250 likes | 462 Views
The Consolidation Imperative Maximizing Security, ROI and Environmental Benefits with Fortinet Solutions Todd Craw – FL Channel SE - June 2010. Consolidation is all Around Us. Just a few examples: Discrete MP3 Player, Camera, Phone = iPhone or Android
E N D
The Consolidation ImperativeMaximizing Security, ROI and Environmental Benefits with Fortinet SolutionsTodd Craw – FL Channel SE - June 2010
Consolidation is all Around Us Just a few examples: • Discrete MP3 Player, Camera, Phone = iPhone or Android • Triple Play services over coax or dsl = Voice, Video and Data And most importantly: • Network Security = Antivirus, IDS/IPS, Antispam, Web Content Filtering, VPN and more in one device
Dynamic threat landscape Slowing growth of IT budgets Easier Mangement – Lower Opex Fewer Devices – Lower Capex Reductions in Footprint Energy/Carbon Rackspace Consolidation Market Drivers
Dynamic Threat Landscape • Evolving Threats • Continued increase in sophistication and prevalence of threats require multiple security technologies • Increased enterprise adoption of Web 2.0 applications and IP-based services provide new vectors for attack • Regulatory compliance pressures (SOX, PCI, etc.)
Blended Threat – W32/Pushdo!tr • Multiple Attack Vectors • Spams email with malicious attachment • Email contains a trojan downloader • Downloads a rootkit to cover activity • Downloads multiple other components • The trojan uses a command and control communication channel
Antispam recognizes email as spam Blocks message from user’s inbox W32/Pushdo!tr - Antispam
W32/Pushdo!tr - Antivirus • Gateway antivirus detects the malicious attachments • The trojan downloader • The rootkit • The various other components • Removes malicious payloads, preventing accidental execution
W32/Pushdo!tr – Intrusion Prevention • IPS detects communications on the command and control channel • Blocks the transmission of the infected host’s communication
Financial “Belt Tightening” • Slowing growth of IT budgets driving higher demands for ROI • Rising complexity and cost of managing and maintaining multiple security solutions • Increased pressure to improve security service while reducing TCO
Real Disadvantages Higher Capex for multiple products Increases network complexity and operational costs – training & support Discrete security technologies such as VPN, AV, IPS, WCF, AntiSpam have become commodities! Perceived Advantages Comprehensive security approach Quickly react to individual threats Specialization Multiple Point Solutions Add Complexity & Cost
Consolidate to Reduce TCO • Lower operational expenditures (OpEx) • Simplified management, maintenance, renewals and threat update subscriptions • Smaller investment on training and support • Lower capital expenditures (CapEx) • Fewer devices to purchase, manage and maintain • Virtualization to manage up to thousands of security profiles from one platform • Long-term investment protection • Future-proof devices: Service activation as security needs grow • Per-device license model
Doing More With Less – Capex Savings • 500 User Network • Savings over Standalone Products - $37,883
Fortinet Consolidated Network Security • Reduces number of vendors and appliances • Provides comprehensive security • Minimizes down-time from individual threats • Simplifies security management • Coordinates security alerting, logging, and reporting • Improves detection capabilities
Firewall / VPN IPS Antivirus Web Filtering Reducing Footprint ¼ Physical Space ¼ Power Consumption = FortiGate Appliance =
Consolidate for Environmental Benefits • Smaller hardware footprint • Reduced data center space with multi-threat security appliances and virtualized security chassis • Reduced power consumption over multiple standalone systems • Green impact • Energy/emission reduction across the entire life cycle with less manufacturing, cabling and recycling
Fortinet Differentiation • Broad technology platform • ASIC accelerated security on all platforms • Unified security functions AV, IPS, WCF, FW, VPN, Anti-spam/Spyware with NO OEM relationships • Identical user interface on all appliances • No per user licensing – services unlimited • Unified Management, Logging and Reporting • Enterprise management – firmware – policy • Logging, reporting, event correlation • Active directory integration • user activity reporting • Broad security subscription coverage via global infrastructure • Active push and pull technology for rapid protection • >200 researchers WW
FortiOS constantly adds new features FortiOS is the security hardened operating system that powers all FortiGate multi-threat security systems. The CLI and GUI are the same across all applicances.
Application Control Enforces security policy for over 1000 applications, regardless of port or protocol used for communication Facilitates inspection for evasive applications using non-standard ports, port-hopping, or tunneling within trusted applications More flexible and fine-grained policy control Increased security Deeper visibility into network traffic FortiOS 4.2 adds shaping to any application!
SSL Traffic Inspection Proxies SSL encrypted traffic, inspecting for threats and applying policy to traffic that is invisible to other security devices. Inspect otherwise hidden communication Increased protection for secure web/app servers Improved visibility into network traffic Supports HTTPS, POP3S, SMTPS, and IMAPS protocols
Data Leakage Prevention Keep sensitive, confidential, and proprietary data from escaping defined network perimeter Integrates with Application Control and SSL Inspection Works across any application and encrypted traffic Configurable actions (block / log) Provides audit trails for data and files Aides in legislative compliance Protects an organization’s sensitive information
Preserve Your Investment • Lower CapEx with fewer hardware requirements • Lower OpEx with reduced management complexity • Increase functionality without increasing hardware • Reduce Your Footprint • More robust security capabilities with less hardware • More powerful protection with less power consumption • More network defense with less cost of ownership Consolidate with Fortinet Protect Your Network • Network and content-level protection • Data integrity-level protection • Enterprise-level strength
Thank You for your time! Questions? For more information, visit us at: http://fortinet.com/ Protect Your Network Preserve Your Investment Reduce Your Footprint
Products: FortiGate-1000, FortiGate-5050, FortiGate-5001FA2 • Solution: Antivirus, anti-spam, firewall, Web filtering and intrusion prevention • Where:FortiGate-1000 at its Sarasota, FL disaster recovery site • Two FortiGate-5050™ systems in active/active mode located at two data centers in Fort Myers, FL and one FortiGate-5050 for the public facing network and the other is for the remote agency network being accessed by the State attorney, defense attorneys and other state agencies. • Two FortiGate-5001FA2 blade modules are connected to each of the FortiGate-5050 systems in clustered pairs. Benefits: Protection of sensitive information such as case histories from county courts, county finance information, land records - Aggregate, analyze and report on log data traversing the distributed network. Lee County Clerk of Courts “The Fortinet solution is surpassing our high expectations and demands. Though we were seeking a performance and throughput improvement, we now also have less boxes to manage, 24/7 availability even if a datacenter goes down and a way to report on network usage without taking the entire network down.” Brian Bernard, senior network administrator Lee County Clerk of Courts
Products:FortiGate-300A, FortiWifi-60B, FortiManager-400 • Solution:firewall, IPS and Web content filtering • Where:FortiGate at Paradigm HQ to provide firewall, IPS and WCF for the main network • - FortiWifi deployed at each of the 95 franchise networks • FortiManager deployed at Paradigm HQ to easily and centrally manage the 295 appliances located at nationwide franchises. • Benefits:new wireless newtork for patrons of some of the restaurants • PCI compliance • Simplified management of appliances • Consolidated network security functions Hardee’s quick-service and fast-casual dining “Managing multiple restaurant locations nationwide, it was very important for us to select a network security solution that was cost-effective, easy to use and offered central management while ensuring Federal compliance regulations. The FortiGate product line is allowing us to offer enterprise-level network security to our restaurants as well as complying with government regulations such as PCI mandates.” Greg May, Chief Technology Officer Paradigm
Products:FortiGate™-1000 (replaced Norton and Microsoft), FortiAnalyzer™-100 Solution:Antivirus and intrusion prevention Where: FortiGate™-1000 to provide antivirus, firewall and intrusion prevention for network - FortiAnalyzer™-100 to easily analyze and log traffic traversing the network of more than 800 computers • Benefits: protecting more than 5.6 million documents ranging from employee email to citizen legal case material, adoptions, mental health, and tax objection documents. • helping secure the Circuit Court Clerk's $5 million cashiering system which collects and disburses more than $100 million in revenue • Experienced 381,407 attempted attacks against network and Fortinet blocked and protected every single attack • FortiAnalyzer is providing valuable intelligence on network usage and assistance with meeting regulatory compliance Clerk of the Circuit Court of Cook County second largest county in U.S. "In our first 107 days of having the Fortinet solution deployed, we did not have a second of downtime. Although we experienced 381,407 attempted attacks against our network, the Fortinet solution blocked and protected us from every single attack." Bridget Dancy, CIO Circuit Court of Cook County