A Fabric Approach to Network Security

Similar documents
Strategies for a Successful Security and Digital Transformation

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

A CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management

Securing Digital Transformation

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Build a Software-Defined Network to Defend your Business

The Why, What, and How of Cisco Tetration

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Cisco Unified Data Center Strategy

Enabling Fast IT. In the IoE era. Alberto Degradi DCV Sales Leader. November 2014

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

AKAMAI CLOUD SECURITY SOLUTIONS

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Evolution of connectivity in the era of cloud

Software-Defined Secure Networks in Action

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

SYMANTEC DATA CENTER SECURITY

Transforming the Network for the Digital Business

THE BUGGIE WHIP MISNOMER 2016 PRESIDIO

CYBER ATTACKS DON T DISCRIMINATE. Michael Purcell, Systems Engineer Manager

Mitigating Branch Office Risks with SD-WAN

Managed Endpoint Defense

Cisco APIC Enterprise Module Simplifies Network Operations

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

I D C T E C H N O L O G Y S P O T L I G H T

Run the business. Not the risks.

CHARTING THE FUTURE OF SOFTWARE DEFINED NETWORKING

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Fast IT - Policy Driven Infrastructure for the Intercloud World

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer

Cybersecurity Roadmap: Global Healthcare Security Architecture

Delivering the Wireless Software-Defined Branch

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

Safeguard Application Uptime and Consistent Performance

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

in collaboration with

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

Simplifying the Branch Network

Deception: Deceiving the Attackers Step by Step

Cloud for Government: A Transformative Digital Tool to Better Serve Communities

The threat landscape is constantly

Security-as-a-Service: The Future of Security Management

PT Unified Application Security Enforcement. ptsecurity.com

Realities and Risks of Software-Defined Everything (SDx) John P. Morency Research Vice President

Copyright 2012 EMC Corporation. All rights reserved. Obrigado

Digital Network Architecture

Versa Software-Defined Solutions for Service Providers

There s Never Been a Better Time. Dave West CTO, Cisco APJ May 2016

5 STEPS TO BUILDING ADVANCED SECURITY IN SOFTWARE- DEFINED DATA CENTERS

6 KEY SECURITY REQUIREMENTS

Driving Business Outcomes: Cisco Data Center Innovation and Solutions

5 Steps to Government IT Modernization

Security by Default: Enabling Transformation Through Cyber Resilience

Protecting Your Digital Business: The Case for Next-Generation Intrusion Prevention

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

JUNIPER SKY ADVANCED THREAT PREVENTION

with Advanced Protection

SD-WAN Market Overview

ARTIFICIAL INTELLIGENCE POWERED AUTOMATED THREAT HUNTING AND NETWORK SELF-DEFENSE

Security for the Cloud Era

How to master hybrid IT. Get the speed and agility you want, with the visibility and control you need

Software-Define Secure Networks The Future of Network Security for Digital Learning

New Digital Business Models Driving the Softwarization of the Network

Bromium: Virtualization-Based Security

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

Leisure Business Center,Muntaza,Doha, Qatar Ph: Fax Your trusted security partner

Evolution For Enterprises In A Cloud World

The Rise of the Intercloud

Cisco Start. IT solutions designed to propel your business

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

Efficience de l IT & croissance?

Cisco Software-Defined Access

Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video

Automated Threat Management - in Real Time. Vectra Networks

Juniper Sky Advanced Threat Prevention

Transition Your Windows Server 2003 Infrastructure to a Modern Cisco and Microsoft Solution

Copyright 2011 Trend Micro Inc.

FOR FINANCIAL SERVICES ORGANIZATIONS

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

CYBER SOLUTIONS & THREAT INTELLIGENCE

Cloud-Enable Your District s Network For Digital Learning

A Random Walk through Cyber Security

Enterprise Cloud Computing. Eddie Toh Platform Marketing Manager, APAC Data Centre Group Cisco Summit 2010, Kuala Lumpur

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

WHITE PAPER ARUBA SD-BRANCH OVERVIEW

Journey to Secure and Automated Multi-cloud

Petroleum Refiner Overhauls Security Infrastructure

Cisco Digital Network Architecture The Network Enables Digital Business. Rene Andersen Cisco DK

THE IDENTITY DEFINED SECURITY ALLIANCE

CenturyLink for Microsoft

TREND MICRO SMART PROTECTION SUITES

AWS Reference Design Document

REALIZE YOUR. DIGITAL VISION with Digital Private Cloud from Atos and VMware

Reducing the Cost of Incident Response

Securing Your Digital Transformation

CloudSOC and Security.cloud for Microsoft Office 365

HOSTED SECURITY SERVICES

Transcription:

A Fabric Approach to Network Security John Little August 20 th 2018 Copyright Fortinet Inc. All rights reserved.

What you will learn Our schedule for the session will include discussion of: Points of Inflection in todays Enterprise Networks Identify the drivers of Digital Transformation (Dx)» What is it?» Why should you care and why are we talking about it? Virtualization & Cloud IOT The changing Threat Landscape Security Transformation» What is it & Why should you care» Basic Security Principals» The Fabric 8» Discussion of Fabric integration Real life examples 2

Points of Inflection POINT OF INFLECTION TODAY S NETWORK IS BORDERLESS TODAY S NETWORK IS FASTER THAN EVER TODAY S NETWORK IS MORE COMPLEX THAN EVER

[Digital Transformation] integration of digital technology into all areas of a business, resulting in fundamental changes to how businesses operate and how they deliver value to customers

DATA DRIVEN BUSINESS MODEL Digital Transformation Omni Channel Customer Engagement Empower Your Employees Optimize Your Business Transform from Products to CX Digital Technology 5

REAL LIFE DX EMIRATES AIRLINE Goal is to transform Emirates into the leading customercentric, technology-enabled travel experience enterprise AI or robotics to reconstruct processes Efficiencies through task simplification so more tasks can be tackled Blockchain is a revolution within a revolution Security automated, deep at speed and scale 1. RESEARCH & KNOW YOUR CUSTOMER 2. UNDERSTAND THE CISO & OUTCOMES

DRAMATIC SHIFTS Dramatic economic and quality of life improvements Source: Paul Hodges, Economic Grouwth 2015 7

COMPLEXITY, SKILLS & ADVANCED THREATS Security is the largest factor standing in the way of enterprise digital transformation efforts. More than half (55%) of companies said that security was the No. 1 challenge they face when implementing digital enablement technologies Source: SoftServe 2017 Cybersecurity one of Top 10 obstacles to Digital Transformation Source:Harvard Business Review 2017 Security nearly always tops the list of digital transformation obstacles. Marc Cecere, Forrester, ZD Net, 2017 Biggest disruptive technologies (58%), mobility and collaboration (54%), big data (52%)...IoT (43%) Source: BT CIO Report 2016 Some 57% of businesses reported major issues finding and recruiting talented IT security staff a problem as digital transformation efforts move more data and systems to the cloud, and cyber attacks grow more sophisticated. Source: Osterman Research 2017

SECURING DATA AT SPEED & SCALE in the digital era, [security] focus needs to shift from securing network perimeters to safeguarding data spread across systems, devices, and the cloud. MIT Technology Review, 2017 Mobile Devices Augmented Reality/Wearables IoT Platforms Cloud Computing Bid Data Analytics and Advanced Algorithms Multi-level Customer Interaction and Customer Profiling 3D Printing Location Detection Technologies Smart Sensor Advanced Human-machine Interfaces

SECURING DATA AT SPEED & SCALE in the digital era, [security] focus needs to shift from securing network perimeters to safeguarding data spread across systems, devices, and the cloud. MIT Technology Review, 2017 Mobile Devices Augmented Reality/Wearables IoT Platforms Cloud Computing Bid Data Analytics and Advanced Algorithms Multi-level Customer Interaction and Customer Profiling 3D Printing Location Detection Technologies Smart Sensor Advanced Human-machine Interfaces 10

Virtualization and Cloud FOCUS #1

The Multi-Cloud Experience Silos due to lack of visibility & control VIRTUALIZATION PRIVATE CLOUD HYBRID PUBLIC CLOUD HYPERVISOR IaaS/PaaS East-West North-South SaaS 12

The Internet of Things FOCUS #2

EXPANDING EXPOSURE & COMPLEXITY Hyper-connected Networks Connected OT & IT Systems Functional & Cyber Security 20.4B TOTAL 11.2B TOTAL IoT Devices (Billions) 8.4B TOTAL Business Vertical Specific 12 863 Business Cross-Industry Consumer 5 244 7 038 2017 2018 2020 Source: Gartner 2017

The Threat Landscape FOCUS #3

CYBER CHANGES SINCE 2007 2007 2017 Threat Actors <50 >1,000 Threat Types <50 >1,000,000 Alerts/Day (Average Per Firm) <1,000 >1,000,000 Security Vendors <100 >2,300 VC Investments <$500M >$6B Security Spending <$3B >$80B Source: Optiv, 2017 16

MISSING Missing BASICS basics DUE due TO to COMPLEXITY complexity

DX INCREASES COMPLEXITY DX DX DX DX Existing Issues BORDERLESS PERFORMANCE COMPLEXITY

ability to execute THREAT ACTORS challengers LEADERSHIP leaders QUADRANT N. Korea Iran Brazil Romania Ukraine niche players India UK France USA Israel visionaries Russia China 1. USA, Russia, China, Israel, and the UK have ~ 100% success rates on offensive APT cyber operations 2. North Korea derives ~100% of its APT cyber operations capability via training and support from China 3. Romania, Iran, and Ukraine have large populations of technically trained, under-employed youth 4. Reconsideration of risk management and The disappearing perimeter completeness of vision Source: Ed Amoroso 19

[Security Transformation] is the integration of security into all areas of digital technology resulting in fundamental changes to how security is architected, deployed and operated. 20

SECURING DATA AT SPEED & SCALE in the digital era, [security] focus needs to shift from securing network perimeters to safeguarding data spread across systems, devices, and the cloud. MIT Technology Review, 2017 Mobile Devices Augmented Reality/Wearables IoT Platforms Cloud Computing Bid Data Analytics and Advanced Algorithms Multi-level Customer Interaction and Customer Profiling 3D Printing Location Detection Technologies Smart Sensor Advanced Human-machine Interfaces

SECURING DIGITAL THE ENTERPRISE SECURITY PRINCIPLES 01 Holistic security plan based on simplicity and automation 04 Shared local and global intelligence 02 Open standards so everything can connect 05 Orchestration at Speed and Scale 03 Single pane of glass deep centralized visbility and control 06 Analytics & Artificial Intelligence for behavioral analysis

SECURITY FABRIC 2018 PARTNER API MANAGEMENT- ANALYTICS MULTI- CLOUD 2018 IOT- ENDPOINT WEB APPS NETWORK UNIFIED ACCESS EMAIL BROAD ADVANCED THREAT PROTECTION A Security Architecture that is: INTEGRATED AUTOMATED Provides Visibility and Protection Across the Entire Digital Attack Surface Multiple Technologies Working Together for the Detection of Advanced Threats Embedded Intelligence for Automatic Response & Continuous Trust Assessment 23

SECURING IOT, NETWORKS & CLOUD ECOSYSTEMS The Fabric 8

THE FABRIC 8 MANAGEMENT- ANALYTICS Endpoint Security PARTNER API MULTI- CLOUD IoT Endpoint Products and services that detect and block malicious objects delivered via web, email, network, or personal storage to an endpoint IOT- ENDPOINT NETWORK WEB APPS NG Endpoint Protection Platform UNIFIED ACCESS EMAIL Enterprise Management Server Central Management Software ADVANCED THREAT PROTECTION

THE FABRIC 8 MANAGEMENT- ANALYTICS Network Security PARTNER API MULTI- CLOUD Network Products and services that provide high-performance, consolidated advanced security and deep visibility to protect the network from known and unknown threats IOT- ENDPOINT NETWORK WEB APPS Enterprise Firewall UNIFIED ACCESS EMAIL IPS SWG Appliance Virtual Machine ADVANCED THREAT PROTECTION SD-WAN Cloud 27

THE FABRIC 8 MANAGEMENT- ANALYTICS Secure Unified Access PARTNER API MULTI- CLOUD Unified Access Products and services necessary to provide secure network connectivity, wired or wirelessly, to users of the Fortinet Security Fabric Integrated Wireless IOT- ENDPOINT NETWORK WEB APPS Wireless Infrastructure UNIFIED ACCESS EMAIL Switching Infrastructure Appliance Virtual Machine ADVANCED THREAT PROTECTION Identity and Identity Management Hosted

THE FABRIC 8 MANAGEMENT- ANALYTICS Email Security PARTNER API MULTI- CLOUD Email Products and services that inspect corporate email for unwanted (spam) and malicious (phishing, malware) messages as well as inappropriate or sensitive content IOT- ENDPOINT NETWORK WEB APPS UNIFIED ACCESS EMAIL Secure Email Gateway Appliance Virtual Machine ADVANCED THREAT PROTECTION Hosted Cloud

THE FABRIC 8 MANAGEMENT- ANALYTICS Web Application Security PARTNER API MULTI- CLOUD Web Applications Products and services that protect web-based applications from threats that target known and unknown exploits IOT- ENDPOINT NETWORK WEB APPS Web Application Firewall UNIFIED ACCESS EMAIL Application Delivery Controller Appliance Virtual Machine ADVANCED THREAT PROTECTION Hosted Cloud

THE FABRIC 8 MANAGEMENT- ANALYTICS Advanced Threat Protection PARTNER API MULTI- CLOUD ATP Products and services that continue inspecting for malware and other signs that cyber criminals have gained entry despite traditional threat prevention products (NGFW, SEG, EPP, WAF, etc) IOT- ENDPOINT NETWORK WEB APPS UNIFIED ACCESS EMAIL Advanced Threat Protection ie, Sandbox or Detonation chamber Appliance Virtual Machine ADVANCED THREAT PROTECTION Hosted Cloud

THE FABRIC 8 MANAGEMENT- ANALYTICS Multi-Cloud Security PARTNER API MULTI- CLOUD Multi Cloud Products and services that protect the expanded attack surface across private cloud, public cloud and SaaS IOT- ENDPOINT NETWORK WEB APPS Virtual Firewall Network Security Cloud Firewall Network Security Cloud Access Security Broker Virtual Machine UNIFIED ACCESS ADVANCED THREAT PROTECTION EMAIL Cloud & SDN Integration Cloud

THE FABRIC 8 MANAGEMENT- ANALYTICS Management & Analytics PARTNER API MULTI- CLOUD Products and services that weave Fortinet and partner products into a cohesive solution, uncovering hidden insights and reducing the total cost of ownership IOT- ENDPOINT NETWORK WEB APPS Central Logging & Reporting Central Security Management Cloud-based Central Management Appliance Virtual Machine UNIFIED ACCESS ADVANCED THREAT PROTECTION EMAIL Security Information & Event Management Hosted Cloud

AUTOMATED DEEP VISIBITY & CONTROL Management & Analytics Multi-Cloud Security Cloud FW VFW CASB Internal Segmentation FW Web Application Security Secured Unified Access NGFW Segmentation Email Security Endpoint Security Advanced Threat Protection DC / Cloud Services 3G/4G/5G wireless DC / Private Cloud UCPE Branch Access and off-load Transport / SDWAN Consumer Access and off-load 34

Backup Slides

Broad The Fabric Allows Flexible, Open Integration of Other Security Partners Virtualization & SDN/NFV CLOUD ENDPOINT & IoT MANAGEMENT SIEM SYSTEMS INTEGRATOR 36

Fabric-Ready Partners Carbon Black Key Solution Features Real-time endpoint sensor & recorder that provides real-time and historical data for every server and endpoint. Policy-driven trust-based security allows you to define software you trust, and deny everything else by default. Instantly retrieve files from any endpoint - to submit to FortiSandbox, or remove based on FortiSandbox intelligence. Key Benefits Lock down systems to stop malware, ransomware, zero-day, and non-malware attacks. Built-in file-integrity monitoring, device control, and memory protection to block unauthorized change Harden new and legacy systems, with broad support for embedded, virtual, and physical OS types & versions. Integration: Endpoint/ATP and Management APIs. Carbon Black-Fortinet Integrated Endpoint Protection Solution Solution brief: https://www.fortinet.com/content/dam/fortinet/assets/solution-guides/sbfortinet-fortisandbox-and-carbon-black-enterprise-protection.pdf Technical Integration Guide: https://www.fortinet.com/content/dam/fortinet/assets/solution-guides/cbprotection-integration-guide.pdf Contacts: https://fuse.fortinet.com/p/do/sd/sid=5243 37

Fabric-Ready Partners Cisco ACI Key Solution Features Cisco ACI - FortiGate integration provides automated, predefined policy-based security provisioning Single-pane-of-glass management enablement from Cisco APIC with full visibility on security policy enforcement Rapid deployment of predefined security policies Enables scale on-demand with automation Key Benefits Enhanced visibility and security correlated with overlay/underlay networks. Lower TCO from reduced administrative OPEX Accelerated application and L4-L7 security deployment. Increased efficiency in service provisioning & network security segmentation. Integration: Virtualization & Management APIs Fortinet-Cisco ACI Solution Solution brief: https://www.fortinet.com/content/dam/fortinet/assets/alliances/cisco- ACI-SolutionBrief.pdf Technical Guide: https://www.fortinet.com/demand/gated/fortigate-connector- Deployment-Guide-CiscoACI-v1.1-v1.2.html Contacts: https://fuse.fortinet.com/p/do/sd/sid=5243 38

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback