Download Fortinet`s Presentation

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
Document related concepts
no text concepts found
Transcript 
Securing Next Generation Carrier Networks
Vishak Raman - Regional Director – SAARC
Security Solutions for Service Providers
Two discrete solutions for Service Providers
1
2
Protecting the customer
(Managed Security Service Provider)
Protecting the Service Provider’s
Infrastructure
RADIUS SERVER
SGSN
GGSN
Subscriber
Network
Subscriber
Network
Subscriber
Network
Fortinet Confidential
MOBILE
NETWORK
Managed Security Services
Fortinet Confidential
MSS Drivers
Drivers
Domestic Regulation
Huge SME uptake
Concerns over Confidentiality
Reducing cost & fulfilling corporate
requirements
 Perturbations in Financial Markets
 Lack of Investments in Regional SOCs
 Localization of Support
Key
Success
Factors
Service Expertise
 Quality of Service
 Cost Reduction
 Relationship window
Fortinet Confidential
Inhibitors
APAC MSS Landscape
Inclusion Criteria
 > 150 customer
FW/IPS/Web/Mail
GW in APAC Or 50
Customers in APAC
Telecommunication/Wan Providers
HQ or Major RO in
APAC
Channel presence
in 2 of 6 APAC
Regions
2 reference
accounts to Gartner
Integrators
Pure-Play
Fortinet Confidential
APAC MSS Pointers
Beyond “Device Management”
Type
No of Devices in 2009
CPE ( Customer Premise)
20,010
ITC (In The Cloud )
2,760
Market
Growth Rate in 2009
Number of devices
24%
Client Base
16%
Deal Size
APAC
EMEA
<$150K
57%
12.5%
Between $150K and
$750K
30%
25%
Between $750K and
$1.5M
_______
25%
>$1.5M
_______
37.5%
Fortinet Confidential
CPE / Client Based MSS
Internet
NOC/SOC
7
Fortinet Confidential
Cloud Based Services
• Per Customer Virtual Domain
▪ Application Control
▪ Web Filtering
▪ AntiVirus / AntiSpyware
▪ Data Leak Prevention
▪ AntiSpam
▪ Intrusion Protection
▪ VPN (IPSec / SSL)
▪ Firewall
▪ Dynamic Routing
8
Fortinet Confidential
Access Layer Virtualization Services
Virtualized Secure
Remote Access
Service to End
Users in Public
(IPSec / SSL)
- Virtualized Firewall
catering to Virtual
Network
Protecting VoIP
servers and
connections from
Threat and targeted
DoS Attacks
ACCESS CONTROL
Secure
Authentication and
Access
- Independent
Access Policies
- Virtualized IPS
Sensor Policies
vUTM services in
Select Markets
- Added advantage
with Application
control
Fortinet Confidential
Virtualization in FortiGate
Root VDOM
VDOM Admin
WCF / G AV
WCF / G AV
WCF / G AV
IPS / App Ctrl
IPS / App Ctrl
IPS / App Ctrl
...
MGMT
VPN(IPSec/SSL) VPN(IPSec/SSL) VPN(IPSec/SSL)
MGMT
Super Admin
Individual VDOMs
Firewall
Firewall
Firewall
Routing
Routing
Routing
VLANs
VLANs
VLANs
FortiOS
FortiGate Hardware
Fortinet Confidential
Dynamic Security Profiles
Fortinet Confidential
Dynamic Security Profiles
- In Home Parental Control*
 Provides an authenticated bypass of the Service Restrictions
 Within a domestic environment
 Both end-points (users) are behind the same NAT boundary
 Clientless solution to differentiate access – no software to ‘hack’
 Parental control is maintained
DSL
Home user 2
(Child)
DSL
NAT
Home user 1
(Adult)
www.badsite.com
*FortiOS Carrier 4.1
Fortinet Confidential
DYNAMIC
SECURITY PROFILES
Dynamic Security Profiles
End-Point customisation
• Per end-point Black / White List
− End points (users, MSISDN) can have their own black white list
− No requirement for end user to access FortiGate infrastructure
• Can be populated on Self Service Portal
• Dynamically configured on FortiGate as end points attach
− RADIUS VSA Extension, no fixed limit for URLs
Self Service
Portal
DSL+3G
DYNAMIC
SECURITY PROFILES
www.badsite.com
*FortiOS Carrier 4.2
Fortinet Confidential
Infrastructure protection
Fortinet Confidential
Mobile Operator Threat Evolution
Pre-IMS
IMS
Rapid Application
Deployment
VOIP
voice
Media
SMS
IPTV
IM
MMS
Web
Web
Fortinet Confidential
Security Considerations – What?
Handsets
-FW/VPN/IPS/AV
Fixed
Wireline
Wifi
WiMax
PDF
RACS
RACF
Serving
CSCF
SIP
SIP
IMS SIP
Core
Proxy
CSCF
Interrogating
CSCF
IP
Network
App Server
ETC…
SIP
A-BGF
Mobile
Wireless
FortiGate
I-BCF
h.248
Media
SIP
Carrier
Peer IP
Network
h.248
I-BGF
Media
Media
Gateway
-Rapid app delivery
-Host Attacks
App Server
Push-to-talk
DIAMETER
IP
Network
Applications
App Server
Presence / IM
PSTN
Access
-Voice Security moves all the way to the handset
-Encryption/Compression/Authentication (open up payload)
-IPS capabilities (msg flood, header tampering)
- Network Denial of Service
-Antivirus
-Same HTTP/SMTP offerings as pre-ims at Internet Egress
Fortinet Confidential
Media
Peering
-Open Internet (Traffic Anomaly)
-IPS (msg flood, proto conformance)
-QoS
-VPN
-Antivirus
-Protocol translations (L3 and L4)
-NAT ALG services
-Overlapping Subnets
-Virtualization per peer
FortiOS Carrier Security Highlights
Dynamic Profiles
 Per user services via a RADIUS API
 Protection Profile derived from RADIUS record
Session Initiation Protocol (SIP) Security
 Stateful SIP tracking, Malicious SIP message protection , SIP Rate Limitation
 SIP Transparent or SIP NAT mode, IP Topology Hiding, RTP Pinholing
 Geographical Redundancy, SIP Stateful High-Availability
Multimedia Message Service (MMS) Security
 Antivirus, Antispam/Antifraud, Antiphising (via Web Filtering)
 Sender and Admin notification
GPRS Tunneling Protocol (GTP) Firewall

3GPP 29.060 version 6.9.0, including Overbilling Protection

Protocol Anomaly Checks, IMSI/APN/IE filtering
Fortinet Confidential
Fortinet: An Established Security Vendor
•
•
•
•
•
•
•
•
Global presence with 30+ offices worldwide
5,000+ channel partners
500,000 units shipped worldwide
75,000+ customers (including the majority of the
Fortune Global 100)
1,200+ employees
IPO Nov 2009 – FTNT
Consistently strong sequential growth
Profitable: $259+ million cash balance & cash flow
positive
Fortinet Confidential
Security Vendor of The Year in APAC
• Fortinet awarded 2010 Security Vendor of the
Year by Frost & Sullivan for Asia Pacific
• Competitors: Juniper, Check Point, Cisco
an achievement that was undoubtedly driven
“ […]
by the foresight of Fortinet in expounding and
leveraging on the rapidly emerging trend of
technology convergence.
”
combination of effective go-to-market and
“ The
product strategies was pivotal in cementing
Fortinet’s position as a major player in the network
security market in the Asia Pacific region.
”
Edison Yu, Asia Pacific Information & Communication Technologies
Practice, Frost & Sullivan
Fortinet Confidential
Fortinet High-End Traction
International UTM Revenue Share, 2009
$50,000-99,999 Price Band
Fortinet Secures:
• 7 of Top 10 Fortune 500
McAfee
9%
• 5 of Top 10 Global 500 in EMEA
Others
24%
• 7 of Top 10 Global 500 in APAC
Juniper
24%
• 6 of Top 10 Global 500
Commercial & Savings Banks
• 7 of Top 10 Global 500 Aerospace
& Defense
Check Point
10%
Others
Fortinet
33%
Fortinet
Check Point
Source: IDC Worldwide Security Appliance Tracker, Q3 2009
*International = Western Europe + Japan +Asia Pacific
Juniper
• 2 of Top 5 Global 500 in IT
Services
McAfee
Fortinet Confidential
20
India
2009 Security Appliances Market
– 85.23 M$
Fortinet Confidential
2009 UTM Market – 31.26 M$
Fortinet TelCos/xSPs Customers Success
…and others rely on Fortinet’s protection
Fortinet Confidential
Thank You
Fortinet Confidential
23
Related documents