Fortinet Security Fabric Tomislav Tucibat, Major Accounts Manager Adriatic 26th April, 2017
Fortinet Strategy – Security for a New World COMPLEX SLOW BORDERLESS SECURITY WITHOUT COMPROMISE SEAMLESS POWERFUL INTELLIGENT In order to secure our customer’s networks it’s imperative to understand the challenges and their root cause. From Fortinet’s perspective there are three key issues affecting the network’s security position; the way that security has traditionally been implemented is too complex, the networks themselves have drifted away from a defined perimeter and organizations are faced with the compromise of choosing between security and performance. Fortinet’s response is to counter these three issues with its philosophy “Security Without Compromise” by offering Seamless, Intelligent and Powerful solutions. But securing an enterprise network is more than just looking at yesterday’s or today’s issues. Looking ahead at different trends and their potential impact on the network’s security is also part of the ongoing challenge.
But The Evolution of Change Never Stops Green Google’s 13 data centers use 0.01% of global power SaaS On average, companies have 10+ applications running via the Cloud IoT 35B devices, mostly headless attaching to the network 5G Wireless SDN/NFV Software-defined everything. SD WAN IaaS Security still the No.1 inhibitor Analytics Big Data FUTURE Social Bandwidth ever increasing Internet 2 100 Gbps and UHDTV 100G From that perspective, the fact that there is change should not be a surprise to anyone. It is however, the rate of change that is the challenge. Technologies come and go faster than ever and once a technology does actually take hold in the market, the rate at which it evolves and grows, attracting its own ecosystem, can have siginficant security implications. Of all of these, we‘ve identified three trends in particular affecting our customer‘s networks. Mobile No control of endpoints (BYOD) Virtualization 80% of data center apps are virtualized Bandwidth Wi-Fi speeds rival LANs. 100G networks here 3
Trend #1 - Cloud Adoption Accelerating $318B Public Cloud Services market by 2019 * Cloud Security Barrier to Cloud Adoption The first one of course is the ever increasing use of cloud technology. Paradoxically, even though cloud adoption is significant, one of the biggest barriers to its adoption is concern over security. * Gartner
Trend #2 - 6.4 Billion Connected “Things” Predicted for 2016 Will reach 20 Billion by 2020* Majority will be “Connected” Wirelessly Most will be Headless and have NO Security The second is the Internet of Things (IoT). Not just confined to televisions, refrigerators and home energy management systems, IoT will also have a major impact in the enterprise. The sheer volume of devices will have a significant impact the network’s access layer, wired but particularly wireless, and the lack of security in the majority of devices will acerbate the existing issue of the lack of a defined network perimeter. * Gartner
Trend #3 – CyberSecurity Skills Shortage Enterprises struggling to cope ESG – Cybersecurity specialist hardest IT position to fill Global MSS Market to reach $29.9B* The third issue however is not about technology itself but about managing and understanding technology. Enterprises are facing a severe skill shortage when it comes to cyber security and according to the Enterprise Strategy Group (ESG), a cybersecurity specialist is the most difficult IT position to fill. This skill shortage is leading more enterprises to look at managed security services and the MSS market is expected to grow to $30B according to Advanced Market Research (AMR). But resorting to managed services will not satisfy all enterprises. Enterprises will require more and more solutions that have intelligence embedded into them as well as greater collaboration with their security providers. * AMR
Bridging the Gap between Strategy and Reality Joining A Strategy to Real Life Solutions Business Strategy Security For A New World FORTINET SECURITY FABRIC In light of all of these questions and technology trends the question is how to ensure that a business strategy can address these real life problems?
Bridging the Gap between Strategy and Reality Joining A Strategy to Real Life Solutions Business Strategy Security For A New World From a solution perspective, Fortinet has the products and technology to deal with all of the issues previously identified. But haphazardly throwing technology and products at the network is not going to solve the problem, in fact if the technology is not applied properly the issues in the network will only become worse. Realization ATP SAA Enterprise Firewall Cloud Security DC Security
Bridging the Gap between Strategy and Reality Joining A Strategy to Real Life Solutions Business Strategy Security For A New World Technology Vision FORTINET SECURITY FABRIC Bridging that gap between strategy and solution is Fortinet’s technology vision. The Fortinet Security Fabric is the philosophy behind Fortinet approach in dealing with the problems of today as well as those of tomorrow. Realization ATP SAA Enterprise Firewall Cloud Security DC Security
BROAD POWERFUL AUTOMATED Advanced Threat Intelligence NOC/SOC Client Cloud Network Access Application Why the 3rd generation security fabric is much more secure and better than the first 2 generations of FW, UTM/NGFW system and platform? BROAD, POWERFUL AND AUTOMATED. To address the security challenges brought on by the digital economy and evolving enterprise network, and to deliver on the promise of Security without Compromise, the Fortinet Security Fabric provides a new visionary approach to security, that enables organizations to deliver broad, powerful and automated security. The Fortinet Security Fabric is designed to dynamically adapt to the evolving IT Infrastructure in order to defend its rapidly changing attack surface. It intelligently and transparently segments the network, from IoT to the Cloud, to provide advanced protection against sophisticated threats. Each security element in the fabric is also aware of each other, allowing the elements to share policy, threat intelligence, and application flow information. This collaborative approach provides a much faster time to detect threats with the ability to initiate and synchronize a coordinated response, no matter what part of the network is being compromised. In addition, a growing number of Fortinet technology partners are actively becoming an integral part of this distributed security framework. The Fortinet Security Fabric integrates security for the endpoint, access layer, network, applications, data center, content, and cloud into a cooperative solution that can be managed, analyzed, and orchestrated through a unified management interface. The Fortinet Security Fabric is built around three critical and interdependent attributes- BROAD, POWERFUL, AND AUTOMATED. Let’s take a look at each of these attributes. Partner API
Key Fabric Attributes Scalability Scalable Aware Secure Actionable Access to Data Center, IoT to Cloud Scalability Scalable Aware Secure Actionable Open Lets look at the Fabric Attributes in More Detail Scalable Aware Secure Actionable Open
Scalable from Access to Data Center, IoT to Cloud Single Pane of Glass (Management) Global & Local Security Updates Single Network Operating System Device Access Network Cloud SDN Provisioned Endpoint WLAN / LAN Rugged Distributed Enterprise Edge Segmentation Branch Data Center Carrier Class Private Cloud IaaS/SaaS Distributed NSF Chassis >Terabit Networks come in all shapes and sizes and are never static during their lifetime. The network’s security infrastructure must be able to keep up with these changes, “blanketing” the entire network, as well as into external environments such as the cloud and do so without compromising the security of the network. Appliance >300G Appliance >30G Appliance >5G Device >1G Virtual Machine SDN/NFV Virtual Machine On Demand
Key Fabric Attributes Scalable Aware Secure Actionable Open Access to Data Center, IoT to Cloud Scalable Aware Secure Actionable Open Lets look at the Fabric Attributes in More Detail Scalable Aware Secure Actionable Open
MONITOR AND LEARN A Learning Mode User Identification Combating Complexity User Identification Who is connected? Device Identification What devices do we have? Physical Topology How are they connected? Network & Application Topology What Policies do we need? Without even taking IoT into account, there are more users and devices on the network today than ever before. More users and devices means more possible ways for the hacker or cybercriminal to infiltrate and implant malware in the network. The network, and it’s security infrastructure, can no longer afford to be just a transport system without awareness of what is actually happening in the network. Knowledge of the users and their devices is necessary in order to assign security policies to them, granting or limiting access to network resources and reducing the risk of unknown threats. MONITOR AND LEARN
Key Fabric Attributes Scalable Aware Secure Actionable Open Access to Data Center, IoT to Cloud Scalable Aware Secure Actionable Open Lets look at the Fabric Attributes in More Detail Scalable Aware Secure Actionable Open le
Maintaining Security for the Network Comprehensive Security with Full Performance CPU Only Parallel Path Processing (PPP) More Performance Packet Processing Policy Management Content Inspection Optimised Policy Management Packet Processing Deep Inspection Less Latency CPU SoC The implementation of any security in a network can only be successful if it doesn’t slow down the network. The security infrastructure must have the underlying architecture to support the different security services that will run on it, regardless of where in the network those services are being deployed. Less Space Less Power
Security for the Cloud Public Cloud Virtualization Private Cloud Securing Throughout the Cloud Journey Public Cloud On-Demand IaaS Cloud NGFW WAF Management Reporting APT SaaS Cloud Proxy CASI Broker API Private Cloud SDN - Orchestration Integration Connector API East-West North-South Flow Virtualization Hypervisor Port Hypervisor As mentioned earlier, cloud adoption is one of the major drivers on today’s networks. But cloud adoption is not a single step, nor will all organizations adopt cloud technologies in the same way or at the same rate. Regardless, most cloud journeys start with virtualization and it’s important to keep in mind that while “cloud” requires virtualization, virtualization by itself is not cloud. Providing a range of security technologies in virtual form is a mandatory requirement and as the enterprise continues the journey to implementing a private cloud using SDN or a hybrid cloud by using services like AWS or Microsoft Azure, having the same security services in these environments as they do in their internal network is absolutely necessary. This is one of the core tenets of FSF.
Security for Access – Unified Secure Access Infrastructure On Premise Management Integrated Cloud Cloud Management 3 2 1 WLAN FortiGate FortiSwitch LAN The other major trend is the Internet of Things (IoT). More and more devices will want to connect to the network, most of them wirelessly and most of them, regardless of access method, will not support any sort of security capabilities. These devices are designed to be fast and cheap, not secure. The only way to manage the security risk of these devices is by ensuring that the access layer has robust security integrated into it. Security must be pushed out to the edge of the network and that all users, regardless of the access method, are covered by a single security posture.
Security Across all of the Network - Global and Local Threat Intelligence for Security Efficacy Threat Intelligence Exchange Threat Researchers App Control Antivirus Anti-spam Vulnerability Management Web Filtering Cloud Sandbox Deep App Control Mobile Security IPS Web App Database Botnet But just placing security appliances in a network does not guarantee long term results. With the constant changes in the threat landscape, malware and players, the only way a security solution stays current is by the quality of the threat intelligence behind it. A single source of threat intelligence, supporting all of the different security services running in the network is absolutely to maintain the highest levels of security efficacy throughout the threat lifecycle and the lifecycle of the network itself. FortiSandbox FortiClient FortiGate FortiMail FortiWeb Partner Advanced Threat Protection
Key Fabric Attributes Scalable Aware Secure Actionable Open Access to Data Center, IoT to Cloud Scalable Aware Secure Actionable Open Scalable Aware Secure Actionable Open
Actionable Across the Whole Network Support Services Single Pane of Glass Migration to Cloud Based Systems FortiCare FortiCloud FortiGuard+ Cloud FortiSanbox FortiManager IaaS IoT Mobile End to end. Access to data center. IoT to cloud. These are the challenges that our customers are facing on a daily basis. To successfully respond to these challenges, the customer must have the necessary, appropriate and actionable resources across the whole of the network. Post sales support, single pane of glass network management and threat intelligence, for both the security services themselves as well as complementing the customer’s own efforts. Access WAN Data Center SaaS PoS Windows
Key Fabric Attributes Scalable Aware Secure Actionable Open Access to Data Center, IoT to Cloud Scalable Aware Secure Actionable Open Scalable Aware Secure Actionable Open
Multiple Levels of Fabric API’s for Partner Integration Eco System Alliance Partners SIEM Management Fortinet Security Fabric Endpoint SDN No one company can do everything themselves. It takes an extensive eco-system of products and technologies to meet all of the challenges. And as the challenges grow and change so will the eco-system. This eco-system is enabled through the FSF and its series of APIs. Virtual Cloud
VIRTUALIZATION & SDN/NFV Intelligent security is OPEN The Fortinet Security Fabric allows integration of other security technologies OPEN VIRTUALIZATION & SDN/NFV CLOUD ENDPOINT & IoT MANAGEMENT SIEM SYSTEMS INTEGRATOR Intelligent security is also open. The Security Fabric is designed around a series of open Application Programming Interfaces (APIs), Open Authentication Technology, and standardized telemetry data, which allows organizations to integrate existing security investments from Fabric-Ready partners into the Fortinet Security Fabric. These solutions can actively collect and share threat information and distribute mitigation instructions to improve visibility and intelligence, enhance situational awareness, and broaden a synchronized attack response from end to end. Not only are the components of the Fortinet Security Fabric designed to work together as a holistic security system, we have also developed a series of APIs that allows Fortinet Alliance Partners to collect and share information with the Fortinet Security Fabric in order to further enhance your organization’s visibility, control, and response.
..and we mean open ☺ Cyber Threat Alliance: Fortinet + Palo Alto Networks founded CTA – may 2014 Defined as Cyber Defense Consortium; goal is to have Automated Threat Intelligence Sharing Platform Now it extended to Intel Security Group, Intel Corporation; Check Point; Cisco Security; Symantec; McAfee Telefonica Zscaler Barracuda
New Fortinet Fabric Ready Partners https://blog.fortinet.com/2017/03/14/fortinet-welcomes-new-industry-leading-technology-partners-to-their-security-fabric-ecosystem
Fortinet Security Fabric – What Does it Do? Provides a framework for meeting today’s and tomorrow’s security challenges Brings the power of threat intelligence to all four corners of a network Enables collaboration and an ever growing ecosystem The Fortinet Security Fabric is Fortinet’s response to the current state of the enterprise network and the challenges in front of them.
The FortiGate – center of the fabric
Security Fabric: Easy integration