Presentation is loading. Please wait.

Presentation is loading. Please wait.

Selling in the Telco sector JOSE GRANDMOUGIN EMEA SENIOR CONSULTANT 26. 11. 2009.

Published byChristina Glenn Modified over 9 years ago

Similar presentations

Presentation on theme: "Selling in the Telco sector JOSE GRANDMOUGIN EMEA SENIOR CONSULTANT 26. 11. 2009."— Presentation transcript:

1 Selling in the Telco sector JOSE GRANDMOUGIN EMEA SENIOR CONSULTANT 26. 11. 2009

2 Protecting the Service Provider’s Infrastructure MOBILE NETWORK MOBILE NETWORK RADIUS SERVER GGSN SGSN 2 2 Protecting the customer (Managed Security Service Provider) Subscriber Network 1 1 Security Solutions for Service Providers Two discrete solutions for Service Providers

3 Managed Security Services

4 NOC/SOC Traditional CPE / Client Based MSS 4 Internet

5 Virtualized Services Per Customer Virtual Domain Application Control Web Filtering AntiVirus / AntiSpyware Data Leak Prevention AntiSpam Intrusion Protection VPN (IPSec / SSL) Firewall Dynamic Routing 5

6 Security Processing Modules ADM-XE2 and ASM-CE4 Intrusion Prevention Offloading Inspects traffic traversing network interfaces for network-based attacks Provides protocol anomaly and signature- based inspection Multi-Gigabit performance Firewall Offloading Inspects traffic traversing network interfaces and blocks/allows according to firewall policy Line-Rate performance IP Multicast Offloading Accelerates and routes IP Multicast traffic Contributes to improved performance of video, voice, and other IP Multicast applications ASM-CE4 ADM-XE2

7 NP4 Based Dual Wide AMC Module Compatible with 5001A/3810A Firewall and IPSec offload 4 x 10G SFP+ Interfaces Includes 2xSR SFP+ transceivers 20G Firewall Processing 8G IPSec VPN Processing 7 ADM-XD4

8 Value Added Internet Access Services COMPETITION Juniper CrossBeam Cisco WINNING FACTORS Protection Profiles and Virtualization Routing flexibility Hardware scalability Customer 1 Customer 2Customer 3 Internet 8

9 Value Added RAS COMPETITION Cisco Juniper WINNING FACTORS Features Integration, IPSec, SSL VPN Antivirus, Web Filtering Self Service Management Portal Internet Client CPE Internet 9

10 3G High-Performance VAS COMPETITION Cisco Juniper WINNING FACTORS Features Integration, Fast Antivirus services Self Service Management Portal 10Gb real throughput Internet 3G Network 10

11 Management Interfaces in the Cloud 11 ProvisioningBilling Troubleshooting Monitoring NOC / SOC Network Self Service Portal Device Group JSON API XML API XML API / GUI CLI / SNMP / GUI LOG / ARCHIVE QUARANTINE MGMT GUI CUSTOMERS

12 FortiManager Portal User Portal Customization Development Toolkit Provides a full set of customization options Function, content, and branding Secondary database interfaces Consumer Portal Simplified option set Uses Development Toolkit Targets consumer opportunities Linked with Dynamic Profile Feature on FortiOS Carrier

13 Virtualized Management Device Group 2 Device Group 1 Admin 2 Admin 1 Customer 1 Customer 2 Multiple Administrative Domains Administrative Domain (ADOM) Per Customer / Device Group Policy Management Per Customer / Device Report Generation Supports VDOM groups and physical device groups in any combination

14 Dynamic Security Profiles

15 Applies to two key target service provider markets Managed Security and Mobile Allows user “Self-Service” automation RADIUS Accounting Record attributes used to create a context for a source IP address Context can associate IP address with any other RADIUS attribute Username, MSISDN, Service Name Protection Profile also extracted from the RADIUS record Assumes an authentication event has occurred within the Carriers network Typical in both fixed (DSL) and mobile environments RADIUS SERVER Radius Accounting Message Dynamic Policy Created Dynamic Security Profiles Portal Provisioning PORTAL SERVER DYNAMIC SECURITY PROFILES

16  Provides an authenticated bypass of the Service Restrictions  Within a domestic environment  Both end-points (users) are behind the same NAT boundary  Clientless solution to differentiate access – no software to ‘hack’  Parental control is maintained DSL Home user 1 (Adult) NAT DSL Home user 2 (Child) Dynamic Security Profiles In Home Parental Control* DYNAMIC SECURITY PROFILES *FortiOS Carrier 4.1 www.badsite.com

17 Per end-point Black / White List End points (users, MSISDN) can have their own black white list No requirement for end user to access FortiGate infrastructure Can be populated on Self Service Portal Dynamically configured on FortiGate as end points attach RADIUS VSA Extension, no fixed limit for URLs DSL+3G RADIUS Dynamic Security Profiles End-Point customisation DYNAMIC SECURITY PROFILES Self Service Portal *FortiOS Carrier 4.2 www.badsite.com

18 Infrastructure protection

19 FortiOS Carrier 4.0 Highlights Dynamic Profiles Per user services via a RADIUS API Protection Profile derived from RADIUS record Session Initiation Protocol (SIP) Security Stateful SIP tracking, Malicious SIP message protection, SIP Rate Limitation SIP Transparent or SIP NAT mode, IP Topology Hiding, RTP Pinholing Geographical Redundancy, SIP Stateful High-Availability Multimedia Message Service (MMS) Security Antivirus, Antispam/Antifraud, Antiphising (via Web Filtering) Sender and Admin notification GPRS Tunneling Protocol (GTP) Firewall 3GPP 29.060 version 6.9.0, including Overbilling Protection Protocol Anomaly Checks, IMSI/APN/IE filtering

20  20 FortiCarrier SIP Security Softswitch SIP Application Server (AS) Signalling Control (SIP ) Media Control (RTP) All Traffic – Access and Peering - Hosted NAT Traversal - Call Admission - Interoperability - Interworking (IWF) - Media Pinholing and Policing - Call Control - Routing - Features - Billing NGN Network Topology SIP RTP SIP Firewall SIP RTP Session Border controller Optional RTP bypass - SIP aware Firewall - Denial of Service prevention - Message Filtering - Message rate limiting - IPS detection and prevention VOICE SECURITY

21 Mobile Security FortiCarrier also provides: MMS Antivirus MM1/3/4/7 Monitor mode Intercept, Archive, Quarantine, Block Actions Sender Notification and alerting MMS Antispam MM1/4 Duplicate Message, Sender Flooding Admin Notification INTERNET OTHER OPERATOR MMSC MM3 MM1 MM4 CONTENT PROVIDER MM7 MOBILE SECURITY

22 Cloud / Endpoint Managed Services

23 Global Service Offerings FortiGuard™ Global Research Team provides original security intelligence via FortiGuard subscriptions Antivirus Intrusion Prevention Web Filtering Antispam FortiCare™ Support services provides technical assistance anywhere, anytime Multiple service levels to meet customer requirements

24 FortiMail – Email Security Role Based Administrative Domain Management Thousands of domains LDAP Profiling Outsourced policy management / service enablement Inbound and Outbound Antivirus and Antispam Centralised Quarantine Multiple Operating Modes Server, Gateway/Relay and Transparent Unlimited License Model Not per mail box or domain Integrated with FortiManager and FortiAnalyzer Chassis Blade and Appliance Form Factor 24

25 FortiClient Desktop Access to FortiGuard Services Antivirus & Antispyware Protection Personal Firewall Content Filtering Windows Registry Monitor IPSec VPN Client Private Label Branding Microsoft MSI installer for rapid deployment to many clients Client lockout to prevent unauthorized configuration License Control

26 FortiMobile Security Client Software Symbian Series 60 2 nd Edition: v7.0s, V8.0a, v8.1a 3 rd Edition: v9.1, v9.2, v9.3 Windows Mobile 2003 SE: Pocket PC, PPC Phone 5.x: Pocket PC, PPC Phone, Smartphone* 6.x: Professional, Standard, Classic Capabilities include Personal Firewall VPN (IPSec, SSL) Incoming Call Filter SMS Antispam Antivirus Phone Security (Contact / SMS / Call Log / Data Encryption) Multi-Language Support Smartphone support to be added in 4.3

27 Questions?

Download ppt "Selling in the Telco sector JOSE GRANDMOUGIN EMEA SENIOR CONSULTANT 26. 11. 2009."

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
Stonesoft Roadmap WHAT FEATURES WILL COME IN 2013-2014.

Stonesoft Roadmap WHAT FEATURES WILL COME IN
Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.

Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.
Compliance on Demand. Introduction ComplianceKeeper is a web-based Licensing and Learning Management System (LLMS), that allows users to manage all Company,

Compliance on Demand. Introduction ComplianceKeeper is a web-based Licensing and Learning Management System (LLMS), that allows users to manage all Company,
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Module 3 Windows Server 2008 Branch Office Scenario.

Module 3 Windows Server 2008 Branch Office Scenario.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
MSIT 458: Information Security & Assurance By Curtis Pethley.

MSIT 458: Information Security & Assurance By Curtis Pethley.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Introduction to Fortinet Unified Threat Management

Introduction to Fortinet Unified Threat Management
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
Winter 2005-2006 Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.

Winter Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.
Barracuda Networks Steve Scheidegger Commercial Account Manager 734-887-2422

Barracuda Networks Steve Scheidegger Commercial Account Manager

Similar presentations

Ads by Google