bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
11
Gamme de produits
VM
12
Eco-systegraveme Fortinet
Mail Server
Web Server
FortiClient
FortiClient
FortiGuard
FortiSandbox
FortiWeb
FortiMail
FortiGate
FortiAuthenticator
FortiCloudFortiAnalyzer FortiManagerFortiExtender
FortiWAN
FortiADC
FortiDDoS
copy Copyright Fortinet Inc All rights reserved
Channel
15
Qualifier hellip
Exemples de questions qualificatives
bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
12
Eco-systegraveme Fortinet
Mail Server
Web Server
FortiClient
FortiClient
FortiGuard
FortiSandbox
FortiWeb
FortiMail
FortiGate
FortiAuthenticator
FortiCloudFortiAnalyzer FortiManagerFortiExtender
FortiWAN
FortiADC
FortiDDoS
copy Copyright Fortinet Inc All rights reserved
Channel
15
Qualifier hellip
Exemples de questions qualificatives
bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
copy Copyright Fortinet Inc All rights reserved
Channel
15
Qualifier hellip
Exemples de questions qualificatives
bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
15
Qualifier hellip
Exemples de questions qualificatives
bull Souhaitez-vous seacutecuriser lrsquoaccegraves agrave votre reacuteseau drsquoentreprise bull Souhaitez-vous que vos collaborateurs distants se connectent en VPN (IPSec SSL) agrave votre reacuteseau drsquoentreprise ou
centre drsquoheacutebergement bull Voulez-vous interconnecter vos sites distants en VPN bull Voulez-vous parameacutetrer vos propres regravegles de seacutecuriteacute bull Voulez-vous controcircler les connections de vos utilisateurs agrave des applications de type Facebook Skype bull Souhaitez-vous seacutecuriser la consultation des sites web bull Concernant le filtrage web souhaitez configurer vos propres cateacutegories sous cateacutegories urls bull Souhaitez-vous recevoir des rapports sur lrsquousage drsquoInternet par vos utilisateurs bull Souhaitez-vous beacuteneacuteficier drsquoune infrastructure Wireless seacutecuriseacuteebull Des tablettes sont elles utiliseacutees dans votre reacuteseau bull Voulez vous conserver les traces des connexions (logs) agrave des fins leacutegales bull Dans le cadre drsquoheacutebergement de votre systegraveme de messagerie voulez vous vous proteacuteger contre les spam et
virus bull Souhaitez-vous archiver des emails sensibles
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
bull Interfaces de deacutemo (demo demo) httpwwwfortidemocombull Docs techniques httpdocsfortinetcombull Support Fortinet httpsupportfortinetcom
bull Liste de prix publics voir le fichierbull Matrice de dimensionnement voir le fichierbull Liste des fonctionnaliteacutes voir le fichier
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
17
Vos contacts
Bastien CHANSONIngeacutenieur avant-vente
06 26 17 29 40bchansonexclusive-networkscom
Yannick PLESSISChannel Manager
06 25 02 66 35yplessisexclusive-networkscom
Heacutelegravene GRUELAssistante commerciale
02 72 24 26 80hgruelexclusive-networkscom
2 avenue des Ameacutethystes - 44300 Nantes
ReacutegionOuest
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
copy Copyright Fortinet Inc All rights reserved
Fortinet Security Fabric
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
19
Minutes Hours Days Weeks Months Years
1550
27
5
22
Minutes Hours Days Weeks Months Years
Faire face aux probleacutematiques actuelleshellip
3MILLIARDSNOUVEAUX EQUIPEMENTS PAR ANS DrsquoICI 2020
DES ENTREPRISES ATTAQUEacuteES LORS DES 12 DERNIERS MOIS
51TEMPS POUR DETECTER
UNE FAILLE
Plus drsquoune heurepour plus de
85des cas
DOMAINES DE PREOCCUPATION POUR LA SEacuteCURITEacute
Cloud
Vulnerability inIT systems
Inside Threats
BYOD
IoT
12345
Preacutesentateur
Commentaires de preacutesentation
IoT might be in all of the headlines but itrsquos only one of the issues that the enterprise network is facing The number of successful breaches is increasing and itrsquos taking longer and longer to detect when a breach has happened According to the survey conducted on behalf of Fortinet earlier this year it took more than an hour ndash 61+ minutes to day weeks months and years ndash for 85 of the companies surveyed to detect that they had been breached IoT is only adding to the issues that the enteprise network is already trying to deal with and without addressing those issues first adding IoT to the mix just puts them further and further behind the cyber criminal or hacker
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
20
Et celles de demain
EacuteVOLUTION DE LrsquoINFRASTRUCTURE NOUVELLES MENACES REGULATION COMPLIANCE
ET CERTIFICATION
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
22
Branch Office Campus
Data Center
Remote Office
Mobile
PoS
IoT
Reacuteseaux Sans FrontiegraveresPlus de moyens drsquoentrer ndash Plus de moyens drsquoavoir des fuites de donneacutees
Preacutesentateur
Commentaires de preacutesentation
The network that used to be easy to define and understand has lost all semblance of what it used to look like An outward only looking security strategy changes in business practices and technology starting with increased use of the Internet the growth of wireless and the introduction of the ldquoCloudrdquo have made what was a strong perimeter very porous There are more and more ways to get into a network and if successful more and more ways to exfiltrate data out of a network
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
23
Seacutecuriteacute du reacuteseau
ProductiviteacuteQuel compromis faites-vous
Performance de lrsquoinfrastructure
Preacutesentateur
Commentaires de preacutesentation
Finally most security solutions have not been able to keep up with performance demands of the underlying network Experiencing its own version of Moorersquos law network infrastructure bandwidth requirements have broken through the 1 and 10 Gbps barrier and demand for 40 and 100 Gbps is increasing If the different elements of the security structure cannot support these bandwidth requirements the enterprise is forced to make a decision maintain security at the expense of application performance or scale back security
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
24
ComplexiteacuteLa complexiteacute diminue lrsquoefficaciteacute de la seacutecuriteacute
Produit deacutedieacute Pas drsquointeraction Pas drsquointeacutegration
Branch Office Campus
Data Center
Remote Office
Vendor A
Vendor B
Vendor C
Vendor C
Vendor D
Preacutesentateur
Commentaires de preacutesentation
Complexity is the result of past security practices of mixing and matching different vendors products in a single network While each product may work as advertised they were never designed to work together So making them work was the job of the enterprise As the environment became more and more complex the possibility of human error increased leading to gaps between products that could be exploited in an attack A second major issues was the lack of a single source of threat intelligence with different vendors came different sources with no synchronization between them and differing levels of quality and update frequency This leads to varying levels of security efficacy so that malware that might be blocked trying to enter the data center could breach the network at the branch level undetected
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
25
Seacutecuriteacute Sans Compromis
Les Reacuteseaux sont de plus en plus Complexe
INTEacuteGREacuteINTELLIGENCE
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
PERFORMANCE
Les Reacuteseaux sont de plus en plus Performant
Preacutesentateur
Commentaires de preacutesentation
The old way of securing the network will not address these new technology imperatives Fortinet contends that security can be delivered without compromise but in order to do so todayrsquos security strategies must change1313There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Next slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Finally complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must1313131313
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
26
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 1
SOFTWARE1995-2005 Connexion
Stateful Firewall
La valeur de la donneacutee neacutecessite une nouvelle approche
Preacutesentateur
Commentaires de preacutesentation
The first generation of network security started about 25 years ago itrsquos all about securing the connection 13Such as my previous company NetScreen use Firewall to control who can connect together and VPN to encrypt the connection 13It worked well when the data content is not active and rich
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
27
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 2
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
2005-2015 Contenu
NGFWUTM
Preacutesentateur
Commentaires de preacutesentation
The second generation of network security started 17 years ago when Fortinet was founded 13Itrsquos about how to secure inside the connection secure the application and content from firewall policy permitted connection and remove the malware inside permitted connection13Fortinet pioneered and leads the second generation network security
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
28
Evolution de la seacutecuriteacute reacuteseau Geacuteneacuteration 3
SOFTWARE
La valeur de la donneacutee neacutecessite une nouvelle approche
SECURITY PROCESSORS
FabricInfrastructure
Application Security
Cloud Security
ClientIoT Security
Access Security
FABRIC INFRASTRUCTURE
2015+ Sans Frontiegravere
Network Security
Preacutesentateur
Commentaires de preacutesentation
Today compare with 17 years ago when Fortinet was founded what changed Mobile Cloud IoT13Majority of the data no long stay inside company network and servers protected by firewall13Only secure a few points and connections by systemplatform on the network no longer enough
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
31
Enterprise SMBTelco
Les Reacuteseaux sont de plus en plus Performant
Les Reacuteseaux sont de plus en plus Sans Frontiegraveres
Enterprise Firewall Cloud Security ATP Application Security Security OperationsSecure Access
Fortinet Security FabricLes Reacuteseaux sont de
plus en plus Complexe
Preacutesentateur
Commentaires de preacutesentation
Borderless Network13There used to be a clearly defined perimeter and security strategies evolved to protect it The evolution of technology however brought in changes that these strategies couldnrsquot deal with the Internet Cloud technologies and the onslaught of wireless all contribute to todayrsquos borderless network- and a massive increase in the attack surface Combined with the fact that most networks are architected to be flat once inside of the perimeter if the network is breached the intruder can easily move laterally throughout the network This is a key concern for the larger enterprise But wersquore also concerned about how data can leave the network Shadow IT the use of unauthorized applications such as Hightail or Dropbox also means that there is any number of ways that data can leave your network without your knowing making it easy to exfiltrate data following a network intrusion To address the issue of a borderless network and an expanded attack surface the new strategy calls for intelligent security that can provide visibility into all aspects of the infrastructure and the wisdom needed to segment the network by trust level 1313Slow is broken Slowing down the network to implement security is not never has been nor will it ever be a satisfactory strategy Enterprises have become accustomed to trading some performance for some security- a compromise that cannot be afforded in the modern era An updated security strategy must be powerful and cannot compromise on performance in any segment of the network- from the IoT through the datacenter and into the Cloud- from the single user cell phone or tablet to the most sensitive proprietary database and everything in between- the security solution must be powerful at any scale 1313Complexity is the enemy of security The more complex the network is the harder it is to secure it Therein lies the problem with the typical Point Product approach ndash while individually the products may work to specification and expectation each one is an island isolated from the rest of the solution You have connectivity but no security continuity between each of the islands More importantly is the lack of consistency of the threat intelligence necessary to keep these solutions up to date ndash inevitable gaps in the quality of the intelligence and the frequency of the updates between the different products opens up an enormous gap to be exploited by the hacker Malware that might be stopped by the firewall could pass undetected by email or web application1313Dealing with these issues and trying to harmonize the differences between the different products is left to the enterprise further complicating an already complex task This is particularly true in the mid size enterprise that doesnrsquot have the resources to effectively manage this complexity An updated security strategy requires seamless simple cooperation between security devices- all gaps must be closed and coordination is a must131313131313
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
32
FlexibleOuvertCouverture Visibiliteacute
Application Security
Cloud Security
ClientIoT Security
Access Security
Network Security
Global
Preacutesentateur
Commentaires de preacutesentation
13The security fabric gives the broad reach of coverage needed to protect your data From Access like WifiLTE we are using now to end pointmobile the network application cloud and IoT13The security fabric is scalable better visibility flexible and open1313Intelligent security must be broad the components within the environment must have visibility into all infrastructure including endpoints network elements data center cloud and the data itself By having awareness of each of these elements as well as how the data flows to from and between them administrators can properly segment the environment by trust level Coverage by network segmentation not only logically separates data and resources it allows for advanced visibility of data and threats as they move from one network zone to the other From a threat perspective network segmentation divides your network into security zones to aid in compliance monitor internal traffic and devices prevent unauthorized access to restricted data and resources and control the spread of intruders and malware 1313The next essential step is to select security solutions designed to automate operations Security solutions should automatically work together as a system to map monitor and secure the distributed network from users to the IoT to the cloud The need for comprehensive visibility across the distributed enterprise combined with granular policy control and coordinated response between different security devices was a key driver behind the development of the Fortinet Security Fabric It ties together data applications devices and workflows to provide a level of awareness and responsiveness that has never before been available from any security provider 1313
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
33
Global
Preacutesentateur
Commentaires de preacutesentation
The Security Fabric is open for all companies to work together --- the Fabric-Ready program for partners 13Itrsquos all about cooperation to provide broader protection and scalability13Thanks for all the partner listed here many of them are on-site with us today
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
34
Performance
Comprehensive Range
Parallel Path Processing
Security Processors (SPUrsquos)
AcceleratesContent Inspection
Optimized Performance for Entry Level
AcceleratesNetwork Traffic
High End
Mid Range
EntryLevel
1 Tbps
Preacutesentateur
Commentaires de preacutesentation
13Second differentiation is Fortinet Security Fabric much more powerful than Platform and System13Network security is slower and very costly about 10 to 100 times slower than network device because of additional computing and processing needed About 100 times more expensive to handle the same throughput compare with network device13The key solution here is add SPU---Secure Processor Unit instead of just use generic CPU handle security function and traffic SPU is 10 to 100 times faster with much lower cost1313While the Fortinet Security Fabric addresses the strategy of intelligence with an aware and open system the security delivered must also be powerful and cannot compromise on performance in any segment of the network The same security performance that is provided at the endpoint for devices like laptops and mobile phones must also be embedded at the access layer for wired and wireless network access it must be able to scale from the smallest branch deployments to the largest most complex and data intensive campus and datacenter environments- and it must also be available virtually to protect the private hybrid and public cloud Wherever security is deployed across the environment it must operate at the speed of the network131313
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
35
Automatisation
SynergieAudit amp RecommendationGlobal amp Local
Menaces connuesFortiGuard
Menaces inconnuesFortiSandbox
ISFW-PRI
Demo_ISFW-Sales
Demo_ISFW-Finance
Demo_ISFW-ENG
FP320C3X15002440
262 GB
Preacutesentateur
Commentaires de preacutesentation
The 3rd differentiation is automated 13Fabric can reduce the TIME to protect TO seconds with all parts of fabric coordinated together13New FortiOS 56 showing at GPC build in some AI and coordination functions with other parts of Fabric 1313And finally a modern security strategy calls for seamless security The Fortinet Security Fabric delivers cooperative security alerts recommendations and audit reports seamlessly across all security elements Through the real-time sharing of global and local threat intelligencemdashorchestrated through a unified analysis and management interfacemdashthe Fortinet Security Fabric empowers a dynamic response to the capabilities of criminals as they implement new threat strategies and zeroday attacks131313
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
36
Security FabricConversion FabricLangage Business
ldquoAjoutez ce mobile agrave lrsquoaccegraves seacutecuriseacute agrave cette applicationrdquo
ldquoConversion en Politiques Ports Connexionshelliprdquo
Reacuteponse aux besoins business
Preacutesentateur
Commentaires de preacutesentation
The security fabric and SPU also lays the foundation for intent-based security and info-structure automatically translate business needs into infrastructure and security policy
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
37
Fortinet Security Fabric
PROPOSER UN CADRE SECURISEacute POUR FAIRE FACE AUX MENACES ACTUELLES ET
FUTURES
DIFFUSER LA CONNAISSANCE AUX QUATRE COINS DU
REacuteSEAU
FACILITER LA COLLABORATION AVEC LES
ACTEURS DU SYSTEME DrsquoINFORMATION
Preacutesentateur
Commentaires de preacutesentation
The Fortinet Security Fabric is Fortinetrsquos response to the current state of the enterprise network and the challenges in front of them
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
copy Copyright Fortinet Inc All rights reserved
Outils de Management de la FSF
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
39
Les outils de management de la seacutecuriteacute Fortinet
Fortinet Developer Network Portail web communautaire sponsoriseacutepour les developeurs drsquoAPIsegment developers | version NA | form factor Fortinet portal
FortiCloudProvisioning management et analysedans le cloudsegment SMB | version 30 | form factor Fortinet portal
FortiDeployProvisioning et initialization drsquoeacutequipementdepuis le cloudsegment VLE MSSP | version 251 | form factor Fortinet portal
FortiSIEM (Accelops)Analyse et management des risques retention et correlation ldquoBig Datardquo multi-vendor
segment VLE MSSP | version 47 | form factor hw VM AWS
New
Cor
e M
anag
emen
t Pro
duct
s FortiAnalyzerAggregation de logs management drsquoevenements analyse et rapportsegment SMB to MSSP | version 54 | form factor hw VM AWS
FortiManagerManagement centraliseacute des politiques de seacutecuriteacute des mises agrave jour et du contenusegment SMB to MSSP | version 54 | form factor hw VM AWS
Free
40
FortiManager amp FortiAnalyzer
FortiManagerraquo Configuration centraliseacutee de plusieurs
FortiGateraquo Modegravele de parameacutetrageraquo Policy packages facilitant la gestion du
changement
FortiAnalyzerraquo Collecte de logs depuis plusieurs
eacutequipementsraquo Geacuteneacuteration automatique de rapportraquo Moteur drsquoalerte et de deacutetection
drsquoeacutevegravenements
Logs
copy Copyright Fortinet Inc All rights reserved
Lrsquooffre Wireless
42
Architecture Wireless
43
Architecture Wireless
Controcircleur Inteacutegreacute Cloud
Deacuteploiement PlugampPlay Pas de controcircleur Rentabiliteacute FortiGuard ndash Protection
en temps reacuteel
Single pane of glass management Solution All-in-One Acceacuteleacuteration mateacuterielle FortiGuard ndash Protection
en temps reacuteel
Environnement complexe ou dense Roaming transparent Deacuteploiement simplifieacute Extension de la
capaciteacute simplifieacutee
copy Copyright Fortinet Inc All rights reserved
FortiMailFML 54
45
Systegraveme deacutedieacute de protection de la messageriebull Passerelle bidirectionnelle permettant de se proteacuteger de la
propagation des spam des virus du phishing et toute forme de malware
Mode de deacuteploiement flexiblebull Deacuteploiement en mode transparent gateway ou serveur ce qui
permet de srsquoadapter agrave tout type drsquoinfrastructure
Identity based encryption (IBE)bull Seacutecuriseacute et chiffreacute les emails de bout en bout
Archivage des emailsbull Possibiliteacute drsquoarchivage leacutegal des emails
MailServers
FortiMail
Solution avanceacutee de protection de la messagerie incluant des fonctionnaliteacutes de chiffrage et drsquoarchivage des emails
Preacutesentation du FortiMail
46
Perf
orm
ance
amp S
cala
bilit
y
FML-60D FML-200E FML-400E FML-2000E FML-3000EPerfs AS + AV
(mailsh) 27K 61K 126K 11 Mil 15 Mil
Domainesproteacutegeacutes 2 20 100 800 2000
Nb users recommandeacutes lt100 lt400 lt1000 1500 3000
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
47
Flat UINouveau workflow de
configurationMode simplifieacute
disponibleOrientation entreprise
vs passeacute telco
Refonte de la GUI - Dashboard
48
DECRYPTARCHIVES
IMAGE CONTENTANALYSIS
SERVER MODEUNDO SEND
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
48
DECRYPTARCHIVES
IMAGE CONTENTANALYSIS
SERVER MODEUNDO SEND
Deacutechiffrement des archives proteacutegeacutesraquo Password listraquo Contenu dans le corps de lrsquoemail
Deacutetection drsquoimage adulte dans le contenudes emailsraquo Mise en conformiteacute du contenu des archivesraquo Dissuadeacute les utilisations innaproprieacutes de lrsquoemail
Rappeler les emails reacutecemment envoyeacutesraquo Webmail mode only
Protect staff and vulnerable recipients Maintain organizationbrand reputation
Competitive parity (FEYE CHKP) Extends the feature set for server mode
Nouvelles Fonctionnaliteacutes
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
49
MANAGEMENTCENTRAL MANAGER
FEATURES
FortiMail ManagerCentral Policy and configuration
manager
BENEFITS
Reduces operational overhead and deployment complexity
THREAT NEUTRALIZATION
TIME OF CLICK
FEATURES
Rewrite Email URLs to point at FortiMailand a re-scanned on click
Detects URLs which have changed threat levels since first scan
BENEFITS
Extends security to the desktopFortiMail continues to add value
Nouvelles Fonctionnaliteacutes
MALWARERESCAN ON RELEASE
FEATURES
Rescan files when released from quarantinePrevents newly discovered malware being delivered to end-user
BENEFITS
Protect against PEBKAC threats
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
50
FortiView
FEATURES
Implementation of FOS style FortiView
BENEFITS
Deploy FortiMail in the cloud alongside AzureBetter security same cloud
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
51
THIRD-PARTY CLOUD INTEGRATION
SAML SINGLE SIGN ONAUTHENTICATION
One-click interoperability avec Office365 et Google
raquo Utilisation de lrsquoInternet Service Database
Single sign-on pour le mode serveur et la quarantaine utilisateur Inteacutegration avec FortiAuthenticator and
drsquoautres solutions SAML IdP
Reduire la barriegravere drsquoadoption des solutions cloud
Inteacutegration plus large de Fortinet FabricSimplification pour les utilisateurs finaux
SERVICE GROUP BASEDIP POLICIES
Utilisation de lrsquoInternet Services Databasepour les IP Policies
raquo Policies on country service provider (O365 Gmail) AS
Simplification de la configuration
FortiMail RoadMap
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
52
EXCHANGE ACTIVETHREAT REMEDIATION
FORTICLOUD PHISHSERVICE
CLOUD FEEDBACKSERVICE
Scan du contenu des email Exchange and Office365 Utilisation des API Exchange
FortiPhish Education Serviceraquo Abonnement de services permettant de tester
la vulneacuterabiliteacute des utilisateurs au fishing
Cloud based service pour avoir un retour sur les services antispamraquo Soumission direct depuis FortiMail Exchange
Thunderbird clients for end-users raquo Reporting par domaine
Extend security out to the weakest link ie the user
Integration with Cloud services without participating in the mail flow
Improved customer satisfaction and visibility
FortiMail RoadMap
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
copy Copyright Fortinet Inc All rights reserved
FortiSandbox
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
54
Advanced Threat Protectionraquo Inspection multi-niveaux Code Emulator moteur AV
Cloud query et Virtual OS sandboxraquo Analyse de diffeacuterents types de fichiers sur de
multiples protocoles y compris encapsuleacutes dans SSL
Modes drsquoopeacuteration flexiblesraquo Analyse des fichiers reccedilus via le FortiGateFortiMail
le mode sniffer ou upload manuelle de fichierraquo Peut reacutecupeacuterer des fichiers de FortiGates distants
Monitoring et Reportingraquo Rapports drsquoanalyse deacutetailleacutes monitoring et alerting
temps reacuteel
Preacutesentation de FortiSandbox
File Submission
Malicious Analysis output
Latest AV Signature Update
2
3
4
Centralized File Analysis1
Solution Advanced Threat Protection conccedilue pour identifier et bloquer les attaques cibleacutees et sophistiqueacutees
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
55
Option DC Europeacuteen
FortiSandbox Cloud Europeacuteen
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
56
23nouvelles fonctionnaliteacutes
La vision FortiSandbox
Exploitabiliteacute
9nouvelles fonctionnaliteacutes
Seacutecuriteacute
3nouvelles fonctionnaliteacutes
Performance
Preacutesentateur
Commentaires de preacutesentation
Usability improve visibility so somehow it improves the security13Security Efficiency improve the detection rate of FortiSandbox while staying clever to avoid evasion13Keep continuing improvements on performance in order to increase our position in large environment cloud and mssp
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
copy Copyright Fortinet Inc All rights reserved
FortiClient ndash La solution complegravete
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
58
Les entreprises doivent prendre des deacutecisions strateacutegiquesconcernant la seacutecuriteacute de poste de travail baseacutees sur
raquo Une architecture de seacutecuriteacute coheacutesive consideacuterant lrsquointeacutegration de laseacutecuriteacute du poste de travail
raquo Une approche automatiseacutee pour bloquer et remeacutedier les menacesraquo Une plateforme consolideacutee et unifieacutee (fonctionnaliteacutes et gestion)
FortiClient est la solution reacutepondant agrave ces challenges
Les besoins des entreprises
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
59
Solution de protection du poste de travail Integravegre des fonctionnaliteacutes de seacutecuriteacutes globales Automatise la protection contre les menaces avanceacuteesGaranti la seacutecurisation des accegraves distants
FortiClient
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Fortinet has a wide portfolio of products to secure your organization and this includes protecting your endpoint with FortiClient13What sets FortiClient apart is that it works with your security architecture by means of sharing global and local intelligence within Security Fabric It is built on the foundational aspect of automating prevent-detect-mitigate in the threat protection lifecycle And lastly it comes with built-in VPN client capabilities It truly is a unified platform that is light weight fully customizable and enterprise-ready at a very low TCO 131313
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
60
Protection contre les menaces avanceacutees
Antivirus Sandbox Agent Application Firewall Web Filter Vulnerability Scanning
Protection temps reacuteel
Deacutetection contre les menaces
avanceacutees
Deacutetection drsquoactiviteacute reacuteseau
Validation drsquoURLtemps reacuteel
Applications misesagrave jour
Mise agrave jour toutes les heures
Synchronisationavec FortiSandbox
Application Categories
Option SafeSearch Auto-patching
Scan planifieacute Compatible avec tiers-AV
Granulariteacute par application Liste drsquoexclusion Scan planifieacute
Preacutevention contre les menaces connues et inconnues
Reacuteduction de la surface drsquoattaque
Preacutevention contre Drive-by
download
Preacutevention contre les exploits
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13FortiClient comes with built-in security stack including AV App FW Web Filter Vuln management all working in concert to reduce the attack surface to prevent polymorphic and common malware and known exploits from various attack vectors at the endpoint1313FortiClient prevents malware through its antivirus engine is powered by FortiGuard Cloud Intelligence to stop newly discovered malware and is updated every hour Never seen before malware and Zero days are prevented with dynamic signatures when FortiClient is integrated with FortiSandbox Antivirus scans can either be scheduled or performed on demand by the user or security operator1313FortiClient reduces the attack surface area with an administered application firewall that allows or disallows network-based applications such as Yahoo Messenger The application firewall serves to stop known botnet leveraged by insidious malware and completely disconnects from the network when the security operator quarantines the host1313FortiClient helps prevent drive by downloads by performing a URL check on a websitersquos reputation This dynamic protection is provided by FortiGuard Cloud Intelligence13 13FortiClient prevents exploits by scanning the host periodically or on-demand for vulnerabilities found in applications and in the operating system Remediation involves a hands-free approach of auto-patching these vulnerabilities The user can choose to manually patch these vulnerabilities as well 13
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Taux drsquoefficaciteacute de 959 Deacutetection de 1000
des techniques drsquoeacutevasions testeacutees Aucun faux positif
ldquoFortinet rarely misses a VB100 comparative and a strong record of passes complemented by a steady improvement in detection over the last couple of years have
put it well up with the leadershellip rdquo
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
62
Inteacutegration agrave lrsquoATP Framework de la FSF
An enterprise security strategyhellipacceptable
endpoint security tools must plug into a broader security
architecture rather than operate in an endpoint
security vacuum
Enterprise Security Group (ESG)FortiClient
FortiGate
FortiGuard Labs
FortiSandbox
Register gt Validate gt Enforce gt Contain
Global Intel Update
Submit gt Result
Global Intel Update
Global Intel Update
Submit gt ResultFortinetSecurity Fabric
Preacutesentateur
Commentaires de preacutesentation
Market Landscape Report May 2016 ESG1313SCRIPT 13From the endpoint perspective FortiClient integrates with three major components in the Security Fabric They are FortiGuard Labs that provides global intelligence FortiSandbox for local intelligence and working cooperatively with FortiGate for endpoint compliance enforcement FortiGuard labs are staffed by hundreds of Fortinetrsquos threat researchers that verifies various threats and pushes out security updates to FortiClient FortiGate and FortiSandbox to protect against the latest threats When an unknown file tried to execute on an endpoint with FortiClient that file is automatically submitted to FortiSandbox for analysis and if the verdict is malicious that executable is automatically quarantined by FortiClient FortiGate the backbone of Security Fabric monitors endpoints compliance of administered security profiles for the user role Should compliance fail the end user can take steps to remediate via guided steps eg update AV engine1313This is just an example of the Security Fabric building blocks in helping create a resilient security architecture to combat tomorrowrsquos threats 13
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
63
Provision
Enterprise Management System (EMS)
Deploy provision and manage FortiClient
Integrate with LDAP and other enterprise systems
Real-Time Monitoring Remote Scan +
Quarantine Scale to hundreds of
thousands of devices
FortiClient EMS
Transformation
Management
Gestion des FortiClient avec EMS
Preacutesentateur
Commentaires de preacutesentation
SCRIPT13Objective Describe what EMS does1313To deploy FortiClient the security administrator can automatically provision an endpoint with a customizable security profiles plus optional segmentation based on user roles through EMS integrated with Active Directory 13After which the endpoint is transformed to a ldquoFortifiedrdquo device and can be monitored in real-time in EMS The security administrator can perform different actions from EMS such as activate a antivirus or vulnerability scan remotely or quarantine a compromised endpoint
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
copy Copyright Fortinet Inc All rights reserved
FortiADC
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
65
FortiADC ndash La solution Fortinet
Solutions Multifonctions (SLB GSLB LLB Seacutecuriteacute etchellip) Appliances physiques et virtuelles Throughput jusqursquoagrave 50 Gbps Meilleur TCO du marcheacute
raquo Pas de licence par fonctionnaliteacuteraquo Gamme complegravete
Preacutesentateur
Commentaires de preacutesentation
NSE AND SALES PPT1313Fortinet offers a complete line of hardware and virtual application delivery controllers under the FortiADC brand with L4 throughputs ranging from entry-level to enterprise-grade throughputs1313Depending on the model it also includes the latest in high-speed connectivity 10-gigabit SFP+ ports Unlike other competitors FortiADC offers the features that customers need like global server load balancing link load balancing and quality of service without the need to buy additional options1313Like all ADCs in the market FortiADC provides layer 4 and 7 server load balancing and advanced content-based routing All models offer SSL offloading with hardware ASICs included on midrange to higher end models1313FortiADC offers class leading performance for almost any application environment from small-to-medium businesses to large-scale data centers1313Please note that we strive to maintain accuracy and timeliness of these training deck pages However please be sure to check Fortinetcom for the latest models and features13
66
FortiADC - RoadMap
HTTP 20 GW
Fonctionnaliteacutes et Infrastructure
MICROSOFT AZURE AMAZON WEB SERVICE
Transaction Multiplexing
Full L7 Proxy
Conversion entre 11 et 20 et vice versa
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Inteacutegration On-Demand ou BYOL
Produits Advanced ADC dans le Cloud
Possibiliteacute de fournir un service ADCaaService
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Reduce the risk of fraud without impacting legitimate business traffic
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
copy Copyright Fortinet Inc All rights reserved
FortiCloud
Preacutesentateur
Commentaires de preacutesentation
La seacutecuriteacute globale de votre SI du poste client au cloud
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No
Dynamic Threat Database updates for FortiMail Yes (FortiMail OS 53+) Yes (FortiMail OS 53+)
Dynamic Threat Database updates for FortiClient Yes (FortiClient 54 for Windows only) No
Roadmap FortiCloud
81
Services disponibles courant 2017
FORTICLOUDFORTIGATEMANAGEMENT
(CONFIG)
FORTICLOUDFORTISWITCHMANAGEMENT
FORTIWEBCLOUDSERVICE
FORTICASBCLOUD SERVICE
FortiGate
Fortinet
Fortinet un acteur global de la seacutecuriteacute
Fortinet France en Chiffres
Une solution reconnue
Fortigate
Lrsquoapproche
FortiGate
Fonctionnaliteacutes inteacutegreacutees
Fonctionnaliteacutes inteacutegreacutees
Gamme de produits
Eco-systegraveme Fortinet
Diapositive numeacutero 13
Channel
Qualifier hellip
Ressources
Vos contacts
Fortinet Security Fabric
Faire face aux probleacutematiques actuelleshellip
Et celles de demain
Reacuteseaux Sans Frontiegraveres
Productiviteacute
Complexiteacute
Seacutecuriteacute Sans Compromis
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
La valeur de la donneacutee neacutecessite une nouvelle approche
Diapositive numeacutero 30
Fortinet Security Fabric
Diapositive numeacutero 32
Diapositive numeacutero 33
Diapositive numeacutero 34
Diapositive numeacutero 35
Diapositive numeacutero 36
Fortinet Security Fabric
Outils de Management de la FSF
Les outils de management de la seacutecuriteacute Fortinet
FortiManager amp FortiAnalyzer
Lrsquooffre Wireless
Architecture Wireless
Architecture Wireless
FortiMail
Preacutesentation du FortiMail
FortiMail Nouveaux boicirctiers
Refonte de la GUI - Dashboard
Nouvelles Fonctionnaliteacutes
Nouvelles Fonctionnaliteacutes
FortiView
FortiMail RoadMap
FortiMail RoadMap
FortiSandbox
Preacutesentation de FortiSandbox
FortiSandbox Cloud Europeacuteen
La vision FortiSandbox
FortiClient ndash La solution complegravete
Les besoins des entreprises
FortiClient
Protection contre les menaces avanceacutees
2017 NSS Labs Advanced Endpoint Protection
Inteacutegration agrave lrsquoATP Framework de la FSF
Gestion des FortiClient avec EMS
FortiADC
FortiADC ndash La solution Fortinet
FortiADC - RoadMap
FortiADC - RoadMap
FortiAuthenticator
FortiAuthenticator - Nouveauteacutes 42
FortiAuthenticator ndash Nouveauteacutes 42
FortiAuthenticator Vision
FortiAuthenticator - RoadMap
FortiAuthenticator - RoadMap
FortiCloud
FortiCloud en Europe
Services FortiCloud
FortiDeploy
Diapositive numeacutero 78
Diapositive numeacutero 79
Roadmap FortiCloud
Services disponibles courant 2017
Diapositive numeacutero 82
75
Ouverture drsquoun DC en Allemagne en 2016 Le centre de donneacutees cloud europeacuteen
raquo reacutepond aux probleacutematiques de confidentialiteacuteraquo encourage la conformiteacute reacuteglementaireraquo incite les entreprises de lrsquoUE agrave adopter les solutions de seacutecuriteacute cloudraquo beacuteneacuteficier de la protection optimale
Tout ce qui se passe en Europe Reste en Europe
FortiCloud en Europe
76
Services FortiCloud
FORTICLOUD FORTIGATEMANAGEMENT(LOG BACKUP)
FORTICLOUD ACCESS POINT
MANAGEMENT
FORTICLOUDSANDBOX
SERVICE
FORTIMAILCLOUD SERVICE
250000Devices
15000Customers
6000Access Points
4000Devices
(+200 per week)
60000Mailboxes Protected
77
httpsvimeocom206658467
Solution de seacutecuriteacute manageacute dans le Cloud Controcircler la seacutecuriteacute les applications
les utilisateurs et les devices Adaptable pour les deacuteploiements de
tous types de sites
Deacuteploiement One-touchFortiDeploy Programme drsquoinstallation minimal pour
chaque site Deacuteploiement rapide drsquoinfrastructures
seacutecuriseacutees et WiFi complegravetes
FortiDeploy
78
79
FortiSandbox On-Premise vs CloudFeature FortiSandbox Appliance FortiCloud
Sandbox inspection for FortiGate Yes (FortiOS 504+) Yes (FortiOS 523+)
Sandbox inspection for FortiMail Yes (FortiMail OS 51+) Yes (FortiMail OS 53+)
Sandbox inspection for FortiWeb Yes (FortiWeb OS 54+) Yes (FortiWeb OS 56+)
Sandbox inspection for FortiClient Yes (FortiClient 54 for Windows only) No