820 likes | 1.56k Vues
FortiClient Customer Presentation. The Human Factor. Source: Verizon DBIR 2018. Market Trends. The Platform Approach. User Security Gaps. According to Gartner. 63% of companies can not monitor off-network endpoints, over half can’t determine endpoint compliance status. Through 2021,
E N D
The Human Factor Source: Verizon DBIR 2018
Market Trends The Platform Approach
User Security Gaps According to Gartner 63% of companies can not monitor off-network endpoints, over half can’t determine endpoint compliance status Through 2021, 99% ofvulnerabilities exploited will continue to be ones known by security and IT professionals for at least one year. • 4% • of people will click on any phishing campaign 80% of hacking-related breaches leveraged weak, stolen or compromised credentials LACK OF VISIBILITY GULLIBLE END USERS VULNERABLE ENDPOINTS Sources: • The Cost Of Insecure Endpoints, Ponemon Institute, 2017 • Gartner, How to Respond to the 2018 Threat Landscape, Greg Young, 28 November, 2017 • Breach Investigation Report, Verizon, 2018
Integrated Threat Detections • THREAT INTELLIGENCE • NEXT GEN FIREWALL • FILE DETONATION/ SANDBOXING • ENDPOINT SECURITY • ANALYTICS & UEBA
Fortinet Security Fabric Network Security Multi-Cloud Security Device, Access, and Application Security Network Operations Open Ecosystem Security Operations BROADVisibility of the entire digital attack surface Fabric APIs Fabric Connectors INTEGRATED AI-driven breach prevention across devices, networks, and applications Endpoint/Device Protection Multi-Cloud Security NetworkSecurity AUTOMATED Operations, orchestration, and response Secure Access Application Security Security Operations Q1FY19 v1.4.4
Fabric Integrated Endpoint Security Network Operations Endpoint/Device Protection NetworkSecurity Security Operations
FortiClient Components More than Advanced endpoint protection 3 ENDPOINT PROTECTION (EPP) ADVANCED THREAT PROTECTION App FW, Anti-malware, Anti-exploit, Web Filtering Sandbox Integration SECURE REMOTE ACCESS 1 2 3 2 SSL & IPSec VPN, SSO FABRIC AGENT 1 Telemetry, Quarantine, Vulnerability, App Inventory
FortiClient Fabric Agent More than Advanced endpoint protection Network Operations 3 4 ENDPOINT PROTECTION (EPP) ADVANCED THREAT PROTECTION App FW, Anti-malware, Anti-exploit, Web Filtering Sandbox Integration Endpoint/Device Protection SECURE REMOTE ACCESS 2 SSL & IPSec VPN, SSO NetworkSecurity FABRIC AGENT 1 Telemetry, Quarantine, Vulnerability, App Inventory Security Operations
Fabric Agent Use Case • Risk-based visibility • Identify unpatched vulnerabilities with patching options • Software inventory for visibility on installed application and versions • Dynamic access control • Integrated and automated • Integrated with the Security Fabric • Automated response to contain incidents • Compatibility FortiClient FortiGate FortiClient
Use Case 1- Fabric Agent Automobile Dealership
Risk Visibility In The Network ContextEndpoint Telemetry • Device information • OS • Co-relate multiple MAC • FortiClient Status • Endpoint Vulnerabilities • Logged-in User • User Avatar • Social IDs • Online/Off-line • Endpoint events and logs
Automation • File quarantine • Submit files for Sandbox analysis • Auto Patching • Compliance enforcement • Endpoint quarantine
Dynamic Access Control (Intent Based Segmentation) Use Case: Block Access for Security Risk Endpoints Engineering Segment ENGINEERINGINTRANET AccessDenied Sales Segment SALES INTRANET Tag Finance Segment FortiGate FortiClient EMS FINANCE INTRANET Internet Critical Vulnerability User:Kate Group:Engineering User:Jenny Group:Sales User:Jack Group:Finance
Dynamic Access Control (Intent Based Segmentation) Use Case: Access Based on AD Groups Engineering Segment ENGINEERINGINTRANET AccessDenied Sales Segment SALES INTRANET Tag FortiGate FortiClient EMS Tagging Configuration FINANCE INTRANET Internet User:Kate Group:Engineering User:Jenny Group:Sales User:Kate Group:Sales
Dynamic Access Control (Intent Based Segmentation) Use Case: Restricted Access for Unknown Endpoints Finance Segment ENGINEERINGINTRANET AccessDenied AccessDenied AccessDenied Engineering Segment SALES INTRANET Sales Segment FortiGate FINANCE INTRANET Internet BYOD User:Unknown Group:Unknown
Proactive Endpoint Defense 3 4 • ML-powered Antimalware—CPRL • Anti-exploit • Web filtering • Application firewall • Sandbox integration ENDPOINT PROTECTION (EPP) ADVANCED THREAT PROTECTION App FW, Anti-malware, Anti-exploit, Web Filtering Sandbox Integration SECURE REMOTE ACCESS 2 SSL & IPSec VPN, SSO FABRIC AGENT 1 Visibility, Quarantine, Vulnerability, App Inventory
Proactive Endpoint Defense Mitigate Vulnerabilities & Prevent Exploits Detect & Block Advanced Malware Integrated & Automated Response • Anti-malware • Anti-Exploit • Web filter • Application firewall • Integrated Sandbox • File and endpoint quarantine • Auto patching • Sandbox integration • SIEM integration • Vulnerability scanning • Patching • Exploit Protection Visibility. Integration. Centralized management.
Detect and Block Malware and Advanced Threats • Antimalware • Pattern-based (CPRL) antimalware engine • Detect polymorphic malware • Block known attack channels and malicious website • Big data analysis, machine learning and AI in the Cloud • Anti Exploits (exploit protection) • Behavior-based detection • Can detect Advanced malware and ransomware typically package an exploit • Prevents attacks that leverage PowerShell or other scripts • Sandbox Integration • Detect advanced or custom malware • Automatic file submission for analysis • Threat intelligence sharing across enterprise
Use Case 2- Full Endpoint Protection Online market place
Secure Remote Access Two Factor Authentication (2FA) Single Sign On (SSO) VPN LDAP/ Active Directory FortiGate FortiToken VPN Finance Database FortiAuthenticator SSO Finance user Internet Finance Intranet • Auto-connect, Always on VPN • Supports SSL and IPsec VPN • Dynamic VPN Gateway selection, and split tunneling • Additional layers of security with two-factor authentication • Single-Sign-on agent supports FortiAuthenticator
Auto Dealership • 4000 Employees • 175+ locations • Represent 34 Auto brands KEY TAKE-AWAYS: • Customer leverages Security Fabric to gain visibility and asset management • Remote access with Two Factor Authentication • Goals • Acquisition – Asset control and endpoint visibility • Branch location security and connectivity • Challenges • Rapid expansion and acquisition– unable to get clear account and protection status on computers • Lack of network visibility across branch offices
Another Dealership Solutions • FortiClient Fabric Agent: • Endpoint visibility and compliance/ policy enforcement • VPN, SSO • FortiAuthenticator, Token • FortiGate • FortiManager, FortiAnalyzer Why Fortinet • Integration and Vendor Consolidation - Security Fabric architecture • Visibility across endpoints and network • Secure SD-WAN with native NGFW features • Secure remote access with MFA and push token Purchased/Implemented • ENDPOINT PROTECTION (EPP) • App FW, Anti-malware, Anti-exploit, Web Filtering Future upgrade • ADVANCED THREAT PROTECTION • Cloud Sandbox Integration SECURE REMOTE ACCESS SSL & IPSec VPN, SSO Purchased/Implemented FABRIC AGENT Telemetry, Quarantine, Vulnerability, App Inventory
Centralized Management with EMS Enterprise Management System (EMS) • Configure, deploy and manage FortiClient • Integrate with LDAP and other enterprise systems • Real-time endpoint monitoring • Threat summary, alert and notification • Remote actions • Anti-malware scanning • Vulnerability scanning • Endpoint quarantine • Software Inventory • File quarantine management • Highly scalable
FortiClient ENDPOINT VISIBILITY PROACTIVE ENDPOINT PROTECTION AUTOMATION SIMPLIFIED ENDPOINT MANAGEMENT • Expanded Visibility Across all OS – Windows, Mac, Linux, Chromebook, Android and iOS • Software Inventory • Integrated Vulnerability management with patching • CPRL updates derived from FortiGuard ML • Enhanced sandbox integration • Sandbox analysis report in EMS • Real time Cloud-based threat detection for emerging threats • Dynamic Access control • Compliance Enforcement • Security Fabric IOC Quarantine • Support FortiOS group policy • Dynamic Endpoint Grouping • Centralized Quarantine Management • Single Console Management for all platforms • Improved Usability with New Navigation • Cloud-managed option coming soon
Protecting Students on the Internet • Students must be protected from inappropriate content • Internet browsing must be transparent—visible/logged/reported
Web Filtering • 75+ URL categories • More than 43 million rated websites, and 2 billion+ web pages • Works with Google Safe Search • Includes whitelisting and blacklisting of websites • Monitor all web browser activity
Public k-12 school districts • Schools: 29 • Students: 25,994 • Teachers: 989 • Deal Size: 40K endpoints KEY TAKE-AWAYS: • Single management for windows, Chromebook, iOS devices • Security Fabric • ATP Large School District in California Goals • Integration, consolidation, CIPA compliance Challenges • Enforce web-filtering policy across different device platforms • Enhanced security—across mail, gateway, and endpoint Competition • Sophos, Zscaler…
Large School District in California Solutions • FortiMail • FortiClient • FortiGate 501E, 101E and 61E • FortiGate VM • FortiAuthenticator Why Fortinet • Integration and Vendor Consolidation—Security Fabric architecture • Visibility across endpoints and network • Consistent web filtering and security policy on and off campus • Cross platform support—Windows, Mac, iOS, Android, Chromebook Purchased/Implemented • ENDPOINT PROTECTION (EPP) • App FW, Anti-malware, Anti-exploit, Web Filtering • ADVANCED THREAT PROTECTION • Cloud Sandbox Integration SECURE REMOTE ACCESS SSL & IPSec VPN, SSO Purchased/Implemented FABRIC AGENT Telemetry, Quarantine, Vulnerability, App Inventory
10,000 employees • 1200+ locations • Deal size: Four million+ KEY TAKE-AWAYS: • Customer leverages Security fabric through out the network infrastructure, from retail store, campus to the Cloud • FabricAgent combability with Symantec Endpoint Protection Leading Fashion Brand Goals • Infrastructure modernization • Simplification through vendor consolidation Project • Modernize retail location • Protecting customer data in the GDPR era • Consolidate and consistent security across datacenter, public Cloud (Azure, AWS), campus and regional branch offices Competition • Check Point, Cisco
Leading Fashion Brand Solutions • FortiClient • Compatibility with Symantec Endpoint protection • Endpoint visibility and compliance/policy enforcement • VPN and Mobility Agent for SSO • FortiGate • FortiWifi/FortiSwitch/FortiAP • FortiGate VM • FortiAnalyzer/FortiManager • FortiAuthenticator Why Fortinet • Integration and Vendor Consolidation—Security Fabric architecture • Visibility across endpoints and network • Open eco-system, compatibility Provided by Symantec • ENDPOINT PROTECTION (EPP) • App FW, Anti-malware, Anti-exploit, Web Filtering Future upgrade • ADVANCED THREAT PROTECTION • Sandbox Integration SECURE REMOTE ACCESS SSL & IPSec VPN, SSO Purchased/Implemented FABRIC AGENT Telemetry, Quarantine, Vulnerability, App Inventory