1 / 21

FortiGate-224B Integrated Network Access Edge Security

FortiGate-224B Integrated Network Access Edge Security. <<Your Name Here>>. Agenda. 1. Introducing FortiGate-224B. 2. Deployment Examples. 3. Detailed Product Information. 4. Competitive Positioning. 5. Ordering Guide. Threats Inside the Perimeter.

wendy-rojas
Download Presentation

FortiGate-224B Integrated Network Access Edge Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FortiGate-224BIntegrated Network Access Edge Security <<Your Name Here>>

  2. Agenda 1 Introducing FortiGate-224B 2 Deployment Examples 3 Detailed Product Information 4 Competitive Positioning 5 Ordering Guide

  3. Threats Inside the Perimeter • Visitors (or other non-managed assets) connecting to the internal network • Mobile assets re-entering the network after connecting to outside networks Visitors ContractorWorkstations Mobile Users The Challenge: Allow access whilemaintaining the security of the network

  4. Introducing FortiGate-224B FortiGate-224B is an edge security device which enhances internal network security by enforcing security policy at the network access layer, quarantining infected ports before malicious traffic has an opportunity to spread through the network. • Ideal for: • Enterprises • Primary Benefits: • Enhanced network security through the extension of security to layer 2 switching hardware • Reduced complexity and cost by combining critical network functions into a single solution • Lowered operational overhead and expense through automated responses and self-remediation options

  5. FortiGate-224B Overview FortiGate-224B • 4.4 Gbps layer 2 switch performance • 150 Mbps firewall throughput • 24 x 10/100 switch ports • 2 x 10/100/1000 switch ports • 2 x 10/100 wan ports

  6. FortiGate-224B Features • Access Layer Port Control– • Configurable port-based quarantine enforces security policy • Multi-Threat Protection– • Firewall • IPSec and Secure Sockets Layer (SSL) Virtual Private Network (VPN) Support • Antivirus • Intrusion Detection and Prevention • Web Content Filtering • Antispyware • Antispam • Layer 2/3 Switching – • Port-based layer 2 forwarding at wire-speed • Layer 3 switching provided by FortiOS

  7. Agenda 1 Introducing FortiGate-224B Detailed Product Information 2 3 Deployment Examples 4 Competitive Positioning 5 Ordering Guide

  8. FortiGate-224B Operating Modes Strict Mode • Clients are initially untrusted • Security conditions must be verified before being allowed access to the network Dynamic Mode • Clients are initially trusted • If a security violation occurs, the client is quarantined from the network at large Choose the mode that best supports your security strategy

  9. FortiGate-224B Multi-Threat Protection • Complete FortiOS 3.0 multi-threat protection • Firewall/VPN • Antivirus/Antispyware • Intrusion Prevention System (IPS) • Web Content Filtering • Antispam • Traffic is inspected between defined VLANs • Secure Port feature facilitates securing traffic on particular ports possible without network reconfiguration • All Wide Area Network (WAN) traffic is inspected

  10. FortiGate-224B Security Policies • Step 1:Individual Ports are assigned to VLAN Interfaces • Step 2:Protection Profiles are defined based on security policy • Step 3:(Pictured Right)Protection profile is assigned for traffic traversing from one VLAN to another VLAN Interfaces

  11. FortiGate-224B Switching Functions Layer 2/3 switching • Port-based L2 forwarding(wirespeed) • Spanning Tree suppport(STP, RSTP, PVST+) • 802.3ad Link Aggregation • 802.1Q VLAN(s)

  12. FortiGate-224B Quarantine Function • Port-based Quarantine • “Capture” ports that pose threat • Based on Antivirus or IPS signature trigger • Quarantine VLAN • Quarantined ports are reassigned to Quarantine VLAN • Restricts network access to quarantine VLAN only • Administrator can define additional resources accessible • FortiClient installation image can be accessed when quarantined • Remediation • Feature allowing users to dynamically remove themselves from quarantine

  13. Agenda 1 Introducing FortiGate-224B Detailed Product Information 2 3 Deployment Examples 4 Competitive Positioning 5 Ordering Guide

  14. FortiGate-224B Ideal Deployments • SMB Offices • Wiring closets • Secure public segments (conference rooms, visitor cubes, public areas, wireless access points, VOIP devices) • Schools • Separating student and staff resources (eg. libraries, student unions) • Multi-Tenant Facilities • Shared Offices, Hotels, Seminars, Trade shows

  15. Internet FortiGate-224B SMB Deployment • Port level access control provides end point security without having to load special client software Attack Detected VoIP FortiGate-224B WAP x DSL/Cable Modem Desktops stops attacks and quarantines clients automatically Roaming Users Port Quarantined

  16. FortiGate-224B Multi-Zone Deployment • Sample deployment demonstrating flow between VLANs Traffic to/from WAN inspected with FortiOS L2 Switch Hardware VLAN 30 Inter-VLAN Traffic inspected with FortiOS Traffic within VLAN inspected with Secure Port VLAN 20 VLAN 10

  17. Agenda 1 Introducing FortiGate-224B Detailed Product Information 2 3 Deployment Examples 4 Competitive Positioning 5 Ordering Guide

  18. FortiGate-224B Competitive Architectures • Cisco Network Admission Control (NAC) • Requires Cisco trust agent on each desktop • Microsoft Network Access Protection (NAP) • Requires Microsoft client and server software • Juniper Unified Access Control (UAC) • Requires Juniper/Netscreen firewall in front of servers to provide protection. • Trusted Computing Groups Trusted Network Connect (TNC) • Open standard framework but still incomplete communication protocols FortiGate-224B is the only single devicesolution for secured access control with no requirement for client-side software

  19. Agenda 1 Introducing FortiGate-224B Detailed Product Information 2 3 Deployment Examples 4 Competitive Positioning 5 Ordering Guide

  20. Series Components & Pricing Insert Regional Pricing

  21. Thank You! For more information please visithttp://www.fortinet.com

More Related