Scribd Logo
Upload

Welcome to Scribd!

  • 17 views

    Filippo Cassini - FOS - 6.0

    Uploaded by

    habib kamaie

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Filippo Cassini - FOS - 6.0

    Uploaded by

    habib kamaie
    17 views25 pages

    Original Title

    02. Filippo Cassini_FOS_6.0

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    17 views25 pages

    Filippo Cassini - FOS - 6.0

    Uploaded by

    habib kamaie

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 25

    FortiOS – The foundation for Security

    Transformation
    Filippo Cassini SVP WW CSE

    © Copyright Fortinet Inc. All rights reserved.


    BUSINESS GROUP

    Disclaimer

    This document contains confidential material proprietary to Fortinet, Inc.

    This document and information and ideas herein may not be disclosed, copied, reproduced or distributed
    to anyone outside Fortinet, Inc. without prior written consent of Fortinet, Inc.

    This information is pre-release and forward looking and therefore is subject to change
    without notice.

    The purpose of this document is to provide a statement of the current direction of


    Fortinet’s product strategy and product marketing efforts.

    Please note that this Product Roadmap is neither intended to bind Fortinet to any particular course of
    product marketing and development nor to constitute a part of the license agreement or any contractual
    agreement with Fortinet or its subsidiaries or affiliates.

    2
    Evolution of network security

    FIREWALL

    Connectivity

    1990 2000 2010 2020

    SOFTWARE

    3
    Evolution of network security
    ▪ CONTINUED GROWTH IN THE SECOND GENERATION

    NGFW
    FIREWALL UTM

    Connectivity Content

    1990 2000 2010 2020

    SECURITY
    SOFTWARE
    PROCESSORS

    4
    Evolution of network security
    ▪ WE ARE IN THE EARLY STAGES OF THE THIRD GENERATION

    NGFW
    FIREWALL UTM FABRIC

    Connectivity Content Infrastructure

    1990 2000 2010 2020

    SECURITY
    SOFTWARE SECURITY FABRIC
    PROCESSORS

    5
    Only fortinet can reach
    the HIGHEST LEVELS of security
    ▪ SIGNIFICANT ENGINEERING INVESTMENT REQUIRED FOR PERFORMANCE AND VALUE

    Prevention & Performance


    Detection Remediation Integration & Value

    1,000+ <50 <5 1

    6
    Hey, look at I’ll ask
    this news IT
    alert…

    Board / C-Suite NOC / SOC

    7
    • Expansion Roadblocks
    Expand (IAAS, SAAS)
    • Replicated Operations Scalable
    • Disjointed Systems Expansion

    How Secure Am I?
    • Business Disconnect
    • Communication Business
    CISO
    • Frustration
    Alignment
    Too many UIs
    • Inefficient Operations
    • Maintenance
    Too much data
    • Security Operations Streamlined
    • Incident Response
    Operations
    Not enough resources

    8
    A CLOSER
    LOOK AT
    SECURITY
    FABRIC …
    9
    SECURITY FABRIC

    Automation

    System Threat IOC Config API


    Status Events Detection Change Notification Quarantine
    Call
    TRIGGERS ACTIONS
    AUTOMATION
    ENGINE

    AUTOMATED WORKFLOWS
    Easy creation using wizards
    (STITCHES) USING
    TRIGGERS TO DELIVER
    Covers components within a security fabric
    APPROPRIATE ACTIONS

    10
    SECURITY FABRIC

    Automation

    STITCHES

    Wizard that assist admin to easily setup


    automation via predefined components

    11
    SECURITY FABRIC

    Automation

    QUARANTINE

    ▪ Automatically quarantine
    compromised hosts via Stitch
    ▪ Option to do so using FortiClient via
    EMS or connection via FortiSwitch
    and FortiAP

    12
    SECURITY FABRIC

    Automation

    NOTIFICATIONS

    ▪ New iOS Push notification via


    FortiExplorer

    13
    SECURITY FABRIC

    New Solution and Service Integration

    IOC SERVICE INTEGRATION

    ▪ Presenting IOC data from FAZ on


    FortiView and topology maps
    » Retrieve data and show affected
    hosts on FortiGate
    » Allow admin to quarantine
    affected hosts

    14
    FortiCloud – Fortinet SaaS Cloud
    ▪ Easy to use Interface
    ▪ FortiCloud Key
    ▪ Multi-Tenancy
    ▪ FortiDeploy
    ▪ Deploy Templates and Scripts
    ▪ Assign to FortiCloud or FortiManager
    ▪ Role Privilege Assignment

    ZERO TOUCH DEPLOYMENT MANAGEMENT

    1 Year ▪ Indicators of Compromise


    FortiCloud Sandbox inspection ▪ FortiView & Reporting

    SANDBOX SECURITY ANALYTICS


    ▪ Free 100 Files a day submission 7 Day
    ▪ On Demand Upload Service free log retention & analysis

    1 Year
    Log Retention & Analysis Subscription
    (unlimited Log volume)

    15
    FortiCloud Security Analytics

    GLOBAL THREAT LOCAL THREAT COOPERATION/


    INTELLIGENCE INTELLIGENCE ACTION
    Rank Severity Recommendation
    Detect and mitigate all Discover and mitigate
    known threats unknown threats using 5 CRITICAL Zero-Day Vulnerability

    including post infection FortiCloud FortiView and


    with IoC Sandbox 4 MEDIUM Not Connected to Fabric

    3 ADVISORY Logging Disabled

    16
    FortiCloud FortiDeploy
    Retail Use Case

    FortiDeploy

    Zero – touch deployment

    Includes FMG onboarding FortiManager


    automation

    Scales to 10K’s devices in


    different countries
    Shop Shop Shop

    17
    A CLOSER
    LOOK AT
    SOC FUNCTIONS
    18
    BUILT IN CORRELATION (IOC)

    19
    20
    A CLOSER
    LOOK AT
    NETWORKING…
    21
    NETWORKING

    SD-WAN Improvements

    PATH SELECTION STRATEGY BEST QUALITY MIN. QUALITY (SLA)


    Administrators who prefer simplistic path Administrators who desire granular threshold
    Recommended Use Case
    selection, relying on preferred quality criteria configurations per applications

    22
    NETWORKING

    SD-WAN Improvements

    APPLICATION AWARENESS

    ▪ WAN Path Controller is able to route


    traffic using Application Control DB
    (with over 3,000 signatures), in
    addition to ISDB
    ▪ Once identified via application
    control, subsequent matching
    sessions are identified when seen
    next time on first packet

    23
    NETWORKING

    VPN Configuration Enhancements

    CLOUD-ASSISTED ONE-CLICK VPN

    ▪ Allows multiple sites of Fortigate to


    configure hub-and-spoke VPN with the
    help of FortiCloud on the backend.
    ▪ Can be implemented with FortiManager
    backup mode as another option

    24

    You might also like