Date post: | 17-Jan-2015 |
Category: |
Documents |
Upload: | alvaroroldanperal |
View: | 176 times |
Download: | 2 times |
Fortinet ConfidentialFortinet Confidential
April 10, 2023
Fortinet Product Overview
Fortinet ConfidentialFortinet Confidential
Fortinet Product Portfolio
2
Unified Threat
Management
FortiGateNetwork SecurityPlatform
FortiAPNetwork SecurityPlatform
Centralized Manageme
ntFortiManagerCentralized DeviceManagement
FortiAnalyzerCentralized Loggingand Reporting
Application Security
FortiMailMessaging Security
FortiWebWeb & XML Application Firewall
Data Security
FortiDBDatabase Security
Host Security
FortiClientEndpoint Security
FortiScanAsset Vulnerability Management
Security Services
FortiGuardReal time Security Services
Fortinet ConfidentialFortinet Confidential
Fortinet Product Portfolio
3
Unified Threat
Management
FortiGateNetwork SecurityPlatform
FortiAPNetwork SecurityPlatform
Centralized Manageme
ntFortiManagerCentralized DeviceManagement
FortiAnalyzerCentralized Loggingand Reporting
Application Security
FortiMailMessaging Security
FortiWebWeb & XML Application Firewall
Data Security
FortiDBDatabase Security
Host Security
FortiClientEndpoint Security
FortiScanAsset Vulnerability Management
Security Services
FortiGuardReal time Security Services
Fortinet ConfidentialFortinet Confidential
4
• Consolidated security appliance− Block network & content threats
• Accelerated performance»10 GbE− Up to 120 Gbps
• Platforms for every market segment− Carrier to SOHO− No per-user licensing
FortiGate Platform
Fortinet ConfidentialFortinet Confidential
• ASIC-based multi-threat security platform• Third party certifications• Common OS across all platforms• Single management interface• FortiGuard Services
– Antivirus, IPS, Antispam, Web content filtering,Application control
5
Enterprise Service Provider & Large EnterpriseSMB & Remote Office
FortiGate Platform
Fortinet ConfidentialFortinet Confidential
6
Purpose-Built Hardware
Specialized OS
Firewall
Fully Integrated Security & Networking Technologies
Hardened Platform
High Performance
Real-Time Protection
Traffic ShapingVPN
SSL Insp
DLP WAN Opt
FortiGate Consolidated Security Platform
FortiGuard™ Updates
WLAN Load BalancingVoIP HA
Support and Services FortiCare™ FortiGuard Labs
AV IPS AntispamWeb Filter App Ctrl VM
• Purpose-built to deliver overlapping, complementary security
• Provides both flexibility & defense-in-depth capabilities
Fortinet ConfidentialFortinet Confidential
Scalability and reliability• Up to and beyond 10 Gig performance • Room to grow with modularity
Simplified licensing• Appliance-based licensing• No OEM / partnership based technologies
Broad Range of Technologies• Address specific needs with single
platform• Performance with ASIC acceleration• Scalability and reliability with HA
LAN
Enterprise Deployment
7
ANTIVIRUS
FIREWALL
7
Web Servers
Email Servers
ANTIVIRUSANTISPAM FIREWALL
WEB FILTERING
APPLICATIONCONTROL
IPS
ANTIVIRUS
FIREWALL
IPS
DLP
Fortinet ConfidentialFortinet Confidential
ANTIVIRUS
ANTISPAMWEB
FILTERING
FIREWALL
Service Provider Deployment
Virtualization• Customer enablement through virtual
FortiGate instances• No additional CapEx or infrastructure
changes• Instant revenue opportunities
Scalability and reliability• Up to and beyond 10 Gig performance • Modularity provides
Simplified licensing• Appliance-based licensing• No OEM / partnership based technologies
8
Virtualization
Customer A
Customer BCustomer C
ANTIVIRUSANTISPAM FIREWALL
WEB FILTERING
APPLICATIONCONTROL
WANOPTIMIZATION
Fortinet ConfidentialFortinet Confidential
All-in-one product• Limited expertise and staff• Eliminates additional cost associated
with point solutions
Additional value• WAN optimization bring additional
Multi-function product position• Delivers high value for low cost• Simplified management essential• Appliance-based licensing model
SMB / Remote Office Deployment
9
ANTIVIRUS ANTISPAMWEB
FILTERING
FIREWALL VPN IPS
WANOPTIMIZATION
Fortinet ConfidentialFortinet Confidential
FortiGate enforces same policies on wireless and wired traffic, ensuring maximum visibility and control
Wireless Security in Enterprise Environments
10
• WLAN Switching and RF Management• Automatic Radio Resource
Provisioning (ARRP)• L2 Mobility & WME QoS & UAPSD
power save
• AuthenticationWired and wireless 802.1x, Web-based captive portal, MAC address, Local user database, LDAP, RADIUS, TACACS+
• Wireless air monitorRogue AP detection
• EncryptionOpen, WEP, WPA/WPA2 (PSK/RADIUS)
Wireless
Planning
Wireless Security
Multi-Threat
Security
Fortinet ConfidentialFortinet Confidential
11
Building A Secure WLAN
Secure Wireless Access Points
Multi-Threat Security with Integrated
Wireless Controller
Fortified Wireless Space
Fortinet ConfidentialFortinet Confidential
12
The Fortinet WiFi Security Solution
FortiAP Secure APSingle or Dual Radio Controllers (FortiGate Platforms)
802.11n compliant 300-600 Mbps throughput Single or Dual concurrent radio 2.4GHz/5GHz (802.11
a/b/g/n) Enterprise-Class feature set Dedicated built-in in air monitoring Internal Antenna design Highest value at competitive price
20+ platforms to meet any requirement Leverages same models already on the market 10Mbps – 40Gbps wireless LAN Capacity High capacity
6 AP/100 user to 10,000 AP / 32,768 users Programmable control & data planes Hardware-based cryptography Centralized management
FortiGate PlatformsWith Integrated Wireless Controllers
Secure Access Points
Fortinet ConfidentialFortinet Confidential
Fortinet Product Portfolio
13
Unified Threat
Management
FortiGateNetwork SecurityPlatform
FortiAPNetwork SecurityPlatform
Centralized Manageme
ntFortiManagerCentralized DeviceManagement
FortiAnalyzerCentralized Loggingand Reporting
Application Security
FortiMailMessaging Security
FortiWebWeb & XML Application Firewall
Data Security
FortiDBDatabase Security
Host Security
FortiClientEndpoint Security
FortiScanAsset Vulnerability Management
Security Services
FortiGuardReal time Security Services
Fortinet ConfidentialFortinet Confidential
FortiAnalyzer and FortiManager
• Tightly integrated to provide centralized management of core security services
14
• FortiAnalyzer• Log Analysis• Reporting• Content Archiving / Data Mining• Network Analyzer• Log Browser / Real-Time Log
Viewer• Central File Quarantine• Vulnerability Assessment
Scanner• Forensic Analysis
• FortiManager• Policy / Device Management• Update Manager
(Firmware / Security Content)
• VPN Manager• Script Manager
Fortinet ConfidentialFortinet Confidential
• All FortiGate models• All FortiMail models• FortiClient PC endpoint devices• Any FortiManager model• Any Syslog-compatible device
LAN
Enterprise Deployment
15
Web Servers
Email Servers
FortiAnalyzerHA Cluster
FortiAnalyzer
Support for:
Fortinet ConfidentialFortinet Confidential
LAN
• Small to Medium sized FortiGate Models (FG30B-800F)• Small to Medium sized FortiMail Models (FE100B-400A)• FortiClient PC endpoint devices• FortiManager systems (FM-100A/FM-400A)• Other Syslog-Compatible Devices
SMB / Remote Office Deployment
16
FortiWiFi
FortiManagerFortiAnalyzer
Support for:
Fortinet ConfidentialFortinet Confidential
FortiGuard Management and Analysis Architecture
17
FortiGuardAnalysis and Management
Portal
• Management• Configuration• Logging and Reporting• Analysis and Forensics
Hosted support for:
SSL
Customer FortiGate Infrastructure FortiGuard Distribution Network
Fortinet ConfidentialFortinet Confidential
FortiManager Appliances
18
FortiManager-400B Small-to-Medium Deployments200 FortiGate devices10,000 FortiClient agents
FortiManager-3000C Large Deployments5,000 FortiGate devices120,000 FortiClient agents
FortiManager-100C Small Deployments20 FortiGate devices2,500 FortiClient agents
FortiManager-1000C
FortiManager-5001A
Small-to-Medium Deployments800 FortiGate devices25,000 FortiClient agents
Large Deployments4,000 Fortinet devices100,000 FortiClient agents
Fortinet ConfidentialFortinet Confidential
FortiAnalyzer Appliances
19
FortiAnalyzer-100C For Small Deployments Up to 100 network devices Up to 100 FortiClient agents
FortiAnalyzer-4000B For Large DeploymentsUp to 2,000 network devices Unrestricted FortiClient agents
FortiAnalyzer-400B For Medium DeploymentsUp to 200 network devices Up to 2000 FortiClient agents
FortiAnalyzer-2000B For Medium-to-Large DeploymentsUp to 2,000 network devices Unrestricted FortiClient agents
FortiAnalyzer-1000C For Medium-to-Large DeploymentsUp to 2,000 network devices Unrestricted FortiClient agents
Fortinet ConfidentialFortinet Confidential
Fortinet Product Portfolio
20
Unified Threat
Management
FortiGateNetwork SecurityPlatform
FortiAPNetwork SecurityPlatform
Centralized Manageme
ntFortiManagerCentralized DeviceManagement
FortiAnalyzerCentralized Loggingand Reporting
Application Security
FortiMailMessaging Security
FortiWebWeb & XML Application Firewall
Data Security
FortiDBDatabase Security
Host Security
FortiClientEndpoint Security
FortiScanAsset Vulnerability Management
Security Services
FortiGuardReal time Security Services
Fortinet ConfidentialFortinet Confidential
FortiMail
• Dedicated antispam appliance»High-performance mail processing with antispam detection»Complements antispam/antivirus features in FortiGate
• Flexible deployments»Transparent, Gateway, or Server modes
• Integrated multi-threat detection»Antispam, Antivirus, Antispyware, Antimalware»Preserves productivity, ensures policy compliance, and
protects domain reputation
• Email quarantining and archiving»User-based quarantine capabilities »Archiving for analysis and compliance support
21
Fortinet ConfidentialFortinet Confidential
Scalability and reliability• Manage up to 1.4 million emails per hour• High availability, RAID, and load balancing options
Simplified licensing• Appliance-based licensing, no per-user/per-mailbox price• No OEM / partnership based technologies
Unique Deployment Flexibility• Three options to fit any enterprise’s unique
requirements– Transparent mode – Gateway mode – Full messaging server
LAN
Enterprise Deployment
2222
Remote Offices
ANTIVIRUSANTISPAM
Fortinet ConfidentialFortinet Confidential
ANTIVIRUS
ANTISPAM
Service Provider Deployment
Provider-Specific Benefits• Outbound blocking prevents all subscribers from
being blacklisted due to shared IP addresses• Granular endpoint monitoring/blocking, including
smartphones in 3G networks• Automatic greylisting fools spammers, does not
affect legitimate messages
Scalability and reliability• Manage up to 1.4 million emails per hour• High availability, RAID, and load balancing options
Simplified licensing• Appliance-based licensing, no per-user/per-mailbox price• No OEM / partnership based technologies
23
Customer A
Customer BCustomer C
ANTIVIRUSANTISPAMANTIVIRUSANTISPAM
Fortinet ConfidentialFortinet Confidential
Low Cost, Centrally Managed• No need for expertise and staff on-site
Additional value• Eliminate spam/threats before they
affect WAN performance and network security
Policy Compliance• Local archiving of content/logs
Ease of Installation• Transparent mode requires no change
to MX records or mail clients
SMB / Remote Office Deployment
24
ANTIVIRUS ANTISPAM
Fortinet ConfidentialFortinet Confidential
FortiMail Family
25
FortiMail-100C Small DeploymentsRecommended for up to 1,000 users Up to 77,000 emails/hour (Full inspection)
FortiMail-2000B Large Enterprise DeploymentsRecommended for up to 50,000 usersUp to 1.0 million emails/hour (Full inspection)Redundant/Hot-Swappable Power Supplies
Large Enterprise/ Service Provider DeploymentsRecommended for up to 50,000 usersUp to 1.1 million emails/hour (Full-Inspection)FG-5000 series chassis compatible
FortiMail-400B Mid-Enterprise DeploymentsRecommended for 10,000 usersUp to 185,400 emails/hour (Full inspection)
FortiMail-5001A
FortiMail-3000C Large Enterprise DeploymentsRecommended for up to 50,000 usersUp to 1.2 million emails/hour (Full inspection)Redundant/Hot-Swappable Power Supplies
Fortinet ConfidentialFortinet Confidential
FortiWeb – Web Application Firewall
Secure Web applications
Protect Web Services
Ensure Application Availability
26
Web Application Platform Web Application Firewall – secures web applications to help customers
meet compliance requirements XML Firewall – Secures and prevents exploits against XML based web
services Application Acceleration – Accelerates and ensures timely delivery of web
based content utilizing Fortinet’s ASIC technology
Fortinet ConfidentialFortinet Confidential
FortiWeb Provides Protection at All Layers
27
Protocol Validation
Application Attack Signatures
Auto Learn and Validation Rules
Data Leak Prevention
Authentication Policy Validates UsersDetects Information Disclosure, CC, PIIDeviations from Normal User BehaviorDetects Known Application Attacks (FortiGuard Updated)
Validates HTTP RFC compliance
Fortinet ConfidentialFortinet Confidential
FortiWeb
• Three deployment modes to easily integrate FortiWeb»Transparent inline»Reverse proxy»Non-inline
• Web application scanner for PCI DSS 6.5 and 6.6• Additional layers of protection:
»Protocol enforcement»Anti web defacement»Brute force login robot protection
• Authentication offload to accelerate applications• Advanced URL rewriting capabilities
28
Fortinet ConfidentialFortinet Confidential
FortiWeb Family
29
FortiWeb-1000C Mid to Large Enterprise Deployments500 Mbps HTTP Throughput Max 27,000 HTTP Transaction / Sec RAID Support1 x 1 TB HDD (expandable to 2 x 1 TB)
FortiWeb-400B Small to Mid-Enterprise Deployments100 Mbps of HTTP ThroughputMax 10,000 HTTP Transaction / Sec 1 x 500 GB HDD (expandable to 2 x 500 GB) RAID Support
FortiWeb-3000C Large Enterprise Deployments1 Gbps HTTP Throughput Max 40,000 HTTP Transaction / Sec RAID Support2 x 1 TB HDD (expandable to 6 x 1 TB)Redundant/Hot-Swappable Power Supplies
Fortinet ConfidentialFortinet Confidential
Fortinet Product Portfolio
30
Unified Threat
Management
FortiGateNetwork SecurityPlatform
FortiAPNetwork SecurityPlatform
Centralized Manageme
ntFortiManagerCentralized DeviceManagement
FortiAnalyzerCentralized Loggingand Reporting
Application Security
FortiMailMessaging Security
FortiWebWeb & XML Application Firewall
Data Security
FortiDBDatabase Security
Host Security
FortiClientEndpoint Security
FortiScanAsset Vulnerability Management
Security Services
FortiGuardReal time Security Services
Fortinet ConfidentialFortinet Confidential
FortiDB
Comprehensive Database Security • Database discovery and classification • Vulnerability assessment with remediation advice • Database activity monitoring (DAM)• Data loss prevention • Automation of auditing and compliance • Change control for metadata changes (DDL) and user privilege
changes (DCL)• Support for heterogeneous, virtualized environments
31
Fortinet ConfidentialFortinet Confidential
IBM
Oracle
Sybase Teradata MicrosoftInternet
IBM Oracle
Headquarters
Remote Offices
MySQL
Efficient deployment and Management, low TCO
Database Security Software
• Don’t need to change the network infrastructure• Don’t have to install two devices to capture local and users from the network• Intuitive GUI and Centralized policy Management • One server can handle hundreds of databases• Can monitor both local and remote databases• Have both agents based and agentless options
32
Fortinet ConfidentialFortinet Confidential
FortiDB Family
33
FortiDB-1000B Mid to Large Enterprise Deployments30 Database InstancesRAID Support1 x 1 TB HDD (expandable to 2 x 1 TB)
FortiDB-400BSmall to Mid-Enterprise Deployments10 Database Instances1 x 500 GB HDD (expandable to 2 x 500 GB) RAID Support
FortiDB-2000B Large Enterprise Deployments60 Database Instances RAID Support1 x 1 TB HDD (expandable to 6 x 1 TB)Redundant/Hot-Swappable Power Supplies
Fortinet ConfidentialFortinet Confidential
Fortinet Product Portfolio
34
Unified Threat
Management
FortiGateNetwork SecurityPlatform
FortiAPNetwork SecurityPlatform
Centralized Manageme
ntFortiManagerCentralized DeviceManagement
FortiAnalyzerCentralized Loggingand Reporting
Application Security
FortiMailMessaging Security
FortiWebWeb & XML Application Firewall
Data Security
FortiDBDatabase Security
Host Security
FortiClientEndpoint Security
FortiScanAsset Vulnerability Management
Security Services
FortiGuardReal time Security Services
Fortinet ConfidentialFortinet Confidential
FortiClient
• Host-based security»Antivirus / antimalware client»Personal firewall»Web content filter»Antispam filtering
• FortiGate integration»WAN optimization» IPSec VPN »Data loss prevention
35
AntivirusWeb
Filtering Antispam
FortiGuard Services
Fortinet ConfidentialFortinet Confidential
FortiScan-1000C
• Endpoint Vulnerability Assessment and Remediation» Identifies security vulnerabilities and finds compliance exposures on hosts
and servers»Audits and monitors across heterogeneous systems»Delivers patch management with ready to deploy remediation and
enforcement actions»Aides compliance for regulatory mandates with compliance reports
36
Fortinet ConfidentialFortinet Confidential
Fortinet Product Portfolio
37
Unified Threat
Management
FortiGateNetwork SecurityPlatform
FortiAPNetwork SecurityPlatform
Centralized Manageme
ntFortiManagerCentralized DeviceManagement
FortiAnalyzerCentralized Loggingand Reporting
Application Security
FortiMailMessaging Security
FortiWebWeb & XML Application Firewall
Data Security
FortiDBDatabase Security
Host Security
FortiClientEndpoint Security
FortiScanAsset Vulnerability Management
Security Services
FortiGuardReal time Security Services
Fortinet ConfidentialFortinet Confidential
FortiGuard Services Network
• Real-time updates» “Push” / “pull” updates for Fortinet customers»Tied to FortiCare registration system
• Distributed infrastructure»Multiple servers deployed globally»Approximately 16 data center locations»Hierarchical deployment strategy
• Main server update pushes secondary updates
• Gather feedback from worldwide installed base
38
Antivirus
Web Filtering IPS
Antispam
Fortinet ConfidentialFortinet Confidential
Product Services
Product FortiGuard Services Available
FortiGate
Antivirus Antispam Web filtering Intrusion Prevention Service Application control
FortiAnalyzer Vulnerability management services
FortiMail Antispam Antivirus
FortiDB FortiDB Security Service
FortiClient Antivirus Antispam Web filtering
FortiWeb FortiWeb Security Service
FortiScan Vulnerability management services
39
Fortinet ConfidentialFortinet Confidential
FortiCare Support Services
• FortiCare Knowledge Center» Around the clock self-service portal» Technical articles & documentation» Firmware/software updates
• Technical Support » 8x5 – Business Hours Support Local Time» 24x7 – Around the clock coverage for
Priority 1 events» Online Tracking/Management of Tickets» Premium Support
• Hardware Repair» Return to Factory (Return & replace services)» Advanced Replacement (24 hr return)» Premium-RMA (4-Hour and Next Day)
Available in Key Geographic Areas
40
Fortinet Confidential
Thank You
Fortinet Confidential
Appendix
Fortinet ConfidentialFortinet Confidential
Award-Winning Channel Program
• Fortinet delivers value to over 5,000 partners worldwide»Build long-term, value-added relationships with customers ranging from global
service providers to large enterprises and small/medium organizations
• Recent industry recognition:»ARC Winner for best security appliance: “Network Security Appliances: Fortinet
Steals The Thunder From ARC Rivals”• Beating out SonicWall & Juniper
»VAR Business Magazine: 5-Star Vendor
43
Fortinet ConfidentialFortinet Confidential
FortiGate Model Lineup
44
Network Security Appliances Target Market Form Factor FortiGuard
Services Available
FortiGate-30 through FortiGate-111
Small to Medium Enterprise
Service Provider Remote/Branch
Office
Standalone
Antivirus IPS Web filtering Antispam Application Control
FortiGate-200 through FortiGate-800
Medium to LargeEnterprise
Standalone & Rack Mountable
FortiGate-1000 through FortiGate-3810
Large Enterprise Service Provider
Rack Mountable & AMC Modular
FortiGate-5000 Series
Large Enterprise Service Provider
Rack Mountable & ATCA Chassis (up to 14 blades)