© Copyright Fortinet Inc. All rights reserved.

Peter Vanhemelryckpresales engineer

Het ecosysteem als complete bescherming tegen cybercriminaliteit

2

Focus op deze richtsnoeren

Known and Unknown

InboundOutboundInternalExternal

3

WHAT IF I TOLD YOU

YOU’VE BEEN BREACHED(AND DIDN’T EVEN KNOW IT?)

4

Source: DataBreaches.net

Adobe 152M customer

records breached

Target70M customers

at risk

Home Depot56M customers at

risk

eBay 145M customers at

risk

UPS

Snapchat

Dominos Pizza (France)

Twitter

Neiman Marcus

Korean Credit

Bureau

Mozilla

Vodafone

Gmail

LexisNexus

AOL2,400,000

Sony 47,740

employees exposed

European Central

Bank

Apple

5

Customer Challenge – Security

Increasing Damage

AppControl

WebFilter

Anti-Spam

AntiMalwareVPN IPSFIREWALL Advanced

Threat Protection

Hackers

Layer 1-2 Content & Application (Layer 3-7)

IntrusionsWorms

VirusesSpyware

BotnetsSpam

MaliciousURLs

MaliciousApps

AdvancedPersistent

Threats

2005 2007 TodayTHREATTIMELINE

201120032000

Incr

easi

ng P

erfo

rman

ce R

equi

rem

ents

Today’s sophisticated threats are causing more damage than ever, and a growing set of security technologies is needed to stop them.

Most security vendors outsource or lack critical pieces of the puzzle Customers try to piece together a solution on their own

6

Breaking the Kill Chain of Advanced Attacks

Antispam

Web Filtering

Antivirus

Intrusion Prevention

App ControlIP Reputation

Spam

MaliciousLink

Exploit

Malware

Bot Commands& Stolen Data

Spam

MaliciousLink

Exploit

Malware

Bot Commands& Stolen Data

MaliciousEmail

MaliciousWeb Site

C2 Server

7

Fortinet Advanced Threat Protection Framework

Step 1 - Prevent• Block threats before they

enter your network

Step 2 - Detect• Discover threats that

have entered the network

Step 3 - Mitigate• Respond to any threats that have

breached the network

8

The Technologies Behind It

Botnet DetectionIP & Client ReputationSandboxing

Network FirewallAnti-Virus

Two Factor AuthenticationIntrusion Prevention

Secure Email GatewayWeb Application Firewall

End Point Protection

PeopleProcessTechnology

Threat IntelligenceZero Day ResearchContinuous updates

9

FortiGuard Lab

FortiGuard Services

Advanced Threat Protection in Action

FortiGate

FortiMail

FortiWeb

FortiClient

10

FortiGuard Lab

FortiGuard Services

Advanced Threat Protection in Action

FortiGate

FortiMail

FortiWeb

FortiSandbox

FortiClient

11

Integration, Integration, Integration

File Submission

File Submission

Detailed Status Report

FSA Dynamic Threat DB Update

Control Host Quarantine

FortiSandbox

FortiClientFortiGate

1

2

3b

1

Real-time engine and intelligence updates

Enforce Network Quarantine

3c

File Status result for auto File Hold &

Quarantine

2

FSA Dynamic Threat DB Update

1 File submission for Analysis

2 Respective analysis results are returned

4 4

3a

3a

Remediation Auto File Quarantine on Host with option to hold file until result

Query

3b Manual Host Quarantine by Admin

3c Manual Source IP Quarantine using Firewall

Protection

4 Proactive dynamic Threat DB update to gateway and host

12

Founded in 2000, 1st shipment 2002, IPO 2009 HQ: Sunnyvale… 100+ offices worldwide

Employees: 3900+ 255,000+ customers

Over 2 million devices shipped

#1 unit share worldwide in network security (IDC)

Market-leading tech… 257 patents, 228 pending

Balanced business across segments

Balanced revenue and growth around the globe

APAC21%

Americas44%

EMEA35%

FortinetRevenue

By RegionQ3 2015

Entry-Level Ap-pliances

36%

Mid-Range Appliances

26%

High-End Ap-pliances

38%

FortiGateRevenue

By SegmentQ3 2015

Custom ASIC-based scalable architectureFortiASIC

Custom, convergedNetworking + Security OSFortiOS

Industry-leading, validatedThreat ResearchFortiGuard

Global Infrastructure & Support FortiCare

A Global Leader and Innovator in Network SecurityFortinet Quick Facts

13

Proven, Certified SecurityFortiGuard Labs Threat Intelligence Powers Fortinet Products

Per Minute21,000Spam emails intercepted

390,000Network Intrusion Attempts resisted

460,000Malware programs neutralized

160,000Malicious Website accesses blocked

50,000Botnet C&C attempts thwarted

43 millionWebsite categorization requests

Per Week46 millionNew & updated spam rules

120Intrusion prevention rules

1.8 millionNew & updated AV definitions

1.4 millionNew URL ratings

8,000Hours of threat research globally

Total Database190Terabytes of threat samples

18,000Intrusion Prevention rules

5,800Application Control rules

250 millionRated websites in 78 categories

200Zero-day threats discovered

Based on Q2 2015 dataImage: threatmap.FortiGuard.com

14

NSS Labs Validates Our AdvantageFortinet Is Consistently “Recommended” While Top Competitors Are Not

NGFW

Breach Detection

X-axis = TCO per protected Mbps, ‘Value’ Y-axis = Security Effectiveness

Upper right quadrant = “Recommended” Lower left quadrant = “Caution” Other quadrants “Neutral”

Next Generation IPS

Aug. 2015Apr. 2015

Sept. 2014

FortiSandboxProtection against unknown treaths

16

FortiSandbox – 5 Steps to Better Performance

Call Back Detection

Full Virtual Sandbox

Code Emulation

Cloud File Query

AV Prefilter

• Quickly simulate intended activity – Fortinet patented CPRL• OS independent & immune to evasion – high catch rate

• Apply top-rated anti-malware engine

• Examine real-time, full lifecycle activity in the sandbox to get the threat to expose itself

• Check community intelligence & file reputation

• Identify the ultimate aim, call back & exfiltration• Mitigate w/ analytics & FortiGuard updates

17

Scenario 1

Scenario» 0day protection against realtime communications threats like HTTP(s).

Ex. Malicious websites

Use FortiGate Use FortiSandbox

» Cloud» On Premise

or

18

Scenario 2

Scenario» 0day protection against realtime communications threats like HTTP(s).

Ex. Malicious websites» 0day protection for mail threats. Ex. Cryptolocker mails

Use FortiGate Use FortiMail Use FortiSandbox

» Cloud» On Premise

or

19

Scenario 3

Scenario» 0day protection against realtime communications threats like HTTP(s).

Ex. Malicious websites» 0day protection for mail threats. Ex. Cryptolocker mails» 0day protection for Road Warriors

Use FortiGate Use FortiMail Use FortiClient Use FortiSandbox

20

Deployment Example

Confidential

One Solution for the Enterprise

FSA working in Device Mode and Sniffer Mode

Signature Updates

Span Port

Signature Updates

21

4 week FSA catching statistic

Known malicious content detected by step 1/2/3

Suspicious content detected in VM

Belgian customer• FG1500D cluster• AV profile with FSA

integration• Multiple VDOMs• FSA1000D

Threat Landscape & Evolving IT Infrastructure

23

Threat Landscape & Evolving IT Infrastructure

WAN

Internet

Cloud

HomeOffice

Internal Network(100 Gbps+)

BranchOffice

PrivateCloud

EdgeGateway

Data Center

ISFW

ISFWISFW

ISFWISFW

ISFW

External

Internal

FortiGate ISFW Features: Very high performance Ultra-low latency High port density 1, 10, 40 & 100 GbE interfaces Detection and proactive protection Quick deployment and operational ease Proven FortiGuard threat intelligence

24

Cybersecurity PlatformSeamless Security Across the Entire Attack Surface

USERS

NETWORK

DATA CENTER

ATP Framework Allows Threat Intelligence Sharing and Alerting

Secure Access

Network Security Application Security

FortiGuard Threat Intelligence & Services

FortiGate

Client Security

CloudSecurity