Managed Security Services powered by Fortinet

Fortinet Confidential

Agenda

1 2 3 4

Fortinet Introduction MSSP Requirements Fortinet Solution Summary

Fortinet Confidential

Company Overview
Leading provider of
  ASIC-accelerated Unified Threat Management (UTM) Security Solutions FW, VPN, SSL, AV, IPS, AS, URL & Content filtering Database Security : Vulnerability Assessment + Monitoring & Auditing

Company Stats
     Founded in 2000 Silicon Valley based with offices worldwide Seasoned executive management team 1,050+ employees / 550+ engineers 350,000+ FortiGate devices shipped worldwide

Strong, validated technologies and products

    18 patents; 80+ pending Seven ICSA certifications (first and only security vendor) Government Certifications (FIPS-2, Common Criteria EAL4+) Virus Bulletin 100 approved (2005, 2006, 2008)

Fortinet Confidential

Fortinet Leads Across UTM Market

Fortinet is the leading vendor in the UTM security appliance market

Fortinets UTM product portfolio is seeing success across all price bands, including the high end, which has been the hardest sell for many vendors
Fortinet Confidential 4

Backed by Global Services Offerings

Security updates via global update servers & engineering team

and customer support centers located throughout the world

Fortinet support centers FortiGuard update server locations Fortinet Confidential 5

FortiGuard Security Subscriptions

Antivirus (AV)
(Includes Anti-Spyware)
21% 38%

Web Content Filtering (WCF)

 82+ offensive and dangerous categories  Best Accuracy and Coverage in the Industry!

9%

 FortiGuard Security Subscription enables customers to realize the full potential of the FortiGate product Family

9% 1% 2% 2% 2% 2% 7% 7%

1 W32/Bagle.DW-mm 3 W32/Grew.A!wm 5 W32/Bagle.DY-mm 7 W32/MyTob.fam-mm 9 W32/Mytob!similar . [Non Top 10]

2 W32/Netsky!similar 4 HTML/Iframe_CID!exploit 6 W32/Bagle.DX-mm 8 W32/MyDoom.M-mm 10 W32/MyTob.BH.fam-mm

Intrusion Prevention System (IPS)

Anti-Spam (AS)
 Greater than 94% spam catch rate  Less than 0.01% false positive rate

edonkey bit_torrent gnutella Microsoft.IE.CreateTextRange.Remote.Code.Execution overlong_uri Slammer MS.Windows.ASN.1.Bitstring.Heap.Overflow.HTTP.B MS.Exchange.XLINK2STATE.CHUNK.Overflow CyberKit.2.2 Apache.CGI.Byterange.Request.DoS

 3 hr response Premier SLA Available  24 x 7 Global Threat Research Lab

Source: FortiGuard Subscription Service Fortinet Confidential Fortinet Confidental 6

Agenda

1 2 3 4

Fortinet Introduction MSSP Requirements Fortinet Solution Summary

Fortinet Confidential

Centralization & Consolidation

Centralized management of decentralized devices

SOC

Fortinet Confidential

Centralization & Consolidation

Belgacom Portugal Telecom 9UF Telecom SFR

Centralize everything In-the-cloud services

Security Operations Center

INTERNET
Customer Network MPLS, Frame, Leased Line

Virtual security devices

Fortinet Confidential

Security Requirements
Firewall IPSec/SSL Anti-Virus Anti-Spam IPS URL filtering Content filtering Application Control (P2P, IM,) Authentication & Authorization Reporting Traffic Shaping Routing capabilities DDoS resistance High Availability Ease of administration Ease of provisioning Integration in existing environments Compliancy (archive, best practices,)

Fortinet offers complete solution for all these requirements

Fortinet Confidential 10

Agenda

1 2 3 4

Fortinet Introduction MSSP Requirements Fortinet Solution Summary

Fortinet Confidential

11

Fortinet Key Components

Enterprise level UTM Unique virtualization concept for all security features Powerfull centralized Management Extensive centralized Logging and Reporting Comprehensive Anti-Spam & mail compliancy solution

Fortinet Confidential

12

Enterprise level UTM

ASIC based performance
 AV + IPS acceleration  Firewall + IPSec/SSL acceleration

Carrier grade HW High Availability Connectivity

Fortinet Confidential

13

Unique virtualization concept: VDOMs

Each VDOM contains its own virtual interfaces, route table, state table, application proxies, protection profiles...

FortiManager

Fortinet Confidential

14

Virtualized Network Security

Each VDOM can be configured with custom:
 Virtual Routing features (Static, PBR, OSPF, BGP, RIP, Multicast)  Virtual Firewall (All Firewall features)  Virtual VPN (IPSec VPN, SSL VPN, PPTP)  Virtual IPS (Signature/Anomaly based, Protocol decoding)  Virtual Web filtering (84 Web Filter categories)  Virtual Antivirus (HTTP, FTP, SMTP, IMAP, POP3, NNT, ICQ, MSN, Yahoo, AIM)  Virtual Antispam (SMTP, POP3, IMAP)  Virtual IM/P2P security

Fortinet Confidential

15

Powerfull centralized Management

Multiple Administrative domains
Administrative Domain (ADOM) Per customer/device group policy management Per customer/device report generation Supports VDOM groups and device groups or combinations of them
Fortimanager

Admin 1 Device Group 1

Admin 2 Customer 1 FortiAnalyzer Device Group 2

Customer 2
Fortinet Confidential 16

Extensive centralized Logging and Reporting

 Customizable with Customer/Private Branding  Per customer reporting  Per customer log access

Fortinet Confidential

17

Anti-Spam & mail compliancy solution

Email is a mission critical communication tool for corporation and business of all sizes Security implications associated with Email has brought new challenges to business A comprehensive email security strategy must be able to meet all these new business challenges

Fortinet Confidential

18

Email Security Challenges

 Solution is needed to provide full protection on both inbound and outbound mails  Easy to deploy and manage with minimum impact on current infrastructure

Fortinet Confidential

19

Introducing FortiMail
FortiMail sits at a different place in the network FortiMail provides a different type of AS/AV inspection for email traffic only FortiGates perimeter location means it is latency sensitive, unlike email traffic which can be delayed without notice FortiMail devices contain large amounts of disk space for mail quarantine and storage Email archiving and routing should not be performed from the network perimeter FortiMail and FortiGate combined offer an improved level of layered email security for the network

Fortinet Confidential

20

FortiMail Secure Email Messaging Platforms

FortiMail-100
Recommended for 1-1,000 users Small Business Deployments 250GB HDD Up to 54,000 emails/hour (Full-Inspection) Recommended for 500-5,000 users SME Deployments 2 x 250GB HDD Up to154,800 emails/hour (Full-Inspection) RAID Support Recommended for 1,000-20,000 users Large Enterprise & Service Provider Deployments 6 x 250GB HDD Over 280,800 emails/hour (Full-Inspection) RAID Support Redundant/Hot-Swappable Power Supplies & Fans Recommended for 8,000-35,000 users Large Enterprise/ Service Provider Deployments 12 x 250GB HDD Over 295,200 emails/hour (Full-Inspection) RAID Support Redundant/Hot-Swappable Power Supplies & Fans

FortiMail-400

FortiMail-2000A

FortiMail-4000A

 Inbound/Outbound inspection with a single device  No per user license, no user or mailbox restrictions  All models support High Availability (HA) configurations
Fortinet Confidential 21

FortiMail Overview

Flexible Deployment Options Maximum detection accuracy of Email-based threats Integrated Message Transfer Agent (MTA) Inbound & Outbound Email Messaging Security Email Archiving Logging and Reporting

The only email security solution that can be deployed in transparent, gateway or email server mode Integrated Multi-Threat/Blended-Threat detection including: Antispam, antivirus, antispyware and antimalware detection, all powered by the FortiGuard subscription service Specialized MTA engine for peak capacity, intelligent routing, QoS, virtualization, inbound and outbound SMTP routing Unlike other messaging security products, FortiMail secures inbound and outbound mail with only one system On-box archiving, facilitates regulatory compliance for content archiving Integrated Logging and Reporting engine, provides visibility into email usage, quarantine statistics and others
Fortinet Confidential 22

Powered by FortiGuard Security Services

All AS and AV signatures developed by Fortinet, not 3rd parties Combined research of viruses, spam, and vulnerabilities creates synergy Security intelligence will not be acquired or impacted by competitive forces FortiMail integrates FortiClients certified engine/signatures Increasing communication between FortiGuard and FortiMail These are strong competitive differentiators

FortiGuard AntiSpam Security Service

Real-time updates block spam, phishing, and ID theft 15.3 Million new AS signatures in 2007

FortiGuard Antivirus Security Service

Real-time updates block viruses, malware, and spyware 1.07 Million new AV signatures in 2007

FortiMail Appliances Fortinet Global Malware Research Teams

Fortinet Confidential

FortiClient engine used in FortiMail Appliances

23

FortiMail Inbound Multi-Layered Security

FortiGuard
Security Services

Email DOS/ DHA Spam & Virus, Spyware Malware* Content Email DDOS Prevention Phishing Prevention Prevention Prevention Policy Archiving
Prevention

Inbound Risks
SMTP

Prevention

Compliance

Inbound MTA Engine FortiMail OS

Fortinet Confidential

24

FortiMail Outbound Multi-Layered Security

FortiGuard
Security Services

Email Content Spam Spam Policy Email Zombie & Virus, Spyware Malware* RBL DLP Archiving Or Bot Prevention Phishing Prevention Prevention Prevention Compliance Prevention Detection

Outbound MTA Engine FortiMail OS

SMTP

Outbound Risks

Fortinet Confidential

25

FortiMail Operating Modes

Transparent Mode (bridge mode)
 Requires no IP address changes  Seamless integration into existing network environments  FortiMail is placed in front of the existing email server
Transparent

Gateway Mode (relay mode)

 Proxy MTA services for existing email gateways  DNS MX record change redirects email to FortiMail
Gateway

Server Mode
 Full email server functionality  Full antivirus and antispam functionality  Ideal for small to medium sized companies and remote branch office locations (Models FE-100/400)  Ideal for medium to large companies (Models FE-2000)
Server

Fortinet Confidential

26

FortiMail in the MSSP environment

 Transparent carrier deployment protecting against spam zombies

Fortinet Confidential

27

MSSP, ISP & Telco References

Belgacom (B) MSSP ATOS (FR) MSSP Magic Online (FR) Mail service provider Colt Telecom (D) Mail service provider SFR (FR) Both Mail & MSSP Vodaphone EMEA wide for Mail & Mobile (Ice, Ire, UK, Italy) Bezeq International (ISR) MSSP WM Data (Ice) Managed mail services Telenor (Nor) Telco 3 (UK) 3G mobile operator Portugal Telecom MSSP Orange Poland Orange Slovakia Orange Israel HEAnet (Ire) Managed filtering

Fortinet Confidential

28

Agenda

1 2 3 4

Fortinet Introduction MSSP Requirements Fortinet Solution Summary

Fortinet Confidential

29

Fortinet as market leader & innovator

Invented the consolidated security principle (UTM) ASIC based inspection Virtualization in complete productline Most certifications of any UTM vendor Most complete solution from single vendor Strong world wide market position in enterprise, telco, MSSP and ISP No user based licensing MSSP technology applicable to the SMB as well!

Fortinet Confidential

30

Comprehensive Product Portfolio

Powerful Centralized Management & Reporting Carrier, MSSP & Large Enterprise

Enterprise

FortiGate-1000A FortiGate-5000

SMB & Remote Office

FortiGate-200A FortiGate-800F

Secure E-Mail & Client Software EFortiGate-50B FortiGate-100A

Fortinet Confidential 31

FortiGate-310B

Hardware
 FortiASIC CP for UTM acceleration  8 FortiASIC Network Processor (NP) accelerated ports  2 Copper non-NP accelerated ports  1 Single-width front AMC slot  1 GB System Memory  2 USB ports  Backup DC connector (for future use)  1 RU height rack mount unit

Throughput
 FG-310B Base Model
8 Gbps firewall throughput 6 Gbps IPSec VPN throughput

 With Optional AMC (as shown)

12 Gbps firewall 9 Gbps IPSec VPN 14 x GigE ports

Firmware
    FortiOS Multi-Threat Engine Supported by FortiManager Supported by FortiAnalyzer Supported by FortiGuard A&M Svc.
32

Fortinet Confidential

Internal Network Security Segmentation

 More Granular Policy  Security Events Isolated  Increased Security  Previously unattainable due to performance and port count
Corporate LAN

FG-310B
Port 1

Switch

DMZ

 Alternative was single security zone with no protection between LAN segments
Switch

Switch Switch

Sales

Switch

Application Servers Engineering Fortinet Confidential 33

Finance

Next-generation Enterprise Security Perimeter Security

Firewall + Antivirus + IPS + Web Content Filtering

Secure Web Access Allows network devices secure access to the Internet while blocking blended threats with the ICSA-certified multilayered security protection platform

Fortinet Confidential

34

Next-generation Enterprise Security Remote Access

Firewall + IPSec & SSL VPN + Antivirus + IPS

Secure Perimeter Access Enterprise-class Firewall and VPN technologies, combined with nextgeneration Antivirus and Intrusion Prevention technologies ensure that remote users can easily access the corporate network while also ensuring that remote users are not introducing security risks

Fortinet Confidential

35

VDOMs in combination with VMware

Fortinet Confidential

36

Fortinet Confidential

37