2. 2
Agenda Evento
10.00 Luigi Pedrotta – AU Lan & Wan Solutions: “Innovare la tua azienda la nostra sfida”
10.15 Giorgio D’Armento – CAM Fortinet Italia: “Security for a New World”
10.30 Alessandro Berta – SE Specialist Fortinet Italia
Secure Access Architecture
Sicurezza completa e semplificata per l’accesso di rete
Cloud Wireless, Integrated Wireless, Infrastructure Wireless e strumenti di discovery dei punti
“scoperti”
Cyber Threats Assesment Program: Lan & Wan Solutions con Fortinet Enforcement per
l’analisi della tua rete
FortiSandbox e l’approccio di protezione multilivello: la necessità di una soluzione integrata per
prevenire, rilevare, mitigare
12.30 Pranzo
14.00 Visite Cantine Zonin
15.00 Fine
4. 4
BONUS EVENTO :
CYBER THREATS ASSESSMENT FREE !
» Efficacia della tua soluzione di Network Security
» Vulnerabilità delle Applicazioni
» Scoperta di Malware/botnets
» I devices “A rischio” all’ interno della rete
» Utilizzo di Applicazioni e delle risorse web all’ interno del network
» La quota di utilizzo della rete per connessioni Peer to peer, social media, instant
messaging
» Utilizzo delle applicazioni client-server e web-based in allineamento con le
politiche aziendali
» Area di miglioramento delle prestazioni del Network
» Requisiti di Throughput, sessioni e banda durante le ore di punta
» Dimensionamento e ottimizzazione della soluzione di Security per il proprio
utilizzo
5. 5
CTAP REPORT : ANALISI E SUGGERIMENTI DEI
PROFESSIONISTI FORTIGUARD LAB FORTINET
Deployment details
and methodology
Executive summary Recommended
actions
Security and
Threat Prevention
Security and
Threat Prevention – Part 2
User productivity Web usage Network Utilization FortiGuard services
6. 6
Perchè Fortinet ? La scelta di Lan & Wan Solutions di IERI :
Set di Tecnologie di Security intrgrate nel FortiOS aggiornato da FortiGuard Labs Threat Intelligence
Firewall
VPN
Application Control
IPS
Web Filtering
Anti-malware
WAN Acceleration
Data Leakage Protection
Wi-Fi Controller
Advanced Threat Protection
SaaS Gateway
Software Enabled
Security Modules
App Control Antivirus Anti-spam
IPS Web App Database
Web
Filtering
Vulnerability
Management
IP
Reputation
Mobile
Security Deploy what you need,
where you need it
7. 7
Perchè Fortinet ? La conferma della scelta di OGGI :
Vasto e Complementare Portfolio di Soluzioni di Sicurezza.
FortiDB
Database
Protectio
n
FortiClient
Endpoint Protection,
VPN
FortiToken
Two Factor
Authentication
FortiSandbox
Advanced Threat
Protection
FortiClient
Endpoint Protection
FortiGate
NGFW
FortiAuthenticator
User Identity
Management
FortiManager
Centralized
Management
FortiAnalyzer
Logging, Analysis,
Reporting
FortiADC
Application
Delivery Control
FortiWeb
Web Application
Firewall
FortiGate
DCFW
FortiGate
Internal
NGFW
FortiDDoS
DDoS Protection
FortiMail
Email Security
FortiGateVMX
SDN, Virtual
Firewall
FortiAP
Secure Access
Point
DATA CENTER
BRANCH
OFFICE
CAMPUS
FortiGate
Cloud
FortiWiFi
UTM
FortiGate
Top-of-
Rack
FortiCamera
IP Video Security
FortiVoice
IP PBX Phone
System
FortiGate
Next Gen IPS
FortiExtender
LTE Extension
Secure Wireless
Switching
Advanced Threat Protection
Authentication & Tokens
Application Security
Application Delivery/SLB
Endpoint Security
IP PBX and Phones
IP Video Surveillance
More…
9. 9
SECURITY HAS CHANGED
3.2BILLION
INTERNET
USERS 1.3
BILLION
SMARTPHONES
SHIPPED
WORLDWIDE 3
BILLION
NEW DEVICES
PER YEAR
THROUGH 2020
INCREASE IN CYBER THREATS
10,000x
PUBLIC CLOUD MARKET IS ESTIMATED TO REACH
$191BILLION
12. 12
SO HAVE THE RISKS
$11.56
$12.69
$15.42
2013 2014 2015
Average Cost of Cybercrime in the U.S.
Dollars (Millions), per incident
Sony security spends $22M per
year. Sony Breach…direct cost
of $35M for one year….cost to
reputation $100B+
Kowsik Guruswamy, CTO of Menlo Security
“ “
13. 13
Fortinet Facts
#1UNIT SHARE
WORLDWID
EIn Network Security (IDC)
$1.17B
CASH
FOUNDED
2000 OVER
2MILLION
DEVICES SHIPPED
40%
GROWTH
EMPLOYEES
3,900+
255,000+
CUSTOMERS
MARKET
LEADING
TECHNOLOGY257 PATENTS
228 PENDING
100+OFFICES
WORLDWIDE
SUNNYVALE, CA
HQ
IPO
2009
15. 15
Fortinet Customers
Fortune Companies
in America
of the
TOP7 10
Fortune Companies
in EMEA
of the
TOP8 10
Fortune Companies
in APAC
of the
TOP9 10
Fortune
Telecommunications
Companies
10 of the
TOP 10
Fortune Retail and Commercial
Banks
9of the
TOP 10
Aerospace and
Defense
7of the
TOP 10
18. 18
Global Intelligence & Control
FortiGuard
Labs
FortiGuard
Sensors
FortiGuard
Services
Global Threat Intelligence
Full Visibility
Single Pane of Glass
19. 19
Global Intelligence & Control
Global Threat Intelligence
Full Visibility
Single Pane of Glass
http://threatmap.fortiguard.co
m
21. 21
TODAY’S STANDARDAPPROACHES
NO LONGER WORK
TOO MUCH FOCUS
ON COMPLIANCE
Enterprises spend too much on checking
boxes down a list.
TOO RISK BASED
Taking a reactive approach only
addresses known threats, not the
new unknowns.
TOO MANY POINT
SOLUTIONS
Too many different security vendors whose
products do not communicate with one
another.
32. 32
SEAMLESS
Consistent threat posture
end-to-end, across the
expanding attack surface
Security Without Compromise
Seamless Security Across the Entire Attack Surface
POWERFUL
Unrivaled network
performance for today –
and the power to take on
the future
INTELLIGENT
Threat intelligence and advanced threat
protection from the inside out for full
visibility and control
Secure
Access
Network Security Application
Security
FortiGuard Threat Intelligence & Services
FortiGate
Client
Security
Cloud
Security
33. 33
FortiCare
Fortinet’s Global Service and Support Team
Enhanced
Support
24x7Comprehensive
Support
Premium
Services
Professional
Services
8x5
Assigned TAM
Enhanced SLA
Extended sw support
Priority escalation
Onsite visits, more…
Global or regional
Architecture/Design
Implementation
Deployment
Operations
34. 34
LAN&WAN as Fortinet Security Expert
Step Level Objective
NSE 1 Develop a foundational understanding of network security
concepts.
NSE 2 Develop the knowledge and skills to sell Fortinet gateway solutions.
(For Fortinet employees and partners only)
NSE 3
Sales
Associate
Develop the knowledge and skills to sell Fortinet Advanced
Security solutions. (For Fortinet employees and partners only)
NSE 4
Professional
Develop the knowledge and skills of how to configure and maintain
a FortiGate Unified Threat Management (UTM) appliance.
NSE 5
Analyst
Develop a detailed understanding of how to implement network
security management and analytics.
NSE 6
Specialist
Develop an understanding of advanced security technologies
beyond the firewall.
NSE 7
Troubleshooter
Demonstrate the ability to troubleshoot internet security issues.
NSE 8
Expert
Demonstrate the ability to design, configure, install and
troubleshoot a comprehensive network security solution in a live
environment.
Validate your
Security Experience
Demonstrate Value
Accelerate Sales
SalesTechnical
35. 35
Lan & Wan Solution è GOLD PARTNER FORTINET
SalesTechnical
Step Level Objective
NSE 1 Develop a foundational understanding of network security
concepts.
NSE 2 Develop the knowledge and skills to sell Fortinet gateway
solutions. (For Fortinet employees and partners only)
NSE 3
Sales Associate
Develop the knowledge and skills to sell Fortinet Advanced
Security solutions. (For Fortinet employees and partners only)
NSE 4
Professional
Develop the knowledge and skills of how to configure and maintain
a FortiGate Unified Threat Management (UTM) appliance.
NSE 5
Analyst
Develop a detailed understanding of how to implement network
security management and analytics.
NSE 6
Specialist
Develop an understanding of advanced security technologies
beyond the firewall.
NSE 7
Troubleshooter
Demonstrate the ability to troubleshoot internet security issues.
NSE 8
Expert
Demonstrate the ability to design, configure, install and
troubleshoot a comprehensive network security solution in a live
environment.
Richieste
2
2
2
1
Non richiesto
1
Conseguite
3
3
3
2
1
3 Wifi,Fweb,
FMail
Ongoing
The other element of SECURITY that is vital is to have a comprehensive set of tools/technologies available to fight the complex advanced threats of today.
Some vendors outsource some or all of their threat intel, use open source, or simply lack key tools needed to break the chain of an attack at any given link.
This means they fail to stop the threat, or they react too slow to new threat information.
……Fortinet has a comprehensive set of IN-HOUSE tools that can be brought to bear against the threat lifecycle/kill chain.
We control and own all these technologies, allowing us to respond quickly and in a coordinated manner to new information and threat behavior.
Integrating them together inside FortiOS also allows for a more coordination and rapid response to threats, with less admin burden.
No more point solution sprawl when it comes to security technologies.
FortiGuard is Fortinet’s threat research and intelligence services team.
They are an experienced team (over 10 years in place) of nearly 200 strong (researchers + Supporting roles)… ~120 researchers estimated
This team discovers new threats, creates the intelligence that informs all Fortinet products, and pushes out dynamic updates many times a day via a dedicated Distribution Network of nodes/servers strategically located around the world, to ensure the updates reach the devices as soon as possible.
Distinct services have been created to push specific types of threat intelligence to Fortinet devices, based on the deployment scenario and activated features of that device.
Fortinet’s FortiGuard team also participates in all major industry threat sharing initiatives. We even founded the Cyber Threat Alliance (with PAN), to share more advanced threat behavioral/pattern information.
US President Barack Obama mentioned the CTA in his speech at the recent White House Cyber Security Summit in Stanford, California.
Highlight the general solution categories as listed in the gray box on the right
Fortinet offers a broad complementary solution portfolio to complement the core FortiGate FW offering…
Complementary security and network offerings for the data center, cloud, campus/core network, branch/remote site, mobile worker…
Customers can simplify their networks further by using these complementary solutions.
These are an interesting group of statistics but what do they really mean? Quite simply they mean that the threat facing all networks, whether SME or large Enterprise, has and continues to increase exponentially. The combination of the growth of threats with the dramatic increase of the number of devices that can be used to access the network means the job of protecting an enterprise network will continue to be more and more difficult.
That difficulty is readily seen from the number of high profile data breaches over the past several years. However, while the headlines of each new data breach grab our attention, particularly the number of identities or credit cards compromised, what is frequently overlooked in the long term impact to the organization, both from a reputational and financial point of view.
What was overlooked in the Sony Pictures data breach was the direct and indirect costs to the organization, estimated at over $100B.
Not everyone has heard of Fortinet, yet, we have built a successful, profitable billion dollar company over the last 15 years based on solid business fundamentals and great technology. The fact is, once customers put us to the test, we deliver hands down. As a result, we are one of the fastest growing public cyber security companies in the world and serve over a quarter of a million customers globally. We have the strongest international footprint of any of our competitors and the most amount of units deployed of any other vendor, including Cisco.
We have a large footprint in small to mid-sized companies but our carrier grade technology is also used in 50 of the 60 worlds largest most important companies in the world.
Rule number one is to Keep It Simple: the more complex your network is, the harder it is to secure it.
Here is the problem with the typical approach of the Point Product approach – while individually the products may work to specification and expectation but each one is an island, isolated from the rest of the solution. You have connectivity but no security continuity between each of the islands.
More importantly is the lack of consistency in the necessary threat intelligence to keep these solutions up to date – inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker. Malware that might be stopped by the firewall could pass undetected by email or web application.
Dealing with these issues and trying harmonize the differences between the different products is left to the enterprise, further complicating an already complex task. This is particularly true in the mid size enterprise who doesn’t have the resources to effectively manage this complexity.
But physical security, like internal segmentation, must be complemented with higher level security such as that provided through the different services that can run on the different elements of the solution. Those services can only be effective if they are kept up to date throughout the lifecycle of the solution. This is the role of FortiGuard.
FortiGuard is not just one thing, it is an intrinsic combination of leading edge research and real time input from millions of deployed sensors and trusted external sources leading to continuous and automatic updates being fed back to those sensors. But why are these updates so important?
FortiGuard is so important because of the threats that networks are constantly facing. It’s only when you have a clear and visible view of the problem can you begin to provide protection against it.
And that clear view must extend into the solution itself. FortiOS provides a single and consistent interface that simplifies the day to day management of the solution and enables a rapid response and remediation to events in the network. FortiOS 5.4 in particular provides a tight integration with Fortinet’s overall Advanced Threat Protection capability.
So in light of all of the evidence it’s clear some new ideas are needed. But enterprises today are still relying on the same old strategies. Just look at the news: it seems that almost daily we’re reading about another attack, another breach, another massive loss of data.
Why aren’t these strategies working anymore? It could be a number of reasons but there are three key areas that we can point to.
The first is being too focused on compliance: just checking all the boxes on a list isn’t enough. How many massive retail breaches have we seen where the company was recently audited and found to be fully PCI-compliant? Attackers don’t care that you passed your last audit.
They’re also too risk based and reactive. While yes, it is important to protect against the low-hanging, already-seen fruit, it’s the new unknowns that are critical to detect. An annual risk assessment is obsolete the moment it’s done in today’s threat landscape.
Finally, they’re far too focused on ‘best of breed’ solutions. A firewall from one vendor, a sandbox from another, a spam solution from a third. None of these tools were ever designed to work together, leaving your network with potential protection gaps.
What does an organization do to avoid becoming the next headline?
The second rule is that the definition of a network has changed and the number of potential attack vectors has multiplied. What was the boundary of your network yesterday no longer exists today.
There used to be a clearly defined perimeter and security strategies evolved to protect it. The evolution of technology however brought in changes that these strategies couldn’t deal with; the Internet, Cloud technologies and the onslaught of wireless all contribute to a massive increase in the attack surface. Combined with the fact that most networks are architected to be flat once inside of the perimeter, once the network is breached the intruder can easily move laterally throughout the network. This is a key concern for the larger enterprise.
But we’re also concerned about how data can leave the network. Shadow IT, the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing, making it easy to exfiltrate data following a network intrusion.
And finally, rule number 3. Slowing down the network to implement security is not, never has been nor will it ever be a satisfactory strategy.
The enterprise IT staff is faced with what has been an unsolvable problem. The enterprise depends on the network to ensure the continuity of the business and depending upon the business model, the network may be at the center of its strategy.
Injecting security into this model has traditionally meant slow downing the network, sometimes to the point of affecting application performance resulting in complaints. The organization is then forced to find a middle ground between the two, a compromise that pleases no one. But until now, this has been compromise that enterprises have been forced to make.
Until now.
It’s a long held belief that delivering advanced and effective security is diametrically opposed to building a network with maximum throughput and performance.
Over the years companies offering security solutions have evolved from either a security software with networking features added in background or networking with security bolted on. Both approaches were the classic examples of a square peg in a round hole. You could make it work but not the ideal solution.
But Fortinet was built from the ground up to brings these two worlds together seamlessly; to make sure that the network’s security layer was fully integrated into the network infrastructure layer, eliminating the gaps and handoffs that traditionally existed between them. This could only be done with a platform that has been purpose built to perform both functions; FortiGate and FortiOS.
Until now.
But Fortinet goes beyond just the FortiGate, regardless of how powerful it is. FortiGate is complemented by a range of solutions to deal with the changes that I just described. The core network - from the branch to the data center to the cloud; end point protection for the desktop, mobile and wireless devices and specific solutions for the different applications in the network, web or email, are all brought together seamlessly for end to end protection. And to ensure that the solution is able to provide protection through the threat lifecycle, all of the elements of the solution rely on the continuous and automatic updates provided by FortiGuard Labs, ensuring their continued security efficacy into the future.
All of this provides protection that is both from the outside in and the inside out.