
1
2
3b
1
Real-time engine & intelligence updates
Enforce Network Quarantine 3c
File Status result for auto
File Hold & Quarantine
2
FSA Dynamic
Threat DB Update
1 File submission for Analysis
2 Respective analysis results are returned
4 4
3a
3a
R E M E D I A T I O N
Auto File Quarantine on Host with option to
hold file until result
Q U E R Y
3b Manual Host Quarantine by Admin
3c Manual Source IP Quarantine using
Firewall
P R O T E C T I O N
4 Proactive dynamic Threat DB update to
gateway and host
26
APT
APT
T O M O R R O W
Fast Reaction
Centralized expertise.
Notify & alert in real time.
T O D AY
Costly.
Time consuming.
Limited expertise.
Top Related