1 / 21

FortiAP ™ Secure Access Points Part of the Fortinet Secured Wireless Network Solution

FortiAP ™ Secure Access Points Part of the Fortinet Secured Wireless Network Solution. <<SPEAKER NAME>> <<TITLE>> <<DATE>>. Wireless Network Adoption and Drivers. Consumer Devices and External Clients. Mobile Handsets. Notebooks and Netbooks. CAGR of >27% for Wi-Fi (2009-2013)

kellsie
Download Presentation

FortiAP ™ Secure Access Points Part of the Fortinet Secured Wireless Network Solution

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FortiAP™ Secure Access PointsPart of the Fortinet Secured Wireless Network Solution <<SPEAKER NAME>> <<TITLE>> <<DATE>>

  2. Wireless Network Adoption and Drivers Consumer Devices and External Clients Mobile Handsets Notebooks and Netbooks • CAGR of >27% for Wi-Fi (2009-2013) • CAGR of >50% for Mobile Handsets with Wi-Fi 2009-2013 Wi-Fi devices, cost, and PCI compliance are driving WLAN adoption • Mobile handsets & netbooks necessitate wireless connectivity • Key industries are already moving to a wireless edge design • Examples: Education and Healthcare • Wireless is less costly to deploy vs. an edge switch and wiring • PCI Compliance requires Rogue Access Point detection and Wireless IPS at Retail locations

  3. The Role of Thin Access Points (APs) Wireless networks/access are primarily addressed by thin APs today 802.11n standard is finalized and will be a catalyst for enterprise adoption Thin AP with centralized controllers are dominant wireless deployment strategy Thin AP revenue $4.5B Source: ABI WLAN Equipment Forecast July 2009

  4. Introducing FortiAP™ Secure Access Points Integrated wireless security and access solution • Secure Wireless Networks • Rogue Access Point (AP) Detection and Remediation • Granular Endpoint Control • Speedy 802.11n Performance • 300 Mbps-600Mbps throughput • Simplify Your Administration • Use existing FortiGate devices for WLAN Control • Turnkey Audit Reports make compliance easier • Save Over Competitive Solutions • Lower Total Cost of Ownership (TCO)

  5. Thin AP architecture tunnels all traffic to the FortiGate Controller for added security and ease of management Floor Wiring Closet ThinAP tunnels all traffic to FortiGate Controller Aggregation Data Center FortiGate Controller

  6. FortiAP™ Secure Access Points are Designed for the growing organization • Small-to-Medium Enterprise (SME) • Small-to-Medium Retail • Financial Services • Government Agencies • Hospitality • Professional Services Offices(i.e. Law, Accounting) • Education (K-12, Higher Ed)

  7. The Threat to Wireless Networks • Even with strong authentication and link encryption, wireless threats still exist: • Man-in-the-middle attacks • Evil twin AP / Honeypot • Denial of service attacks – Too many associations per second, Packet Flood • Rogue Access Points • De-Authentication broadcast • Channel interference • Mac-Spoofing

  8. Fortified Wireless Space Advanced Network-Based Security High-Performance Wireless Networking

  9. Building a Secured Wireless LAN Solution Multi-Threat Security with Integrated Wireless Controller Fortified Wireless Space Secure Wireless Access Points

  10. More Security: Layer 1-7 MAC 802.1x, 802.11i (WPA 1.0, 2.0) User-User Firewalling MS-PEAP, EAP-TLS, EAP-TTLS, LEAP WPA (static/dynamic), TKIP, AES, WEP Role and AAA based VLANs Per-User/Flow Stateful Firewall Policy Based Access (time, location, device, etc.) Deep packet inspection Captive Portal Rate Anomalies / Thresholds Layers 4 – 7 Transport, Session, Presentation, and Application • VPN termination - L2TP/IPSEC, PPTP • Captive Portal • ACLs • NAT, DHCP Layer 3: Network Layer 2: Data Link • Wireless intrusion detection and prevention • Rogue AP Detection, Classification and Mitigation • On-the-fly IDS/IPS signature upgrade Layer 1: Physical

  11. Rogue AP Detection & Suppression • How it works • WLAN system collects and reports BSSID information • System compares collected access point information against authorized access points • FortiGate searches for adjacent MAC addresses of unknown APs on its wired interfaces. • Unknown APs that are also found on the wire are automatically flagged and reported • Rogue AP suppression techniques • As a Gateway device the MAC address of a Rouge AP can be automatically blacklisted to prevent communication across different security segments

  12. Wireless Security in FortiGate platforms All Wireless Traffic undergoes UTM identity aware deep inspection security engine WLAN Switching and RF Management Automatic Radio Resource Provisioning (ARRP) L2 Mobility & WME QoS & UAPSD power save • Authentication • Wired and wireless 802.1x, Web-based captive portal, MAC address, Local user database, LDAP, RADIUS, TACACS+ • Wireless air monitor for Rogue AP detection, • Encryption • Open, WEP, WPA/WPA2 (PSK/RADIUS)

  13. The Fortinet WLAN Security Solution Secure Access Points • 802.11n compliant • 300-600 Mbps throughput • Dual concurrent radio 2.4GHz/5GHz (802.11 a/b/g/n) • Enterprise-Class feature set • Dedicated built-in in air monitoring • Internal-Antenna design • Integrated Power-Over-Ethernet • Highest value at competitive price FortiAP Secure AP Dual Radio Controllers • 20+ platforms to meet any requirement • Leverages same models already on the market • 10Mbps – 40Gbps wireless LAN Capacity • 6 AP/100user to 10,000AP / 32,768 user capacity • Programmable control & data planes, • Hardware-based Cryptography • Centralized management FortiGate Platforms With Integrated Wireless Controllers

  14. Typical deployment Options WIRING CLOSET DEPLOYMENT (DIRECT) GATEWAY DEPLOYMENT FLOOR 1 FLOOR 1 Fortigate 200B FLOOR 2 FLOOR 2 Gigabit Uplink Gigabit Uplink Fortigate 200B UTM Gateway Internet BACKBONE Fortigate 1240B

  15. Data Center Remote Management option Remote Retail Location DataCenter FortiAP Floor 2 FortiGate UTM Concentrator and Wireless LAN controller FortiAP FLOOR 1 SSID:PoS SSID:hotspot BACKBONE BACKBONE

  16. Introducing FortiAP-220A Available Q1 2010 FortiAP-220A dual radio dual stream 2x2 802.11n AP 16

  17. FortiAP-220A – Dual Concurrent RadiosRadio 1 - 802.11a/n Radio 2 – 802.11 b/g/n Fast Ethernet network connectivity Four Concealed Internal Quad-Band a/b/g/n Omni-directional Antennas Dual Radio, Simultaneous 802.11a/n & b/g/n operation 12V DC Power Input Green – uses approximately 5Watts power during operation Wall mount holes integrated (optional Ceiling Tile Rail Mount) FortiAP-220A dual radio dual stream 2x2 802.11n AP

  18. >5X performance increase with 802.11n 802.11 Wireless Data Rates have surpassed wired Fast Ethernet Speeds, enabling their use as primary access Edge mechanism Faster Speeds 802.11n 802.11ag Longer Range

  19. Why Fortinet for Secure WLANs?

  20. Thank You. For More Information please contact: <<your contact information>>

  21. 802.11n Final Spec performance Tansmit (Tx) and Receive (Rx) Streams 802.11n # of concurrent Radios

More Related