A Fabric Approach to Network Security John Little August 20 th 2018 Copyright Fortinet Inc. All rights reserved.
What you will learn Our schedule for the session will include discussion of: Points of Inflection in todays Enterprise Networks Identify the drivers of Digital Transformation (Dx)» What is it?» Why should you care and why are we talking about it? Virtualization & Cloud IOT The changing Threat Landscape Security Transformation» What is it & Why should you care» Basic Security Principals» The Fabric 8» Discussion of Fabric integration Real life examples 2
Points of Inflection POINT OF INFLECTION TODAY S NETWORK IS BORDERLESS TODAY S NETWORK IS FASTER THAN EVER TODAY S NETWORK IS MORE COMPLEX THAN EVER
[Digital Transformation] integration of digital technology into all areas of a business, resulting in fundamental changes to how businesses operate and how they deliver value to customers
DATA DRIVEN BUSINESS MODEL Digital Transformation Omni Channel Customer Engagement Empower Your Employees Optimize Your Business Transform from Products to CX Digital Technology 5
REAL LIFE DX EMIRATES AIRLINE Goal is to transform Emirates into the leading customercentric, technology-enabled travel experience enterprise AI or robotics to reconstruct processes Efficiencies through task simplification so more tasks can be tackled Blockchain is a revolution within a revolution Security automated, deep at speed and scale 1. RESEARCH & KNOW YOUR CUSTOMER 2. UNDERSTAND THE CISO & OUTCOMES
DRAMATIC SHIFTS Dramatic economic and quality of life improvements Source: Paul Hodges, Economic Grouwth 2015 7
COMPLEXITY, SKILLS & ADVANCED THREATS Security is the largest factor standing in the way of enterprise digital transformation efforts. More than half (55%) of companies said that security was the No. 1 challenge they face when implementing digital enablement technologies Source: SoftServe 2017 Cybersecurity one of Top 10 obstacles to Digital Transformation Source:Harvard Business Review 2017 Security nearly always tops the list of digital transformation obstacles. Marc Cecere, Forrester, ZD Net, 2017 Biggest disruptive technologies (58%), mobility and collaboration (54%), big data (52%)...IoT (43%) Source: BT CIO Report 2016 Some 57% of businesses reported major issues finding and recruiting talented IT security staff a problem as digital transformation efforts move more data and systems to the cloud, and cyber attacks grow more sophisticated. Source: Osterman Research 2017
SECURING DATA AT SPEED & SCALE in the digital era, [security] focus needs to shift from securing network perimeters to safeguarding data spread across systems, devices, and the cloud. MIT Technology Review, 2017 Mobile Devices Augmented Reality/Wearables IoT Platforms Cloud Computing Bid Data Analytics and Advanced Algorithms Multi-level Customer Interaction and Customer Profiling 3D Printing Location Detection Technologies Smart Sensor Advanced Human-machine Interfaces
SECURING DATA AT SPEED & SCALE in the digital era, [security] focus needs to shift from securing network perimeters to safeguarding data spread across systems, devices, and the cloud. MIT Technology Review, 2017 Mobile Devices Augmented Reality/Wearables IoT Platforms Cloud Computing Bid Data Analytics and Advanced Algorithms Multi-level Customer Interaction and Customer Profiling 3D Printing Location Detection Technologies Smart Sensor Advanced Human-machine Interfaces 10
Virtualization and Cloud FOCUS #1
The Multi-Cloud Experience Silos due to lack of visibility & control VIRTUALIZATION PRIVATE CLOUD HYBRID PUBLIC CLOUD HYPERVISOR IaaS/PaaS East-West North-South SaaS 12
The Internet of Things FOCUS #2
EXPANDING EXPOSURE & COMPLEXITY Hyper-connected Networks Connected OT & IT Systems Functional & Cyber Security 20.4B TOTAL 11.2B TOTAL IoT Devices (Billions) 8.4B TOTAL Business Vertical Specific 12 863 Business Cross-Industry Consumer 5 244 7 038 2017 2018 2020 Source: Gartner 2017
The Threat Landscape FOCUS #3
CYBER CHANGES SINCE 2007 2007 2017 Threat Actors <50 >1,000 Threat Types <50 >1,000,000 Alerts/Day (Average Per Firm) <1,000 >1,000,000 Security Vendors <100 >2,300 VC Investments <$500M >$6B Security Spending <$3B >$80B Source: Optiv, 2017 16
MISSING Missing BASICS basics DUE due TO to COMPLEXITY complexity
DX INCREASES COMPLEXITY DX DX DX DX Existing Issues BORDERLESS PERFORMANCE COMPLEXITY
ability to execute THREAT ACTORS challengers LEADERSHIP leaders QUADRANT N. Korea Iran Brazil Romania Ukraine niche players India UK France USA Israel visionaries Russia China 1. USA, Russia, China, Israel, and the UK have ~ 100% success rates on offensive APT cyber operations 2. North Korea derives ~100% of its APT cyber operations capability via training and support from China 3. Romania, Iran, and Ukraine have large populations of technically trained, under-employed youth 4. Reconsideration of risk management and The disappearing perimeter completeness of vision Source: Ed Amoroso 19
[Security Transformation] is the integration of security into all areas of digital technology resulting in fundamental changes to how security is architected, deployed and operated. 20
SECURING DATA AT SPEED & SCALE in the digital era, [security] focus needs to shift from securing network perimeters to safeguarding data spread across systems, devices, and the cloud. MIT Technology Review, 2017 Mobile Devices Augmented Reality/Wearables IoT Platforms Cloud Computing Bid Data Analytics and Advanced Algorithms Multi-level Customer Interaction and Customer Profiling 3D Printing Location Detection Technologies Smart Sensor Advanced Human-machine Interfaces
SECURING DIGITAL THE ENTERPRISE SECURITY PRINCIPLES 01 Holistic security plan based on simplicity and automation 04 Shared local and global intelligence 02 Open standards so everything can connect 05 Orchestration at Speed and Scale 03 Single pane of glass deep centralized visbility and control 06 Analytics & Artificial Intelligence for behavioral analysis
SECURITY FABRIC 2018 PARTNER API MANAGEMENT- ANALYTICS MULTI- CLOUD 2018 IOT- ENDPOINT WEB APPS NETWORK UNIFIED ACCESS EMAIL BROAD ADVANCED THREAT PROTECTION A Security Architecture that is: INTEGRATED AUTOMATED Provides Visibility and Protection Across the Entire Digital Attack Surface Multiple Technologies Working Together for the Detection of Advanced Threats Embedded Intelligence for Automatic Response & Continuous Trust Assessment 23
SECURING IOT, NETWORKS & CLOUD ECOSYSTEMS The Fabric 8
THE FABRIC 8 MANAGEMENT- ANALYTICS Endpoint Security PARTNER API MULTI- CLOUD IoT Endpoint Products and services that detect and block malicious objects delivered via web, email, network, or personal storage to an endpoint IOT- ENDPOINT NETWORK WEB APPS NG Endpoint Protection Platform UNIFIED ACCESS EMAIL Enterprise Management Server Central Management Software ADVANCED THREAT PROTECTION
THE FABRIC 8 MANAGEMENT- ANALYTICS Network Security PARTNER API MULTI- CLOUD Network Products and services that provide high-performance, consolidated advanced security and deep visibility to protect the network from known and unknown threats IOT- ENDPOINT NETWORK WEB APPS Enterprise Firewall UNIFIED ACCESS EMAIL IPS SWG Appliance Virtual Machine ADVANCED THREAT PROTECTION SD-WAN Cloud 27
THE FABRIC 8 MANAGEMENT- ANALYTICS Secure Unified Access PARTNER API MULTI- CLOUD Unified Access Products and services necessary to provide secure network connectivity, wired or wirelessly, to users of the Fortinet Security Fabric Integrated Wireless IOT- ENDPOINT NETWORK WEB APPS Wireless Infrastructure UNIFIED ACCESS EMAIL Switching Infrastructure Appliance Virtual Machine ADVANCED THREAT PROTECTION Identity and Identity Management Hosted
THE FABRIC 8 MANAGEMENT- ANALYTICS Email Security PARTNER API MULTI- CLOUD Email Products and services that inspect corporate email for unwanted (spam) and malicious (phishing, malware) messages as well as inappropriate or sensitive content IOT- ENDPOINT NETWORK WEB APPS UNIFIED ACCESS EMAIL Secure Email Gateway Appliance Virtual Machine ADVANCED THREAT PROTECTION Hosted Cloud
THE FABRIC 8 MANAGEMENT- ANALYTICS Web Application Security PARTNER API MULTI- CLOUD Web Applications Products and services that protect web-based applications from threats that target known and unknown exploits IOT- ENDPOINT NETWORK WEB APPS Web Application Firewall UNIFIED ACCESS EMAIL Application Delivery Controller Appliance Virtual Machine ADVANCED THREAT PROTECTION Hosted Cloud
THE FABRIC 8 MANAGEMENT- ANALYTICS Advanced Threat Protection PARTNER API MULTI- CLOUD ATP Products and services that continue inspecting for malware and other signs that cyber criminals have gained entry despite traditional threat prevention products (NGFW, SEG, EPP, WAF, etc) IOT- ENDPOINT NETWORK WEB APPS UNIFIED ACCESS EMAIL Advanced Threat Protection ie, Sandbox or Detonation chamber Appliance Virtual Machine ADVANCED THREAT PROTECTION Hosted Cloud
THE FABRIC 8 MANAGEMENT- ANALYTICS Multi-Cloud Security PARTNER API MULTI- CLOUD Multi Cloud Products and services that protect the expanded attack surface across private cloud, public cloud and SaaS IOT- ENDPOINT NETWORK WEB APPS Virtual Firewall Network Security Cloud Firewall Network Security Cloud Access Security Broker Virtual Machine UNIFIED ACCESS ADVANCED THREAT PROTECTION EMAIL Cloud & SDN Integration Cloud
THE FABRIC 8 MANAGEMENT- ANALYTICS Management & Analytics PARTNER API MULTI- CLOUD Products and services that weave Fortinet and partner products into a cohesive solution, uncovering hidden insights and reducing the total cost of ownership IOT- ENDPOINT NETWORK WEB APPS Central Logging & Reporting Central Security Management Cloud-based Central Management Appliance Virtual Machine UNIFIED ACCESS ADVANCED THREAT PROTECTION EMAIL Security Information & Event Management Hosted Cloud
AUTOMATED DEEP VISIBITY & CONTROL Management & Analytics Multi-Cloud Security Cloud FW VFW CASB Internal Segmentation FW Web Application Security Secured Unified Access NGFW Segmentation Email Security Endpoint Security Advanced Threat Protection DC / Cloud Services 3G/4G/5G wireless DC / Private Cloud UCPE Branch Access and off-load Transport / SDWAN Consumer Access and off-load 34
Backup Slides
Broad The Fabric Allows Flexible, Open Integration of Other Security Partners Virtualization & SDN/NFV CLOUD ENDPOINT & IoT MANAGEMENT SIEM SYSTEMS INTEGRATOR 36
Fabric-Ready Partners Carbon Black Key Solution Features Real-time endpoint sensor & recorder that provides real-time and historical data for every server and endpoint. Policy-driven trust-based security allows you to define software you trust, and deny everything else by default. Instantly retrieve files from any endpoint - to submit to FortiSandbox, or remove based on FortiSandbox intelligence. Key Benefits Lock down systems to stop malware, ransomware, zero-day, and non-malware attacks. Built-in file-integrity monitoring, device control, and memory protection to block unauthorized change Harden new and legacy systems, with broad support for embedded, virtual, and physical OS types & versions. Integration: Endpoint/ATP and Management APIs. Carbon Black-Fortinet Integrated Endpoint Protection Solution Solution brief: https://www.fortinet.com/content/dam/fortinet/assets/solution-guides/sbfortinet-fortisandbox-and-carbon-black-enterprise-protection.pdf Technical Integration Guide: https://www.fortinet.com/content/dam/fortinet/assets/solution-guides/cbprotection-integration-guide.pdf Contacts: https://fuse.fortinet.com/p/do/sd/sid=5243 37
Fabric-Ready Partners Cisco ACI Key Solution Features Cisco ACI - FortiGate integration provides automated, predefined policy-based security provisioning Single-pane-of-glass management enablement from Cisco APIC with full visibility on security policy enforcement Rapid deployment of predefined security policies Enables scale on-demand with automation Key Benefits Enhanced visibility and security correlated with overlay/underlay networks. Lower TCO from reduced administrative OPEX Accelerated application and L4-L7 security deployment. Increased efficiency in service provisioning & network security segmentation. Integration: Virtualization & Management APIs Fortinet-Cisco ACI Solution Solution brief: https://www.fortinet.com/content/dam/fortinet/assets/alliances/cisco- ACI-SolutionBrief.pdf Technical Guide: https://www.fortinet.com/demand/gated/fortigate-connector- Deployment-Guide-CiscoACI-v1.1-v1.2.html Contacts: https://fuse.fortinet.com/p/do/sd/sid=5243 38